archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
122692 commits 526 branches 1434 tags 873 MiB
Commit graph

583 commits

Author SHA1 Message Date
Nikita Popov
49327e2e15 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Improve exif tag name fetching
  Implement a cache for exif tag name lookups
  Limit the amount of errors generated during exif parsing
 2019-10-18 16:55:46 +02:00
Nikita Popov
650115c827 Improve exif tag name fetching 2019-10-18 16:55:05 +02:00
Nikita Popov
56e3e6f135 Implement a cache for exif tag name lookups 2019-10-18 16:54:56 +02:00
Nikita Popov
e5324a2484 Limit the amount of errors generated during exif parsing 
Emitting errors is fairly expensive, to the point that parsing
a file with a huge number of invalid tags can take seconds.
Generating ten thousand errors is unlikely to help anybody, but
constitutes a potential DOS vector.
 2019-10-18 16:54:49 +02:00
Nikita Popov
b53b2f3e82 Merge branch 'PHP-7.4' 2019-10-09 17:34:00 +02:00
Nikita Popov
5b44560dfc Merge branch 'PHP-7.3' into PHP-7.4 2019-10-09 17:33:52 +02:00
Nikita Popov
a0163417ef Merge branch 'PHP-7.2' into PHP-7.3 2019-10-09 17:33:44 +02:00
Nikita Popov
daf1fc6e31 Avoid float to int cast UB in exif 2019-10-09 17:33:29 +02:00
Nikita Popov
cb657440b4 Merge branch 'PHP-7.4' 2019-10-09 14:58:17 +02:00
Nikita Popov
a4d7f4c3e1 Merge branch 'PHP-7.3' into PHP-7.4 2019-10-09 14:58:10 +02:00
Nikita Popov
cbf589b17c Merge branch 'PHP-7.2' into PHP-7.3 2019-10-09 14:58:01 +02:00
Nikita Popov
d6ca174d5b Remove redundant components < 0 check 
components is an unsigned number, it cannot be smaller than zero.
 2019-10-09 14:57:24 +02:00
peter279k
1ea329d457 Fix bug #77204 
Include opened path in getimagesize() error message
 2019-10-02 11:21:17 +02:00
Gabriel Caruso
5d6e923d46
Remove mention of PHP major version in Copyright headers 
Closes GH-4732.
 2019-09-25 14:51:43 +02:00
Nikita Popov
c6315f86c9 Merge branch 'PHP-7.4' 2019-09-22 12:13:22 +02:00
Nikita Popov
5e48bb7e1f Merge branch 'PHP-7.3' into PHP-7.4 2019-09-22 12:10:49 +02:00
Nikita Popov
9cd365e571 Merge branch 'PHP-7.2' into PHP-7.3 2019-09-22 12:10:42 +02:00
Nikita Popov
f989a4cd44 Fix leak of temporary buffer during exif tag reading 2019-09-22 12:10:17 +02:00
Nikita Popov
0a6291b81a Merge branch 'PHP-7.4' 2019-09-22 10:27:21 +02:00
Nikita Popov
0508a70640 Merge branch 'PHP-7.3' into PHP-7.4 2019-09-22 10:27:07 +02:00
Nikita Popov
623d897998 Merge branch 'PHP-7.2' into PHP-7.3 2019-09-22 10:26:57 +02:00
Nikita Popov
0701835c01 Fix multiple leaks in exif_read_data() 
This fixes two leaks related to duplicate tags, as well as a leak
of zero-length FMT_(S)BYTE with non-null value. This can show up
for MAKERNOTE values where the original length is non-zero, but
the first character is a null byte.
 2019-09-21 20:40:03 +02:00
Nikita Popov
6a21804b83 Merge branch 'PHP-7.4' 2019-09-19 21:14:54 +02:00
Nikita Popov
f0f84adf2b Merge branch 'PHP-7.3' into PHP-7.4 2019-09-19 21:14:46 +02:00
Nikita Popov
e76dea4283 Merge branch 'PHP-7.2' into PHP-7.3 2019-09-19 21:14:40 +02:00
Nikita Popov
0fa13028cb Fix out-of-bounds read in exif tag reading 
This issue was recently introduced in c739023a50,
when the restriction that components>0 has been relaxed. We now need
to make sure that any tags that expect at least one component check
that this is the case.
 2019-09-19 21:11:57 +02:00
Nikita Popov
975ef6ea9c Merge branch 'PHP-7.4' 2019-09-19 14:20:38 +02:00
Nikita Popov
8a599c7b74 Merge branch 'PHP-7.3' into PHP-7.4 2019-09-19 14:20:13 +02:00
Nikita Popov
6bf5c8508a Merge branch 'PHP-7.2' into PHP-7.3 2019-09-19 14:20:04 +02:00
Nikita Popov
3e139a4653 Fix exif leak on duplicate copyright tags 2019-09-19 14:19:31 +02:00
Christoph M. Becker
b59f6e4fb1 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fix exif build
  NEWS
 2019-09-12 09:14:27 +02:00
Christoph M. Becker
679cbee870 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix exif build
  NEWS
 2019-09-12 09:14:08 +02:00
Christoph M. Becker
31f617d9bc Fix exif build 
As of PHP 7.3.0 the `model` field is removed.
 2019-09-12 09:13:27 +02:00
Kalle Sommer Nielsen
c2d661c2e1 Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
 2019-09-12 06:34:35 +03:00
Kalle Sommer Nielsen
89227fba99 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
 2019-09-12 06:33:40 +03:00
Kalle Sommer Nielsen
6f0e5a45ff Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
 2019-09-12 06:31:52 +03:00
Kalle Sommer Nielsen
2823e938d4 Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7) 2019-09-12 06:21:39 +03:00
Craig Duncan
743591458c Convert exif functions arginfo to php stubs 
We also allow sections needed to be null.
 2019-08-26 17:25:12 +02:00
Stanislav Malyshev
e043025fda Merge branch 'PHP-7.4' 
* PHP-7.4:
  Fix #77919: Potential UAF in Phar RSHUTDOWN
  Update NEWS
  Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
  Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
 2019-07-29 13:20:59 -07:00
Stanislav Malyshev
4adf3dc109 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #77919: Potential UAF in Phar RSHUTDOWN
  Update NEWS
  Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
  Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
 2019-07-29 13:20:52 -07:00
Stanislav Malyshev
d69894734d Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix #77919: Potential UAF in Phar RSHUTDOWN
  Update NEWS
  Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
  Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
 2019-07-29 13:20:44 -07:00
Stanislav Malyshev
284fb08fdc Merge branch 'PHP-7.1' into PHP-7.2 
* PHP-7.1:
  Fix #77919: Potential UAF in Phar RSHUTDOWN
  Update NEWS
  Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
  Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
 2019-07-29 13:19:16 -07:00
Nikita Popov
68fd435ba8 Fixed bug #78333 
Don't dereference float/double values at unknown address, instead
memcpy it into an aligned stack slot and dereference that.
 2019-07-29 11:27:21 +02:00
Nikita Popov
2b10f6299b Merge branch 'PHP-7.4' 2019-07-29 11:26:36 +02:00
Nikita Popov
2eb159d589 Merge branch 'PHP-7.3' into PHP-7.4 2019-07-29 11:26:31 +02:00
Nikita Popov
727929765b Merge branch 'PHP-7.2' into PHP-7.3 2019-07-29 11:26:09 +02:00
Nikita Popov
d142dfc93d Fixed bug #78333 
Don't dereference float/double values at unknown address, instead
memcpy it into an aligned stack slot and dereference that.
 2019-07-29 11:25:27 +02:00
Stanislav Malyshev
aeb6d13185 Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment) 2019-07-29 00:53:37 -07:00
Stanislav Malyshev
dea2989ab8 Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail) 2019-07-29 00:53:28 -07:00
Nikita Popov
a1e2c8870e Merge branch 'PHP-7.4' 2019-07-22 17:26:01 +02:00