php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-24 00:18:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
75,769 Commits 549 Branches 1,485 Tags
php-5.5.14RC1
Commit Graph

8054 Commits

Author SHA1 Message Date
Stanislav Malyshev 4b0b032676 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:31 -07:00
Anatol Belski e2710310a0 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed regression introduced by patch for bug #67072
 2014-06-03 20:51:18 +02:00
Anatol Belski 20568e5028 Fixed regression introduced by patch for bug #67072 
This applies to 5.4 and 5.5 only as a legacy fix.
 2014-06-03 20:43:58 +02:00
Stanislav Malyshev a2f8c9c1ae Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  update NEWS
  Fix bug #67249: printf out-of-bounds read
 2014-05-27 12:10:41 -07:00
Stanislav Malyshev 091b7642c2 Fix bug #67249: printf out-of-bounds read 2014-05-27 11:28:22 -07:00
Stanislav Malyshev a03a1ab88c Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix bug #67253: timelib_meridian_with_check out-of-bounds read
  Fix bug #67252: convert_uudecode out-of-bounds read
  Fix bug #67251 - date_parse_from_format out-of-bounds read
  Fix bug #67250 (iptcparse out-of-bounds read)

Conflicts:
	ext/date/lib/parse_date.c
	ext/date/lib/parse_date.re
 2014-05-13 17:02:09 -07:00
Stanislav Malyshev 0094fd0969 Merge branch 'bug67252' into PHP-5.4 
* bug67252:
  fix bug #67253: timelib_meridian_with_check out-of-bounds read
  Fix bug #67252: convert_uudecode out-of-bounds read
 2014-05-13 16:47:27 -07:00
Stanislav Malyshev 9103c9eb4f Merge branch 'bug67250' into PHP-5.4 
* bug67250:
  Fix bug #67250 (iptcparse out-of-bounds read)
 2014-05-13 16:43:10 -07:00
Stanislav Malyshev 1e2818b143 Fix bug #67252: convert_uudecode out-of-bounds read 2014-05-11 20:29:27 -07:00
Stanislav Malyshev 3e9cb6a4a5 Fix bug #67250 (iptcparse out-of-bounds read) 2014-05-11 19:09:19 -07:00
Stanislav Malyshev f6841d250a Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  add a test case previously broken by a bad fix
  Revert "Fixed bug #64604"
 2014-04-24 23:59:32 -07:00
Stanislav Malyshev 03c703b8bd add a test case previously broken by a bad fix 2014-04-24 23:58:38 -07:00
Stanislav Malyshev a328803803 Revert "Fixed bug #64604" 
This reverts commit b05c088a3a.
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo
 2014-04-24 23:50:45 -07:00
Stanislav Malyshev 8b903f24d5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix a compiler warning in php_rand.h
 2014-04-20 16:35:49 -07:00
Rouven Weßling 68283c9f4a Fix a compiler warning in php_rand.h 2014-04-20 16:35:36 -07:00
Stanislav Malyshev 5addf223d5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #65701: Do not use cache for file file copy
 2014-04-20 15:25:03 -07:00
Boro Sitnikovski a18cec1b86 Fix bug #65701: Do not use cache for file file copy 2014-04-20 15:22:44 -07:00
Anatol Belski 7c400dc867 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improved the fix for bug #67072, thanks Nikita
 2014-04-18 15:14:42 +02:00
Anatol Belski c2acdbdd3d Improved the fix for bug #67072, thanks Nikita 2014-04-18 15:13:32 +02:00
Anatol Belski dc407c2402 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #67072 Echoing unserialized "SplFileObject" crash

Conflicts:
	ext/standard/var_unserializer.c
 2014-04-17 11:05:21 +02:00
Anatol Belski 5328d42899 Fixed bug #67072 Echoing unserialized "SplFileObject" crash 
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.

This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
 2014-04-17 10:48:14 +02:00
Stanislav Malyshev 30ec1c0051 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #64604
 2014-04-13 18:38:36 -07:00
Ingo Walz b05c088a3a Fixed bug #64604 2014-04-13 18:37:40 -07:00
Stanislav Malyshev df8e34bcc1 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix windows build
 2014-04-13 17:03:28 -07:00
Stanislav Malyshev 3a2660b302 Fix windows build 2014-04-13 17:02:21 -07:00
Stanislav Malyshev fe72caa6e5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #67024 - getimagesize should recognize BMP files with negative height
 2014-04-13 15:23:32 -07:00
Gabor Buella 1010200da5 Fixed bug #67024 - getimagesize should recognize BMP files with negative height 2014-04-13 15:17:04 -07:00
Bob Weinand bf3edbada6 Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 23:03:53 +02:00
Bob Weinand beda5093b4 Reverted to 5a0da281e5 
Discussion: http://news.php.net/php.cvs/76836
 2014-04-13 23:01:31 +02:00
Bob Weinand 191d9fc227 Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 19:37:06 +02:00
Bob Weinand f07e37c96d Forgot title in phpt for bug #67064 2014-04-13 19:34:17 +02:00
Bob Weinand eca0644e0a Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 19:25:07 +02:00
Bob Weinand 1a4a9eede5 Fix bug #67064 in a BC safe way 
You can use an optional parameter now when implementing the Countable interface
to get the $mode passed to count().
 2014-04-13 19:24:12 +02:00
Ferenc Kovacs e00e4b9334 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  abstract namespace for unix sockets is a linux only feature
 2014-04-09 19:02:25 +02:00
Ferenc Kovacs 2c8aeda6dc abstract namespace for unix sockets is a linux only feature 2014-04-09 19:01:01 +02:00
Tjerk Meesters 287790d5c8 Don't test for specific non-zero substr_compare() return value 2014-04-09 20:10:34 +08:00
Tjerk Meesters 032921d80c Fixed bug 67043 2014-04-09 07:33:55 +08:00
Michael Wallner ba4fddd2da Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #66182 	exit in stream filter produces segfault
 2014-04-03 09:08:35 +02:00
Michael Wallner 7ab5c593f7 Fix bug #66182 exit in stream filter produces segfault 
Unfortunately, a segv caused by exit cannot be tested reliably.
 2014-04-03 09:07:35 +02:00
Michael Wallner f453917f62 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #61019 (Out of memory on command stream_get_contents)
 2014-04-02 15:37:50 +02:00
Michael Wallner 1ec83d44a1 Fixed bug #61019 (Out of memory on command stream_get_contents) 2014-04-02 15:36:39 +02:00
Michael Wallner af147ac9b7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #64330
 2014-04-02 11:10:59 +02:00
Michael Wallner 91a9d24aa3 Fix bug #64330 
stream_socket_server() creates wrong Abstract Namespace UNIX sockets
 2014-04-02 11:09:26 +02:00
Mateusz Kocielski 156cc39e21 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed off-by-one in php_url_parse_ex
 2014-03-18 08:57:30 +01:00
Mateusz Kocielski 497b918e62 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fixed off-by-one in php_url_parse_ex

Conflicts:
	ext/standard/url.c
 2014-03-18 08:54:57 +01:00
Mateusz Kocielski 46566b78c9 Fixed off-by-one in php_url_parse_ex 
Change order of condition, previously pointer could be derefrenced before
bound check was done.
 2014-03-18 08:48:41 +01:00
Nikita Popov ecf7570072 Merge branch 'PHP-5.4' into PHP-5.5 2014-03-06 23:12:41 +01:00
Dmitry Panin e2fc6b52f0 Fix HTML entity table generation 2014-03-06 23:10:31 +01:00
Tjerk Meesters bbd0781b39 Merge branch 'PHP-5.4' into PHP-5.5 2014-03-03 05:56:22 +08:00
Tjerk Meesters e73c05b75e proc_open(): separate environment values that aren't strings 
Added a test case
 2014-03-03 05:49:52 +08:00