php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-11 01:53:36 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d89408075f1327a36e414ea62cdce5ff575ef699
archived-php-src/ext/standard
History
Tim Düsterhus f2e8c5da90 unserialize: Strictly check for :{ at object start (#10214) 
* unserialize: Strictly check for `:{` at object start

* unserialize: Update CVE tests

It's unlikely that the object syntax error contributed to the actual CVE. The
CVE is rather caused by the incorrect object serialization data of the `C`
format. Add a second string without such a syntax error to ensure that path is
still executed as well to ensure the CVE is absent.

* Fix test expectation in gmp/tests/bug74670.phpt

No changes to the input required, because the test actually is intended to
verify the behavior for a missing `}`, it's just that the report position changed.

* NEWS

* UPGRADING
2023-01-12 19:55:54 +01:00
..
html_tables
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
libavifinfo
Implement php_handle_avif() using libavifinfo
2021-12-15 20:27:40 +01:00
tests
unserialize: Strictly check for :{ at object start (#10214)
2023-01-12 19:55:54 +01:00
array.c
Merge branch 'PHP-8.1' into PHP-8.2
2022-10-10 11:25:33 +03:00
assert.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
base64.c
Windows arm64 zend and standard extension support
2022-08-09 12:45:14 +02:00
base64.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
basic_functions_arginfo.h
Declare ext/standard constants in stubs - part 7 (#9505)
2022-09-08 13:57:07 +02:00
basic_functions.c
Merge branch 'PHP-8.1' into PHP-8.2
2022-11-09 15:23:21 +01:00
basic_functions.h
Implement Random Extension
2022-07-19 10:27:38 +01:00
basic_functions.stub.php
Declare ext/standard constants in stubs - part 7 (#9505)
2022-09-08 13:57:07 +02:00
browscap.c
Fix 'can not' in test data and in code comments
2021-10-05 09:51:58 +01:00
config.m4
GH-9464: Fix build on older macOs releases.
2022-09-04 02:12:28 +01:00
config.w32
Windows arm64 build system support
2022-08-09 16:22:14 +02:00
crc32_x86.c
Avoid possible [-Wstrict-prototypes] build warnings
2022-02-24 16:14:47 +01:00
crc32_x86.h
X86: Fast CRC32 computation using PCLMULQDQ instruction
2020-09-02 15:10:41 +02:00
crc32.c
crc32 Aarch64 add crc feature to crc32_aarch64 from clang
2022-07-22 12:46:11 +01:00
crc32.h
phar: crc32: Extend and cleanup API for the new bulk crc32 functions
2021-07-03 21:03:47 +02:00
credits_ext.h
Run scripts/dev/credits
2022-07-19 17:45:15 +02:00
credits_sapi.h
credits.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
credits.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
crypt_blowfish.c
Add "const". Move constant strings to read-only memory.
2020-09-07 21:35:48 +03:00
crypt_blowfish.h
Clean house in cryptographic hashing code
2020-06-24 13:40:27 +02:00
crypt_freesec.c
Use standard C99 uint8_t type instead of u_char type for crypt_freesec (#8610)
2022-05-23 19:06:41 +01:00
crypt_freesec.h
Use standard C99 uint8_t type instead of u_char type for crypt_freesec (#8610)
2022-05-23 19:06:41 +01:00
crypt_sha256.c
Follow up on #8897 but on master which instead does not use the old custom alloca.
2022-07-04 12:56:01 +01:00
crypt_sha512.c
Follow up on #8897 but on master which instead does not use the old custom alloca.
2022-07-04 12:56:01 +01:00
crypt.c
Implement Random Extension
2022-07-19 10:27:38 +01:00
css.c
phpinfo HTML Output: Make module title names clickable and link to the URL fragment
2022-07-20 17:18:34 +02:00
css.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
datetime.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
datetime.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
dir_arginfo.h
Declare Directory properties
2021-08-19 10:39:23 +02:00
dir.c
Fix bug #65489: glob() basedir check is inconsistent
2022-08-02 18:36:29 +01:00
dir.stub.php
Declare Directory properties
2021-08-19 10:39:23 +02:00
dl_arginfo.h
Include stub hash in generated arginfo files
2020-06-24 09:55:19 +02:00
dl.c
Fix crash reading module_entry after DL_UNLOAD() when module already loaded
2022-11-09 17:51:45 +01:00
dl.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
dl.stub.php
dns_win32.c
Declare ext/standard constants in stubs - part 5
2022-09-02 15:04:49 +02:00
dns.c
Declare ext/standard constants in stubs - part 5
2022-09-02 15:04:49 +02:00
exec.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
exec.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
file_arginfo.h
Fix GH-9518: Disabling IPv6 support disables unrelated constants
2022-09-10 18:12:22 +02:00
file.c
Declare ext/standard constants in stubs - part 2 (#9426)
2022-08-26 14:40:48 +02:00
file.h
Make php_fgetcsv() return a HashTale instead of in-out zval param (#8936)
2022-07-08 12:11:05 +01:00
file.stub.php
Fix GH-9518: Disabling IPv6 support disables unrelated constants
2022-09-10 18:12:22 +02:00
filestat.c
Fix some MSAN complaints under Clang (#8553)
2022-05-13 23:30:20 +01:00
filters.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
flock_compat.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
flock_compat.h
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
formatted_print.c
Merge branch 'PHP-8.0' into PHP-8.1
2021-09-29 12:21:49 +02:00
fsock.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
fsock.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
ftok.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
ftp_fopen_wrapper.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
head.c
Simplify and move check for too high expiry time, which you can't reach on 32bit systems
2022-08-11 16:27:25 +01:00
head.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
hrtime.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
hrtime.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
html_tables.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
html.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
html.h
Refactor php_next_utf8_char() to use zend_result
2022-03-13 13:48:21 +00:00
http_fopen_wrapper.c
Merge branch 'PHP-8.1'
2022-08-18 12:31:56 +02:00
http.c
Reduce memory allocated by var_export, json_encode, serialize, and other (#8902)
2022-07-08 14:47:46 +02:00
image.c
Declare ext/standard constants in stubs - part 6
2022-09-02 16:07:25 +02:00
incomplete_class.c
Fixed some spaces used instead of tabs
2021-06-29 11:30:26 +02:00
info.c
phpinfo HTML Output: Make module title names clickable and link to the URL fragment
2022-07-20 17:18:34 +02:00
info.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
iptc.c
Fix some MSAN complaints under Clang (#8553)
2022-05-13 23:30:20 +01:00
levenshtein.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
link.c
Fix some MSAN complaints under Clang (#8553)
2022-05-13 23:30:20 +01:00
mail.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
Makefile.frag
Revert "Remove some unnecessary explicit header dependencies"
2021-03-16 14:22:25 +01:00
Makefile.frag.w32
math.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
md5.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
md5.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
metaphone.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
microtime.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
net.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
pack.c
zend introduce const GNUC attribute. sub optimisation where there is no pointers, nor particular memory layout, thread local/volatile ... involved. usage concealed for now into little pack helpers.
2022-08-15 19:49:24 +01:00
pack.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
pageinfo.c
Don't initialise pointers to zend_stat_t
2022-05-22 16:13:44 +01:00
pageinfo.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
password.c
Implement Random Extension
2022-07-19 10:27:38 +01:00
php_array.h
Declare ext/standard constants in stubs - part 1 (#9404)
2022-08-24 16:09:48 +02:00
php_assert.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_browscap.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_crypt_r.c
Merge branch 'PHP-8.0' into PHP-8.1
2022-09-29 20:40:33 +01:00
php_crypt_r.h
fix php_init_crypt_r/php_shutdown_crypt_r signatures warning.
2022-09-29 20:40:16 +01:00
php_crypt.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_dir.h
Remove unnecessary PHP_FUNCTION() declarations (#7472)
2021-09-07 10:04:00 +02:00
php_dns.h
Declare ext/standard constants in stubs - part 5
2022-09-02 15:04:49 +02:00
php_ext_syslog.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_filestat.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_fopen_wrapper.c
Initialise zend_stat_t to fix MSAN build
2022-05-22 16:06:27 +01:00
php_fopen_wrappers.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_http.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_image.h
Declare ext/standard constants in stubs - part 6
2022-09-02 16:07:25 +02:00
php_incomplete_class.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_lcg.h
Implement Random Extension
2022-07-19 10:27:38 +01:00
php_mail.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_math.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_mt_rand.h
Implement Random Extension
2022-07-19 10:27:38 +01:00
php_net.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_password.h
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
php_rand.h
Implement Random Extension
2022-07-19 10:27:38 +01:00
php_random.h
Implement Random Extension
2022-07-19 10:27:38 +01:00
php_smart_string_public.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_smart_string.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_standard.h
Implement Random Extension
2022-07-19 10:27:38 +01:00
php_string.h
Declare ext/standard constants in stubs - part 7 (#9505)
2022-09-08 13:57:07 +02:00
php_uuencode.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_var.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
php_versioning.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
proc_open.c
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
proc_open.h
Refactor proc_open() implementation (#7255)
2021-08-11 14:51:55 +02:00
quot_print.c
Fixed some spaces used instead of tabs
2021-06-29 11:30:26 +02:00
quot_print.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
scanf.c
Specify function pointer signature for scanf implementation
2021-05-12 18:58:44 +01:00
scanf.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
sha1.c
Avoid K&R style function declarations in sha1()
2022-07-28 22:29:42 +02:00
sha1.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
soundex.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
streamsfuncs.c
Merge branch 'PHP-8.1' into PHP-8.2
2022-10-01 11:24:23 +02:00
streamsfuncs.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
string.c
Merge branch 'PHP-8.1' into PHP-8.2
2022-12-30 16:42:45 +00:00
strnatcmp.c
Minor refactoring of std string extension (#8196)
2022-04-23 12:15:13 +01:00
syslog.c
Declare ext/standard constants in stubs - part 4
2022-09-02 12:41:51 +02:00
type.c
Don't unnecessary fetch error in is_callable()
2021-09-01 16:58:46 +02:00
uniqid.c
Implement Random Extension
2022-07-19 10:27:38 +01:00
url_scanner_ex.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
url_scanner_ex.re
Fix [-Wundef] warnings in standard extension
2022-04-01 15:48:41 +01:00
url.c
Revert "Fix parse_url(): can not recognize port without scheme"
2022-09-23 19:44:29 +02:00
url.h
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
user_filters_arginfo.h
Declare php_user_filter::$stream property
2021-08-20 14:50:25 +02:00
user_filters.c
Use more compact representation for packed arrays.
2021-11-03 15:18:26 +03:00
user_filters.stub.php
Declare php_user_filter::$stream property
2021-08-20 14:50:25 +02:00
uuencode.c
Update http->https in license (#6945)
2021-05-06 12:16:35 +02:00
var_unserializer.re
unserialize: Strictly check for :{ at object start (#10214)
2023-01-12 19:55:54 +01:00
var.c
Make var_export/debug_zval_dump check for infinite recursion on the *object* (#9448)
2022-08-30 09:19:45 -04:00
versioning.c
Fixed some spaces used instead of tabs
2021-06-29 11:30:26 +02:00
winver.h