archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-20 09:24:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
77348 commits 526 branches 1434 tags 881 MiB
Commit graph

293 commits

Author SHA1 Message Date
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev
7c31203935 Improve fix for #70172 2015-09-01 11:38:39 -07:00
Stanislav Malyshev
e8429400d4 Fix bug #70172 - Use After Free Vulnerability in unserialize() 2015-08-31 23:26:14 -07:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Yasuo Ohgaki
d04bcb8969 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Update NEWS
  Fixed Bug 64760 var_export() does not use full precision for floating-point numbers
 2013-10-29 17:28:35 +09:00
Yasuo Ohgaki
4dc4302a30 Fixed Bug 64760 var_export() does not use full precision for floating-point numbers 2013-10-29 17:24:23 +09:00
Michael Wallner
d72a4d1634 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix bug #64146 (serialize incorrectly saving objects when they are cloned)
 2013-10-04 16:17:37 +02:00
Michael Wallner
8973390541 fix bug #64146 (serialize incorrectly saving objects when they are 
cloned)
 2013-10-04 16:16:15 +02:00
Veres Lajos
4749457a49 HASH_KEY_NON_EXISTANT fix 2013-07-21 20:09:53 -07:00
Xinchen Hui
f52b2e6a65 Fixed bug #64354 (Unserialize array of objects whose class can't be autoloaded fail) 
about the __sleep one, since php_serialize_* are all void function,
so,,only check exception at the very begining
 2013-03-09 23:00:58 +08:00
Xinchen Hui
0a7395e009 Happy New Year 2013-01-01 16:28:54 +08:00
Xinchen Hui
60a280936e Merge branch 'PHP-5.3' into PHP-5.4 2012-10-02 00:30:49 +08:00
Xinchen Hui
4f860a4412 Avoding superfluous function call 2012-10-02 00:28:38 +08:00
Lonny Kapelushnik
45f3322905 var_export outputs an E_WARNING when recursion is detected 2012-08-05 20:56:06 -07:00
Moriyoshi Koizumi
91e1df704e Fix bug #62373 (serialize() generates wrong reference to the object) 2012-06-25 19:14:19 +09:00
Moriyoshi Koizumi
e427182279 Fix bug #62373 (serialize() generates wrong reference to the object) 2012-06-25 19:13:23 +09:00
Felipe Pena
e4ca0ed09f - Year++ 2012-01-01 13:15:04 +00:00
Felipe Pena
4e19825281 - Year++ 2012-01-01 13:15:04 +00:00
Michael Wallner
b6921369b5 Fix Bug #55801 Behavior of unserialize has changed: 
(un)serialize in __wakeup/__sleep now use clean var_hashes
 2011-10-19 10:09:24 +00:00
Dmitry Stogov
4a25a7740d Fixed ZE specific compile warnings (Bug #55629) 2011-09-13 13:29:35 +00:00
Xinchen Hui
9fb62f3382 Sync r314808 to 5_3 branch 
Eliminated compiler warnings "comparison is always false",  "cast to pointer from integer of different siz" and tail zero warnings
 2011-08-23 10:18:48 +00:00
Xinchen Hui
ba9546b8e5 Omitted GCC warning "comparison is always false" 2011-08-12 07:47:03 +00:00
Pierrick Charron
029d7f4c6c class entry is never used 2011-08-07 06:04:11 +00:00
Pierrick Charron
a8ed880c64 class entry is never used 2011-08-07 06:04:11 +00:00
Gustavo André dos Santos Lopes
404686447b - Fixed bug #55082 (var_export() doesn't escape properties properly). 2011-06-30 09:26:35 +00:00
Gustavo André dos Santos Lopes
3dafd9549d - Fixed bug #55082 (var_export() doesn't escape properties properly). 2011-06-30 09:26:35 +00:00
Felipe Pena
927bf09c29 - Year++ 2011-01-01 02:19:59 +00:00
Felipe Pena
0203cc3d44 - Year++ 2011-01-01 02:17:06 +00:00
Kalle Sommer Nielsen
1fed0e5a84 Kill some more constness warnings in com_dotnet/phar/standard 2010-11-19 16:03:00 +00:00
Kalle Sommer Nielsen
06a9baf4d9 Missed to check this one in the last commit 2010-09-23 03:49:26 +00:00
Pierre Joye
2b1e18f81b - fix build introduced by fix for #52772 2010-09-13 21:54:47 +00:00
Kalle Sommer Nielsen
4119b09a1a Fixed bug #52772 (var_dump() doesn't check for the existence of get_class_name before calling it) 2010-09-13 20:14:18 +00:00
Kalle Sommer Nielsen
67b4af3e6a Fixed bug #52772 (var_dump() doesn't check for the existence of get_class_name before calling it) 2010-09-13 20:14:18 +00:00
Felipe Pena
1e17bb2aab - Fixed bug #52534 (var_export array with negative key) 2010-08-04 23:11:44 +00:00
Felipe Pena
3d2a6927c7 - Fixed bug #52534 (var_export array with negative key) 2010-08-04 23:11:44 +00:00
Scott MacVicar
c02f6724a8 Doing this as a seperate commit unless we need to back it out. 
Fix a bug when var_export() causes a fatal error that could inadvertently display data due to flushing of the output buffer.

Examples include, memory limit, execution time and recursion.
 2010-07-09 21:19:27 +00:00
Scott MacVicar
c7b0abe6aa Fix a bug when var_export() causes a fatal error that could inadvertently display data due to flushing of the output buffer. 
Examples include, memory limit, execution time and recursion.
 2010-07-09 21:11:37 +00:00
Pierre Joye
badf05a8ea - silent warning (unary minus operator applied to unsigned type) 2010-06-06 15:28:30 +00:00
Pierre Joye
9ef717c0c2 - silent warning (unary minus operator applied to unsigned type) 2010-06-06 15:28:30 +00:00
Michael Wallner
11d24c1593 * implement new output API, fixing some bugs and implementing some feature 
requests--let's see what I can dig out of the bugtracker for NEWS--
  and while crossing the road:
   * implemented new zlib API
   * fixed up ext/tidy (what was "s&" in zend_parse_parameters() supposed to do?)

Thanks to Jani and Felipe for pioneering.
 2010-05-31 10:29:43 +00:00
Michael Wallner
89e93723fb Added support for object references in recursive serialize() calls. FR #36424 2010-05-26 07:24:37 +00:00
Felipe Pena
fa76263481 - Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection) 2010-04-02 21:44:09 +00:00
Felipe Pena
a140e70661 - Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection) 2010-04-02 21:44:09 +00:00
Jani Taskinen
af49e58f51 - Reverted r296062 and r296065 2010-03-12 10:28:59 +00:00
Jani Taskinen
06f072cb5e MFH: Improved / fixed output buffering (Michael Wallner) 2010-03-11 10:24:29 +00:00
Sebastian Bergmann
9ba1e81665 sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php 2010-01-03 09:23:27 +00:00
Stanislav Malyshev
20ee379007 fix interrupt problem in serialize() 2009-11-29 04:38:46 +00:00
Stanislav Malyshev
b73ac1a57a fix potential memory issue on serialization 
# When internal class uses zend_mangle_property_name it's malloc()
# so it should be freed with free()
 2009-08-11 22:46:07 +00:00