php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-29 03:32:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
135,600 Commits 547 Branches 1,481 Tags
php-8.3.21
Commit Graph

402 Commits

Author SHA1 Message Date
Christoph M. Becker
a23775a30d Fix GH-14888: README.REDIST.BINS refers to non-existing LICENSE [ci skip] 
The LICENSE file of libmagic had been inadvertently removed when the
lib had been upgraded to 5.43.  So we add the file `COPYING` from that
release[1], and rename it to `LICENSE`.

[1] <https://github.com/file/file/releases/tag/FILE5_43>

Closes GH-14917.
 2024-07-11 16:39:22 +02:00
Niels Dossche
e71b597f4d Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix GH-13344: finfo::buffer(): Failed identify data 0:(null)
 2024-02-13 21:15:37 +01:00
Niels Dossche
c2b671cb1b Fix GH-13344: finfo::buffer(): Failed identify data 0:(null) 
Credits to ranvis for finding the upstream commit that fixes the issue.

This backports 029b82459e

Closes GH-13370.
 2024-02-13 21:13:43 +01:00
Ilija Tovilo
9d5f2f1343 Use new ZSTR_INIT_LITERAL macro (#10879) 2023-03-20 16:19:05 +01:00
Anatol Belski
3c602fdf67 libmagic: Keep the WS limitation piece 
Signed-off-by: Anatol Belski <ab@php.net>
 2022-10-02 21:00:03 +02:00
Anatol Belski
1b39d4c6d2 libmagic: Further simplify diff 
Avoid displaced lines where not necessary, use include guard and don't
change called function names.

Signed-off-by: Anatol Belski <ab@php.net>
 2022-10-02 20:48:35 +02:00
Anatol Belski
5c9cb24aa0 libmagic: Follow up fixes for 5.43 
Fixes possible build and runtime issues on Windows.`

Signed-off-by: Anatol Belski <ab@php.net>
 2022-10-02 16:11:50 +02:00
Anatol Belski
25bb817804 fileinfo: libmagic: Simplify libmagic patch 
For the time being, the new args passing pre-compiled regex are cut out.
On the PHP side, PCRE patterns are cached and thus a duplicated
mechanism isn't necessary.

There might be still advantages to carry pre-compiled patterns for
libmagic separately, but reusing this mechanism needs a better
consideration, as it might require to retain from the PHP internal pattern
caching mechanism.

Signed-off-by: Anatol Belski <ab@php.net>
 2022-10-02 03:02:47 +02:00
Anatol Belski
a3dd514d4d fileinfo: Introduce php_libmagic.* to simplify patch 
Signed-off-by: Anatol Belski <ab@php.net>
 2022-10-02 03:02:47 +02:00
Anatol Belski
a24727a5ca fileinfo: libmagic: Apply libmagic.patch 
Signed-off-by: Anatol Belski <ab@php.net>
 2022-10-02 03:02:46 +02:00
Anatol Belski
6219d7fbc6 fileinfo: libmagic: Check in unpatched 5.43 
Signed-off-by: Anatol Belski <ab@php.net>
 2022-10-02 03:02:46 +02:00
Stanislav Malyshev
b2f692a9f8 Merge branch 'PHP-8.1' 2022-07-05 00:59:43 -06:00
Christoph M. Becker
ca6d511fa5 Fix #81723: Memory corruption in finfo_buffer() 
We need to use the same memory allocator throughout.
 2022-07-05 00:44:00 -06:00
George Peter Banyard
d08451b2ca Replace php_stdint.h header with standard headers (#8613) 2022-05-29 11:20:56 +01:00
David Carlier
45e623da26 libmagic: use php_memnstr instead of memmem 
Closes GH-8391.
 2022-05-23 10:57:44 +02:00
George Peter Banyard
2ecd46f48f Initialise zend_stat_t to fix MSAN build 2022-05-22 16:06:27 +01:00
Anatol Belski
9b78000432 Revert "fileinfo: Obey POSIX in pattern conversion" 
This reverts commit 343d1c2b1f.

Also remove the incompatible test data for time being. The new line
handling will need an extra fix.

Signed-off-by: Anatol Belski <ab@php.net>
 2021-04-24 14:59:53 +02:00
Anatol Belski
343d1c2b1f fileinfo: Obey POSIX in pattern conversion 
Signed-off-by: Anatol Belski <ab@php.net>
 2021-04-24 01:40:15 +02:00
Anatol Belski
ecfb888354 fileinfo: Turn back the WS check mitigation 
Looks like there's still a timing issue shown on some pipeline runs.

Signed-off-by: Anatol Belski <ab@php.net>
 2021-04-06 12:29:04 +02:00
Anatol Belski
f60dc3bd34 fileinfo: More VS compat 
Signed-off-by: Anatol Belski <ab@php.net>
 2021-04-05 21:23:26 +02:00
Anatol Belski
cd238bd09d fileinfo: Fix VS compat 
Signed-off-by: Anatol Belski <ab@php.net>
 2021-04-05 21:10:20 +02:00
Anatol Belski
f7ab54cbe7 fileinfo: Restore config.h for libmagic 
Signed-off-by: Anatol Belski <ab@php.net>
 2021-04-05 20:56:41 +02:00
Anatol Belski
3b9173dc8f fileinfo: Port libmagic 5.40 
Signed-off-by: Anatol Belski <ab@php.net>
 2021-04-05 20:19:07 +02:00
Christoph M. Becker
e589609b4c Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Fix #77961: finfo_open crafted magic parsing SIGABRT
 2020-11-24 14:06:53 +01:00
Christoph M. Becker
39f95f5614 Fix #77961: finfo_open crafted magic parsing SIGABRT 
libmagic may abort the running process, which is not desirable for PHP;
we raise a fatal error instead.

Closes GH-6437.
 2020-11-24 14:01:15 +01:00
Anatol Belski
f2b40775af Revert "libmagic: Move the allocation on the stack" 
This reverts commit 1d84a58736.

Signed-off-by: Anatol Belski <ab@php.net>
 2020-09-02 20:04:00 +02:00
Anatol Belski
8c31001bf1 libmagic: Constify arg 2020-09-02 17:35:51 +02:00
Anatol Belski
1d84a58736 libmagic: Move the allocation on the stack 2020-09-02 17:35:51 +02:00
Anatol Belski
c676e8f356 libmagic: Fix VS compat 2020-08-29 19:58:26 +02:00
Anatol Belski
f8f288145b libmagic: Remove unneeded includes 
Signed-off-by: Anatol Belski <ab@php.net>
 2020-08-29 19:41:53 +02:00
Anatol Belski
bf93f1d824 fileinfo: Followup fixes 
Signed-off-by: Anatol Belski <ab@php.net>
 2020-08-29 19:03:41 +02:00
Anatol Belski
c3eeab01ba fileinfo: Upgrade to libmagic 5.39 
Signed-off-by: Anatol Belski <ab@php.net>
 2020-08-29 02:05:56 +02:00
George Peter Banyard
1b2ec73c1d Drop various unused macros/APIs 
Also convert_libmagic_pattern() to return a zend_string*

Closes GH-6029
 2020-08-26 12:59:43 +02:00
David Carlier
f32653accc fileinfo build fix proposal for haiku. 
Haiku already defines a unichar type and different than the fileinfo's anyway.

Closed GH-5983
 2020-08-21 16:13:09 +02:00
George Peter Banyard
3f286fa89a Promote Notice to Warning in libmagic 
The current behaviour makes little to no sense, having a notice which starts with 'Warning:' should just be a warning

Closes GH-5824
 2020-07-10 14:43:43 +02:00
George Peter Banyard
f91f72607b Drop unnecessary stdint and inttypes header checks 
These are always available as of C99.

Closes GH-5323

Co-authored-by: "Christoph M. Becker" <cmbecker69@gmx.de>
 2020-04-22 20:18:19 +02:00
George Peter Banyard
457380cae7 Drop wchar header check as always defined since C95 2020-03-31 00:14:56 +02:00
Christoph M. Becker
7702b693b5 Fix #79283: Segfault in libmagic patch contains a buffer overflow 
To solve this, we properly calculate the required string length upfront
instead of allocating an oversized string (`len * 4 + 4`).
 2020-03-16 22:42:15 -07:00
Christoph M. Becker
aa88f33f7d Fix #79283: Segfault in libmagic patch contains a buffer overflow 
To solve this, we properly calculate the required string length upfront
instead of allocating an oversized string (`len * 4 + 4`).
 2020-03-16 22:40:48 -07:00
Nikita Popov
d4ba1fd963 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #74170: locale information change after mime_content_type
 2019-12-20 11:24:03 +01:00
Sergei Turchanov
c62cd9a43a Fix #74170: locale information change after mime_content_type 
Some functions in libmagic (distributed with fileinfo extension) perform this sequence of calls:
func() {
setlocale(LC_TYPE, "C")
.. do some work ..
setlocale(LC_TYPE, "")
}

It effectively resets LC_TYPE if it that was set before the function call.

To avoid manipulations with current locale at all, the problematic functions
were modified to use locale-independent functions.
 2019-12-20 11:22:59 +01:00
Stanislav Malyshev
53b1d76144 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:50 -07:00
Stanislav Malyshev
8c2b3b0568 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:44 -07:00
Stanislav Malyshev
2bdb13a1f7 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix libmagic buffer overflow issue (CVE-2019-18218)
  bump version
  set versions for release
 2019-10-28 20:47:30 -07:00
Stanislav Malyshev
469820048d Fix libmagic buffer overflow issue (CVE-2019-18218) 
Ported from 46a8443f76
 2019-10-27 16:30:38 -07:00
Peter Kokot
f002761e08 Update libmagic patch 
This simplifies the libmagic patch:
- in upstream the HAVE_STRERROR check has been removed
- in upstream library the HAVE_SIGNAL_H has been removed
- indentations syncs with the upstream library
- some irrelevant changes removed from the patch (log comment), upstream
  has this correctly logged already so no need to patch the comment.

Closes GH-4298
 2019-07-08 12:38:47 +02:00
Anatol Belski
5ae0a6b784 Set buffer to NULL to prevent double free (Kamil Dudka at redhat) 
Based on the upstream patch d13204e8da43f1d8a98cf3f74591cde02ecdb2f7.
 2019-06-29 17:13:21 +02:00
Anatol Belski
0c8454c02d Partially reapply ba40f505e5 2019-05-30 02:48:01 +02:00
Anatol Belski
57c23df142 Fix datatype 2019-05-30 02:34:35 +02:00
Anatol Belski
622b10f06e Ported limagic 5.37 2019-05-30 02:22:40 +02:00