archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
77348 commits 526 branches 1434 tags 873 MiB
Commit graph

755 commits

Author SHA1 Message Date
Stanislav Malyshev
6935058a98 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
 2015-09-01 00:28:39 -07:00
Stanislav Malyshev
e201f01ac1 Fix bug #70388 - SOAP serialize_function_call() type confusion 2015-08-31 21:06:03 -07:00
Stanislav Malyshev
69ed3969dd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	.gitignore
	ext/date/php_date.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
 2015-08-04 14:10:57 -07:00
Stanislav Malyshev
c96d08b272 Fix bug #70081: check types for SOAP variables 2015-07-26 16:44:18 -07:00
Remi Collet
ff70b40dc9 fix type in fix for #69085 2015-04-13 14:41:39 +02:00
Remi Collet
c61ceef779 fix type in fix for #69085 
(cherry picked from commit 085e9ddc26f37ce556b8fd787044746e726264b2)
 2015-04-13 14:40:05 +02:00
Dmitry Stogov
75f40ae1f3 Fixed bug #69293 2015-03-27 18:40:58 +03:00
Xinchen Hui
76c1ec5e96 Bug #69293 NEW segfault when using SoapClient::__setSoapHeader (bisected, regression) 
This was a typo introduced in c8eaca013a
 2015-03-25 12:07:25 +08:00
Dmitry Stogov
9bdbc7490f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #69152
 2015-03-19 11:42:49 +03:00
Dmitry Stogov
51856a76f8 Fixed bug #69152 2015-03-19 11:36:01 +03:00
Dmitry Stogov
b3ac352253 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Added type checks
 2015-03-03 10:45:07 +03:00
Dmitry Stogov
c8eaca013a Added type checks 2015-03-03 10:43:48 +03:00
Dmitry Stogov
035d80523f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Added type checks

Conflicts:
	ext/soap/soap.c
 2015-03-03 09:52:21 +03:00
Dmitry Stogov
0c136a2abd Added type checks 2015-03-03 09:44:46 +03:00
Dmitry Stogov
d5248f67b5 Check variable type before its usage as IS_ARRAY. 2015-03-02 12:27:36 +03:00
Xinchen Hui
997b7e5630 Fixed bug #69085 (SoapClient's __call() type confusion through unserialize()). 2015-02-27 23:32:32 +08:00
Felipe Pena
35a68c276d - Fix merge 2015-02-16 13:09:40 -02:00
Felipe Pena
e08bef442c - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de 2015-02-16 13:07:26 -02:00
Xinchen Hui
3a71fa36a2 Micro opt 2015-02-13 13:09:56 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Xinchen Hui
327d4f9afb Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes) 2014-11-11 16:22:49 +08:00
Lior Kaplan
be2128c805 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  typofixes
 2014-08-17 15:48:22 +03:00
Veres Lajos
3f42f2f5d1 typofixes 2014-08-17 15:44:02 +03:00
Stanislav Malyshev
1b8d4695e2 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  add news
  Bug 49898 __getCookies() method implementation
 2014-06-08 19:46:12 -07:00
Boro Sitnikovski
aebb23e4db Bug 49898 
__getCookies() method implementation
 2014-06-08 19:36:18 -07:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Dmitry Stogov
0344e6a429 Fixed tests 2013-12-12 13:35:37 +04:00
Dmitry Stogov
1886292ec9 Fixed ext/soap/tests/bugs/bug54911.phpt 2013-12-12 13:02:50 +04:00
Dmitry Stogov
552e8b2b4c Fixed bug #66112 (Use after free condition in SOAP extension). (martin dot koegler at brz dot gv dot at) 2013-12-10 17:57:05 +04:00
Dmitry Stogov
a6516653b7 Arguments passed to user function have to be properly allocated on heap 2013-12-10 13:00:45 +04:00
Felipe Pena
0b5c2887cd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  - Moved allocation to if block to make Coverity happy
 2013-10-19 23:36:36 -03:00
Felipe Pena
85a622e42f - Moved allocation to if block to make Coverity happy 2013-10-19 23:36:28 -03:00
Christopher Jones
c6d977dd39 Fix long-standing visual pain point: the misalignment of './configure help' text. 
Whitespace changes and a couple of grammar fixes.
 2013-08-06 11:06:09 -07:00
Dmitry Stogov
5129892788 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improved fix for bug #44686 (SOAP-ERROR: Parsing WSDL)
 2013-07-31 17:37:08 +04:00
Dmitry Stogov
4395f70207 Improved fix for bug #44686 (SOAP-ERROR: Parsing WSDL) 2013-07-31 17:36:06 +04:00
Dmitry Stogov
35872e101b Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #65018 (SoapHeader problems with SoapServer)
  MFH: fixed #65045: mb_convert_encoding breaks well-formed character.
  Fixed bug #65336

Conflicts:
	NEWS
 2013-07-31 16:34:26 +04:00
Dmitry Stogov
fd8f454520 Fixed bug #65018 (SoapHeader problems with SoapServer) 2013-07-31 16:32:26 +04:00
Anatol Belski
8aebe0f1e7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fixed bug #65311 testsuite failure due to incomplete fix to bug28985.phpt
 2013-07-23 10:00:07 +02:00
Anatol Belski
9b6aa268a3 fixed bug #65311 testsuite failure due to incomplete fix to bug28985.phpt 2013-07-23 09:59:08 +02:00
Veres Lajos
e9a95d78ef typo fixes 2013-07-15 00:23:03 -07:00
Veres Lajos
72085b0e5f typo fixes 2013-07-15 00:18:57 -07:00
Stanislav Malyshev
02e4d7a290 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:30:59 -07:00
Stanislav Malyshev
ac40c0b562 Merge branch 'pull-request/341' 
* pull-request/341: (23 commits)
  typofixes
 2013-06-10 14:20:18 -07:00
Stanislav Malyshev
84e35fb2e0 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  typo fixes (argument)
  typo fixes (accommodate, parameter)
 2013-06-10 13:36:41 -07:00
Veres Lajos
ed2e84e239 typo fixes (accommodate, parameter) 2013-06-10 13:36:03 -07:00
Anatol Belski
e191cb63ba Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix heap overflow warnings on win x64 debug crt
 2013-05-13 14:26:50 +02:00
Anatol Belski
156576fcce Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  fix heap overflow warnings on win x64 debug crt
 2013-05-13 14:25:25 +02:00
Anatol Belski
fe21accfb4 fix heap overflow warnings on win x64 debug crt 2013-05-13 14:24:21 +02:00
Dmitry Stogov
c782cf7fb3 Added SoapClient constructor option 'ssl_method' to specify ssl method 2013-04-30 10:24:49 +04:00