archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
php-src/ext/libxml
History
Exact
Niels Dossche 40e667280b
Fix GH-18597: Heap-buffer-overflow in zend_alloc.c when assigning string with UTF-8 bytes 
xmlSave() also can flush in some cases. When the encoding is not
available this can fail for short inputs, resulting in an empty string
which is interned but then wrongly tagged by RETURN_NEW_STR.
Fix this by checking the error condition and switching to RETURN_STR for
defense-in-depth.

This issue also exists on 8.3, but does not crash; however, due to the
different API usage internally I cannot easily fix it on 8.3. There it
gives a partial output.

Closes GH-18606.
2025-05-20 21:32:17 +02:00
..
tests Merge branch 'PHP-8.3' into PHP-8.4 2025-04-07 12:59:57 +01:00
config.w32 Fix GH-15534: Bump minimum libxml2 version to 2.9.4 (#15536) 2024-08-23 23:14:38 +02:00
config0.m4 Autotools: Sync CS in extensions (#15343) 2024-08-11 17:42:26 +02:00
CREDITS
libxml.c Fix GH-18597: Heap-buffer-overflow in zend_alloc.c when assigning string with UTF-8 bytes 2025-05-20 21:32:17 +02:00
libxml.stub.php Replace @deprecated by #[\Deprecated] for internal functions / class constants (#14750) 2024-07-10 16:47:31 +02:00
libxml_arginfo.h Rename ZEND_STR_DEPRECATED to ZEND_STR_DEPRECATED_CAPITALIZED (#15831) 2024-09-10 22:45:23 +01:00
mime_sniff.c Fix GHSA-p3x9-6h7p-cgfc: libxml streams wrong content-type on redirect 2025-03-11 22:58:39 +01:00
php_libxml.h Backport 4fe82131: Backport libxml2 2.13.2 fixes (#14816) 2024-10-12 15:12:40 +02:00
php_libxml2.def Fix GH-14563: Build failure with libxml2 v2.13.0 2024-06-29 16:28:16 +02:00