php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-28 02:33:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,113 Commits 549 Branches 1,485 Tags
php-5.6.22RC1
Commit Graph

105 Commits

Author SHA1 Message Date
Stanislav Malyshev c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev 33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev 03964892c0 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) 2015-08-28 22:52:50 -07:00
Christoph M. Becker b9f23c2152 Fix #70232: Incorrect bump-along behavior with \K and empty string match 
To do global matching (/g), for every empty match we have to do a second match
with PCRE_NOTEMPTY turned on. That may fail, however, when the \K escape
sequence is involved. For this purpose libpcre 8.0 introduced the
PCRE_NOTEMPTY_ATSTART flag, which we will use if available, and otherwise fall
back to the old (possibly buggy) behavior.
 2015-08-13 14:20:04 +02:00
Christoph M. Becker 5be8872f44 allow to skip slow tests 2015-07-26 17:33:09 +02:00
Christoph M. Becker e1561c490e Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  updated NEWS
  Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the string)
 2015-06-23 19:32:57 +02:00
Christoph M. Becker 23e25f3319 Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the string) 
When advancing after empty matches, php_pcre_match_impl() as well as
php_pcre_replace_impl() always have to advance to the next code point when the
u modifier is given, instead of to the next byte.
 2015-06-23 19:28:09 +02:00
Christoph M. Becker bc47f10a97 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  updated NEWS
  Fixed bug #69864 (Segfault in preg_replace_callback)
 2015-06-23 16:36:35 +02:00
Christoph M. Becker a39beaa251 Fixed bug #69864 (Segfault in preg_replace_callback) 
When preg_replace_callback() is used, cache entries which are in use must not
be removed. We ensure that by deploying a simple refcounting mechanism.
 2015-06-23 13:00:17 +02:00
Stanislav Malyshev 23917b451b Upgrade PCRE to 8.36, it fixes some crashes 
We probably will need to go to 8.37 once it is released.
 2015-04-27 23:16:54 -07:00
Anatol Belski c925c7a5b6 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #67238 Ungreedy and min/max quantifier bug in PCRE 8.34 upstream
 2014-05-09 22:16:42 +02:00
Anatol Belski c62f32c3cc Bug #67238 Ungreedy and min/max quantifier bug in PCRE 8.34 upstream 
upstream patch applied
 2014-05-09 22:15:54 +02:00
Nikita Popov 42562ee913 Add support for PCRE marks 
If a MARK is set then it will be returned in the $matches array
unter key "MARK". If no MARK is used or passed, the key will not
be set.
 2014-03-17 22:32:40 +01:00
Anatol Belski ab32d36ec6 pcre tests go with 8.34 upgrade 2014-02-04 10:34:11 +01:00
Veres Lajos e9a95d78ef typo fixes 2013-07-15 00:23:03 -07:00
Veres Lajos 72085b0e5f typo fixes 2013-07-15 00:18:57 -07:00
Stanislav Malyshev 02e4d7a290 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:30:59 -07:00
Stanislav Malyshev ac40c0b562 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:20:18 -07:00
Xinchen Hui 4eece4c86a Merge branch 'PHP-5.4' 2012-10-18 17:35:29 +08:00
Xinchen Hui 54cef2bb6d Merge branch 'PHP-5.3' into PHP-5.4 2012-10-18 17:33:52 +08:00
Xinchen Hui 8bd5e15ff7 Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite) 2012-10-18 17:31:27 +08:00
Xinchen Hui e081c55fb5 Merge branch 'PHP-5.3' into PHP-5.4 2012-10-10 10:31:31 +08:00
Xinchen Hui 610c7fbe7b Remove executable permission on phpt 2012-10-10 10:27:49 +08:00
Xinchen Hui 4b152e5470 Merge branch 'PHP-5.4' 2012-10-10 10:32:38 +08:00
Stanislav Malyshev ab566a9712 Merge branch 'PHP-5.4' 
* PHP-5.4:
  fix bug #55856: preg_replace should fail on trailing garbage
  Bug #62956: fixing private method signature validation
  NEWS for 886a50a
 2012-08-28 22:02:15 -07:00
Stanislav Malyshev 8b3c1a380a fix bug #55856: preg_replace should fail on trailing garbage 2012-08-28 21:59:20 -07:00
Nikita Popov be202d3d35 Deprecate /e modifier 
See https://wiki.php.net/rfc/remove_preg_replace_eval_modifier.
 2012-03-04 13:39:12 +00:00
Ferenc Kovacs 1313220640 These regexes don't fail under the new backtrack limit, so lower it just for the test to check the failure. 2011-09-04 13:27:19 +00:00
Pierrick Charron 824726073b Delete empty test files (old MQ tests) 2011-07-22 12:12:05 +00:00
Pierrick Charron fb5da94c1b Delete empty test files (old MQ tests) 2011-07-22 12:12:05 +00:00
Pierre Joye 45420bb669 - remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ, missing tests changes in 5.4 2011-07-22 11:56:20 +00:00
Pierre Joye cc1c7af037 - remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ 2011-07-22 11:25:30 +00:00
Rasmus Lerdorf c9e41e8901 These regexes don't fail under the new backtrack limit, so lower it 
just for the test to check the failure.
 2011-06-12 18:38:26 +00:00
Rasmus Lerdorf c30bde0ef5 These regexes don't fail under the new backtrack limit, so lower it 
just for the test to check the failure.
 2011-06-12 18:38:26 +00:00
Felipe Pena 43206c8c68 - Added missing test 2010-11-15 18:46:59 +00:00
Felipe Pena f4927c28bc - Fixed bug #52732 (Docs say preg_match() returns FALSE on error, but it returns int(0)) 
patch by: slugonamission at gmail dot com
 2010-11-06 18:32:10 +00:00
Felipe Pena 03cbbf4348 - Fixed bug #52732 (Docs say preg_match() returns FALSE on error, but it returns int(0)) 
patch by: slugonamission at gmail dot com
 2010-11-06 18:32:10 +00:00
Adam Harvey 8365739663 Implemented FR #53238 (Make third parameter of preg_match_all optional). 2010-11-05 04:37:27 +00:00
Felipe Pena 090a9b3331 - Fixed bug #52971 (PCRE-Meta-Characters not working with utf-8) 
#   In  PCRE,  by  default, \d, \D, \s, \S, \w, and \W recognize only ASCII
#       characters, even in UTF-8 mode. However, this can be changed by setting
#       the PCRE_UCP option.
 2010-10-03 16:01:38 +00:00
Kalle Sommer Nielsen a448b6a72b MFB53: Changed deprecated ini options on startup from E_WARNING to E_DEPRECATED (Fixes #52570) 
# Some of the updated tests were to make them sync with 5.3 although they don't run on trunk anymore
 2010-08-11 21:41:30 +00:00
Kalle Sommer Nielsen 8deefa8780 Changed deprecated ini options on startup from E_WARNING to E_DEPRECATED (Fixes #52570) 
# Trunk patch will follow shortly
 2010-08-11 21:12:18 +00:00
Dmitry Stogov 7bfe056174 Fixed tests 2009-09-21 09:52:19 +00:00
Zoe Slattery 9ff94c82df Remove empty sections. Fix bad use of --SKIP-- 2009-07-21 14:02:24 +00:00
andy wharmby 0fbf8cebd7 Fix test 2009-06-23 23:00:55 +00:00
Jani Taskinen 996eab8983 - Fixed ini deprecation message issues in tests. 
# CGI headers are stripped and the error ends up there with CGI..
 2009-05-06 20:32:00 +00:00
Kalle Sommer Nielsen 5a6d3cc42b Added E_DEPRECATED startup notice (5.3 only) 2009-05-04 21:18:22 +00:00
Arnaud Le Blanc 1bef730840 MFH 2009-04-25 21:13:07 +00:00
Arnaud Le Blanc 54958dbc7c MFH 2009-04-24 17:14:32 +00:00
Nuno Lopes ae57857eba fix bug #47662: support more than 127 named subpatterns 2009-04-10 15:47:15 +00:00
Nuno Lopes 4ff9ad5bf1 fix bug #47229: preg_quote should escape '-' 2009-01-28 22:39:33 +00:00