php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-30 04:02:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
138,768 Commits 547 Branches 1,481 Tags
php-8.4.1
Commit Graph

68325 Commits

Author SHA1 Message Date
Jakub Zelenka
fd4d65b3ca Fix MySQLnd possible buffer over read in auth_protocol 2024-11-20 18:10:36 +09:00
Jakub Zelenka
48b9bcdbe3 Make MySQLnd protocol stmt test work on 32bit 2024-11-20 18:10:35 +09:00
Niels Dossche
40bd1822a3 Fix GHSA-r977-prxv-hc43 
Move the bound check upwards. Since this doesn't generate output we can
check the bound first.
 2024-11-20 18:10:20 +09:00
Jakub Zelenka
07395e5f60 Fix GHSA-h35g-vwh6-m678: Mysqlnd - various heap buffer over-reads 
This fixes issues causing buffer over-read that leak heap content:
- RESP packet field default left over for COM_LIST
- RESP packet upsert filename
- OK packet message
- RESP packet for stmt row data
  - ps_fetch_from_1_to_8_bytes
  - ps_fetch_float
  - ps_fetch_double
  - ps_fetch_time
  - ps_fetch_date
  - ps_fetch_datetime
  - ps_fetch_string
  - ps_fetch_bit
- RESP packet for query row data (just possible overflow on 32bit)

It also adds various protocol tests using a new fake server.
 2024-11-20 18:10:20 +09:00
Niels Dossche
8e942bbdae Fix GHSA-g665-fm4p-vhff: OOB access in ldap_escape 2024-11-20 18:10:19 +09:00
Jakub Zelenka
62e23cb858 Fix GHSA-c5f2-jwm7-mmq2: stream HTTP fulluri CRLF injection 2024-11-20 18:10:19 +09:00
Niels Dossche
b256b6555a Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the firebird quoter causing OOB writes 2024-11-20 18:10:19 +09:00
Niels Dossche
ed01e51276 Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the dblib quoter causing OOB writes 2024-11-20 18:10:19 +09:00
Dmitry Stogov
d0c336a666 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Use the immutable twin of temporary op_array (#16861)
 2024-11-19 20:55:40 +03:00
Dmitry Stogov
d1a9281814 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Use the immutable twin of temporary op_array (#16861)
 2024-11-19 20:55:32 +03:00
Dmitry Stogov
ef5844a1ca Use the immutable twin of temporary op_array (#16861) 2024-11-19 20:55:15 +03:00
Saki Takamachi
2c8662d6f9 Fixed a bug in BcMath\Number::pow() and bcpow() when raising negative powers of 0. (#16694) 
Closes #16694
Fixes #16236
 2024-11-20 00:16:52 +09:00
Dmitry Stogov
c6c3d9fa5a Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Backport JIT fix: set valid EX(opline) before calling gc_possible_root() (#16858)
 2024-11-19 18:04:15 +03:00
Dmitry Stogov
6167c64782 Backport JIT fix: set valid EX(opline) before calling gc_possible_root() (#16858) 2024-11-19 18:03:54 +03:00
Christoph M. Becker
e44b7625c5 Fix GH-16839: Error on building Opcache JIT for Windows ARM64 
OPcache JIT does not support Windows ARM64, so we should not allow
`--enable-opcache-jit` in the first place.

Due to the way `ARG_ENABLE()` is handled on Windows, we do not attempt
to suppress the configure option, but just do not enable JIT when the
user attempts to, and adapt the help text.

Closes GH-16841.
 2024-11-18 23:27:54 +01:00
Dmitry Stogov
997431dea2 JIT: Set valid EX(opline) before calling gc_possible_root() 2024-11-18 19:31:26 +03:00
Dmitry Stogov
159b71c0f4 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fixed test
 2024-11-18 15:35:13 +03:00
Dmitry Stogov
5198bcc561 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fixed test
 2024-11-18 15:35:09 +03:00
Dmitry Stogov
71403558d3 Fixed test 2024-11-18 15:34:55 +03:00
Dmitry Stogov
e55bf9a2ea Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-16829: Segmentation fault with opcache.jit=tracing enabled on aarch64
 2024-11-18 14:34:55 +03:00
Dmitry Stogov
5575703fb3 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix GH-16829: Segmentation fault with opcache.jit=tracing enabled on aarch64
 2024-11-18 14:34:42 +03:00
Dmitry Stogov
79aaeeafe5 Fix GH-16829: Segmentation fault with opcache.jit=tracing enabled on aarch64 2024-11-18 14:27:08 +03:00
David Carlier
f7a508ca10 Merge branch 'PHP-8.3' into PHP-8.4 2024-11-17 12:27:36 +00:00
David Carlier
3fd0e4c461 Merge branch 'PHP-8.2' into PHP-8.3 2024-11-17 12:27:26 +00:00
David Carlier
80894d87d5 Fix GH-16834: cal_from_jd overflow on julian_day argument. 
close GH-16836
 2024-11-17 12:27:02 +00:00
Gina Peter Banyard
5e360b6402 ext/pdo_pgsql: Remove new PDO class constant specific to PGSQL driver 
Closes GH-16755
 2024-11-16 16:30:19 +00:00
Niels Dossche
d3fada3748 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-16777: Calling the constructor again on a DOM object after it is in a document causes UAF
  Fix GH-16808: Segmentation fault in RecursiveIteratorIterator->current() with a xml element input
 2024-11-16 13:42:14 +01:00
Niels Dossche
18b18f0ee0 Fix GH-16777: Calling the constructor again on a DOM object after it is in a document causes UAF 
Closes GH-16824.
 2024-11-16 13:42:01 +01:00
Niels Dossche
2ba18590bf Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix GH-16808: Segmentation fault in RecursiveIteratorIterator->current() with a xml element input
 2024-11-16 13:41:29 +01:00
Niels Dossche
fbb0061993 Fix GH-16808: Segmentation fault in RecursiveIteratorIterator->current() with a xml element input 
When the current data is invalid, NULL must be returned. At least that's
how the check in SPL works and how other extensions do this as well.
If we don't do this, an UNDEF value gets propagated to a return value
(misprinted as null); leading to issues.

Closes GH-16825.
 2024-11-16 13:39:46 +01:00
Niels Dossche
1b803bc3f5 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-16802: open_basedir bypass using curl extension
 2024-11-15 21:17:51 +01:00
Niels Dossche
179ca2bf2a Fix GH-16802: open_basedir bypass using curl extension 
And fix a memleak while here.

Closes GH-16804.
 2024-11-15 21:17:36 +01:00
Christoph M. Becker
54ae770cd6 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Adapt ext/intl tests for ICU 75.1 and 76.1
 2024-11-15 18:57:12 +01:00
Christoph M. Becker
716b03d081 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Adapt ext/intl tests for ICU 75.1 and 76.1
 2024-11-15 18:55:31 +01:00
Christoph M. Becker
f725f504e8 Adapt ext/intl tests for ICU 75.1 and 76.1 
Closes GH-16788.
 2024-11-15 18:55:01 +01:00
David Carlier
b8ba6f63a3 Fix GH-16812: UAF on readline_info() after readline_write_history() call. 
close GH-16813
 2024-11-15 16:50:24 +00:00
Niels Dossche
4767c0626c Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix GH-16770: Tracing JIT type mismatch when returning UNDEF
 2024-11-14 22:34:12 +01:00
Niels Dossche
0bf74bf9d8 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix GH-16770: Tracing JIT type mismatch when returning UNDEF
 2024-11-14 22:34:05 +01:00
Niels Dossche
cbb3b9371d Fix GH-16770: Tracing JIT type mismatch when returning UNDEF 
When returning an UNDEF value, it actually becomes NULL.
The following code took this into account:
28344e0445/ext/opcache/jit/zend_jit_trace.c (L2196-L2199)

But the stack does not update the type to NULL, causing a mismatch.

Closes GH-16784.

Co-authored-by: Dmitry Stogov <dmitry@zend.com>
 2024-11-14 22:33:06 +01:00
David Carlier
ec05cd559b Merge branch 'PHP-8.3' into PHP-8.4 2024-11-13 12:49:13 +00:00
David Carlier
6f1d8368d8 Merge branch 'PHP-8.2' into PHP-8.3 2024-11-13 12:49:00 +00:00
David Carlier
4124b04e34 Fix GH-16771: imagecreatefromstring overflow on invalid format. 
close GH-16776
 2024-11-13 12:48:37 +00:00
David Carlier
b8115d6c5e Fix GH-16769: php_pcntl_set_user_signal_infos aborts when a signal is a reference. 
close GH-16772
 2024-11-13 12:11:43 +00:00
Dmitry Stogov
f6256fa2c0 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  Fix incorrect handling of ZEND_ACC_FINAL flag in JIT (#16778)
 2024-11-13 14:43:43 +03:00
Dmitry Stogov
b9c6f07713 Merge branch 'PHP-8.2' into PHP-8.3 
* PHP-8.2:
  Fix incorrect handling of ZEND_ACC_FINAL flag in JIT (#16778)
 2024-11-13 14:39:18 +03:00
Dmitry Stogov
19809a526b Fix incorrect handling of ZEND_ACC_FINAL flag in JIT (#16778) 2024-11-13 14:38:54 +03:00
Arnaud Le Blanc
a8151fc511 Fix the name of the initializer parameter of ReflectionClass::resetAsLazyGhost() 
Closes GH-16758
 2024-11-12 18:51:33 +01:00
Gina Peter Banyard
e7891838a1 ext/standard: Sync parameter names for fpow() to be identical to pow() 
Closes GH-16751
 2024-11-11 13:04:46 +00:00
Gina Peter Banyard
883d3c8113 ext/hash: Fix deprecation message output for new tests 2024-11-10 20:34:45 +00:00
Gina Peter Banyard
c1d67c2415 Merge branch 'PHP-8.3' into PHP-8.4 
* PHP-8.3:
  ext/hash: Fix GH-16711: Segfault in mhash()
  ext/hash: Add failing tests for GH-16711
 2024-11-10 20:17:09 +00:00