archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 22:18:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
128150 commits 526 branches 1434 tags 867 MiB
Commit graph

588 commits

Author SHA1 Message Date
Kalle Sommer Nielsen
09f829d996 Remove these old comments, as for the TODO, there is already a FR for this 2017-10-29 16:36:34 +01:00
Anatol Belski
ce1a0d971b fix NULL deref 2017-08-01 11:55:32 +02:00
Kalle Sommer Nielsen
4d684a6cd7 WS 2017-07-14 03:42:15 +02:00
Kalle Sommer Nielsen
997e2e5452 Ensure that the stream position is kept between reads 2017-07-14 01:59:23 +02:00
Kalle Sommer Nielsen
f7d9f6456c Turn off EXIF_DEBUG so Travis don't complain at me 2017-07-14 01:18:58 +02:00
Kalle Sommer Nielsen
bf7f6f9078 Don't add a new line to undefined tags in EXIF_DEBUG mode 2017-07-14 01:17:34 +02:00
Kalle Sommer Nielsen
9cf586cdfb Fix compile error with EXIF_DEBUG 2017-07-14 01:12:00 +02:00
Dmitry Stogov
2b7d3fb45f Fixed compilation error 2017-07-12 09:46:22 +03:00
Kalle Sommer Nielsen
7845182edd Remove debug code 2017-07-12 06:12:07 +02:00
Kalle Sommer Nielsen
363bb03b7e We need to check for the length here too, or we crash and no one likes that! :( 2017-07-12 06:11:14 +02:00
Kalle Sommer Nielsen
969eb8345b * Implemented #65187 (exif_read_data/thumbnail: add support for stream resource) 
* ext/exif now uses FAST_ZPP
 2017-07-12 05:43:50 +02:00
Kalle Sommer Nielsen
7bb696dc49 Silent compiler warning 2017-07-08 19:05:28 +02:00
Kalle Sommer Nielsen
ba28d75c2c Deprecated the read_exif_data() alias 2017-07-08 15:02:05 +02:00
Kalle Sommer Nielsen
134047dfde We currently don't use the guessing code, so don't compile it 2017-07-07 12:23:24 +02:00
Kalle Sommer Nielsen
e6903d471e * Fixed bug #72819 (EXIF thumbnails not read anymore) 
* Fixed bug #62523 (php crashes with segfault when exif_read_data called)
* Fixed the poor test case for #62523, which was a HTML document

Fixing #72819 had the side effect of fixing #62523 by supporting the format as seen in bug62523_1.phpt
 2017-07-07 12:20:05 +02:00
Kalle Sommer Nielsen
cd8d0aad7f Fixed bug #50660 (exif_read_data(): Illegal IFD offset (works fine with other exif readers)) 2017-07-07 11:29:23 +02:00
Kalle Sommer Nielsen
900ce92c9a Fixed bug #74428 (exif_read_data(): "Illegal IFD size" warning occurs with correct exif format) 2017-07-07 10:20:02 +02:00
Tom Van Looy
04fb3f28ff Remove superfluous semicolons 2017-06-26 00:23:25 +02:00
Kalle Sommer Nielsen
818272ae10 Added more EXIF MAKERNOTE formats: 
- AGFA,
 - Kyocera
 - Ricoh
 - Epson
 2017-05-28 14:00:51 +02:00
Stanislav Malyshev
19e80ef496 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Update more functions with path check
 2017-01-15 17:32:37 -08:00
Stanislav Malyshev
43d0f2abc5 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Update more functions with path check
 2017-01-15 17:32:26 -08:00
Stanislav Malyshev
0ab1af7d3e Update more functions with path check 2017-01-15 17:31:08 -08:00
Nikita Popov
769e17ce9b Merge branch 'PHP-7.0' into PHP-7.1 2017-01-05 11:38:17 +01:00
Nikita Popov
2022dacb99 Merge branch 'PHP-5.6' into PHP-7.0 2017-01-05 11:38:05 +01:00
Nikita Popov
900b17b15f Fix printf modifier 2017-01-05 11:37:06 +01:00
Mitch Hagstrand
54404808ab Fix overrun in exif's "Illegal components" error message. 
The variables "components" is an integer, but is being
output as long. As a result it is printing 8 bytes
instead of 4 bytes.
 2017-01-04 17:44:00 -08:00
Sammy Kaye Powers
dac6c639bb Update copyright headers to 2017 2017-01-04 11:23:42 -06:00
Sammy Kaye Powers
478f119ab9 Update copyright headers to 2017 2017-01-04 11:14:55 -06:00
Sammy Kaye Powers
1e3624290a Resolve conflict 2017-01-03 08:01:05 -06:00
Stanislav Malyshev
0de25147d3 Merge branch 'PHP-7.1' 
* PHP-7.1:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 21:26:20 -08:00
Stanislav Malyshev
2075fb2b73 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 21:07:01 -08:00
Stanislav Malyshev
7f0de1a138 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 21:01:35 -08:00
Sammy Kaye Powers
9e29f841ce Update copyright headers to 2017 2017-01-02 09:30:12 -06:00
Stanislav Malyshev
1cda0d7c2f Fix bug #73737 FPE when parsing a tag format 2016-12-31 19:31:49 -08:00
Stanislav Malyshev
defa47b94d Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Same issue as #72926 in another place.
 2016-09-04 20:58:09 -07:00
Stanislav Malyshev
a2fdf0f413 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Same issue as #72926 in another place.
 2016-09-04 20:57:46 -07:00
Stanislav Malyshev
b578580e88 Same issue as #72926 in another place. 2016-09-04 20:49:34 -07:00
Kalle Sommer Nielsen
24d0fcf8bc Merge branch 'PHP-7.1' 2016-08-17 21:09:46 +02:00
Kalle Sommer Nielsen
af8283dd50 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Further fix bug #72627 from Stas
 2016-08-17 21:01:05 +02:00
Kalle Sommer Nielsen
15b7b1a510 Further fix bug #72627 from Stas 
There is another code path with almost the same identical code that also leaks memory in case of invalid reads, fix this as well
 2016-08-17 20:51:50 +02:00
Xinchen Hui
660d8f1622 Merge branch 'PHP-7.1' 
* PHP-7.1: (49 commits)
  Update NEWs
  Update NEWs
  Unused label
  Fixed bug #72853 (stream_set_blocking doesn't work)
  fix test
  Bug #72663 - part 3
  Bug #72663 - part 2
  Bug #72663 - part 1
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  ...
 2016-08-17 17:15:11 +08:00
Xinchen Hui
ce6ad9bdd9 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (48 commits)
  Update NEWs
  Unused label
  Fixed bug #72853 (stream_set_blocking doesn't work)
  fix test
  Bug #72663 - part 3
  Bug #72663 - part 2
  Bug #72663 - part 1
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  ...

Conflicts:
	ext/standard/var_unserializer.c
 2016-08-17 17:14:30 +08:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
f8a75d4eee Merge branch 'PHP-7.0' into PHP-7.0.10 
* PHP-7.0: (34 commits)
  Fix URL rewriter partially
  Support "git worktree"
  Add NEWS
  Fix ASSERT logic
  Bugfix 72791: fix memory leak in PDO persistent connections
  Don't copy mime types in CLI server
  Remove obsolete Id tags
  Bump version in OCI8 test
  Fixed bug #72788 (Invalid memory access when using persistent PDO connection)
  Remove typo'd commit
  Fix bug 72788: Invalid memory access when database_object_handle is undefined. Also fix memory leak in dbh_free when using persistent PDO connections.
  Replace dead branch with ZEND_ASSERT()
  Add test for bug #69107: finfo no longer detects PHP files
  Fix bug #55451
  Fix stream_socket_enable_crypto() test
  Remove old $Id$ tags
  Sync with 7.1 branch changes from Nikita & Dimitri to keep OCI8 code identical
  Fix bug #72524 (Binding null values triggers ORA-24816 error)
  Fix the fix (Nikita), thanks!
  Check the return value of dbconvert() in mssql_guid_string(), as it may return -1 in case the conversion failed. In that case false is returned.
  ...

Conflicts:
	ext/standard/ftp_fopen_wrapper.c
 2016-08-16 23:50:42 -07:00
Stanislav Malyshev
6dbb1ee46b Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF 2016-08-16 22:55:40 -07:00
Stanislav Malyshev
24fb60ffe9 Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF 
(cherry picked from commit 620b01337cc39f856ca68c34c35e154f5f0682fc)

Conflicts:
	ext/exif/exif.c
 2016-08-16 15:04:16 +02:00
Kalle Sommer Nielsen
af56fed73b Fixed bug #71534 (Type confusion in exif_read_data() leading to heap overflow in debug mode) 
Unlike the original patch, this does not return an unknown format in case an unsigned compatible type cannot be found (cases for SINGLE and DOUBLE removed), as these seems rare cases according to the inline comments.

Note, the test does not test if PHP is in debug mode, although the report originally states it only occurs there only.

The fix is based on a patch by hlt99 at blinkenshell dot org
 2016-08-07 05:35:46 +02:00
Kalle Sommer Nielsen
b0263db457 Added some extended info about ext/exif to phpinfo() 2016-08-07 05:11:40 +02:00
Kalle Sommer Nielsen
94cc0c8919 Remove void comment 2016-08-07 04:58:29 +02:00
Kalle Sommer Nielsen
8fd640f957 Added support for Sigma/Foveon EXIF tags 
Note, the tag_info_array is re-used for both SIGMA and FOVEON, as their IFD headers can differ
 2016-08-06 12:37:10 +02:00