archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-20 09:24:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
103071 commits 526 branches 1434 tags 881 MiB
Commit graph

834 commits

Author SHA1 Message Date
Pierrick Charron
4c2e1a13be Fixed bug #72684 (AppendIterator segfault with closed generator) 2016-07-26 20:34:16 -04:00
Christoph M. Becker
a6953e70e5 Merge branch 'PHP-7.0' into PHP-7.1 2016-07-22 15:29:18 +02:00
Christoph M. Becker
9a2207c90a Merge branch 'PHP-5.6' into PHP-7.0 
# Resolved conflicts:
#	ext/spl/spl_directory.c
 2016-07-22 15:27:55 +02:00
Christoph M. Becker
6b116932b2 Fix #72646: SplFileObject::getCsvControl does not return the escape character 
This has obviously been missed when adding the $escape parameter to
SplFileObject::setCsvControl() in PHP 5.3, so we catch up on this.
 2016-07-22 15:24:50 +02:00
Loz Calver
f5ccd71d0c Fix 72122 - don't use EH_THROW for calls to getIterator 2016-07-12 10:10:35 +02:00
Christoph M. Becker
411c809787 Merge branch 'PHP-7.0' 2016-07-05 16:56:39 +02:00
Christoph M. Becker
c015095042 Merge branch 'PHP-5.6' into PHP-7.0 
# Resolved conflicts:
#	ext/spl/spl_directory.c
 2016-07-05 16:43:39 +02:00
Valentin VALCIU
4c24f170ea Fix bug #55701: GlobIterator throws LogicException 
GlobIterator throws LogicException with message 'The parent constructor was
not called' on its first operation when the glob expression doesn't match
any file. It also throws on the first operation after the iteration
completes, when the glob expression matches some files.

# Resolved conflicts:
#	ext/spl/spl_directory.c
 2016-07-05 16:39:25 +02:00
Aaron Piotrowski
7d53864574 E_RECOVERABLE_ERROR -> thrown Error 2016-06-14 13:18:43 -05:00
Xinchen Hui
7648f20de3 Fixed bug #72051 (The reference in CallbackFilterIterator doesn't work as expected) 2016-04-19 10:59:10 +08:00
Stanislav Malyshev
28a6ed9f9a Fix bug #71735: Double-free in SplDoublyLinkedList::offsetSet 2016-03-20 22:29:08 -07:00
Nikita Popov
f3309173f9 Fixed bug #62059 2016-03-20 18:17:44 +01:00
Nikita Popov
12f2665df8 Merge branch 'PHP-5.6' into PHP-7.0 
Conflicts:
	ext/spl/spl_observer.c
 2016-03-20 17:48:06 +01:00
Nikita Popov
cc3cdd0057 Fixed bug #67582 2016-03-20 17:46:12 +01:00
Nikita Popov
8023204d21 Fixed bug #52339 
Autoloader 101: Don't throw if you fail. PHP will throw for you.
 2016-03-18 20:28:58 +01:00
Nikita Popov
a2522efa9f Add extra ArrayObject::sort() test 2016-03-18 19:59:08 +01:00
Nikita Popov
094c808374 Fix bug #71838 2016-03-18 19:58:52 +01:00
Xinchen Hui
b8f0cb063f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed test script
 2016-03-17 15:23:53 +08:00
Xinchen Hui
ead7632cf9 Fixed test script 2016-03-17 15:23:44 +08:00
Nikita Popov
fd561505f4 Fix construction of AO with overloaded object error 
a) Fix uses of zend_string in error message
b) Don't assign the overloaded object as the backing storage, that
   sort of defeats the point. Instead leave the previous value.
 2016-02-24 22:34:50 +01:00
Nikita Popov
0aa7163816 Fix AO object properties separation 2016-02-24 22:34:50 +01:00
Nikita Popov
079f2f7eb3 Forbid exchangeArray() during sorting 
Previously this would leak.
 2016-02-24 22:34:50 +01:00
Nikita Popov
eb885e9d6e Fix leak on assignment to illegal AO offset 2016-02-24 17:39:16 +01:00
Nikita Popov
ea02f57656 Don't use ht applyCount for AO sorting protection 
Instead use the AOs own applyCount that just got freed up. Using the
apply count of the HashTable has various side effects, e.g. preventing
the ArrayObject from being dumped.
 2016-02-24 17:18:07 +01:00
Nikita Popov
3f5c80e8c2 Don't recurse into USE_OTHER checking STD_PROP_LIST 
If STD_PROP_LIST is explicitly disabled in the constructor, it
should really be disabled.
 2016-02-22 13:04:19 +01:00
Nikita Popov
fd6ac61064 Fix ArrayObject clone for certain USE_OTHER cases 
We can't simply use HASH_OF, need to use the usual hash table
getter.
 2016-02-22 12:35:00 +01:00
Nikita Popov
0bd64b50b8 Fixed bug #71617 2016-02-21 13:00:37 +01:00
Xinchen Hui
825b7f895a Update NEWS & Fixed test 2015-12-23 08:13:13 -08:00
Xinchen Hui
8692a99551 Merge branch 'PHP-5.6' into PHP-7.0 2015-12-23 08:11:09 -08:00
Xinchen Hui
620ccc9b1a Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading) 2015-12-23 08:10:59 -08:00
Xinchen Hui
e21cb2daea Fixed bug #71202 (Autoload function registered by another not activated immediately) 2015-12-23 07:48:00 -08:00
Nikita Popov
a3e1952700 Fixed bug #71153 2015-12-17 20:59:57 +01:00
Xinchen Hui
311eb2b11e Missed one place 2015-12-04 06:51:16 -08:00
Xinchen Hui
7ac24aa661 Fixed bug #71028 (Undefined index with ArrayIterator) 2015-12-04 06:45:26 -08:00
Xinchen Hui
9397f52724 Fixed Bug #70967 (Weird error handling for __toString when Error is thrown) 2015-11-28 23:38:19 -08:00
Xinchen Hui
f8bf1f33a5 Fixed bug #70959 (ArrayObject unserialize does not restore protected fields) 2015-11-23 07:08:47 -08:00
Xinchen Hui
27aef97f65 Fixed bug #70868 (PCRE JIT and pattern reuse segfault) 2015-11-06 11:37:17 +08:00
Reeze Xia
435565a54f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Make test for bug #70852 to cover all cases
  Fixed bug #70852 Segfault getting NULL offset of an ArrayObject.
 2015-11-05 14:28:49 +08:00
Reeze Xia
1c0622a472 Make test for bug #70852 to cover all cases 2015-11-05 14:09:24 +08:00
Reeze Xia
51218b3b9d Fixed bug #70852 Segfault getting NULL offset of an ArrayObject. 2015-11-05 13:46:03 +08:00
Xinchen Hui
e4ac4e75b5 Fixed bug #70853 (SplFixedArray throws exception when using ref variable as index) 2015-11-04 06:44:29 -08:00
Stanislav Malyshev
26e5429f72 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fix bug #64172
  Bug #70561: Fix DirectoryIterator to throw OutOfBoundsException

Conflicts:
	ext/pdo/pdo_dbh.c
 2015-10-18 17:20:00 -07:00
Stanislav Malyshev
0b35e0c5a1 Merge branch 'pull-request/1535' into PHP-5.6 
* pull-request/1535:
  Bug #70561: Fix DirectoryIterator to throw OutOfBoundsException
 2015-10-18 17:17:55 -07:00
Xinchen Hui
e2d6090043 Fixed bug #70730 (Incorrect ArrayObject serialization if unset is called in serialize()) 
It's possible to fixed this in SPL side, but it will be ugly, and we
should make serialize more robust, so I prefer fix it in serialize side.
 2015-10-17 05:28:49 -07:00
Dmitry Stogov
f509706318 Make necessary separation (it might be possible to fix this in a better way, but this will requre some refactoring) 2015-09-25 10:59:27 +03:00
Dmitry Stogov
415000ed93 Fixed bug #70573 (Cloning SplPriorityQueue leads to memory leaks) 2015-09-24 16:42:59 +03:00
Bishop Bettini
368d3ff0d9 Bug #70561: Fix DirectoryIterator to throw OutOfBoundsException 
-------------------------------------------------------------------------------
DirectoryIterator implements SeekableIterator, which "should throw an
OutOfBoundsException if the position is not seekable". As is, seek just returns
and one must call valid(). This approach is different than most (all?) other
SeekableIterator implementations and leads to developer confusion. See the
bug report for a specific example.
 2015-09-23 11:14:52 -04:00
Stanislav Malyshev
9b1a224d4e Merge branch 'PHP-5.6' 
* PHP-5.6: (21 commits)
  fix unit tests
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  ...

Conflicts:
	ext/exif/exif.c
	ext/gmp/gmp.c
	ext/pcre/php_pcre.c
	ext/session/session.c
	ext/session/tests/session_decode_variation3.phpt
	ext/soap/soap.c
	ext/spl/spl_observer.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/xsl/xsltprocessor.c
 2015-09-02 00:37:20 -07:00
Stanislav Malyshev
c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00