archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
139538 commits 526 branches 1434 tags 865 MiB
Commit graph

272 commits

Author SHA1 Message Date
Stanislav Malyshev
dab757f322 Merge branch 'PHP-7.1' 
* PHP-7.1:
  Add length check for bzcompress too - fix for bug #73356
  More string length checks & fixes
  More string length checks & fixes
 2016-11-03 22:54:12 -07:00
Stanislav Malyshev
25d04ad8e3 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Add length check for bzcompress too - fix for bug #73356
  More string length checks & fixes
  More string length checks & fixes
 2016-11-03 22:53:05 -07:00
Stanislav Malyshev
d858b4c77f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Add length check for bzcompress too - fix for bug #73356
 2016-11-03 22:30:46 -07:00
Stanislav Malyshev
2fa455128c Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  More string length checks & fixes
 2016-11-03 22:05:25 -07:00
Stanislav Malyshev
1fd18821e0 More string length checks & fixes 2016-11-03 21:35:09 -07:00
Kalle Sommer Nielsen
e2b52c510e Always include the header for nice() on Windows 2016-10-18 23:14:46 +02:00
Kalle Sommer Nielsen
64945e9387 Implemented proc_nice() for Windows (FR #49806) 
The core implementation details are described in win32/nice.c for values sent to proc_nice(), these can however be discussed to maybe comply with those of wmic, Anatol, thoughts?

The test supplied uses wmic for testing the functionality, it could potentially fail on systems where either wmic is not available or the system language is not english (as Microsoft tends to translate even CLI programs).
 2016-10-16 04:17:35 +02:00
Christoph M. Becker
6656d32eb3 Merge branch 'PHP-7.0' into PHP-7.1 2016-09-30 11:49:51 +02:00
Christoph M. Becker
dd93712911 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-30 11:40:55 +02:00
Christoph M. Becker
e72165bb86 Fix #73203: passing additional_parameters causes mail to fail 
We make sure that there's no unsigned underflow, which happened for `y==0`.
 2016-09-30 11:38:09 +02:00
Dmitry Stogov
adc95c5114 Fixed compilation warnings 2016-06-23 12:47:06 +03:00
Anatol Belski
2c691f06b5 reapply the sysconf error check patch 2016-02-02 14:26:58 +01:00
Anatol Belski
b837f205ca Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  add error check to sysconf call
  Going for 5.5.33 now

Conflicts:
	configure.in
	main/php_version.h
 2016-02-02 14:22:31 +01:00
Anatol Belski
377d353c9f add error check to sysconf call 2016-02-02 14:19:10 +01:00
Stanislav Malyshev
309ead112f Merge branch 'PHP-5.5.32' into PHP-5.6.18 
* PHP-5.5.32:
  Fixed bug #71488: Stack overflow when decompressing tar archives
  update NEWS
  add missing headers for SIZE_MAX
  backport the escapeshell* functions hardening branch
  add tests
  Fix bug #71459 - Integer overflow in iptcembed()
  Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
  Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
  Fix bug #71335: Type Confusion in WDDX Packet Deserialization
  Fix bug #71354 - remove UMR when size is 0
 2016-02-01 18:32:31 -08:00
Anatol Belski
f4d7bbf4ac backport the escapeshell* functions hardening branch 2016-01-28 13:45:43 +01:00
Anatol Belski
a9048d101f extend _SC_ARG_MAX usage onto platforms where it's available 2016-01-28 12:06:33 +01:00
Anatol Belski
c527549e89 Fixed bug #71039 exec functions ignore length but look for NULL termination 2016-01-12 14:57:22 +01:00
Anatol Belski
22a5ccab72 Follow up on bug #71270 
Using the max allowed command line length for an underlying OS.
 2016-01-12 14:41:44 +01:00
libnex
2871c70efa Patch for Heap Buffer Overflow in EscapeShell 
Proposed patch for bug #71270
 2016-01-06 07:49:21 +01:00
Lior Kaplan
ed35de784f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Happy new year (Update copyright to 2016)
 2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Xinchen Hui
c75d245e82 Revert "Fixed invalid read" 
I must be confused while switching from master to 5.6

This reverts commit 94957a7091.
 2015-07-08 22:34:27 +08:00
Xinchen Hui
da333bfbd8 Fixed bug #70018 (exec does not strip all whitespace) 
Merge branch 'PHP-5.6'

Conflicts:
	ext/standard/exec.c
 2015-07-08 19:30:58 +08:00
Xinchen Hui
94957a7091 Fixed invalid read 2015-07-08 19:19:37 +08:00
Dmitry Stogov
4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Christoph M. Becker
00adcbd3e9 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated NEWS
  Fixed bug #69768 (escapeshell*() doesn't cater to !)
  bump API version to 6.8
 2015-06-24 00:47:18 +02:00
Christoph M. Becker
8da8dc04b6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  updated NEWS
  Fixed bug #69768 (escapeshell*() doesn't cater to !)
  bump API version to 6.8
 2015-06-24 00:23:39 +02:00
Christoph M. Becker
a621781fdb Fixed bug #69768 (escapeshell*() doesn't cater to !) 
When delayed variable substitution is enabled (can be set in the
Registry, for instance), !ENV! works similar to %ENV%, and so ! should
be escaped like %.
 2015-06-24 00:15:55 +02:00
Stanislav Malyshev
563462fbf8 Fixed bug #69646 (OS command injection vulnerability in escapeshellarg) 2015-06-09 21:37:17 -07:00
Stanislav Malyshev
4e2fb47092 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #69646	OS command injection vulnerability in escapeshellarg
  Fix #69719 - more checks for nulls in paths
  fix test description
  Fixed Buf #68812 Unchecked return value.

Conflicts:
	ext/dom/document.c
	ext/gd/gd.c
 2015-06-09 15:31:27 -07:00
Stanislav Malyshev
8036758491 Fix bug #69646 OS command injection vulnerability in escapeshellarg 2015-06-09 10:52:38 -07:00
Dmitry Stogov
d146d15003 Optimize zend_string_realloc() add more specialized versions zend_string_extend() and zend_string_truncate() 2015-03-20 02:02:42 +03:00
Yasuo Ohgaki
7d0e3c01e6 Added NULL byte protection to exec, system and passthru. 2015-02-14 05:37:56 +09:00
Yasuo Ohgaki
096fb06dab Merge branch 'PHP-5.6' 
* PHP-5.6:
  Add NULL byte protection to exec, system and passthru
 2015-02-14 05:28:32 +09:00
Yasuo Ohgaki
3ea76a768c Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Add NULL byte protection to exec, system and passthru
 2015-02-14 05:26:54 +09:00
Yasuo Ohgaki
a8722f5330 Add NULL byte protection to exec, system and passthru 2015-02-14 05:25:04 +09:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Veres Lajos
4b9535341a typo fixes - https://github.com/vlajos/misspell_fixer 2014-11-19 20:23:00 +00:00
Anatol Belski
82c2e3f201 fix build 
ifdef this var declaration to avoid the vs warning
 2014-11-14 22:19:41 +01:00
Anatol Belski
dbddbcc950 remove unused var 2014-11-14 17:39:40 +01:00
Anatol Belski
0565a29e4d fix datatype mismatches 2014-10-22 20:46:33 +02:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski
bf96ee95ce 's' works with size_t round 4 2014-08-27 20:49:37 +02:00
Anatol Belski
3234480827 first show to make 's' work with size_t 2014-08-27 20:49:31 +02:00
Xinchen Hui
a3fd5b6954 Unused variable 2014-08-26 11:50:42 +08:00
Anatol Belski
c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00