29891 commits

Author	SHA1	Message	Date
Stanislav Malyshev	cd9c39d77c	Merge branch 'pull-request/1350' into PHP-5.4 ... * pull-request/1350: Move strlen() check to php_mail_detect_multiple_crlf() Fixed Bug #69874 : Can't set empty additional_headers for mail()	2015-06-28 20:18:56 -07:00
Christoph M. Becker	a621781fdb	Fixed bug #69768 (escapeshell*() doesn't cater to !) ... When delayed variable substitution is enabled (can be set in the Registry, for instance), !ENV! works similar to %ENV%, and so ! should be escaped like %.	2015-06-24 00:15:55 +02:00
Yasuo Ohgaki	d263ecd864	Move strlen() check to php_mail_detect_multiple_crlf()	2015-06-19 15:17:56 +09:00
Yasuo Ohgaki	dacea3f6fb	Fixed Bug #69874 : Can't set empty additional_headers for mail()	2015-06-19 12:19:12 +09:00
Lior Kaplan	cc7194dd10	Fixed bug #69689 (Align PCRE_MINOR with current version)	2015-06-18 17:30:21 +03:00
Yasuo Ohgaki	9d168b863e	Fixed bug #68776	2015-06-09 21:32:54 -07:00
Stanislav Malyshev	eee8b6c33f	fix test	2015-06-09 17:11:33 -07:00
Stanislav Malyshev	8036758491	Fix bug #69646 OS command injection vulnerability in escapeshellarg	2015-06-09 10:52:38 -07:00
Stanislav Malyshev	f7d7befae8	Fix #69719 - more checks for nulls in paths	2015-06-09 10:52:38 -07:00
Remi Collet	531c306fe6	fix test description	2015-06-09 09:18:54 +02:00
Lior Kaplan	7ced40e24e	Upgrade bundled sqlite to 3.8.10.2 ... Includes fixes for CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 done in 3.8.9	2015-06-08 22:17:06 +03:00
Stanislav Malyshev	0765623d69	improve fix for Bug #69545	2015-05-31 17:29:00 -07:00
Stanislav Malyshev	f38ca75a3c	Update PCRE version (bug #69689)	2015-05-30 21:17:16 -07:00
Remi Collet	88aab478bf	move test	2015-05-20 14:03:41 +02:00
Remi Collet	3ee3066bd0	fix new test	2015-05-20 08:46:14 +02:00
Remi Collet	f93d24aa67	Fixed Bug #69667 segfault in php_pgsql_meta_data ... Incomplete fix for #68741	2015-05-20 08:46:01 +02:00
Stanislav Malyshev	9c0813fd48	Add test for bug #69522	2015-05-11 01:10:35 -07:00
Stanislav Malyshev	634aa0a2db	Update tests	2015-05-11 00:12:39 -07:00
Stanislav Malyshev	ba1d9cc4b7	Fix bug #69522 - do not allow int overflow	2015-05-10 23:06:08 -07:00
Stanislav Malyshev	e2bbf0a2df	Forgot test file	2015-05-10 02:24:29 -07:00
Stanislav Malyshev	c591f022f8	Fix bug #69403 and other int overflows	2015-05-10 02:20:08 -07:00
Stanislav Malyshev	be9b2a95ad	Fixed bug #69418 - more s->p fixes for filenames	2015-05-10 02:09:38 -07:00
Stanislav Malyshev	c27f012b7a	Fix bug #69453 - don't try to cut empty string	2015-04-29 22:51:43 -07:00
Stanislav Malyshev	ac28329354	Fix bug #69545 - avoid overflow when reading list	2015-04-29 22:50:18 -07:00
Stanislav Malyshev	95fa727992	Upgrade to PCRE 8.37 due to various bugfixes	2015-04-29 22:27:07 -07:00
Anatol Belski	9c5c3ff022	fix VC9 build with PCRE	2015-04-28 13:15:39 +02:00
Stanislav Malyshev	23917b451b	Upgrade PCRE to 8.36, it fixes some crashes ... We probably will need to go to 8.37 once it is released.	2015-04-27 23:16:54 -07:00
Dmitry Stogov	cee9722028	Fixed recently introduced memory leak	2015-04-14 11:08:38 -07:00
Stanislav Malyshev	9af582bbe0	fix non-standard C	2015-04-14 00:46:47 -07:00
Stanislav Malyshev	d3aeb8a204	Merge branch 'PHP-5.4.40' into PHP-5.4 ... * PHP-5.4.40: update NEWS Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode) fix memory leak & add test Fix tests fix CVE num Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability) Fix test Additional fix for bug #69324 More fixes for bug #69152 Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions) Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar) Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER) Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4) Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)	2015-04-14 00:26:53 -07:00
Stanislav Malyshev	f59b67ae50	Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)	2015-04-14 00:03:50 -07:00
Remi Collet	ff70b40dc9	fix type in fix for #69085	2015-04-13 14:41:39 +02:00
Stanislav Malyshev	45facd15fb	fix memory leak & add test	2015-04-12 22:38:34 -07:00
Stanislav Malyshev	a643ccfb90	Fix tests	2015-04-12 20:55:35 -07:00
Stanislav Malyshev	d82d68742c	Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)	2015-04-12 01:30:33 -07:00
Stanislav Malyshev	1defbb25ed	Fix test	2015-04-12 00:56:02 -07:00
Stanislav Malyshev	12d3bdee3d	Additional fix for bug #69324 ... Not so happy about duplication but needed due to bug #69429	2015-04-11 16:53:22 -07:00
Stanislav Malyshev	a894a8155f	More fixes for bug #69152	2015-04-11 16:53:22 -07:00
Stanislav Malyshev	4435b9142f	Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)	2015-04-11 16:53:22 -07:00
Stanislav Malyshev	9faaee66fa	Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)	2015-04-11 16:53:21 -07:00
Stanislav Malyshev	0ea75af9be	Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)	2015-04-11 16:53:21 -07:00
Stanislav Malyshev	f938112c49	Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)	2015-04-11 16:53:21 -07:00
Xinchen Hui	920a0afbf8	Fixed bug #68901 (use after free)	2015-04-11 16:28:07 -07:00
Xinchen Hui	9a404df382	Fixed bug #68740 (NULL Pointer Dereference) ... (cherry picked from commit 124fb22a13)	2015-04-05 22:48:10 -07:00
Stanislav Malyshev	5ae20c6247	Fix bug #66550 (SQLite prepared statement use-after-free)	2015-04-05 22:36:26 -07:00
Remi Collet	bd31cb7563	Better fix for #68601 for perf ... 81e9a993f2	2015-04-05 17:36:47 -07:00
Remi Collet	afbf725e73	Fix bug #68601 buffer read overflow in gd_gif_in.c	2015-04-05 17:33:52 -07:00
Dmitry Stogov	75f40ae1f3	Fixed bug #69293	2015-03-27 18:40:58 +03:00
Stanislav Malyshev	968fbc6acf	Bacport fix bug #68741 - Null pointer dereference	2015-03-22 18:30:05 -07:00
Stanislav Malyshev	fb83c76dee	Check that the type is correct	2015-03-22 18:17:47 -07:00