archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-20 09:24:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
70790 commits 526 branches 1434 tags 881 MiB
Commit graph

29737 commits

Author SHA1 Message Date
Stanislav Malyshev
64e4261c9b fix unstable test 2014-07-08 14:13:46 -07:00
Christian Weiske
0bf50a8302 Fix bug #67587: Redirection loop on nginx with FPM 
Redirection will work correctly as long as PATH_INFO is available,
e.g. via the following nginx configuration:

    set $path_info $fastcgi_path_info;
    fastcgi_param PATH_INFO $path_info;
 2014-07-08 12:53:45 -07:00
Anatol Belski
03214a2aef Backported the patch from bug #67407 into 5.4 2014-07-08 09:52:35 +02:00
Stanislav Malyshev
a7d1cad4c3 change locale - looks like not everybody has sl_SI 2014-07-07 01:35:25 -07:00
Stanislav Malyshev
6c8a570a96 Fix bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting) 2014-07-07 00:36:57 -07:00
Nikita Popov
18989420b6 Add test for bug #67151 2014-07-02 22:39:54 +02:00
Ferenc Kovacs
37a13d2df7 adding a reproduce script for bug #49184 2014-07-02 22:37:58 +02:00
Nikita Popov
3cc6bd10ac Fix bug #67151: strtr with empty array crashes 2014-07-02 22:33:20 +02:00
Michael Wallner
34e686c556 fix integer overflow in {stream,file}_{get,put}_contents() 2014-07-02 09:53:03 +02:00
Adam Harvey
899fe3d8af Fix ext/pgsql builds with libpq < 7.3. 
Fixes bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756).
 2014-07-01 13:19:22 -07:00
Anatol Belski
af5f997a5d updated libmagic.patch 2014-07-01 10:25:20 +02:00
Stanislav Malyshev
9d1d25e625 Fix test - because of big #67397 we don't allow overlong locales anymore 2014-06-24 11:21:43 -07:00
Stanislav Malyshev
3488cf6fd8 Merge branch 'PHP-5.4.30' into PHP-5.4 
* PHP-5.4.30:
  5.4.30
  Better fix for bug #67072 with more BC provisions
  Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
  update CVE
  Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
  Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
  Fix bug #67349: Locale::parseLocale Double Free
  add CVEs
  Fix potential segfault in dns_get_record()
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.30 rc1

Conflicts:
	configure.in
	main/php_version.h
 2014-06-24 10:23:36 -07:00
Stanislav Malyshev
6d97b4b2b3 Better fix for bug #67072 with more BC provisions 2014-06-23 22:16:25 -07:00
Stanislav Malyshev
fb0128af2a Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability 2014-06-23 00:22:59 -07:00
Stanislav Malyshev
c42d5cf5de Better fix for bug #67072 with more BC provisions 2014-06-21 21:29:11 -07:00
Stanislav Malyshev
88223c5245 Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion 2014-06-21 19:46:16 -07:00
Stanislav Malyshev
6027c56fd7 Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1)) 2014-06-21 18:44:14 -07:00
Stanislav Malyshev
aef6432fbe Fix bug #67349: Locale::parseLocale Double Free 2014-06-21 18:38:41 -07:00
Dmitry Stogov
680ddabac1 Fixed MarinaDB support 2014-06-20 13:56:32 +04:00
Lior Kaplan
6f3bcb0d6e Update copyright year for re2c generated files 2014-06-16 23:28:36 +03:00
Lior Kaplan
e667d23178 Update copyright year for re2c files as well 2014-06-16 23:26:50 +03:00
Sara Golemon
21525d0413 Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-15 01:04:24 -07:00
Derick Rethans
ce70b920e4 - Updated to version 2014.5 (2014e) 2014-06-13 23:26:42 +01:00
Adam Harvey
b51f82f260 Follow 308 Permanent Redirect responses. 
Fixes bug #67430 (http:// wrapper doesn't follow 308 redirects).
 2014-06-12 18:12:53 -07:00
Adam Harvey
1b9cbab9a7 Keep 308-399 HTTP response codes when header('Location:') is called. 
Fixes bug #67428 (header('Location: foo') will override a 308-399 response
code).
 2014-06-12 17:35:05 -07:00
Sara Golemon
4f73394fdd Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-11 13:37:04 -07:00
Stanislav Malyshev
2b04d68972 Fix bug #66127 (Segmentation fault with ArrayObject unset) 2014-06-10 23:24:11 -07:00
Stanislav Malyshev
317bcb96d0 Fix bug #66127 (Segmentation fault with ArrayObject unset) 2014-06-10 23:17:30 -07:00
Remi Collet
25b1dc917a Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec 
Upstream:
93e063ee37

Adapted for C standard.
 2014-06-10 14:33:37 +02:00
Remi Collet
40ef6e07e0 Bug #67412 fileinfo: cdf_count_chain insufficient boundary check 
Upstream:
40bade80cb
 2014-06-10 14:22:04 +02:00
Remi Collet
5c9f967999 Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check 
Upstream:
36fadd2984
 2014-06-10 14:13:14 +02:00
Remi Collet
e77659a8c8 Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size 
Upstream
27a14bc7ba
 2014-06-10 14:02:36 +02:00
Stanislav Malyshev
62857998c5 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:09 -07:00
Matteo Beccati
5c8c57aa6c Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191 
DOMDocument::substituteEntities needs to be set to true in order for
external entities to be parsed.
 2014-06-09 07:05:23 +02:00
Boro Sitnikovski
aebb23e4db Bug 49898 
__getCookies() method implementation
 2014-06-08 19:36:18 -07:00
Paul Oehler
76a7fd893b Added support for parsing ssl certificates using GeneralizedTime format. 
fix bug #65698
fix bug #66636
 2014-06-08 14:17:58 -07:00
Jeff Welch
5fd7c2b01d Remove superfluous echos. 2014-06-08 13:50:22 -07:00
Remi Collet
127651e9ae fix test for 5.4/5.5 2014-06-05 17:33:40 +02:00
Remi Collet
15d8c80ead add test for previous fix 2014-06-05 14:00:00 +02:00
Remi Collet
1fe9f1e4f5 Fix regression introduce in fix for bug #67118 
The fix was correct but break some code (at least in Horde)
This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6

This make php_date_initialize more consistent
- on success return 1 + time initiliazed
- on failure return 0 + time = zero
  which is check by DATE_CHECK_INITIALIZED by later method call

Will restore consistency with other date classes in master.
 2014-06-05 13:39:46 +02:00
Anatol Belski
20568e5028 Fixed regression introduced by patch for bug #67072 
This applies to 5.4 and 5.5 only as a legacy fix.
 2014-06-03 20:43:58 +02:00
Remi Collet
4fcb9a9d1b Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check 
Upstream fix 6d209c1c48.patch
Only revelant part applied
 2014-06-03 11:05:00 +02:00
Xinchen Hui
38be99b739 Fixed bug #67359 (Segfault in recursiveDirectoryIterator) 2014-06-01 19:41:01 +08:00
Adam Harvey
b5d9983ff4 Check for zero-length keys in spl_array_skip_protected and don't skip them. 
Fixes bug #67360 (Missing element after ArrayObject::getIterator).
 2014-05-29 17:49:32 +00:00
Anatol Belski
d2765e4b8c updated libmagic.patch for 5.4+ 2014-05-27 22:36:12 +02:00
Stanislav Malyshev
091b7642c2 Fix bug #67249: printf out-of-bounds read 2014-05-27 11:28:22 -07:00
Anatol Belski
d184f07b3c backport this piece from 5.6, related to the #66307 fix 2014-05-26 18:05:13 -07:00
Anatol Belski
15ee33eb21 Fixed bug #66307 Fileinfo crashes with powerpoint files 2014-05-26 18:04:27 -07:00
Stanislav Malyshev
4005f06df6 Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation) 
Upstream patch: b8acc83781
 2014-05-26 18:01:17 -07:00