mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-12-01 13:54:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
70,961 Commits 500 Branches 1,381 Tags 824 MiB
0e985d3726
Commit Graph

29807 Commits

Author SHA1 Message Date
Andrey Hristov
9444bc7997 Merge branch 'PHP-5.4' of git.php.net:php-src into PHP-5.4 2014-08-06 14:52:55 +03:00
Andrey Hristov
547451796c Fix handling of multi-result sets with PS...used to clean not only 
the result set but the whole PS.
 2014-08-06 14:52:12 +03:00
Michael Wallner
e4ff7f2ee3 Fixed Bug #67724 
(chained zlib filters silently fail with large amounts of data)

Use the same buffer size zlib uses internally to avoid
Z_DATA_ERROR on massively compressed data
 2014-08-05 15:44:43 +02:00
Remi Collet
cf4753691d Fixed Bug #66901 php-gd 'c_color' NULL pointer dereference 
Upstream 463c3bd09b

Notice: this fix don't manage monochrome/monovisual values
but just fix the security issue CVE-2014-2497
failing when trying to load such an image
 2014-08-04 10:42:39 +02:00
Anatol Belski
ae74549239 backport the fix for bug #67739 2014-08-04 09:57:08 +02:00
Stanislav Malyshev
61ec9b5b0f add test 2014-08-04 00:08:08 -07:00
Stanislav Malyshev
eeaec70758 Fix bug #67705 (extensive backtracking in rule regular expression) 2014-08-04 00:05:40 -07:00
Peter Cowburn
358aedc454 Bug #51096 - Remove unnecessary ? for first/last day of 2014-07-31 14:21:38 +01:00
Rasmus Lerdorf
8b9719d8b9 We need to turn off any strict mode here for this warning to show up 2014-07-30 12:22:48 -04:00
Tjerk Meesters
da3add26cf Fixed bug #67693 - incorrect push to the empty array 2014-07-30 18:15:14 +08:00
Keyur Govande
65364fe7d0 Corrected patch for bug #60616 
For unixODBC, use ODBC version as defined by it (as of v2.2.14 it is 3.5).
This allows us to use newer features like SQL_DESC_OCTET_LENGTH (which
returns the number of bytes required to store the data). This fixes the issue
in #60616. If the newer version is not available, over-allocate to accomodate
4-byte Unicode characters for CHAR and VARCHAR datatypes (and their Wide
counterparts).
version.
Fixed a couple of failing tests.
 2014-07-30 02:28:31 +00:00
Keyur Govande
00546bc9b7 Fix bug #60616 (odbc_fetch_into returns junk at end of multi-byte char fields) 
The ODBC extension did not support WVARCHAR. WVARCHAR ends up being handled by
the default handler where vallen is set by the driver to the actual bytes
needed for the field. If it is larger than default-lrl then the output is
corrupted (reading past the buffer) because the return functions don't expect
that to happen. The patch add support to handle WVARCHAR just like a regular
VARCHAR.
 2014-07-28 23:15:23 +00:00
Stanislav Malyshev
b4a4db467b Fix missing type checks in various functions 2014-07-27 02:42:49 -07:00
Xinchen Hui
51c38a0997 Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting) 2014-07-24 22:54:14 -07:00
Xinchen Hui
61e0f8599d Fixed Bug #67538 (SPL Iterators use-after-free) 2014-07-24 22:53:46 -07:00
Dmitry Saprykin
d491b2f916 Fix bug #67496 Save command history when exiting interactive shell with control-c 2014-07-24 17:58:39 +02:00
Johannes Schlüter
71d3a69425 Fix bug #55496 Interactive mode doesn't force a newline before the prompt 2014-07-24 16:53:51 +02:00
Yasuo Ohgaki
e946de29d2 Fixed bug #66827 Session raises E_NOTICE when session name variable is array 2014-07-19 09:52:31 +09:00
Lior Kaplan
2dff153b23 Enable build without atoll (e.g old AIX flavours) 2014-07-17 22:58:36 +03:00
Tjerk Meesters
4fc0d46ae7 Fix for bug #34407 - ucwords and title case 
Added support for ranges like trim() has
 2014-07-12 10:44:11 +08:00
Stanislav Malyshev
64e4261c9b fix unstable test 2014-07-08 14:13:46 -07:00
Christian Weiske
0bf50a8302 Fix bug #67587: Redirection loop on nginx with FPM 
Redirection will work correctly as long as PATH_INFO is available,
e.g. via the following nginx configuration:

    set $path_info $fastcgi_path_info;
    fastcgi_param PATH_INFO $path_info;
 2014-07-08 12:53:45 -07:00
Anatol Belski
03214a2aef Backported the patch from bug #67407 into 5.4 2014-07-08 09:52:35 +02:00
Stanislav Malyshev
a7d1cad4c3 change locale - looks like not everybody has sl_SI 2014-07-07 01:35:25 -07:00
Stanislav Malyshev
6c8a570a96 Fix bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting) 2014-07-07 00:36:57 -07:00
Nikita Popov
18989420b6 Add test for bug #67151 2014-07-02 22:39:54 +02:00
Ferenc Kovacs
37a13d2df7 adding a reproduce script for bug #49184 2014-07-02 22:37:58 +02:00
Nikita Popov
3cc6bd10ac Fix bug #67151: strtr with empty array crashes 2014-07-02 22:33:20 +02:00
Michael Wallner
34e686c556 fix integer overflow in {stream,file}_{get,put}_contents() 2014-07-02 09:53:03 +02:00
Adam Harvey
899fe3d8af Fix ext/pgsql builds with libpq < 7.3. 
Fixes bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756).
 2014-07-01 13:19:22 -07:00
Anatol Belski
af5f997a5d updated libmagic.patch 2014-07-01 10:25:20 +02:00
Stanislav Malyshev
9d1d25e625 Fix test - because of big #67397 we don't allow overlong locales anymore 2014-06-24 11:21:43 -07:00
Stanislav Malyshev
3488cf6fd8 Merge branch 'PHP-5.4.30' into PHP-5.4 
* PHP-5.4.30:
  5.4.30
  Better fix for bug #67072 with more BC provisions
  Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
  update CVE
  Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
  Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
  Fix bug #67349: Locale::parseLocale Double Free
  add CVEs
  Fix potential segfault in dns_get_record()
  Fix bug #66127 (Segmentation fault with ArrayObject unset)
  5.4.30 rc1

Conflicts:
	configure.in
	main/php_version.h
 2014-06-24 10:23:36 -07:00
Stanislav Malyshev
6d97b4b2b3 Better fix for bug #67072 with more BC provisions 2014-06-23 22:16:25 -07:00
Stanislav Malyshev
fb0128af2a Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability 2014-06-23 00:22:59 -07:00
Stanislav Malyshev
c42d5cf5de Better fix for bug #67072 with more BC provisions 2014-06-21 21:29:11 -07:00
Stanislav Malyshev
88223c5245 Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion 2014-06-21 19:46:16 -07:00
Stanislav Malyshev
6027c56fd7 Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1)) 2014-06-21 18:44:14 -07:00
Stanislav Malyshev
aef6432fbe Fix bug #67349: Locale::parseLocale Double Free 2014-06-21 18:38:41 -07:00
Dmitry Stogov
680ddabac1 Fixed MarinaDB support 2014-06-20 13:56:32 +04:00
Lior Kaplan
6f3bcb0d6e Update copyright year for re2c generated files 2014-06-16 23:28:36 +03:00
Lior Kaplan
e667d23178 Update copyright year for re2c files as well 2014-06-16 23:26:50 +03:00
Sara Golemon
21525d0413 Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-15 01:04:24 -07:00
Derick Rethans
ce70b920e4 - Updated to version 2014.5 (2014e) 2014-06-13 23:26:42 +01:00
Adam Harvey
b51f82f260 Follow 308 Permanent Redirect responses. 
Fixes bug #67430 (http:// wrapper doesn't follow 308 redirects).
 2014-06-12 18:12:53 -07:00
Adam Harvey
1b9cbab9a7 Keep 308-399 HTTP response codes when header('Location:') is called. 
Fixes bug #67428 (header('Location: foo') will override a 308-399 response
code).
 2014-06-12 17:35:05 -07:00
Sara Golemon
4f73394fdd Fix potential segfault in dns_get_record() 
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
 2014-06-11 13:37:04 -07:00
Stanislav Malyshev
2b04d68972 Fix bug #66127 (Segmentation fault with ArrayObject unset) 2014-06-10 23:24:11 -07:00
Stanislav Malyshev
317bcb96d0 Fix bug #66127 (Segmentation fault with ArrayObject unset) 2014-06-10 23:17:30 -07:00
Remi Collet
25b1dc917a Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec 
Upstream:
93e063ee37

Adapted for C standard.
 2014-06-10 14:33:37 +02:00
Remi Collet
40ef6e07e0 Bug #67412 fileinfo: cdf_count_chain insufficient boundary check 
Upstream:
40bade80cb
 2014-06-10 14:22:04 +02:00
Remi Collet
5c9f967999 Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check 
Upstream:
36fadd2984
 2014-06-10 14:13:14 +02:00
Remi Collet
e77659a8c8 Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size 
Upstream
27a14bc7ba
 2014-06-10 14:02:36 +02:00
Stanislav Malyshev
62857998c5 Fixed bug #67399 (putenv with empty variable may lead to crash) 2014-06-08 23:09:09 -07:00
Matteo Beccati
5c8c57aa6c Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191 
DOMDocument::substituteEntities needs to be set to true in order for
external entities to be parsed.
 2014-06-09 07:05:23 +02:00
Boro Sitnikovski
aebb23e4db Bug 49898 
__getCookies() method implementation
 2014-06-08 19:36:18 -07:00
Paul Oehler
76a7fd893b Added support for parsing ssl certificates using GeneralizedTime format. 
fix bug #65698
fix bug #66636
 2014-06-08 14:17:58 -07:00
Jeff Welch
5fd7c2b01d Remove superfluous echos. 2014-06-08 13:50:22 -07:00
Remi Collet
127651e9ae fix test for 5.4/5.5 2014-06-05 17:33:40 +02:00
Remi Collet
15d8c80ead add test for previous fix 2014-06-05 14:00:00 +02:00
Remi Collet
1fe9f1e4f5 Fix regression introduce in fix for bug #67118 
The fix was correct but break some code (at least in Horde)
This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6

This make php_date_initialize more consistent
- on success return 1 + time initiliazed
- on failure return 0 + time = zero
  which is check by DATE_CHECK_INITIALIZED by later method call

Will restore consistency with other date classes in master.
 2014-06-05 13:39:46 +02:00
Anatol Belski
20568e5028 Fixed regression introduced by patch for bug #67072 
This applies to 5.4 and 5.5 only as a legacy fix.
 2014-06-03 20:43:58 +02:00
Remi Collet
4fcb9a9d1b Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check 
Upstream fix 6d209c1c48.patch
Only revelant part applied
 2014-06-03 11:05:00 +02:00
Xinchen Hui
38be99b739 Fixed bug #67359 (Segfault in recursiveDirectoryIterator) 2014-06-01 19:41:01 +08:00
Adam Harvey
b5d9983ff4 Check for zero-length keys in spl_array_skip_protected and don't skip them. 
Fixes bug #67360 (Missing element after ArrayObject::getIterator).
 2014-05-29 17:49:32 +00:00
Anatol Belski
d2765e4b8c updated libmagic.patch for 5.4+ 2014-05-27 22:36:12 +02:00
Stanislav Malyshev
091b7642c2 Fix bug #67249: printf out-of-bounds read 2014-05-27 11:28:22 -07:00
Anatol Belski
d184f07b3c backport this piece from 5.6, related to the #66307 fix 2014-05-26 18:05:13 -07:00
Anatol Belski
15ee33eb21 Fixed bug #66307 Fileinfo crashes with powerpoint files 2014-05-26 18:04:27 -07:00
Stanislav Malyshev
4005f06df6 Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation) 
Upstream patch: b8acc83781
 2014-05-26 18:01:17 -07:00
Stanislav Malyshev
57225f09ed Fix bug #67327: fileinfo: CDF infinite loop in nelements DoS 
Upstream fix: f97486ef5d
 2014-05-26 17:45:14 -07:00
Adam Harvey
319611ffbd Fix broken test caused by fdb2709. 2014-05-23 15:07:19 +00:00
Adam Harvey
fdb2709dd2 Add microseconds to the serialised form of DateTime objects. 
Fixes bug #67308 (Serialize of DateTime truncates fractions of second).
 2014-05-21 14:55:52 -05:00
Matteo Beccati
00a22d4d06 Improved test for bug #62479 2014-05-21 18:58:14 +02:00
Stanislav Malyshev
dc92e81922 Merge branch 'bug67251' into PHP-5.4 
* bug67251:
  Fix bug #67251 - date_parse_from_format out-of-bounds read

Conflicts:
	ext/date/lib/parse_date.c
 2014-05-13 16:52:45 -07:00
Stanislav Malyshev
0094fd0969 Merge branch 'bug67252' into PHP-5.4 
* bug67252:
  fix bug #67253: timelib_meridian_with_check out-of-bounds read
  Fix bug #67252: convert_uudecode out-of-bounds read
 2014-05-13 16:47:27 -07:00
Stanislav Malyshev
9103c9eb4f Merge branch 'bug67250' into PHP-5.4 
* bug67250:
  Fix bug #67250 (iptcparse out-of-bounds read)
 2014-05-13 16:43:10 -07:00
Derick Rethans
3e276d6728 - Updated to version 2014.3 (2014c) 2014-05-13 16:36:58 +01:00
Stanislav Malyshev
6ef8e0f088 fix test - output can be chunked 2014-05-12 10:54:16 -07:00
Stanislav Malyshev
466b8aa444 fix bug #67253: timelib_meridian_with_check out-of-bounds read 2014-05-11 21:09:11 -07:00
Stanislav Malyshev
1e2818b143 Fix bug #67252: convert_uudecode out-of-bounds read 2014-05-11 20:29:27 -07:00
Stanislav Malyshev
0a80849250 Fix bug #67251 - date_parse_from_format out-of-bounds read 2014-05-11 19:34:21 -07:00
Stanislav Malyshev
3e9cb6a4a5 Fix bug #67250 (iptcparse out-of-bounds read) 2014-05-11 19:09:19 -07:00
Stanislav Malyshev
2b475eebbe Fix bug #67247 spl_fixedarray_resize integer overflow 2014-05-11 17:54:27 -07:00
Felipe Pena
fb3b8de98d - Fixed off-by-one in phar_build (patch by crrodriguez at opensuse dot org) 2014-05-11 09:45:17 -03:00
Felipe Pena
c575ab0c88 - Move checking 2014-05-10 11:55:42 -03:00
Felipe Pena
345f6d90d5 - Fixed missing NULL check in SimpleXMLElement::xpath() 2014-05-10 11:53:40 -03:00
Felipe Pena
5bd443a452 - Fixed missing NULL check 2014-05-10 11:39:08 -03:00
Stanislav Malyshev
4392339c3e oops, 5.4 and 5.5 use malloc in TSRM 2014-05-08 01:59:39 -07:00
Stanislav Malyshev
0cc18fdfba Fix memory leak in TSRM 2014-05-08 01:00:34 -07:00
Dmitry Stogov
8517001b25 Fixed test (it requires ext/hash) 2014-05-07 00:52:49 +02:00
Dmitry Stogov
f880013c4d Fixed tests (they might fail from time to time because of session GC) 2014-05-07 00:37:56 +02:00
Adam Harvey
941c39bd06 Use the right path for the suggested PHP invocation in ext_skel. 
Fixes bug #67160 (ext_skel outputs incorrect information).
 2014-05-01 11:22:20 -07:00
Anatol Belski
2d625b5f81 Fixed bug #66431 Special Character via COM Interface (CP_UTF8) 2014-04-29 13:40:44 +02:00
Popa Adrian Marius
bb422cb60e Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  Cleanup ZEND_MODULE_API_NO => 20050922
 2014-04-28 12:13:11 +03:00
Popa Adrian Marius
dbcd6304bb Cleanup ZEND_MODULE_API_NO => 20050922 2014-04-28 12:12:52 +03:00
Anatol Belski
d3dcd61623 fixed test 2014-04-25 17:39:53 +02:00
Anatol Belski
c1aa9baf29 Fixed bug #67118 DateTime constructor crash with invalid data 2014-04-25 17:23:26 +02:00
Stanislav Malyshev
03c703b8bd add a test case previously broken by a bad fix 2014-04-24 23:58:38 -07:00
Stanislav Malyshev
a328803803 Revert "Fixed bug #64604" 
This reverts commit b05c088a3a.
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo
 2014-04-24 23:50:45 -07:00