php-src

mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00

History

Tim Düsterhus f2e8c5da90 unserialize: Strictly check for `:{` at object start (#10214 ) * unserialize: Strictly check for `:{` at object start * unserialize: Update CVE tests It's unlikely that the object syntax error contributed to the actual CVE. The CVE is rather caused by the incorrect object serialization data of the `C` format. Add a second string without such a syntax error to ensure that path is still executed as well to ensure the CVE is absent. * Fix test expectation in gmp/tests/bug74670.phpt No changes to the input required, because the test actually is intended to verify the behavior for a missing `}`, it's just that the report position changed. * NEWS * UPGRADING		2023-01-12 19:55:54 +01:00
..
tests	unserialize: Strictly check for `:{` at object start (#10214 )	2023-01-12 19:55:54 +01:00
config.m4	Fixed bug #78574 (broken shared build)	2019-09-20 13:30:13 +02:00
config.w32	Remove unused defines	2019-07-18 02:21:39 +02:00
CREDITS
gmp.c	Revert "Port all internally used classes to use default_object_handlers"	2022-09-14 11:13:23 +02:00
gmp.stub.php	Rename @cname to @cvalue in stubs (#9043 )	2022-07-19 15:11:42 +02:00
gmp_arginfo.h	Do not generate CONST_CS when registering constants (#9439 )	2022-08-28 08:27:19 +02:00
php_gmp.h	Update http->https in license (#6945 )	2021-05-06 12:16:35 +02:00
php_gmp_int.h	Fix warning of strict-prototypes	2020-06-07 10:36:50 +02:00