php-src

mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00

History

Niels Dossche 40e667280b Fix GH-18597: Heap-buffer-overflow in zend_alloc.c when assigning string with UTF-8 bytes xmlSave() also can flush in some cases. When the encoding is not available this can fail for short inputs, resulting in an empty string which is interned but then wrongly tagged by RETURN_NEW_STR. Fix this by checking the error condition and switching to RETURN_STR for defense-in-depth. This issue also exists on 8.3, but does not crash; however, due to the different API usage internally I cannot easily fix it on 8.3. There it gives a partial output. Closes GH-18606.		2025-05-20 21:32:17 +02:00
..
tests	Fix GH-18597: Heap-buffer-overflow in zend_alloc.c when assigning string with UTF-8 bytes	2025-05-20 21:32:17 +02:00
config.m4	Sync HAVE_<extension> help texts (#15167 )	2024-08-02 01:41:47 +02:00
config.w32	Sync HAVE_<extension> help texts (#15167 )	2024-08-02 01:41:47 +02:00
CREDITS
php_simplexml.h	Avoid string duplications in simplexml (#15122 )	2024-07-27 16:21:07 +02:00
php_simplexml_exports.h	Update http->https in license (#6945 )	2021-05-06 12:16:35 +02:00
simplexml.c	Fix GH-18597: Heap-buffer-overflow in zend_alloc.c when assigning string with UTF-8 bytes	2025-05-20 21:32:17 +02:00
simplexml.stub.php	Fix argument type of simplexml_import_dom (#13170 )	2024-01-18 20:28:01 +01:00
simplexml_arginfo.h	Generated arginfo header files: remove empty zend_function_entry arrays (#15705 )	2024-09-03 23:19:53 +02:00