archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
139815 commits 526 branches 1434 tags 864 MiB
Commit graph

611 commits

Author SHA1 Message Date
Nikita Popov
ece375052b Fix float conversion warning 
We are okay with the loss of precision here...
 2020-06-12 10:20:10 +02:00
George Peter Banyard
e37501e6c7 Fix [-Wundef] warning in EXIF extension 2020-05-16 15:31:16 +02:00
Nikita Popov
810c5c74e6 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fix bug #79336
 2020-04-16 12:18:50 +02:00
Nikita Popov
0b709e3409 Fix bug #79336 
Make reading of floats and doubles host-endian independent.
 2020-04-16 12:18:41 +02:00
Máté Kocsis
7c3078737f
Generate function entries from stubs for a couple of extensions 
Closes GH-5347
 2020-04-04 20:41:48 +02:00
Christoph M. Becker
ea7cf2eb67 Merge branch 'PHP-7.4' 
* PHP-7.4:
  [ci skip] Update NEWS
  Fix test
  Fix bug #79329 - get_headers should not accept \0
  Fixed bug #79282
  Fix #79283: Segfault in libmagic patch contains a buffer overflow
  Fix #79371: mb_strtolower (UTF-32LE): stack-buffer-overflow
  [ci skip] Update NEWS
  Fix test
  Fix bug #79329 - get_headers should not accept \0
  Fixed bug #79282
  Fix #79371: mb_strtolower (UTF-32LE): stack-buffer-overflow
 2020-03-17 10:33:28 +01:00
Stanislav Malyshev
9ed82b1f7b Fixed bug #79282 2020-03-16 22:42:15 -07:00
Stanislav Malyshev
b9d32197cb Fixed bug #79282 2020-03-16 22:40:48 -07:00
Stanislav Malyshev
25238bdf60 Fixed bug #79282 2020-03-16 22:40:00 -07:00
Nikita Popov
7a062cf9cd Handle EXIF offsets in a principled manner 
exif_process_IFD_TAG() currently accepts a dir_entry, offset_base
and IFDlength. However, it's very hard to follow how these values
are related to each other and the addressable memory region. As we
add additional bounds check, this gets further confused.

One of the basic cases is where dir_entry is in
[offset_base, offset_base+IFDlength), in which case the memory
[dir_entry, offset_base+IFDlength) is valid, but the memory
[offset_base, dir_entry) is not necessarily valid. I wasn't able
to understand what exactly is valid if dir_entry is outside
[offset_base, offset_base+IFDlength)

This patch changes everything to use a struct that separately stores
offset_base and the valid memory region and adds helpers to fetch
offsets and check that pointers are in-bounds.

Closes GH-5068.
 2020-02-18 15:17:38 +01:00
Máté Kocsis
99db00b1f2
Fix #78880 Another round 2020-01-19 18:28:43 +01:00
Máté Kocsis
7b4a4d2ace
Use RETURN_THROWS() after try_convert_to_string() 2020-01-03 17:04:06 +01:00
Máté Kocsis
382a038e05
Use ZEND_THROWS() during ZPP in enchant, exif, fileinfo, filter, and FTP extensions 2019-12-31 00:21:37 +01:00
Nikita Popov
d21ad4d955 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fixed bug #79046
 2019-12-30 17:24:16 +01:00
Nikita Popov
d1537e506e Fixed bug #79046 2019-12-30 17:23:53 +01:00
Nikita Popov
f0d1a27951 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Avoid float to int cast UB in exif
 2019-12-17 13:26:32 +01:00
Nikita Popov
dd997a40d0 Avoid float to int cast UB in exif 2019-12-17 13:26:05 +01:00
Stanislav Malyshev
0dfff646a2 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fix test
  Fix bug #78793
  Fix build - no model field anymore
  Fixed bug #78910
  Fix #78878: Buffer underflow in bc_shift_addsub
  Fix test
  Fix #78862: link() silently truncates after a null byte on Windows
  Fix #78863: DirectoryIterator class silently truncates after a null byte
  Fix #78943: mail() may release string with refcount==1 twice
 2019-12-16 10:07:15 -08:00
Stanislav Malyshev
6b010b5d86 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix test
  Fix bug #78793
 2019-12-16 10:05:02 -08:00
Stanislav Malyshev
5cb4686753 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix test
  Fix bug #78793
 2019-12-16 10:04:03 -08:00
Stanislav Malyshev
c14eb8de97 Fix bug #78793 2019-12-16 01:14:58 -08:00
Stanislav Malyshev
c85a877577 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix build - no model field anymore
 2019-12-16 01:11:01 -08:00
Stanislav Malyshev
b74a300edf Fix build - no model field anymore 2019-12-16 01:10:42 -08:00
Stanislav Malyshev
d9f57e8316 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fixed bug #78910
  Fix #78878: Buffer underflow in bc_shift_addsub
  Fix test
  Fix #78862: link() silently truncates after a null byte on Windows
  Fix #78863: DirectoryIterator class silently truncates after a null byte
  Fix #78943: mail() may release string with refcount==1 twice
 2019-12-16 00:39:37 -08:00
Stanislav Malyshev
a65b8abf2c Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fixed bug #78910
  Fix #78878: Buffer underflow in bc_shift_addsub
  Fix test
  Fix #78862: link() silently truncates after a null byte on Windows
  Fix #78863: DirectoryIterator class silently truncates after a null byte
 2019-12-16 00:38:54 -08:00
Stanislav Malyshev
d348cfb96f Fixed bug #78910 2019-12-16 00:10:39 -08:00
George Peter Banyard
761e8c7707 Remove dead commented code and dead code in-between KALLE_0 ifdefs. 
Closes GH-4986
 2019-12-08 20:21:40 +01:00
Nikita Popov
80cfd99074 Reduce reallocations in exif parsing 
Instead of reallocating lists element by element, increase the
allocated list size exponentially.
 2019-11-07 21:20:34 +01:00
Nikita Popov
49327e2e15 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Improve exif tag name fetching
  Implement a cache for exif tag name lookups
  Limit the amount of errors generated during exif parsing
 2019-10-18 16:55:46 +02:00
Nikita Popov
650115c827 Improve exif tag name fetching 2019-10-18 16:55:05 +02:00
Nikita Popov
56e3e6f135 Implement a cache for exif tag name lookups 2019-10-18 16:54:56 +02:00
Nikita Popov
e5324a2484 Limit the amount of errors generated during exif parsing 
Emitting errors is fairly expensive, to the point that parsing
a file with a huge number of invalid tags can take seconds.
Generating ten thousand errors is unlikely to help anybody, but
constitutes a potential DOS vector.
 2019-10-18 16:54:49 +02:00
Nikita Popov
b53b2f3e82 Merge branch 'PHP-7.4' 2019-10-09 17:34:00 +02:00
Nikita Popov
5b44560dfc Merge branch 'PHP-7.3' into PHP-7.4 2019-10-09 17:33:52 +02:00
Nikita Popov
a0163417ef Merge branch 'PHP-7.2' into PHP-7.3 2019-10-09 17:33:44 +02:00
Nikita Popov
daf1fc6e31 Avoid float to int cast UB in exif 2019-10-09 17:33:29 +02:00
Nikita Popov
cb657440b4 Merge branch 'PHP-7.4' 2019-10-09 14:58:17 +02:00
Nikita Popov
a4d7f4c3e1 Merge branch 'PHP-7.3' into PHP-7.4 2019-10-09 14:58:10 +02:00
Nikita Popov
cbf589b17c Merge branch 'PHP-7.2' into PHP-7.3 2019-10-09 14:58:01 +02:00
Nikita Popov
d6ca174d5b Remove redundant components < 0 check 
components is an unsigned number, it cannot be smaller than zero.
 2019-10-09 14:57:24 +02:00
peter279k
1ea329d457 Fix bug #77204 
Include opened path in getimagesize() error message
 2019-10-02 11:21:17 +02:00
Gabriel Caruso
5d6e923d46
Remove mention of PHP major version in Copyright headers 
Closes GH-4732.
 2019-09-25 14:51:43 +02:00
Nikita Popov
c6315f86c9 Merge branch 'PHP-7.4' 2019-09-22 12:13:22 +02:00
Nikita Popov
5e48bb7e1f Merge branch 'PHP-7.3' into PHP-7.4 2019-09-22 12:10:49 +02:00
Nikita Popov
9cd365e571 Merge branch 'PHP-7.2' into PHP-7.3 2019-09-22 12:10:42 +02:00
Nikita Popov
f989a4cd44 Fix leak of temporary buffer during exif tag reading 2019-09-22 12:10:17 +02:00
Nikita Popov
0a6291b81a Merge branch 'PHP-7.4' 2019-09-22 10:27:21 +02:00
Nikita Popov
0508a70640 Merge branch 'PHP-7.3' into PHP-7.4 2019-09-22 10:27:07 +02:00
Nikita Popov
623d897998 Merge branch 'PHP-7.2' into PHP-7.3 2019-09-22 10:26:57 +02:00
Nikita Popov
0701835c01 Fix multiple leaks in exif_read_data() 
This fixes two leaks related to duplicate tags, as well as a leak
of zero-length FMT_(S)BYTE with non-null value. This can show up
for MAKERNOTE values where the original length is non-zero, but
the first character is a null byte.
 2019-09-21 20:40:03 +02:00