archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-20 17:34:35 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
83560 commits 526 branches 1434 tags 882 MiB
Commit graph

471 commits

Author SHA1 Message Date
Stanislav Malyshev
d144590d38 Fix bug #72321 - use efree() for emalloc allocation 2016-06-12 21:35:13 -07:00
Stanislav Malyshev
62da5cdf3d Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
  Fix bug #71798 - Integer Overflow in php_raw_url_encode
  Fix bug #71860: Require valid paths for phar filenames
  Going for 5.5.34

Conflicts:
	configure.in
	ext/phar/tests/create_path_error.phpt
	main/php_version.h
 2016-03-28 23:21:15 -07:00
Stanislav Malyshev
72281f29dd Fix bug #71860: Require valid paths for phar filenames 2016-03-20 21:33:11 -07:00
Stanislav Malyshev
309ead112f Merge branch 'PHP-5.5.32' into PHP-5.6.18 
* PHP-5.5.32:
  Fixed bug #71488: Stack overflow when decompressing tar archives
  update NEWS
  add missing headers for SIZE_MAX
  backport the escapeshell* functions hardening branch
  add tests
  Fix bug #71459 - Integer overflow in iptcembed()
  Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
  Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
  Fix bug #71335: Type Confusion in WDDX Packet Deserialization
  Fix bug #71354 - remove UMR when size is 0
 2016-02-01 18:32:31 -08:00
Stanislav Malyshev
13ad4d3e97 Fix bug #71354 - remove UMR when size is 0 2016-01-13 16:32:29 -08:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Stanislav Malyshev
eb7ba73079 virtual_file_ex uses emalloc in 5.6+ 2015-08-04 16:31:57 -07:00
Stanislav Malyshev
ed709d5aa0 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  fix test
  update NEWS
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	ext/soap/php_http.c
	ext/spl/spl_observer.c
 2015-08-04 15:29:13 -07:00
Stanislav Malyshev
69ed3969dd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	.gitignore
	ext/date/php_date.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
 2015-08-04 14:10:57 -07:00
Stanislav Malyshev
dda81f0505 Fix bug #70019 - limit extracted files to given directory 2015-08-04 14:02:31 -07:00
Stanislav Malyshev
6c884e8e84 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Better fix for bug #69958
  update news
  Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM)
  Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath
  Fix bug #69958 - Segfault in Phar::convertToData on invalid file
  Better fix for bug #69958
  Better fix for bug #69958
  update news
  Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM)
  Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath
  Fix bug #69958 - Segfault in Phar::convertToData on invalid file

Conflicts:
	ext/phar/phar_object.c
 2015-07-07 10:12:51 -07:00
Stanislav Malyshev
885edfef0a Better fix for bug #69958 2015-07-07 09:38:31 -07:00
Stanislav Malyshev
bf58162ddf Fix bug #69958 - Segfault in Phar::convertToData on invalid file 2015-07-07 09:38:30 -07:00
Stanislav Malyshev
ed84af4b88 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Better fix for bug #69958
 2015-07-07 00:01:42 -07:00
Stanislav Malyshev
eda31f57fb Better fix for bug #69958 2015-07-07 00:01:26 -07:00
Stanislav Malyshev
09de64a58d Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Better fix for bug #69958
 2015-07-06 23:03:05 -07:00
Stanislav Malyshev
61b0b80388 Better fix for bug #69958 2015-07-06 22:58:28 -07:00
Stanislav Malyshev
303d97feda Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM)
  Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath
  Fix bug #69958 - Segfault in Phar::convertToData on invalid file

Conflicts:
	ext/mysqlnd/mysqlnd.c
 2015-07-06 21:52:49 -07:00
Stanislav Malyshev
452d30cf7d Fix bug #69958 - Segfault in Phar::convertToData on invalid file 2015-07-04 21:01:50 -07:00
Xinchen Hui
920a0afbf8 Fixed bug #68901 (use after free) 2015-04-11 16:28:07 -07:00
Michael Wallner
a4490bb0a2 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #64931
 2015-03-30 16:25:47 +02:00
Michael Wallner
6480725007 Fixed bug #64931 
phar_add_file is too restrive on filename

Check for any of '/', '\\', '\0' after ".phar".
 2015-03-30 16:24:19 +02:00
Xinchen Hui
5208113ad1 Merge branch 'PHP-5.5' into PHP-5.6 2015-01-29 00:01:00 +08:00
Xinchen Hui
b2cf3f064b Fixed bug #68901 (use after free) 2015-01-29 00:00:09 +08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Christian Weiske
e65e013e15 Fix bug #67587: Redirection loop on nginx with FPM 
Redirection will work correctly as long as PATH_INFO is available,
e.g. via the following nginx configuration:

    set $path_info $fastcgi_path_info;
    fastcgi_param PATH_INFO $path_info;
 2014-07-08 12:54:57 -07:00
Stanislav Malyshev
5312c39cfb Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #67587: Redirection loop on nginx with FPM
 2014-07-08 12:54:20 -07:00
Christian Weiske
0bf50a8302 Fix bug #67587: Redirection loop on nginx with FPM 
Redirection will work correctly as long as PATH_INFO is available,
e.g. via the following nginx configuration:

    set $path_info $fastcgi_path_info;
    fastcgi_param PATH_INFO $path_info;
 2014-07-08 12:53:45 -07:00
Felipe Pena
9d8a00337d Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  - Fixed off-by-one in phar_build (patch by crrodriguez at opensuse dot org)
 2014-05-11 09:46:38 -03:00
Felipe Pena
b99862e7ae Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  - Fixed off-by-one in phar_build (patch by crrodriguez at opensuse dot org)
 2014-05-11 09:46:25 -03:00
Felipe Pena
fb3b8de98d - Fixed off-by-one in phar_build (patch by crrodriguez at opensuse dot org) 2014-05-11 09:45:17 -03:00
Bob Weinand
a93e734f81 Merge branch 'PHP-5.5' into PHP-5.6 2014-04-14 00:08:36 +02:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Xinchen Hui
63dba7ec9d Remove outdate codes, make it clearer, although just a bit.. 2013-11-05 18:47:12 +08:00
Nikita Popov
db6d93feca Remove some more unnecessary macros from phar 2013-09-13 21:49:09 +02:00
Nikita Popov
39bd738fbf Remove version checks in phar 
No need to keep around compatability code for PHP 5.0 and PHP 6.
 2013-09-13 21:47:59 +02:00
Pierre Joye
42a186e22d Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  more check for php_stream_fopen_tmpfile failure
 2013-05-14 16:46:32 +02:00
Pierre Joye
7ec2e5314e Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  more check for php_stream_fopen_tmpfile failure
 2013-05-14 16:45:56 +02:00
Pierre Joye
ba1af29805 more check for php_stream_fopen_tmpfile failure 2013-05-14 16:45:11 +02:00
Nikita Popov
fcc6611de9 Add support for non-scalar Iterator keys in foreach 
RFC: https://wiki.php.net/rfc/foreach-non-scalar-keys
 2013-03-12 17:27:31 +01:00
Xinchen Hui
c2f8e90504 Merge branch 'PHP-5.3' into PHP-5.4 2013-01-06 10:20:00 +08:00
Xinchen Hui
bc11e6fdbb bump year 2013-01-06 10:19:09 +08:00
Felipe Pena
b0dbf71466 Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  - Removed PHP 6 checks
 2012-08-21 20:15:48 -03:00
Felipe Pena
85fa4d7747 - Removed PHP 6 checks 2012-08-21 20:15:34 -03:00
Nikita Popov
d256caf781 Merge: Fix bug #61184 Phar::webPhar() generates headers with trailing NUL bytes 2012-03-02 08:21:54 +00:00
Nikita Popov
daa190f8fd Fix headers generated by phar 
sapi_header_line.line_len is the length without null terminator, so one has to
take sizeof - 1. This fixes some test failures as the NUL bytes were causing
warnings.

Needs to be merged to 5.4.
 2012-02-18 13:39:13 +00:00
Felipe Pena
e4ca0ed09f - Year++ 2012-01-01 13:15:04 +00:00