archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 15:08:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
135288 commits 526 branches 1434 tags 877 MiB
Commit graph

970 commits

Author SHA1 Message Date
Stanislav Malyshev
fc8eff897b More fixes for bug #70219 2015-08-28 21:50:21 -07:00
Stanislav Malyshev
24dda816d0 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  5.4.45 next

Conflicts:
	configure.in
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-08-25 23:08:49 -07:00
Stanislav Malyshev
df4bf28f9f Fix bug #70219 (Use after free vulnerability in session deserializer) 2015-08-23 19:56:12 -07:00
Anatol Belski
6065b29fe4 Reverted ad4533fdba 
The E_ERROR to E_RECOVERABLE_ERROR should be readded with the
proper tests.
 2015-07-21 11:18:36 +02:00
Yasuo Ohgaki
ad4533fdba Change E_ERROR and some E_WARNING to E_RECOVERABLE_ERROR. 2015-07-21 12:59:23 +09:00
Aaron Piotrowski
7ec1e17464 Update memory freeing and other issues, revert some changes 2015-07-05 23:25:53 -05:00
Aaron Piotrowski
907476f34c Convert E_ERROR to thrown Error in extensions 2015-07-05 12:16:57 -05:00
Dmitry Stogov
4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Dmitry Stogov
4bd22cf1c1 Improved zend_string API (Francois Laupretre) 
Squashed commit of the following:

commit d96eab8d79
Author: Francois Laupretre <francois@tekwire.net>
Date:   Fri Jun 26 01:23:31 2015 +0200

    Use the new 'ZSTR' macros in the rest of the code.

    Does not change anything to the generated code (thanks to compat macros) but cleaner.

commit b352643910
Author: Francois Laupretre <francois@tekwire.net>
Date:   Thu Jun 25 13:45:06 2015 +0200

    Improve zend_string API

    Add missing methods
 2015-06-29 16:44:54 +03:00
Bob Weinand
b477aa1fad Fix bug #69952 (Dereferencing issue in session_start()) 2015-06-28 16:30:58 +02:00
Dmitry Stogov
1c754f0b71 Get rid of more ZVAL_ZVAL() macros 2015-06-12 13:33:14 +03:00
Josef Šimánek
413d23f6f0 Remove MSIE 5-specific Cache-Control fields. 
reverts 04daa55
 2015-05-12 09:53:17 +02:00
Anatol Belski
512429ffc5 fix datatype mismatches 2015-03-24 22:02:33 +01:00
Anatol Belski
3066851dab fix datatype mismatches 2015-03-24 22:02:29 +01:00
Anatol Belski
663074b6b1 cleanup mod version macros and mod defs, round x 2015-03-23 21:30:22 +01:00
Julien Pauli
4d3a3811a9 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fix flaws in session module

Conflicts:
	ext/session/session.c
 2015-03-16 16:11:02 +01:00
Julien Pauli
2a50877428 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix flaws in session module
 2015-03-16 16:01:12 +01:00
Julien Pauli
4dba99c226 Fix flaws in session module 2015-03-16 16:00:46 +01:00
Dmitry Stogov
8633685675 Use specialized macro for string zval creation 2015-03-12 16:53:51 +03:00
Reeze Xia
609f05fc19 ZTS cleanup 2015-03-08 19:25:55 +08:00
Anatol Belski
af3ca74501 made ZEND_TSRMLS_CACHE_* macros look like function calls 
which also comply with the current semantics for such macros
 2015-02-16 17:19:32 +01:00
Dmitry Stogov
e10e151e9b Merged zend_array and HashTable into the single data structure. 
Now each HashTable is also zend_array, so it's refcounted and may be a subject for Copy on Write
zend_array_dup() was changed to allocate and return HashTable, instead of taking preallocated HashTable as argument.
 2015-02-13 22:20:39 +03:00
Yasuo Ohgaki
741b5952c6 Pass maxlifetime to save handlers 2015-02-12 13:07:27 +09:00
Yasuo Ohgaki
5afe554d32 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fixed bug #68063 Empty session IDs do still start sessions

Conflicts:
	ext/session/session.c
	ext/session/tests/bug61470.phpt
 2015-02-03 13:49:14 +09:00
Yasuo Ohgaki
2983ef3c48 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #68063 Empty session IDs do still start sessions
 2015-02-03 13:41:31 +09:00
Yasuo Ohgaki
853ae39d6e Fixed bug #68063 Empty session IDs do still start sessions 2015-02-03 13:38:49 +09:00
Yasuo Ohgaki
e93042998a Fixed bug #61470 - session_regenerate_id() does not create session file. 
Made session_regenerate_id() raise error for wrong usage.
 2015-02-03 12:23:00 +09:00
Yasuo Ohgaki
f248df9003 Cleanup trans sid code. Behavior is unchanged. 
Fixed possible injections. Escape values usually internal safe values.
 2015-02-02 17:06:16 +09:00
Michael Wallner
330d158e93 fix warning 2015-01-30 20:11:25 +01:00
Xinchen Hui
d96eb4b0a8 reorder the branches 2015-01-29 12:50:56 +08:00
Xinchen Hui
18c647cce2 Merge branch 'master' of https://git.php.net/repository/php-src 2015-01-29 12:35:44 +08:00
Xinchen Hui
14396a3264 ppid must be IS_STRING 2015-01-29 12:35:18 +08:00
Yasuo Ohgaki
70b2d2eefa Use proper type 2015-01-29 13:31:40 +09:00
Xinchen Hui
4da7e4de29 The argument must be not changed in session_start 2015-01-29 12:26:13 +08:00
Yasuo Ohgaki
f90f6108c8 Merge branch 'master' into master-rfc-session-lock4 
Conflicts:
	UPGRADING
 2015-01-29 09:55:36 +09:00
Xinchen Hui
a0cf025134 Fixed #68868 (Segfault in clean_non_persistent_constants() in SugarCRM 6.5.20) 2015-01-28 17:12:23 +08:00
Yasuo Ohgaki
e71099bc4e Remove legacy code 2015-01-28 16:01:10 +09:00
Yasuo Ohgaki
4d747b1356 Forgot to apply important peace of patch 2015-01-28 14:22:22 +09:00
Yasuo Ohgaki
feeaaa4c3f Fixed crash 2015-01-28 08:03:37 +09:00
Yasuo Ohgaki
7b17980875 Update UPGRADING and UPGRADING.INTERNALS 2015-01-26 06:14:40 +09:00
Yasuo Ohgaki
0c9bfa96b2 Make session_decode return FALSE when it fails. 
Fix a test.
Use proper types.
 2015-01-25 15:26:00 +09:00
Yasuo Ohgaki
e6c8640a2a WIP - test passes 2015-01-22 13:34:58 +09:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Anatol Belski
c6bad96f30 Merge remote-tracking branch 'origin/master' into native-tls 
* origin/master: (398 commits)
  NEWS
  add test for bug #68381
  Fixed bug #68381 Set FPM log level earlier during init
  proper dllexport
  move to size_t where zend_string is used internally
  fix some datatype mismatches
  return after the warning, to fix uninitialized salt usage
  fix datatype mismatches
  add missing type specifier
  fix datatype mismatches
  fix unsigned check
  "extern" shouldn't be used for definitions
  joined identical conditional blocks
  simplify fpm tests
  SEND_VAR_NO_REF optimization
  Add test for bug #68442
  Add various tests for FPM - covering recent bugs (68420, 68421, 68423, 68428) - for UDS - for ping and status URI - for multi pool and multi mode
  Include small MIT FastCGI client library from https://github.com/adoy/PHP-FastCGI-Client
  Get rid of zend_free_op structure (use zval* instead). Get rid of useless TSRMLS arguments.
  Add new FPM test for IPv4/IPv6
  ...

Conflicts:
	win32/build/config.w32
 2014-11-18 21:18:52 +01:00
Yasuo Ohgaki
9e072d9565 Remove unneeded md5 hashing from PHP-5.6 branch. 
It's removed from master already by my previous commit.
 2014-11-12 13:43:54 +09:00
Yasuo Ohgaki
6b8328de74 Merge branch 'PHP-5.6' 
* PHP-5.6:
  Fixed bug #68331 - This was partial patch for https://wiki.php.net/rfc/session-lock-ini
  Fixed 2 tests that expects bool retrun value from save handler.

Conflicts:
	ext/session/session.c
 2014-11-06 13:49:43 +09:00