archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 06:58:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
114877 commits 526 branches 1434 tags 873 MiB
Commit graph

1673 commits

Author SHA1 Message Date
Nikita Popov
77a8a709da Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix bug #79787
 2020-07-08 11:22:18 +02:00
XXiang
3d5de7d746 Fix bug #79787 
Closes GH-5807.
 2020-07-08 11:20:58 +02:00
Nikita Popov
3d6199db8a Add mbregex skipif 2020-06-17 09:35:02 +02:00
Nikita Popov
3f2f36d5d4 Fix non-default syntax in mb_ereg_search() 2020-06-16 14:31:29 +02:00
Nikita Popov
8ff1991503 Fix test 2020-04-08 09:41:14 +02:00
George Peter Banyard
9b98cf3209 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Revert "Went to fast and forgot to update tests"
  Revert "Fix Bug #79448 0 is a valid Unicode codepoint, but mb_substitute_character(0) fails"
 2020-04-07 22:27:00 +02:00
George Peter Banyard
a0df5f3b54 Revert "Went to fast and forgot to update tests" 
This reverts commit 656eac74fa.
 2020-04-07 22:24:40 +02:00
George Peter Banyard
6031b08240 Revert "Fix Bug #79448 0 is a valid Unicode codepoint, but mb_substitute_character(0) fails" 
This commit brings some substantial changes in behaviour due to the weird implementation.
This will be fixed in master due to BC concerns.

This reverts commit 1333b46d6d.
 2020-04-07 22:23:24 +02:00
George Peter Banyard
c31b2bbd46 Merge branch 'PHP-7.3' into PHP-7.4 2020-04-03 22:10:56 +02:00
George Peter Banyard
656eac74fa Went to fast and forgot to update tests 
However due to the really lax conversion to integer all strings pass as 0
 2020-04-03 22:03:00 +02:00
George Peter Banyard
7a42611870 Merge branch 'PHP-7.3' into PHP-7.4 2020-04-03 21:28:07 +02:00
George Peter Banyard
1333b46d6d Fix Bug #79448 0 is a valid Unicode codepoint, but mb_substitute_character(0) fails 2020-04-03 21:18:45 +02:00
George Peter Banyard
cc0052678a Merge branch 'PHP-7.3' into PHP-7.4 2020-04-01 04:34:09 +02:00
George Peter Banyard
18dc9044f5 Fix bug 79441 2020-04-01 04:29:20 +02:00
Christoph M. Becker
db848e1482 Fix #79371: mb_strtolower (UTF-32LE): stack-buffer-overflow 
We make sure that negative values are properly compared.
 2020-03-16 22:40:48 -07:00
Christoph M. Becker
1fdffd1c55 Fix #79371: mb_strtolower (UTF-32LE): stack-buffer-overflow 
We make sure that negative values are properly compared.
 2020-03-16 22:40:00 -07:00
Nikita Popov
a73f98eda9 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Add SKIPIF to test requiring mbregex
 2020-01-30 11:21:26 +01:00
Nikita Popov
6ccd675776 Add SKIPIF to test requiring mbregex 2020-01-30 11:20:42 +01:00
Nikita Popov
43465768f1 Fix shift ub in mbstring 
Ideally "c" would be an unsigned integer...
 2020-01-30 10:07:25 +01:00
Nikita Popov
9aadcb18e1 Restore digit check in mb_decode_numericentity() 
I replaced it with a multiplication overflow check in
18599f9c52. However, we need both,
because the code for restoring the number can't handle numbers
with many leading zeros right now and I don't feel like teaching it.
 2020-01-30 10:07:01 +01:00
Nikita Popov
acc616c455 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix mb_ord() crash if internal encoding not supported
 2020-01-29 16:19:14 +01:00
Nikita Popov
a62c06c4cf Fix mb_ord() crash if internal encoding not supported 
enc_name can be NULL here. Take the name from the mbfl_encoding
instead.
 2020-01-29 16:18:46 +01:00
Nikita Popov
18599f9c52 Better overflow check for entity decoding 
Check for multiplication overflow rather than number of digits.
 2020-01-29 16:08:46 +01:00
Nikita Popov
085371b299 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Reset MBREX(search_re) in RSHUTDOWN
 2020-01-29 16:05:38 +01:00
Nikita Popov
560ff9725e Reset MBREX(search_re) in RSHUTDOWN 
This is going to cause a segfault if reused in the next request.
To illustrate the issue, run these two scripts in sequence with
the built-in server:

// script1.php
mb_ereg_search_init('foobar');
mb_ereg_search('foo');

// script2.php
var_dump(mb_ereg_search_init("foobar"));
var_dump(mb_ereg_search_pos());
 2020-01-29 16:05:11 +01:00
Nikita Popov
b3f07afabc Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix use of mb_ereg_search_getregs() after invalid pattern
 2020-01-29 12:50:40 +01:00
Nikita Popov
392ad206a4 Fix use of mb_ereg_search_getregs() after invalid pattern 
This segfaulted because we assumed that if there are matches,
there must be a regular expression as well.
 2020-01-29 12:50:18 +01:00
Nikita Popov
5589bf4d4a Fix length inconsistency in mb_convert_encoding 
Don't mix strlen() and ZSTR_LEN(). If the encoding contains a
NULL byte, this will overflow the buffer.

NULL bytes will still make this behave oddly because the consuming
code will cut off the string there, but let's address that in master...
 2020-01-29 12:19:28 +01:00
Nikita Popov
91f878779c Fix recovery of large entities in mb_decode_numericentity() 
Make sure we don't overflow the integer.
 2020-01-29 11:48:34 +01:00
Nikita Popov
9fcaf25c93 Fix memory leak in mb_str_split 2020-01-28 17:39:49 +01:00
Christoph M. Becker
f1bf4bf6eb Don't leak encoding_str 2020-01-22 11:15:16 +01:00
Christoph M. Becker
ab846173e2 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #79154: mb_convert_encoding() can modify $from_encoding
 2020-01-22 10:30:25 +01:00
Christoph M. Becker
9be31a582a Fix #79154: mb_convert_encoding() can modify $from_encoding 
We must not modify arrays passed by value.
 2020-01-22 10:28:07 +01:00
Christoph M. Becker
94c9dc498f Fix #79149: SEGV in mb_convert_encoding with non-string encodings 
We must not assume that `hash_entry` `IS_STRING`, but rather use
`encoding_str` which is guaranteed to be.
 2020-01-22 09:43:51 +01:00
Stanislav Malyshev
a29c793381 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Update NEWS
  Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
  Fix #79099: OOB read in php_strip_tags_ex
  Fix #79091: heap use-after-free in session_create_id()
 2020-01-20 22:47:01 -08:00
Stanislav Malyshev
25ec7eb346 Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Update NEWS
  Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
  Fix #79099: OOB read in php_strip_tags_ex
  Fix #79091: heap use-after-free in session_create_id()
 2020-01-20 22:46:29 -08:00
Stanislav Malyshev
2bcbc95f03 Fix bug #79037 (global buffer-overflow in mbfl_filt_conv_big5_wchar) 2020-01-20 21:43:42 -08:00
Christoph M. Becker
1979c5d16f Upgrade to Oniguruma 6.9.4 
Oniguruma 6.9.4 fixes several CVEs.
 2019-11-30 14:00:41 +01:00
Christoph M. Becker
8c4b0ddde5 Add missing skip checks 2019-11-29 23:50:05 +01:00
Christoph M. Becker
ff2140c49d Partially revert "Adapt test cases for Oniguruma 6.9.4" 
This partially reverts commit c55d09c2f5,
because `MB_ONIGURUMA_VERSION` is only available as of PHP 7.4.0, so
that change made no sense for PHP-7.3; we keep it for PHP-7.4, though.
We also stick with the modification to bug78633.phpt.
 2019-11-29 23:40:30 +01:00
Christoph M. Becker
2b700841c5 Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Adapt test cases for Oniguruma 6.9.4
 2019-11-29 17:00:11 +01:00
Christoph M. Becker
c55d09c2f5 Adapt test cases for Oniguruma 6.9.4 
Apparently, bug 78633 has now really been fixed; the former fix only
catered to the buffer overflow, but yielded a wrong result.  Also,
the order of the named captures has been fixed.
 2019-11-29 16:59:19 +01:00
Christoph M. Becker
85874af404 Remove obsolete oniguruma.patch 
The proper `SIZEOF_SIZE_T` definitions are available as of Oniguruma
6.9.1; no more need to patch.
 2019-11-05 10:16:22 +01:00
Stanislav Malyshev
d517c559fc Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #78633: Heap buffer overflow (read) in mb_eregi
 2019-10-20 23:20:16 -07:00
Christoph M. Becker
4f50d58cab Fix #78633: Heap buffer overflow (read) in mb_eregi 
We backport kkos/oniguruma@15c4228aa2.
 2019-10-20 22:47:38 -07:00
Nikita Popov
5b067163be Limit retry_limit test to oniguruma >= 6.9.3 
This test is somewhat fragile in that it depends on how well a
particular regex is optimized. Apparently on 6.9.1 this regex
would hit the default retry_limit of 1000000 already. I'm limiting
this to 6.9.3 because that's the version that works for me.
 2019-10-07 10:49:34 +02:00
Nikita Popov
6623e7ac51 Add support for mbstring.regex_retry_limit 
This is very similar to the existing mbstring.regex_stack_limit,
but for backtracking. The default value matches pcre.backtrack_limit.
Only used on libonig >= 2.8.0.
 2019-10-06 10:06:33 +02:00
Christoph M. Becker
3d89f92784 Skip tests for old versions instead of marking them XFAIL 
According to commit 0eea9a6[1], these tests fail with old Oniguruma
versions; we are not sure which version of Oniguruma is required to let
them pass, but at least 6.9.3 is sufficient.

[1] <http://git.php.net/?p=php-src.git;a=commit;h=0eea9a642941ab5d4c612f8092f186977afbb73e>
 2019-09-30 14:14:23 +02:00
Christoph M. Becker
70f367d48a Merge branch 'PHP-7.3' into PHP-7.4 
* PHP-7.3:
  Fix #78609: mb_check_encoding() no longer supports stringable objects
 2019-09-30 13:06:57 +02:00
Christoph M. Becker
2046b3ce4f Merge branch 'PHP-7.2' into PHP-7.3 
* PHP-7.2:
  Fix #78609: mb_check_encoding() no longer supports stringable objects
 2019-09-30 13:04:54 +02:00