archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 23:18:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
82731 commits 526 branches 1434 tags 877 MiB
Commit graph

157 commits

Author SHA1 Message Date
Stanislav Malyshev
ed709d5aa0 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  fix test
  update NEWS
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	ext/soap/php_http.c
	ext/spl/spl_observer.c
 2015-08-04 15:29:13 -07:00
Stanislav Malyshev
69ed3969dd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	.gitignore
	ext/date/php_date.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
 2015-08-04 14:10:57 -07:00
Stanislav Malyshev
c96d08b272 Fix bug #70081: check types for SOAP variables 2015-07-26 16:44:18 -07:00
Reeze Xia
6cb3b941df Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Improve fix for bug 67741
  Added type checks
  Added type checks
 2015-03-03 16:27:35 +08:00
Dmitry Stogov
035d80523f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Added type checks

Conflicts:
	ext/soap/soap.c
 2015-03-03 09:52:21 +03:00
Dmitry Stogov
0c136a2abd Added type checks 2015-03-03 09:44:46 +03:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Philip Hofstetter
9befa8c5f7 fix bug #67955 
this fixes a regression from 6c2a806820.

smart_str_appendl is expecting the length as the length of the string,
but key_length is the byte length of the key, including the 0
terminator.

As such, the cookie name appeneded to the header would now also include
the 0 terminator of the key name which then would be sent to the server.
 2014-09-03 14:35:40 +02:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Dmitry Stogov
6c2a806820 Avoid interned hash key duplication and hash key length recaclulation 2013-11-29 00:57:49 +04:00
Veres Lajos
1b06e0be96 typo fixes 2013-07-15 00:19:49 -07:00
Veres Lajos
72085b0e5f typo fixes 2013-07-15 00:18:57 -07:00
Stanislav Malyshev
02e4d7a290 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:30:59 -07:00
Stanislav Malyshev
ac40c0b562 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:20:18 -07:00
Dmitry Stogov
c782cf7fb3 Added SoapClient constructor option 'ssl_method' to specify ssl method 2013-04-30 10:24:49 +04:00
Xinchen Hui
a666285bc2 Happy New Year 2013-01-01 16:37:09 +08:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Ilia Alshanetsky
9c5ae9954f Fixed bug #61423 (gzip compression fails). 2012-04-03 08:47:00 -04:00
Hannes Magnusson
7a1c765385 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  This is a git checkout
  Revert incorrect fix
 2012-03-24 17:20:14 +01:00
Ilia Alshanetsky
8d0760f38a Revert incorrect fix 2012-03-24 12:27:55 -04:00
Ilia Alshanetsky
f9f631fb76 Fixed bug #61423 (gzip compression fails). 
Conflicts:

	NEWS
 2012-03-22 09:46:33 -04:00
Ilia Alshanetsky
b4aea52682 Fixed bug #61423 (gzip compression fails). 2012-03-22 09:13:45 -04:00
Dmitry Stogov
a8cc0b05b4 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Fixed bug #49853 (Soap Client stream context header option ignored)

Conflicts:
	NEWS
	ext/soap/php_sdl.c
 2012-03-21 16:42:08 +04:00
Dmitry Stogov
657547f8c4 Fixed bug #49853 (Soap Client stream context header option ignored) 2012-03-21 16:32:49 +04:00
Ilia Alshanetsky
aee5a9864d Fixed bug #60842, #51775 (Chunked response parsing error when chunksize length line is > 10 bytes). 2012-03-08 20:14:26 +00:00
Ilia Alshanetsky
b61f335b9d Fixed bug #60842, #51775 (Chunked response parsing error when chunksize length line is > 10 bytes). 2012-03-08 20:14:26 +00:00
Felipe Pena
e4ca0ed09f - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Pierrick Charron
34bb8d8119 Added new SoapClient option "keep_alive". FR #60329 2011-11-18 13:24:35 +00:00
Dmitry Stogov
19a0522a42 Prevent possible integer overflow 2011-11-02 08:07:12 +00:00
Dmitry Stogov
fd28dfc569 Prevent possible integer overflow 2011-11-02 08:07:12 +00:00
Stanislav Malyshev
0a1cc5f01c fix potential integer overflow 2011-10-15 23:57:33 +00:00
Felipe Pena
927bf09c29 - Year++ 2011-01-01 02:19:59 +00:00
Felipe Pena
0203cc3d44 - Year++ 2011-01-01 02:17:06 +00:00
Dmitry Stogov
1b60eb8813 Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). 2010-10-05 11:43:59 +00:00
Dmitry Stogov
8dd1e05d6e Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). 2010-10-05 11:43:59 +00:00
Pierre Joye
aa0ed267a2 - use TSRMLS_*C instead of TSRMLS_FETCH in zend_list_insert 2010-09-16 09:13:19 +00:00
Dmitry Stogov
54caf22325 Fixed bug #50976 (Soap headers Authorization not allowed) 2010-05-28 12:18:03 +00:00
Dmitry Stogov
1fe3984cc4 Fixed bug #50976 (Soap headers Authorization not allowed) 2010-05-28 12:18:03 +00:00
Kalle Sommer Nielsen
dd8e59da8f Removed safe_mode 
* Removed ini options, safe_mode*
 * Removed --enable-safe-mode --with-exec-dir configure options on Unix
 * Updated extensions, SAPI's and core
 * php_get_current_user() is now declared in main.c, thrus no need to include safe_mode.h anymore
 2010-04-26 23:53:30 +00:00
Frank M. Kromann
1709009f1d Don't free soap_headers just before comparing the length. This causes SoapClient to fail when requesting a URL 2010-01-13 05:32:02 +00:00
Sriram Natarajan
5d0419e05a - Addressing minor leak noticed while addressing bug #48590 2010-01-05 19:25:23 +00:00
Sriram Natarajan
2c8bdf40d0 - Fixed bug #48590 (SoapClient does not honor max_redirects) 2010-01-05 03:07:43 +00:00
Sebastian Bergmann
9ba1e81665 sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php 2010-01-03 09:23:27 +00:00
Pierrick Charron
84ab9cd30e Fixed bug #50219 (soap call Segmentation fault on a redirected url). 2009-11-21 01:22:32 +00:00
Ilia Alshanetsky
2c31cd513b Fixed bug #46386 (Digest authentication with SOAP module fails against MSSQL 
SOAP services)

#original patch by lordelph at gmail dot com
 2009-06-03 12:39:50 +00:00
Ilia Alshanetsky
2b456001da MFB: Fixed bug #47131 (SOAP Extension ignores "user_agent" ini setting). 2009-01-19 21:58:02 +00:00