archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 15:08:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
107623 commits 526 branches 1434 tags 877 MiB
Commit graph

407 commits

Author SHA1 Message Date
Christoph M. Becker
eed3637d84 Merge branch 'PHP-7.2' 
* PHP-7.2:
  Fix #76409: heap use after free in _php_stream_free
 2018-06-09 17:57:10 +02:00
Christoph M. Becker
3fdde65617 Fix #76409: heap use after free in _php_stream_free 
We must not close the stream in exif_read_from_impl(), since it is the
responsibility of the (caller's) caller to do so, if it actually opened
the stream.

We simplify the reproduce script, which is actually about supplying a
path to a directory (opposed to a regular file), and use `.` instead of
`/` to also make it work on Windows.
 2018-06-09 17:52:05 +02:00
Peter Kokot
7bb741cad9 Remove exif version from the phpinfo output 
This patch removes the exif version in the phpinfo output to sync it
with the rest of the php bundled extensions. Also in the past the
revision id from the version control system was used and is today not
needed anymore.
 2018-06-09 15:32:21 +02:00
Dmitry Stogov
5eb1f92f31 Use zend_string_release_ex() instread of zend_string_release() in places, where we sure about string persistence. 2018-05-28 16:27:12 +03:00
Stanislav Malyshev
99f1d904a0 Merge branch 'PHP-7.2' 
* PHP-7.2:
  Fix tsrm_ls
  Fix #76129 - remove more potential unfiltered outputs for phar
  Fix test
  Fix bug #76248 - Malicious LDAP-Server Response causes Crash
  Fix bug #76249 - fail on invalid sequences
  Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
  Fix bug #75981: prevent reading beyond buffer start
 2018-04-23 22:04:22 -07:00
Stanislav Malyshev
4c06d929c0 Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix tsrm_ls
  Fix #76129 - remove more potential unfiltered outputs for phar
  Fix test
  Fix bug #76248 - Malicious LDAP-Server Response causes Crash
  Fix bug #76249 - fail on invalid sequences
  Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
  Fix bug #75981: prevent reading beyond buffer start
 2018-04-23 22:03:33 -07:00
Stanislav Malyshev
95ee9efa57 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix tsrm_ls
  Fix #76129 - remove more potential unfiltered outputs for phar
  Fix test
  Fix bug #76248 - Malicious LDAP-Server Response causes Crash
  Fix bug #76249 - fail on invalid sequences
  Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
  Fix bug #75981: prevent reading beyond buffer start
 2018-04-23 22:00:24 -07:00
Stanislav Malyshev
5a18d7a0df Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix tsrm_ls
  Fix #76129 - remove more potential unfiltered outputs for phar
  Fix test
  Fix bug #76248 - Malicious LDAP-Server Response causes Crash
  Fix bug #76249 - fail on invalid sequences
  Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
  Fix bug #75981: prevent reading beyond buffer start
 2018-04-23 21:59:57 -07:00
Christoph M. Becker
b4e4788c44 Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value 
The MakerNote is not necessarily null-terminated, so we must not use
`strlen()` to avoid OOB reads.  Instead `php_strnlen()` is the proper
way to handle this.
 2018-04-22 20:15:02 -07:00
Christoph M. Becker
7c65345e18 Merge branch 'PHP-7.2' 
* PHP-7.2:
  Fix #76164: exif_read_data zend_mm_heap corrupted
 2018-04-12 23:02:07 +02:00
Christoph M. Becker
281a1754b9 Fix #76164: exif_read_data zend_mm_heap corrupted 
We must not release parsed parameters ourselves, since this is already
done by the engine.
 2018-04-12 23:00:37 +02:00
Gabriel Caruso
6400264856 Trailing whitespaces 
Signed-off-by: Gabriel Caruso <carusogabriel34@gmail.com>
 2018-01-03 14:38:00 +01:00
Xinchen Hui
a6519d0514 year++ 2018-01-02 12:57:58 +08:00
Xinchen Hui
7a7ec01a49 year++ 2018-01-02 12:55:14 +08:00
Xinchen Hui
ccd4716ec7 year++ 2018-01-02 12:53:31 +08:00
Dmitry Stogov
9e709e2fa0 Move constants into read-only data segment 2017-12-14 18:43:44 +03:00
Kalle Sommer Nielsen
b7a5e71a33 These functions are always available, exif can't be cross version compiled anyway 2017-10-31 08:50:30 +01:00
Kalle Sommer Nielsen
6b88b3bc25 Fix compiler warnings 2017-10-29 16:43:21 +01:00
Kalle Sommer Nielsen
85fa3aa4c0 We don't use a specific model for a MAKERNOTE so remove these checks that doesn't do anything anyway 2017-10-29 16:42:13 +01:00
Kalle Sommer Nielsen
09f829d996 Remove these old comments, as for the TODO, there is already a FR for this 2017-10-29 16:36:34 +01:00
Anatol Belski
ce1a0d971b fix NULL deref 2017-08-01 11:55:32 +02:00
Kalle Sommer Nielsen
4d684a6cd7 WS 2017-07-14 03:42:15 +02:00
Kalle Sommer Nielsen
997e2e5452 Ensure that the stream position is kept between reads 2017-07-14 01:59:23 +02:00
Kalle Sommer Nielsen
f7d9f6456c Turn off EXIF_DEBUG so Travis don't complain at me 2017-07-14 01:18:58 +02:00
Kalle Sommer Nielsen
bf7f6f9078 Don't add a new line to undefined tags in EXIF_DEBUG mode 2017-07-14 01:17:34 +02:00
Kalle Sommer Nielsen
9cf586cdfb Fix compile error with EXIF_DEBUG 2017-07-14 01:12:00 +02:00
Dmitry Stogov
2b7d3fb45f Fixed compilation error 2017-07-12 09:46:22 +03:00
Kalle Sommer Nielsen
7845182edd Remove debug code 2017-07-12 06:12:07 +02:00
Kalle Sommer Nielsen
363bb03b7e We need to check for the length here too, or we crash and no one likes that! :( 2017-07-12 06:11:14 +02:00
Kalle Sommer Nielsen
969eb8345b * Implemented #65187 (exif_read_data/thumbnail: add support for stream resource) 
* ext/exif now uses FAST_ZPP
 2017-07-12 05:43:50 +02:00
Kalle Sommer Nielsen
7bb696dc49 Silent compiler warning 2017-07-08 19:05:28 +02:00
Kalle Sommer Nielsen
ba28d75c2c Deprecated the read_exif_data() alias 2017-07-08 15:02:05 +02:00
Kalle Sommer Nielsen
134047dfde We currently don't use the guessing code, so don't compile it 2017-07-07 12:23:24 +02:00
Kalle Sommer Nielsen
e6903d471e * Fixed bug #72819 (EXIF thumbnails not read anymore) 
* Fixed bug #62523 (php crashes with segfault when exif_read_data called)
* Fixed the poor test case for #62523, which was a HTML document

Fixing #72819 had the side effect of fixing #62523 by supporting the format as seen in bug62523_1.phpt
 2017-07-07 12:20:05 +02:00
Kalle Sommer Nielsen
cd8d0aad7f Fixed bug #50660 (exif_read_data(): Illegal IFD offset (works fine with other exif readers)) 2017-07-07 11:29:23 +02:00
Kalle Sommer Nielsen
900ce92c9a Fixed bug #74428 (exif_read_data(): "Illegal IFD size" warning occurs with correct exif format) 2017-07-07 10:20:02 +02:00
Tom Van Looy
04fb3f28ff Remove superfluous semicolons 2017-06-26 00:23:25 +02:00
Kalle Sommer Nielsen
818272ae10 Added more EXIF MAKERNOTE formats: 
- AGFA,
 - Kyocera
 - Ricoh
 - Epson
 2017-05-28 14:00:51 +02:00
Stanislav Malyshev
19e80ef496 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Update more functions with path check
 2017-01-15 17:32:37 -08:00
Stanislav Malyshev
43d0f2abc5 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Update more functions with path check
 2017-01-15 17:32:26 -08:00
Stanislav Malyshev
0ab1af7d3e Update more functions with path check 2017-01-15 17:31:08 -08:00
Nikita Popov
769e17ce9b Merge branch 'PHP-7.0' into PHP-7.1 2017-01-05 11:38:17 +01:00
Nikita Popov
2022dacb99 Merge branch 'PHP-5.6' into PHP-7.0 2017-01-05 11:38:05 +01:00
Nikita Popov
900b17b15f Fix printf modifier 2017-01-05 11:37:06 +01:00
Mitch Hagstrand
54404808ab Fix overrun in exif's "Illegal components" error message. 
The variables "components" is an integer, but is being
output as long. As a result it is printing 8 bytes
instead of 4 bytes.
 2017-01-04 17:44:00 -08:00
Sammy Kaye Powers
dac6c639bb Update copyright headers to 2017 2017-01-04 11:23:42 -06:00
Sammy Kaye Powers
478f119ab9 Update copyright headers to 2017 2017-01-04 11:14:55 -06:00
Sammy Kaye Powers
1e3624290a Resolve conflict 2017-01-03 08:01:05 -06:00
Stanislav Malyshev
0de25147d3 Merge branch 'PHP-7.1' 
* PHP-7.1:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 21:26:20 -08:00
Stanislav Malyshev
2075fb2b73 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)
 2017-01-02 21:07:01 -08:00