php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 08:12:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
1996831969293a866863f7148f5416e99ea123cb
archived-php-src/ext
History
Ahmed Lekssays 9cb3d8d200 Fix GHSA-453j-q27h-5p8x 
Libxml versions prior to 2.13 cannot correctly handle a call to
xmlNodeSetName() with a name longer than 2G. It will leave the node
object in an invalid state with a NULL name. This later causes a NULL
pointer dereference when using the name during message serialization.

To solve this, implement a workaround that resets the name to the
sentinel name if this situation arises.

Versions of libxml of 2.13 and higher are not affected.

This can be exploited if a SoapVar is created with a fully qualified
name that is longer than 2G. This would be possible if some application
code uses a namespace prefix from an untrusted source like from a remote
SOAP service.

Co-authored-by: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
2025-06-24 23:32:34 +02:00
..
bcmath
bz2
Merge branch 'PHP-8.0' into PHP-8.1
2022-06-25 07:39:55 +01:00
calendar
Add more specific array return type hints for various extensions - part 1
2021-11-07 08:46:25 +01:00
com_dotnet
Merge branch 'PHP-8.0' into PHP-8.1
2022-06-18 11:50:14 +02:00
ctype
Fix GH-11997: ctype_alnum 5 times slower in PHP 8.1 or greater
2023-09-26 21:42:41 +02:00
curl
Fix curl_basic_022.phpt for libcurl 8.12.0
2025-02-05 19:20:47 +01:00
date
Fix flaky DatePeriod test
2025-03-06 15:01:30 +01:00
dba
Merge branch 'PHP-8.0' into PHP-8.1
2022-07-27 12:13:32 +02:00
dl_test
Fix GH-9921: Loading ext in FPM config does not register module handlers
2023-11-03 16:53:09 +00:00
dom
Fix GHSA-p3x9-6h7p-cgfc: libxml streams wrong content-type on redirect
2025-03-11 21:50:17 +01:00
enchant
Add more specific array return type hints for various extensions - part 1
2021-11-07 08:46:25 +01:00
exif
Use __DIR__-relative path in tests
2023-11-22 20:39:29 -06:00
ffi
Fix segfault caused by weak references to FFI objects (#12488)
2023-10-28 14:59:06 +02:00
fileinfo
[skip ci] Increase tolerance for cve-2014-3538 tests
2025-04-24 11:26:17 +02:00
filter
Fix GHSA-w8qr-v226-r27w
2024-06-05 00:31:17 -05:00
ftp
Fix GH-10562: Memory leak and invalid state with consecutive ftp_nb_fget
2023-07-07 17:55:53 +02:00
gd
Fix bug #79945: Stream wrappers in imagecreatefrompng causes segfault
2023-11-22 20:39:30 -06:00
gettext
Backport CI fixes to security branches
2024-10-28 15:57:16 +01:00
gmp
Merge branch 'PHP-8.0' into PHP-8.1
2022-09-13 11:33:09 +01:00
hash
Fix GH-12186: segfault copying/cloning a finalized HashContext
2023-09-16 21:18:27 +02:00
iconv
ext/iconv: fix build for netbsd.
2023-08-19 23:09:22 +01:00
imap
Upgrade security branches to Ubuntu 22.04
2025-03-06 15:24:15 +01:00
intl
backporting C++17 detection support for recent icu4c releases.
2025-04-23 11:01:11 +02:00
json
Expose JSON internal function to escape string
2023-05-13 18:41:33 +01:00
ldap
Fix GHSA-g665-fm4p-vhff: OOB access in ldap_escape
2024-11-17 19:29:56 +01:00
libxml
Fix GHSA-p3x9-6h7p-cgfc: libxml streams wrong content-type on redirect
2025-03-11 21:50:17 +01:00
mbstring
Fix GH-11300: license issue: restricted unicode license headers
2023-07-01 21:55:21 +02:00
mysqli
Fix flaky connection count in mysqli test
2025-03-13 16:40:33 +01:00
mysqlnd
Fix MySQLnd possible buffer over read in auth_protocol
2024-11-18 16:55:44 +01:00
oci8
Upgrade security branches to Ubuntu 22.04
2025-03-06 15:24:15 +01:00
odbc
ODBC unit tests shouldn't override odbc.ini location
2023-09-06 01:56:04 +01:00
opcache
Upgrade security branches to Ubuntu 22.04
2025-03-06 15:24:15 +01:00
openssl
Fix GH-16955: Use empheral ports for OpenSSL server client tests
2024-12-31 14:25:19 +01:00
pcntl
Fix getpriority test with negative return value
2023-09-22 10:25:15 +02:00
pcre
Fix GH-12628: The gh11374 test fails on Alpinelinux
2023-11-10 00:01:22 +01:00
pdo
Upgrade security branches to Ubuntu 22.04
2025-03-06 15:24:15 +01:00
pdo_dblib
Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the dblib quoter causing OOB writes
2024-11-17 19:29:16 +01:00
pdo_firebird
Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the firebird quoter causing OOB writes
2024-11-17 19:29:26 +01:00
pdo_mysql
Move ARM build to CircleCI
2023-10-12 13:11:38 +02:00
pdo_oci
Upgrade security branches to Ubuntu 22.04
2025-03-06 15:24:15 +01:00
pdo_odbc
Fix missing and inconsistent error check on SQLAllocHandle
2023-03-15 21:36:50 +01:00
pdo_pgsql
Fix GHSA-hrwm-9436-5mv3: pgsql escaping no error checks
2025-06-23 23:02:13 +02:00
pdo_sqlite
Fix GH-11492: Make test failure: ext/pdo_sqlite/tests/bug_42589.phpt
2023-06-22 20:49:00 +02:00
pgsql
Fix GHSA-hrwm-9436-5mv3: pgsql escaping no error checks
2025-06-23 23:02:13 +02:00
phar
[skip ci] Another flaky phar macOS test
2025-02-04 14:52:03 +01:00
posix
Backport flaky flag for phar tests
2024-12-10 10:35:00 +01:00
pspell
readline
[skip ci] Fix race condition in readline test
2023-05-26 11:39:22 +02:00
reflection
Fix GH-11121: ReflectionFiber segfault
2023-10-11 17:19:01 +02:00
session
Remove session ID set through REQUEST_URI
2023-06-22 12:35:55 +02:00
shmop
simplexml
Fix tests for libxml2 2.14
2025-03-10 20:22:11 +01:00
skeleton
Ignore generated files by tests in extension skeleton
2021-09-29 11:59:05 +02:00
snmp
Suppress snmp lib memory leak, skip ASAN tests
2025-03-08 16:10:59 +01:00
soap
Fix GHSA-453j-q27h-5p8x
2025-06-24 23:32:34 +02:00
sockets
Fix socket_export_stream() with wrong protocol
2023-09-29 18:33:12 +08:00
sodium
Remove extra space before return type
2021-10-18 14:28:46 +02:00
spl
Fix GH-11972: RecursiveCallbackFilterIterator regression in 8.1.18
2023-08-30 22:30:59 +02:00
sqlite3
Fix GH-12633: sqlite3_defensive.phpt fails with sqlite 3.44.0
2023-11-10 00:03:33 +01:00
standard
Fix GHSA-3cr5-j632-f35r: Null byte in hostnames
2025-06-23 23:00:30 +02:00
sysvmsg
sysvsem
sysvshm
Add Windows GitHub actions build
2023-03-01 23:02:03 +01:00
tidy
Unparallelize IO heavy tests
2023-03-27 16:33:36 +02:00
tokenizer
Add missing EXTENSION section to tests
2022-10-27 14:39:43 +01:00
xml
Fix GHSA-wg4p-4hqh-c3g9
2025-03-11 21:50:17 +01:00
xmlreader
Fix null pointer dereferences in case of allocation failure
2023-10-24 19:34:47 +02:00
xmlwriter
Backport 4fe82131: Backport libxml2 2.13.2 fixes (#14816)
2024-10-12 15:12:40 +02:00
xsl
Backport e2d97314: Backport deprecation warning ignores to unbreak CI
2024-10-12 15:12:40 +02:00
zend_test
Partial backport of e7462bf
2024-10-30 14:20:47 +01:00
zip
fix GH-12661 (Inconsistency in ZipArchive::addGlob remove_path Option Behavior)
2023-11-14 14:54:20 +01:00
zlib
Temporarily disable failing zlib tests on travis (#10738)
2023-11-22 20:39:30 -06:00
ext_skel.php