archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 15:08:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
77348 commits 526 branches 1434 tags 877 MiB
Commit graph

261 commits

Author SHA1 Message Date
Stanislav Malyshev
41131cd41d Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment 2016-07-18 23:21:51 -07:00
Stanislav Malyshev
eebcbd5de3 Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE 2016-07-17 16:34:21 -07:00
Stanislav Malyshev
082aecfc3a Fix bug #72094 - Out of bounds heap read access in exif header processing 2016-04-24 19:33:52 -07:00
Stanislav Malyshev
6935058a98 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
 2015-09-01 00:28:39 -07:00
Stanislav Malyshev
ce2c67c8e8 Improve fix for #70385 2015-08-29 23:01:36 -07:00
Stanislav Malyshev
64043cb9e5 Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) 2015-08-28 22:25:41 -07:00
Stanislav Malyshev
e2744c51b6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  5.4.38 next
  Fix bug #68799: Free called on unitialized pointer
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())

Conflicts:
	configure.in
	main/php_version.h
 2015-01-20 10:40:11 -08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Stanislav Malyshev
2fc178cf44 Fix bug #68799: Free called on unitialized pointer 2015-01-11 00:51:05 -08:00
Stanislav Malyshev
ddb207e7fa Fix bug #68113 (Heap corruption in exif_thumbnail()) 2014-10-14 10:44:00 -07:00
Stanislav Malyshev
287c91c1f0 Fix bug #68113 (Heap corruption in exif_thumbnail()) 2014-10-13 23:17:45 -07:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Stanislav Malyshev
cbcf6e1880 Fix bug #65873 - Integer overflow in exif_read_data() 2013-12-16 11:34:24 -08:00
Michael Wallner
1b43f95040 Merged PR #293 (Exif crash on unknown encoding was fixed) 
By:
	Draal
Conflicts:
	configure.in
	main/php_version.h
 2013-10-21 21:48:27 +02:00
Veres Lajos
e9a95d78ef typo fixes 2013-07-15 00:23:03 -07:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Felipe Pena
8779a9aad5 Merge commit 'e59b6dc0ae' into PHP-5.4 2012-06-03 19:01:50 -03:00
Felipe Pena
e59b6dc0ae - Fixed information leak in ext exif (discovered by Martin Noga, Matthew "j00ru" Jurczyk, Gynvael Coldwind) 2012-06-03 15:23:07 -03:00
Felipe Pena
e4ca0ed09f - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Stanislav Malyshev
1dfbe61e2a fix bug #60150 for 5.3 too 2011-11-19 04:49:36 +00:00
Stanislav Malyshev
5ebfe19ac6 Fix bug #60150 (Integer overflow during the parsing of invalid exif header) 2011-11-19 04:41:03 +00:00
Felipe Pena
997f323e3a - Added ZEND_MOD_END macro to use in the end of zend_module_dep[] 2011-08-06 14:47:44 +00:00
Felipe Pena
707a8f70b8 - Added ZEND_MOD_END macro to use in the end of zend_module_dep[] 2011-08-06 14:47:44 +00:00
Felipe Pena
23e438594d - Make usage of new PHP_FE_END macro 2011-07-25 11:42:53 +00:00
Felipe Pena
4b30846b50 - Make usage of new PHP_FE_END macro 2011-07-25 11:35:02 +00:00
Pierre Joye
9805e1674a - remove magic quotes support, functions are kept (see the NEWS entry for the details) for BC reasons but do not allow to set enable MQ 2011-07-22 11:25:30 +00:00
Felipe Pena
32b5f8a1a3 - Added new parameter parsing option (p - for valid path (string without null byte in the middle)) 
# The tests will be fixed in the next commits
 2011-06-06 21:28:16 +00:00
Ilia Alshanetsky
465ffa7fa2 Fixed bug #54121 (error message format string typo). 2011-04-12 18:33:08 +00:00
Ilia Alshanetsky
0e80f26207 Fixed bug #54121 (error message format string typo). 2011-04-12 18:33:08 +00:00
Dmitry Stogov
bbc879b587 Fixed multibyte related issues 2011-03-14 16:00:59 +00:00
Pierre Joye
2a7acc3f4d - fix the fix (Dmitry) and ensure that it builds everywhere, can someone test on solaris&co pls? 2011-02-15 14:02:26 +00:00
Pierre Joye
a8806be989 - fix the fix (Dmitry) and ensure that it builds everywhere, can someone test on solaris&co pls? 2011-02-15 14:02:26 +00:00
Pierre Joye
409c5a9c7b -Bug #54002, fix windows build, use the relevant values in the warnings 2011-02-14 09:40:10 +00:00
Pierre Joye
8a485c7c91 -Bug #54002, fix windows build, use the relevant values in the warnings 2011-02-14 09:40:10 +00:00
Pierre Joye
dbccc8c112 - fix bug #54002, exif_read_data crashes on crafted tags 2011-02-14 09:08:44 +00:00
Pierre Joye
0f842f667a - fix bug #54002, exif_read_data crashes on crafted tags 2011-02-14 09:08:44 +00:00
Felipe Pena
927bf09c29 - Year++ 2011-01-01 02:19:59 +00:00
Felipe Pena
0203cc3d44 - Year++ 2011-01-01 02:17:06 +00:00
Moriyoshi Koizumi
e8b1590667 - Fix build. 2010-12-22 10:25:33 +00:00
Antony Dovgal
e89362b846 fix ZTS build 2010-12-08 12:35:25 +00:00
Dmitry Stogov
755c2cd0d8 Removed compile time dependency from ext/mbstring 2010-12-08 11:27:34 +00:00
Kalle Sommer Nielsen
dd8e59da8f Removed safe_mode 
* Removed ini options, safe_mode*
 * Removed --enable-safe-mode --with-exec-dir configure options on Unix
 * Updated extensions, SAPI's and core
 * php_get_current_user() is now declared in main.c, thrus no need to include safe_mode.h anymore
 2010-04-26 23:53:30 +00:00
Sebastian Bergmann
9ba1e81665 sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php 2010-01-03 09:23:27 +00:00
Guenter Knauf
824692fab8 removed now obsolete NetWare hack since I fixed this 
with Novell some longer time ago in their SDK header.
 2009-11-03 21:21:34 +00:00
Ilia Alshanetsky
4687f6e0ba MFB: Added missing sanity checks around exif processing. 2009-08-16 14:32:32 +00:00
Felipe Pena
61d723a359 - Dropped unnecessary var 2009-06-12 14:03:35 +00:00
Pierre Joye
f002287eb3 - MFH: #48378, exif_read_data() segfaults on certain corrupted .jpeg files 2009-05-28 13:48:32 +00:00
Sebastian Bergmann
08659c2dcd MFH: Bump copyright year, 3 of 3. 2008-12-31 11:15:49 +00:00