archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 23:18:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
83560 commits 526 branches 1434 tags 877 MiB
Commit graph

653 commits

Author SHA1 Message Date
Stanislav Malyshev
8763c6090d Fix bug #72681 - consume data even if we're not storing them 2016-08-16 22:54:42 -07:00
Stanislav Malyshev
4d0565b5ba Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix #72519, possible OOB using imagegif
  fix #72512, invalid read or write for palette image when invalid transparent index is used
  Apparently some envs miss SIZE_MAX
  Fix tests
  Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
  Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
  Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
  Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
  Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
  Fix bug #72562 - destroy var_hash properly
  Fix bug #72533 (locale_accept_from_http out-of-bounds access)
  Fix fir bug #72520
  Fix for bug #72513
  CS fix and comments with bug ID
  Fix for HTTP_PROXY issue.
  add tests for bug #72512
  Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
  Fixed bug #72479 - same as #72434

Conflicts:
	ext/bz2/bz2.c
	main/SAPI.c
	main/php_variables.c
 2016-07-19 00:53:08 -07:00
Stanislav Malyshev
3798eb6fd5 Fix bug #72562 - destroy var_hash properly 2016-07-12 23:27:45 -07:00
Anatol Belski
ae6e139c77 reset the ext/session to the state of 5.6.17 2016-01-29 08:33:09 +01:00
Yasuo Ohgaki
ee1dd4949a Use SUCCESS/FAILURE 2016-01-18 13:33:47 +09:00
Yasuo Ohgaki
bfb9307b2d Fixed bug #69111 (Crash in SessionHandler::read()). 
Made session save handler abuse much harder than before.
 2016-01-15 15:50:14 +09:00
Yasuo Ohgaki
d7f8d9e3a9 Fix typo 2016-01-15 15:21:18 +09:00
Yasuo Ohgaki
31ae802736 Fix uninitialized read in rfc1867 handler reported by valgrind. Only in PHP 5.6. 
This commit fixes initialized read, but calling php_session_initialize() directly
is problematic because configuration could be invalid. Invalid config may result
in segfault. This will be addressed later.
 2016-01-15 15:18:00 +09:00
Yasuo Ohgaki
8c37a086c7 Improved fix for bug #68063 (Empty session IDs do still start sessions). 2016-01-15 09:45:08 +09:00
Yasuo Ohgaki
63c77ee4b1 Use php_session_abort() 2016-01-12 20:39:33 +09:00
Yasuo Ohgaki
a15e9ccba8 Fixed Bug #71038 session_start() returns TRUE on failure 2016-01-12 19:09:49 +09:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Yasuo Ohgaki
57be57ac94 Fix ZTS build 2015-12-16 11:10:39 +09:00
Yasuo Ohgaki
e8f1c29cc9 Fixed bug #71122 Session GC may not remove obsolete session data 2015-12-16 09:15:05 +09:00
Yasuo Ohgaki
8161230505 Fixed Bug #71122 Session GC may not remove obsolete session data 2015-12-15 10:27:28 +09:00
Stanislav Malyshev
a6c063d663 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  More fixes for bug #70219
 2015-09-01 12:51:48 -07:00
Stanislav Malyshev
c19d59c550 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	ext/zip/php_zip.c
 2015-09-01 12:06:41 -07:00
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev
fc8eff897b More fixes for bug #70219 2015-08-28 21:50:21 -07:00
Stanislav Malyshev
24dda816d0 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  5.4.45 next

Conflicts:
	configure.in
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-08-25 23:08:49 -07:00
Stanislav Malyshev
df4bf28f9f Fix bug #70219 (Use after free vulnerability in session deserializer) 2015-08-23 19:56:12 -07:00
Julien Pauli
2a50877428 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix flaws in session module
 2015-03-16 16:01:12 +01:00
Julien Pauli
4dba99c226 Fix flaws in session module 2015-03-16 16:00:46 +01:00
Yasuo Ohgaki
2983ef3c48 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #68063 Empty session IDs do still start sessions
 2015-02-03 13:41:31 +09:00
Yasuo Ohgaki
853ae39d6e Fixed bug #68063 Empty session IDs do still start sessions 2015-02-03 13:38:49 +09:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui
73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Yasuo Ohgaki
9e072d9565 Remove unneeded md5 hashing from PHP-5.6 branch. 
It's removed from master already by my previous commit.
 2014-11-12 13:43:54 +09:00
Yasuo Ohgaki
4dd3fbfcd2 Fixed bug #68331 - This was partial patch for https://wiki.php.net/rfc/session-lock-ini 2014-11-06 13:06:29 +09:00
Tjerk Meesters
ce9bdae33f Fixed #67694: Regression in session_regenerate_id() 2014-08-23 09:18:02 +08:00
Stanislav Malyshev
c41ca94824 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fix missing type checks in various functions

Conflicts:
	ext/openssl/openssl.c
 2014-07-28 00:37:32 -07:00
Stanislav Malyshev
531be9662f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix missing type checks in various functions
 2014-07-28 00:34:27 -07:00
Stanislav Malyshev
b4a4db467b Fix missing type checks in various functions 2014-07-27 02:42:49 -07:00
Xinchen Hui
9bef96d96e Merge branch 'PHP-5.5' into PHP-5.6 2014-07-19 13:12:36 +08:00
Yasuo Ohgaki
f83a6c33b4 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #66827 Session raises E_NOTICE when session name variable is array
 2014-07-19 09:53:04 +09:00
Yasuo Ohgaki
e946de29d2 Fixed bug #66827 Session raises E_NOTICE when session name variable is array 2014-07-19 09:52:31 +09:00
Yasuo Ohgaki
6f0ad9ea12 Revert "Implement Bug #54649 Create session_serializer_name()" 
This reverts commit 678ec30655.

Conflicts:
	ext/session/tests/session_serializer_name_basic.phpt
 2014-03-13 06:32:49 +09:00
Yasuo Ohgaki
7dec5789fe Revert "Implemented Request #11100 (session_gc() function)." 
This reverts commit 54a42f0d0c.

Conflicts:
	ext/session/tests/session_gc_basic.phpt
 2014-03-13 06:30:32 +09:00
Anatol Belski
ca27c86110 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix zts
 2014-01-22 12:05:06 +01:00
Anatol Belski
6d1d8ec330 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix zts
 2014-01-22 12:04:25 +01:00
Anatol Belski
34792280bc fix zts 2014-01-22 12:03:54 +01:00
Yasuo Ohgaki
3cc6c6c587 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed previous commit may delete unwanted cookies.
  Re-fixed bug #66469
 2014-01-22 19:23:17 +09:00
Yasuo Ohgaki
fa224b1c58 Fixed previous commit may delete unwanted cookies. 2014-01-22 19:23:01 +09:00
Yasuo Ohgaki
58f94345a7 Fixed previous commit may delete unwanted cookies. Sync tests from upper branches. 2014-01-22 19:21:25 +09:00
Yasuo Ohgaki
26a2bed185 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Re-fixed bug #66469
 2014-01-22 13:47:55 +09:00
Yasuo Ohgaki
383423a1ee Re-fixed bug #66469 2014-01-22 13:46:59 +09:00
Yasuo Ohgaki
a27e51fd4e Re-fixed bug #66469 2014-01-22 13:40:58 +09:00
Xinchen Hui
bfcdd67865 Merge branch 'PHP-5.5' into PHP-5.6 2014-01-16 14:42:04 +08:00
Xinchen Hui
9799816e0c Merge branch 'PHP-5.4' into PHP-5.5 2014-01-16 14:41:52 +08:00
Xinchen Hui
b777248ded Re-fixed Bug #66481 (Calls to session_name() segfault when session.name is null) 2014-01-16 14:41:12 +08:00