php-src

mirror of https://github.com/php/php-src.git synced 2024-11-23 09:54:15 +08:00

Author	SHA1	Message	Date
Christoph M. Becker	58ed759ba7	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Fix GH-16851: JIT_G(enabled) not set correctly on other threads	2024-11-20 19:12:40 +01:00
Dylan K. Taylor	ff3b4eca0e	Fix GH-16851: JIT_G(enabled) not set correctly on other threads There doesn't seem to be a thread post-startup hook that runs after zend_startup_cb() that could be used for this this fix is similar to accel_startup_ok() as seen here: `fc1db70f10/ext/opcache/ZendAccelerator.c (L2631-L2634)` Closes GH-16853.	2024-11-20 19:11:44 +01:00
Christoph M. Becker	38ec780015	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Skip file_put_contents_variation7.phpt on Windows	2024-11-20 15:50:54 +01:00
Christoph M. Becker	3656a84c39	Skip file_put_contents_variation7.phpt on Windows While the test obviously succeeds on Windows, it may occasionally conflict with file_put_contents_variation7-win32.phpt[1], so we skip it like we do for many other of these tests which have win32 pendants. [1] <https://github.com/php/php-src/actions/runs/11527743659/job/32093951818> Closes GH-16722.	2024-11-20 15:50:24 +01:00
Ilija Tovilo	dbd6c945f9	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: [skip ci] Add --no-progress to FreeBSD build Move FreeBSD build to GitHub actions with QEMU	2024-11-20 14:26:55 +01:00
Ilija Tovilo	02ef371eab	[skip ci] Add --no-progress to FreeBSD build	2024-11-20 14:25:54 +01:00
Ilija Tovilo	12f20ce407	Merge branch 'PHP-8.1' into PHP-8.2 * PHP-8.1: Move FreeBSD build to GitHub actions with QEMU	2024-11-20 14:25:25 +01:00
Ilija Tovilo	aca88baf5f	Move FreeBSD build to GitHub actions with QEMU Closes GH-16822	2024-11-20 14:24:02 +01:00
Ilija Tovilo	3f1e1ee467	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: [skip ci] Don't test mysqli with libmysqlclient 8.4	2024-11-20 14:19:18 +01:00
Ilija Tovilo	aa40d3abcc	Merge branch 'PHP-8.1' into PHP-8.2 * PHP-8.1: [skip ci] Don't test mysqli with libmysqlclient 8.4	2024-11-20 14:19:10 +01:00
Ilija Tovilo	e23ac8341a	[skip ci] Don't test mysqli with libmysqlclient 8.4 There are compile errors with 8.4 that we are no longer fixing.	2024-11-20 14:19:02 +01:00
Christoph M. Becker	9a0c35120f	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Make MySQLnd protocol stmt test work on 32bit	2024-11-20 13:53:35 +01:00
Christoph M. Becker	dedb0f8877	Merge branch 'PHP-8.1' into PHP-8.2 * PHP-8.1: Make MySQLnd protocol stmt test work on 32bit	2024-11-20 13:53:16 +01:00
Jakub Zelenka	c70b97d8eb	Make MySQLnd protocol stmt test work on 32bit Closes GH-16869.	2024-11-20 13:52:53 +01:00
Ilija Tovilo	378307cc4e	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: [skip ci] Backport GA root workflow changes	2024-11-20 13:42:36 +01:00
Ilija Tovilo	f8c37dc971	Merge branch 'PHP-8.1' into PHP-8.2 * PHP-8.1: [skip ci] Backport GA root workflow changes	2024-11-20 13:42:28 +01:00
Ilija Tovilo	9acf0a4009	[skip ci] Backport GA root workflow changes	2024-11-20 13:41:39 +01:00
Jakub Zelenka	ffff27f734	Merge branch 'PHP-8.2' into PHP-8.3	2024-11-20 11:12:19 +01:00
Jakub Zelenka	78c201a310	Update NEWS with security fixes info	2024-11-20 11:09:13 +01:00
Niels Dossche	f18d429b20	Fix GHSA-4w77-75f9-2c8w	2024-11-20 11:07:28 +01:00
Niels Dossche	f3ade203d7	Fix GHSA-r977-prxv-hc43 Move the bound check upwards. Since this doesn't generate output we can check the bound first.	2024-11-20 11:07:04 +01:00
Jakub Zelenka	d37a20c4a2	Fix MySQLnd possible buffer over read in auth_protocol	2024-11-20 11:06:53 +01:00
Jakub Zelenka	a21e48a93a	Make MySQLnd protocol stmt test work on 32bit	2024-11-20 11:06:43 +01:00
Jakub Zelenka	c595455300	Fix GHSA-h35g-vwh6-m678: Mysqlnd - various heap buffer over-reads This fixes issues causing buffer over-read that leak heap content: - RESP packet field default left over for COM_LIST - RESP packet upsert filename - OK packet message - RESP packet for stmt row data - ps_fetch_from_1_to_8_bytes - ps_fetch_float - ps_fetch_double - ps_fetch_time - ps_fetch_date - ps_fetch_datetime - ps_fetch_string - ps_fetch_bit - RESP packet for query row data (just possible overflow on 32bit) It also adds various protocol tests using a new fake server.	2024-11-20 11:06:26 +01:00
Niels Dossche	fba659abb9	Fix GHSA-g665-fm4p-vhff: OOB access in ldap_escape	2024-11-20 11:06:12 +01:00
Jakub Zelenka	d7fe40868e	Fix GHSA-c5f2-jwm7-mmq2: stream HTTP fulluri CRLF injection	2024-11-20 11:06:02 +01:00
Niels Dossche	7a25e7728d	Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the firebird quoter causing OOB writes	2024-11-20 11:05:55 +01:00
Niels Dossche	4a79a5a59a	Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the dblib quoter causing OOB writes	2024-11-20 11:05:48 +01:00
Dmitry Stogov	d1a9281814	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Use the immutable twin of temporary op_array (#16861)	2024-11-19 20:55:32 +03:00
Dmitry Stogov	ef5844a1ca	Use the immutable twin of temporary op_array (#16861 )	2024-11-19 20:55:15 +03:00
Patrick Allaert	65bd3dbd2c	Merge branch 'PHP-8.2' into PHP-8.3	2024-11-19 16:12:02 +01:00
Patrick Allaert	27a9965b97	Merge branch 'PHP-8.1' into PHP-8.2	2024-11-19 16:11:41 +01:00
Dmitry Stogov	c6c3d9fa5a	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Backport JIT fix: set valid EX(opline) before calling gc_possible_root() (#16858)	2024-11-19 18:04:15 +03:00
Dmitry Stogov	6167c64782	Backport JIT fix: set valid EX(opline) before calling gc_possible_root() (#16858 )	2024-11-19 18:03:54 +03:00
Niels Dossche	6a632a2d60	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Fix GH-16630: UAF in lexer with encoding translation and heredocs	2024-11-18 19:59:01 +01:00
Niels Dossche	fc1db70f10	Fix GH-16630: UAF in lexer with encoding translation and heredocs zend_save_lexical_state() can be nested multiple times, for example for the parser initialization and then in the heredoc lexing. The input should not be freed if we restore to the same filtered string. Closes GH-16716.	2024-11-18 19:58:02 +01:00
Jakub Zelenka	a001ad33f0	Update NEWS with security fixes info	2024-11-18 16:56:00 +01:00
Jakub Zelenka	32f905f1d6	Fix MySQLnd possible buffer over read in auth_protocol	2024-11-18 16:55:44 +01:00
Jakub Zelenka	1b6c3f7172	Merge branch 'PHP-8.2' into PHP-8.3	2024-11-18 16:48:50 +01:00
Jakub Zelenka	cae2582416	Run labeler only in php/php-src repository Closes GH-16844	2024-11-18 16:43:15 +01:00
Dmitry Stogov	5198bcc561	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Fixed test	2024-11-18 15:35:09 +03:00
Dmitry Stogov	71403558d3	Fixed test	2024-11-18 15:34:55 +03:00
Dmitry Stogov	5575703fb3	Merge branch 'PHP-8.2' into PHP-8.3 * PHP-8.2: Fix GH-16829: Segmentation fault with opcache.jit=tracing enabled on aarch64	2024-11-18 14:34:42 +03:00
Dmitry Stogov	79aaeeafe5	Fix GH-16829: Segmentation fault with opcache.jit=tracing enabled on aarch64	2024-11-18 14:27:08 +03:00
Niels Dossche	7dd336ae83	Fix GHSA-4w77-75f9-2c8w	2024-11-18 11:06:01 +01:00
Niels Dossche	81030c9bbb	Fix GHSA-r977-prxv-hc43 Move the bound check upwards. Since this doesn't generate output we can check the bound first.	2024-11-17 19:30:44 +01:00
Jakub Zelenka	2f5aa9f9d1	Fix GHSA-h35g-vwh6-m678: Mysqlnd - various heap buffer over-reads This fixes issues causing buffer over-read that leak heap content: - RESP packet field default left over for COM_LIST - RESP packet upsert filename - OK packet message - RESP packet for stmt row data - ps_fetch_from_1_to_8_bytes - ps_fetch_float - ps_fetch_double - ps_fetch_time - ps_fetch_date - ps_fetch_datetime - ps_fetch_string - ps_fetch_bit - RESP packet for query row data (just possible overflow on 32bit) It also adds various protocol tests using a new fake server.	2024-11-17 19:30:13 +01:00
Niels Dossche	f9ecf90070	Fix GHSA-g665-fm4p-vhff: OOB access in ldap_escape	2024-11-17 19:29:56 +01:00
Jakub Zelenka	426a6d4539	Fix GHSA-c5f2-jwm7-mmq2: stream HTTP fulluri CRLF injection	2024-11-17 19:29:45 +01:00
Niels Dossche	69c5f68fdc	Fix GHSA-5hqh-c84r-qjcv: Integer overflow in the firebird quoter causing OOB writes	2024-11-17 19:29:26 +01:00

1 2 3 4 5 ...

135201 Commits