archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
103071 commits 526 branches 1434 tags 873 MiB
Commit graph

1378 commits

Author SHA1 Message Date
Yasuo Ohgaki
3b45716e40 Fix test 2016-11-16 05:08:29 +00:00
Yasuo Ohgaki
3d6e922367 Refactor and cleanup implementation. 2016-11-16 05:08:29 +00:00
Yasuo Ohgaki
7b29c3fba6 Revert "Fix Bug #73461" 
This reverts commit 0383de1467.
 2016-11-16 05:08:29 +00:00
Yasuo Ohgaki
186ff85588 Revert "Protect class based session save handler" 
This reverts commit d1be861aee.
 2016-11-16 05:08:29 +00:00
Yasuo Ohgaki
46c64ac9f2 Protect class based session save handler 2016-11-16 05:08:28 +00:00
Yasuo Ohgaki
6230c2bad0 Fix Bug #73461 
This patch disables any invalid save handler calls.
 2016-11-16 05:08:28 +00:00
Yasuo Ohgaki
df845a9155 Merge branch 'PHP-7.1' 
* PHP-7.1:
  Simply return FALSE from session_gc(). Error could be annoying because internal save handlers may return -1 when GC cannot be performed for reasons
 2016-10-18 06:54:10 +09:00
Yasuo Ohgaki
70afe4c494 Simply return FALSE from session_gc(). Error could be annoying because internal save handlers may return -1 when GC cannot be performed for reasons 2016-10-18 06:53:13 +09:00
Yasuo Ohgaki
843f27b74d Add save handler explanations for documentation purpose 2016-10-18 06:20:03 +09:00
Nikita Popov
28edc971e7 Merge branch 'PHP-7.0' into PHP-7.1 2016-10-10 12:21:15 +02:00
Nikita Popov
c91f652ddb Fixed bug #73273 
As well as a few other $_SESSION separation issues.
 2016-10-10 12:20:44 +02:00
Christoph M. Becker
eac277ed83 Merge branch 'PHP-7.0' into PHP-7.1 2016-09-16 23:50:00 +02:00
Christoph M. Becker
48cf8dd9c3 Merge branch 'PHP-5.6' into PHP-7.0 2016-09-16 23:43:18 +02:00
Christoph M. Becker
6682673070 Fix #73100: session_destroy null dereference in ps_files_path_create 2016-09-16 23:41:10 +02:00
Anatol Belski
2820adcc7e Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix test portability
 2016-09-13 12:09:50 +02:00
Anatol Belski
855b8e4f79 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test portability
 2016-09-13 12:02:05 +02:00
Anatol Belski
fc31d6fed4 fix test portability 2016-09-13 12:00:29 +02:00
Yasuo Ohgaki
17dbb916fc Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Update NEWS
  Fixed Bug #68015 Session does not report invalid uid for files save handler
 2016-09-09 11:39:40 +09:00
Yasuo Ohgaki
0e3b30fad1 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed Bug #68015 Session does not report invalid uid for files save handler
 2016-09-09 11:32:20 +09:00
Yasuo Ohgaki
38553e853b Fixed Bug #68015 Session does not report invalid uid for files save handler 2016-09-09 11:31:54 +09:00
Stanislav Malyshev
8c16f2262f Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  phpdbg: couple of network function return checks. Possible overflow when copy the socket_path configuration.
 2016-09-04 23:24:31 -07:00
David Carlier
19350b6b73 phpdbg: couple of network function return checks. Possible 
overflow when copy the socket_path configuration.
 2016-09-04 23:18:51 -07:00
Yasuo Ohgaki
a4a2f66e75 Revert "Revert "Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc"" 
This reverts commit 355c7e7d1c.
 2016-09-01 10:12:26 +09:00
Yasuo Ohgaki
b36ae7467e Revert "Revert "Merge RFC https://wiki.php.net/rfc/session-create-id"" 
This reverts commit 663f1c8fb0.
 2016-09-01 10:12:23 +09:00
Yasuo Ohgaki
7505eaf6fa Revert "Revert "Add tests"" 
This reverts commit 4f11dedc43.
 2016-09-01 10:12:19 +09:00
Yasuo Ohgaki
90352bb4a2 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fix bug #72940 properly. Reduce needless branches
 2016-09-01 07:47:27 +09:00
Yasuo Ohgaki
cc797d4fc3 Fix bug #72940 properly. Reduce needless branches 2016-09-01 07:47:13 +09:00
Yasuo Ohgaki
355c7e7d1c Revert "Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc" 
This reverts commit 1cf179e415.
 2016-09-01 05:54:55 +09:00
Yasuo Ohgaki
663f1c8fb0 Revert "Merge RFC https://wiki.php.net/rfc/session-create-id" 
This reverts commit 7ee9f81c54.
 2016-09-01 05:54:30 +09:00
Yasuo Ohgaki
4f11dedc43 Revert "Add tests" 
This reverts commit aff4c7d826.
 2016-09-01 05:54:19 +09:00
Yasuo Ohgaki
aff4c7d826 Add tests 2016-08-31 21:03:10 +09:00
Yasuo Ohgaki
7ee9f81c54 Merge RFC https://wiki.php.net/rfc/session-create-id 2016-08-31 20:34:20 +09:00
Yasuo Ohgaki
f5cd6e5710 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #72940 SID always return "name=ID", even if session cookie exist
 2016-08-30 15:58:55 +09:00
Yasuo Ohgaki
b5f2f6fbd8 Fixed bug #72940 SID always return "name=ID", even if session cookie exist 2016-08-30 15:58:25 +09:00
Yasuo Ohgaki
1cf179e415 Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc 2016-08-29 05:57:37 +09:00
Yasuo Ohgaki
7d703a0060 Adjust test so that it passes on more restrictive filesystems 2016-08-22 17:01:07 +09:00
Xinchen Hui
1eb4851fa2 Remove leftover of previous change 2016-08-18 15:44:33 +08:00
Xinchen Hui
a3740dadec Remove outdate checks 2016-08-18 15:37:15 +08:00
Xinchen Hui
ce6ad9bdd9 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0: (48 commits)
  Update NEWs
  Unused label
  Fixed bug #72853 (stream_set_blocking doesn't work)
  fix test
  Bug #72663 - part 3
  Bug #72663 - part 2
  Bug #72663 - part 1
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  ...

Conflicts:
	ext/standard/var_unserializer.c
 2016-08-17 17:14:30 +08:00
Xinchen Hui
b172f43caa Unused label 2016-08-17 16:56:20 +08:00
Stanislav Malyshev
ed9d916c28 fix test 2016-08-17 01:12:33 -07:00
Nikita Popov
e0f9fbdfa6 Bug #72663 - part 3 
When using the php_serialize session serialization handler, do
not use the result of the unserialization if it failed.
 2016-08-17 01:01:03 -07:00
Stanislav Malyshev
0d13325b66 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6: (24 commits)
  Update NEWS
  BLock test with memory leak
  fix tests
  Fix TSRM build
  Fix bug #72850 - integer overflow in uuencode
  Fixed bug #72849 - integer overflow in urlencode
  Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption
  Fix bug #72838 - 	Integer overflow lead to heap corruption in sql_regcase
  Fix bug #72837 - integer overflow in bzdecompress caused heap corruption
  Fix bug #72836 - integer overflow in base64_decode caused heap corruption
  Fix for bug #72807 - do not produce strings with negative length
  Fix for bug #72790 and bug #72799
  Fix bug #72730 - imagegammacorrect allows arbitrary write access
  Fix bug#72697 - select_colors write out-of-bounds
  Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
  Fix bug #72750: wddx_deserialize null dereference
  Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
  Improve fix for #72663
  Fix bug #70436: Use After Free Vulnerability in unserialize()
  Fix bug #72749: wddx_deserialize allows illegal memory access
  ...

Conflicts:
	Zend/zend_API.h
	ext/bz2/bz2.c
	ext/curl/interface.c
	ext/ereg/ereg.c
	ext/exif/exif.c
	ext/gd/gd.c
	ext/gd/tests/imagetruecolortopalette_error3.phpt
	ext/gd/tests/imagetruecolortopalette_error4.phpt
	ext/session/session.c
	ext/snmp/snmp.c
	ext/standard/base64.c
	ext/standard/ftp_fopen_wrapper.c
	ext/standard/quot_print.c
	ext/standard/url.c
	ext/standard/uuencode.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/wddx/tests/bug72790.phpt
	ext/wddx/tests/bug72799.phpt
	ext/wddx/wddx.c
	sapi/cli/generate_mime_type_map.php
 2016-08-17 00:43:33 -07:00
Stanislav Malyshev
8763c6090d Fix bug #72681 - consume data even if we're not storing them 2016-08-16 22:54:42 -07:00
Yasuo Ohgaki
3467526a65 Merge RFC: Session ID without hashing 
https://wiki.php.net/rfc/session-id-without-hashing
 2016-08-12 12:31:02 +09:00
Yasuo Ohgaki
a53a6b3fb4 Fix URL rewriter issues 2016-08-11 08:31:48 +09:00
Nikita Popov
42e995e0d3 Merge branch 'PHP-7.0' into PHP-7.1 2016-07-24 00:08:18 +02:00
Nikita Popov
2194690625 Ensure session GC is not run during variation6.phpt 
The implemented gc() handler simply deletes all sessions, including
the current one. This may cause a subsequent unlink() warning.
Avoid this by preventing GC from running.
 2016-07-24 00:07:54 +02:00
Anatol Belski
b238211732 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  fix test
 2016-07-23 21:04:52 +02:00
Anatol Belski
958fa34c16 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  fix test
 2016-07-23 21:03:45 +02:00