archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-19 17:04:47 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
104227 commits 526 branches 1434 tags 879 MiB
Commit graph

836 commits

Author SHA1 Message Date
Anatol Belski
0d1eeeb68d move zend_ato*() to size_t and remove casts 2017-07-28 14:59:31 +02:00
Anatol Belski
6aa9c1911b Merge branch 'PHP-7.2' 
* PHP-7.2:
  Fixed bug #74833, SID constant created with wrong module number
 2017-07-26 13:21:48 +02:00
Anatol Belski
9ff4801159 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fixed bug #74833, SID constant created with wrong module number
 2017-07-26 13:21:20 +02:00
Anatol Belski
eaf5c7cdd4 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #74833, SID constant created with wrong module number
 2017-07-26 13:20:48 +02:00
Anatol Belski
bd00fe81cc Fixed bug #74833, SID constant created with wrong module number 2017-07-26 13:19:41 +02:00
dreamsxin
072ef62f6e
Add warning for change session id when session is active 2017-07-25 09:27:58 +01:00
Sergei Morozov
9b9184a45a
Fixed bug #74941 - Session fails to start after having headers sent 2017-07-20 07:52:02 +01:00
Sergei Morozov
5b12b46a19 Fixed bug #74936 - session_*() functions trigger a warning in read mode when the session is active 2017-07-18 22:25:22 +02:00
Yasuo Ohgaki
a2d766503a Fixed bug #74514 5 session functions incorrectly warn when calling in read-only/getter mode 2017-07-01 03:32:54 +09:00
Nikita Popov
035a27cbc6 Only compute callback name in error cases 
Mostly the callback name is only used to report an error. Try to
avoid calculating it if no error occurred.
 2017-06-25 18:45:59 +02:00
Xinchen Hui
8f2d3539f2 Merge branch 'PHP-7.1' 
* PHP-7.1:
  Fixed tests when using cumstom php.ini(session.save_handler)
  Fix Bug #74541 Wrong reflection on session_start()
 2017-05-09 11:15:32 +08:00
Xinchen Hui
05c90e5994 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed tests when using cumstom php.ini(session.save_handler)
  Fix Bug #74541 Wrong reflection on session_start()
 2017-05-09 11:14:40 +08:00
Fabien Villepinte
b39c70b4a7 Fix Bug #74541 Wrong reflection on session_start() 2017-05-08 22:42:09 +02:00
Nikita Popov
7cba31535c
Separate array in session upload progress 2017-01-23 17:19:12 +00:00
Joe Watkins
71a42477ca
Merge branch 'PHP-7.1' 
* PHP-7.1:
  Update comment, incorrect since 224aaf94
 2017-01-19 10:49:09 +00:00
SjonHortensius
631861e1fa
Update comment, incorrect since 224aaf94 
In 224aaf94; the warning was enabled; making the comment above incorrect. I've updated the comment to reflect the current code
 2017-01-19 10:48:54 +00:00
Sammy Kaye Powers
dac6c639bb Update copyright headers to 2017 2017-01-04 11:23:42 -06:00
Sammy Kaye Powers
478f119ab9 Update copyright headers to 2017 2017-01-04 11:14:55 -06:00
Sammy Kaye Powers
9e29f841ce Update copyright headers to 2017 2017-01-02 09:30:12 -06:00
dreamszhu
e10425fe8b Add PHPAPI php_session_flush and php_session_destroy 2017-01-01 07:30:22 +08:00
Anatol Belski
f8aa57ab2f fix uninitialized value 2016-12-27 23:43:49 +01:00
Graham Campbell
22f3695fe1 Fixed typo in "session_module_name" 2016-12-27 22:01:19 +01:00
Yasuo Ohgaki
a93a51c3bf Fix bug #73100 - Improve bug fix. Forbid to set 'user' save handler other than set_save_handler(). 2016-12-22 16:04:28 +09:00
Yasuo Ohgaki
bf5c502e3d Remove "register_globals" support codes from php/php_binary serializers. 
As a result, users may use PS_UNDEF_MAKER(=!) char for session variable name.
 2016-12-21 08:07:14 +09:00
Yasuo Ohgaki
7f196e321f Fix bug #71038 - session_start() returns true even when it failed 
PR #2167
 2016-11-17 11:09:07 +09:00
Yasuo Ohgaki
3d6e922367 Refactor and cleanup implementation. 2016-11-16 05:08:29 +00:00
Yasuo Ohgaki
7b29c3fba6 Revert "Fix Bug #73461" 
This reverts commit 0383de1467.
 2016-11-16 05:08:29 +00:00
Yasuo Ohgaki
6230c2bad0 Fix Bug #73461 
This patch disables any invalid save handler calls.
 2016-11-16 05:08:28 +00:00
Yasuo Ohgaki
70afe4c494 Simply return FALSE from session_gc(). Error could be annoying because internal save handlers may return -1 when GC cannot be performed for reasons 2016-10-18 06:53:13 +09:00
Nikita Popov
28edc971e7 Merge branch 'PHP-7.0' into PHP-7.1 2016-10-10 12:21:15 +02:00
Nikita Popov
c91f652ddb Fixed bug #73273 
As well as a few other $_SESSION separation issues.
 2016-10-10 12:20:44 +02:00
Yasuo Ohgaki
a4a2f66e75 Revert "Revert "Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc"" 
This reverts commit 355c7e7d1c.
 2016-09-01 10:12:26 +09:00
Yasuo Ohgaki
b36ae7467e Revert "Revert "Merge RFC https://wiki.php.net/rfc/session-create-id"" 
This reverts commit 663f1c8fb0.
 2016-09-01 10:12:23 +09:00
Yasuo Ohgaki
90352bb4a2 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix bug #72940 properly. Reduce needless branches
 2016-09-01 07:47:27 +09:00
Yasuo Ohgaki
cc797d4fc3 Fix bug #72940 properly. Reduce needless branches 2016-09-01 07:47:13 +09:00
Yasuo Ohgaki
355c7e7d1c Revert "Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc" 
This reverts commit 1cf179e415.
 2016-09-01 05:54:55 +09:00
Yasuo Ohgaki
663f1c8fb0 Revert "Merge RFC https://wiki.php.net/rfc/session-create-id" 
This reverts commit 7ee9f81c54.
 2016-09-01 05:54:30 +09:00
Yasuo Ohgaki
7ee9f81c54 Merge RFC https://wiki.php.net/rfc/session-create-id 2016-08-31 20:34:20 +09:00
Yasuo Ohgaki
f5cd6e5710 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #72940 SID always return "name=ID", even if session cookie exist
 2016-08-30 15:58:55 +09:00
Yasuo Ohgaki
b5f2f6fbd8 Fixed bug #72940 SID always return "name=ID", even if session cookie exist 2016-08-30 15:58:25 +09:00
Yasuo Ohgaki
1cf179e415 Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc 2016-08-29 05:57:37 +09:00
Xinchen Hui
1eb4851fa2 Remove leftover of previous change 2016-08-18 15:44:33 +08:00
Xinchen Hui
a3740dadec Remove outdate checks 2016-08-18 15:37:15 +08:00
Xinchen Hui
ce6ad9bdd9 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (48 commits)
  Update NEWs
  Unused label
  Fixed bug #72853 (stream_set_blocking doesn't work)
  fix test
  Bug #72663 - part 3
  Bug #72663 - part 2
  Bug #72663 - part 1
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  ...

Conflicts:
	ext/standard/var_unserializer.c
 2016-08-17 17:14:30 +08:00
Xinchen Hui
b172f43caa Unused label 2016-08-17 16:56:20 +08:00
Nikita Popov
e0f9fbdfa6 Bug #72663 - part 3 
When using the php_serialize session serialization handler, do
not use the result of the unserialization if it failed.
 2016-08-17 01:01:03 -07:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
8763c6090d Fix bug #72681 - consume data even if we're not storing them 2016-08-16 22:54:42 -07:00
Yasuo Ohgaki
3467526a65 Merge RFC: Session ID without hashing 
https://wiki.php.net/rfc/session-id-without-hashing
 2016-08-12 12:31:02 +09:00
Yasuo Ohgaki
a53a6b3fb4 Fix URL rewriter issues 2016-08-11 08:31:48 +09:00