archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
103071 commits 526 branches 1434 tags 873 MiB
Commit graph

253 commits

Author SHA1 Message Date
Xinchen Hui
3e0b2ba5d8 Indent (not sure why it was messed) 2015-11-24 11:08:30 +08:00
Xinchen Hui
91fb1edbbf Fixed bug #70963 (Unserialize shows UNKNOW in result) 
Thanks to ryat for reportinig
 2015-11-24 11:04:42 +08:00
Dmitry Stogov
e2e99f16e1 Cleanup: removed deprecated commented code 2015-09-22 22:55:00 +03:00
Dmitry Stogov
8fe171a3e0 Don't allocate memory for empty HashTables. 2015-09-17 19:17:10 +03:00
Stanislav Malyshev
9b1a224d4e Merge branch 'PHP-5.6' 
* PHP-5.6: (21 commits)
  fix unit tests
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  ...

Conflicts:
	ext/exif/exif.c
	ext/gmp/gmp.c
	ext/pcre/php_pcre.c
	ext/session/session.c
	ext/session/tests/session_decode_variation3.phpt
	ext/soap/soap.c
	ext/spl/spl_observer.c
	ext/standard/var.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/xsl/xsltprocessor.c
 2015-09-02 00:37:20 -07:00
Stanislav Malyshev
c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev
e8429400d4 Fix bug #70172 - Use After Free Vulnerability in unserialize() 2015-08-31 23:26:14 -07:00
Stanislav Malyshev
df4bf28f9f Fix bug #70219 (Use after free vulnerability in session deserializer) 2015-08-23 19:56:12 -07:00
Xinchen Hui
adf0e49912 zend_hash_resize seems useless, use zend_hash_extend 2015-08-13 12:19:35 +08:00
Xinchen Hui
73a69c9c03 Fixed typo 2015-08-10 17:06:17 +08:00
Xinchen Hui
be54eb7db1 Fixed bug #70211 (php 7 ZEND_HASH_IF_FULL_DO_RESIZE use after free) 2015-08-10 17:02:16 +08:00
Dmitry Stogov
6fc358241b Use specialized efree_size() 2015-08-06 18:04:17 +03:00
Stanislav Malyshev
feeb2fba93 fix merge 2015-08-04 23:51:55 -07:00
Dmitry Stogov
4a2e40bb86 Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes). 2015-06-30 04:05:24 +03:00
Dmitry Stogov
4bd22cf1c1 Improved zend_string API (Francois Laupretre) 
Squashed commit of the following:

commit d96eab8d79
Author: Francois Laupretre <francois@tekwire.net>
Date:   Fri Jun 26 01:23:31 2015 +0200

    Use the new 'ZSTR' macros in the rest of the code.

    Does not change anything to the generated code (thanks to compat macros) but cleaner.

commit b352643910
Author: Francois Laupretre <francois@tekwire.net>
Date:   Thu Jun 25 13:45:06 2015 +0200

    Improve zend_string API

    Add missing methods
 2015-06-29 16:44:54 +03:00
Stanislav Malyshev
d76b293ac7 forgot to commit this one 2015-03-17 17:16:27 -07:00
Stanislav Malyshev
33a5532b66 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #68976 - Use After Free Vulnerability in unserialize()

Conflicts:
	ext/standard/var_unserializer.c
 2015-03-17 13:23:51 -07:00
Stanislav Malyshev
d5e523f52f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #68976 - Use After Free Vulnerability in unserialize()

Conflicts:
	ext/standard/var_unserializer.c
 2015-03-17 13:22:12 -07:00
Stanislav Malyshev
646572d6d3 Fixed bug #68976 - Use After Free Vulnerability in unserialize() 2015-03-17 13:20:22 -07:00
Xinchen Hui
672a396d4a Merge branch 'PHP-5.5' into PHP-5.6 
Conflicts:
	ext/standard/var_unserializer.c
 2015-03-01 23:17:41 +08:00
Xinchen Hui
caebb76131 Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize) 2015-03-01 23:16:15 +08:00
Dmitry Stogov
e427188755 Fixed memory leak 2015-01-23 21:47:26 +03:00
Stanislav Malyshev
e18ec95687 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  5.4.38 next
  Fix bug #68799: Free called on unitialized pointer
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())

Conflicts:
	ext/standard/var_unserializer.c
 2015-01-20 10:40:39 -08:00
Stanislav Malyshev
e2744c51b6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.4.38 next
  Fix bug #68799: Free called on unitialized pointer
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())

Conflicts:
	configure.in
	main/php_version.h
 2015-01-20 10:40:11 -08:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Stanislav Malyshev
b585a3aed7 Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize()) 2015-01-01 16:19:05 -08:00
Dmitry Stogov
6a6cdecbdb Improved unserialize() 2014-12-23 02:49:33 +03:00
Anatol Belski
4acc56d5b2 Merge remote-tracking branch 'origin/master' into native-tls 
* origin/master:
  fix unserializer patch
  move this entry to the correct version
  add missing NEWS entry
  add missing NEWS entry
  Updated or skipped certain 32-bit tests
  add NEWS entry for #68594
  5.4.37
  add more BC breaks
  update news
  add CVE
  add missing test file
  Fix bug #68594 - Use after free vulnerability in unserialize()
  Fix typo
  Hash value must not zero?
 2014-12-17 05:29:36 +01:00
Stanislav Malyshev
8b0deb8cd2 fix unserializer patch 2014-12-16 17:50:54 -08:00
Stanislav Malyshev
9152214c1e Merge branch 'PHP-5.6' 
* PHP-5.6:
  update news
  add CVE
  add missing test file
  Fix bug #68594 - Use after free vulnerability in unserialize()

Conflicts:
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
 2014-12-16 10:25:03 -08:00
Stanislav Malyshev
681a1afd3f Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update news
  add CVE
  add missing test file
  Fix bug #68594 - Use after free vulnerability in unserialize()

Conflicts:
	ext/standard/var_unserializer.c
 2014-12-16 10:19:32 -08:00
Stanislav Malyshev
630f9c33c2 Fix bug #68594 - Use after free vulnerability in unserialize() 2014-12-16 10:15:17 -08:00
Anatol Belski
e112f6a04e second shot on removing TSRMLS_* 2014-12-14 14:07:59 +01:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Anatol Belski
13f1c276ab Fixed bug #68545 NULL pointer dereference in unserialize.c 2014-12-11 10:39:37 -08:00
Anatol Belski
aeb30576f6 Merge branch 'PHP-5.6' 
* PHP-5.6:
  updated NEWS
  Fixed bug #68545 NULL pointer dereference in unserialize.c
  Updated NEWS
  Updated NEWS

Conflicts:
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
 2014-12-10 11:54:31 +01:00
Anatol Belski
4a82cdce66 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #68545 NULL pointer dereference in unserialize.c

Conflicts:
	ext/standard/var_unserializer.c
 2014-12-10 11:47:34 +01:00
Anatol Belski
20d93534d5 Fixed bug #68545 NULL pointer dereference in unserialize.c 2014-12-10 11:43:33 +01:00
Stanislav Malyshev
9d7c5dbed9 secured unserialize 
- update for BC-compatible unserialize
- add tests
 2014-11-22 22:25:18 -08:00
Veres Lajos
4b9535341a typo fixes - https://github.com/vlajos/misspell_fixer 2014-11-19 20:23:00 +00:00
Stanislav Malyshev
3eb679b952 Fixed bug #68044: Integer overflow in unserialize() (32-bits only) 2014-10-14 10:51:24 -07:00
Stanislav Malyshev
88eb7ea47d Fixed bug #68044: Integer overflow in unserialize() (32-bits only) 2014-10-14 10:44:57 -07:00
Stanislav Malyshev
9aa9014523 Fixed bug #68044: Integer overflow in unserialize() (32-bits only) 2014-10-14 10:43:13 -07:00
Stanislav Malyshev
56754a7f9e Fixed bug #68044: Integer overflow in unserialize() (32-bits only) 2014-10-13 23:14:25 -07:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Dmitry Stogov
bccc653185 Avoid double IS_INTERNED() check 2014-09-19 17:32:50 +04:00