mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-11-28 12:26:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
76,251 Commits 500 Branches 1,381 Tags 813 MiB
d21602c072
Commit Graph

7175 Commits

Author SHA1 Message Date
Anatol Belski
b22f33afe2 updated NEWS 2014-04-29 13:44:54 +02:00
Anatol Belski
2d625b5f81 Fixed bug #66431 Special Character via COM Interface (CP_UTF8) 2014-04-29 13:40:44 +02:00
Anatol Belski
46344b11b4 updated NEWS 2014-04-25 17:25:37 +02:00
Anatol Belski
c1aa9baf29 Fixed bug #67118 DateTime constructor crash with invalid data 2014-04-25 17:23:26 +02:00
Stanislav Malyshev
81098de41c update NEWS 2014-04-25 00:00:01 -07:00
Stanislav Malyshev
a328803803 Revert "Fixed bug #64604" 
This reverts commit b05c088a3a.
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo
 2014-04-24 23:50:45 -07:00
Anatol Belski
03fa5501a8 Fixed bug #66307 Fileinfo crashes with powerpoint files 2014-04-24 19:30:34 +02:00
Stanislav Malyshev
dafb2af705 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives.

Conflicts:
	ext/phar/phar_path_check.c
 2014-04-20 17:22:21 -07:00
Danack
ea4cee93c8 Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives. 2014-04-20 17:19:20 -07:00
Stanislav Malyshev
6bad228b4e Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix #66908: php-fpm reload leaks epoll_create() file descriptor
 2014-04-20 16:23:43 -07:00
Julio Pintos
49341e992a Fix #66908: php-fpm reload leaks epoll_create() file descriptor 
This patch fixes descriptor leak which could lead to DoS once Max open files is reached
 2014-04-20 16:21:49 -07:00
Stanislav Malyshev
5addf223d5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #65701: Do not use cache for file file copy
 2014-04-20 15:25:03 -07:00
Boro Sitnikovski
a18cec1b86 Fix bug #65701: Do not use cache for file file copy 2014-04-20 15:22:44 -07:00
Anatol Belski
de6f297e7c updated NEWS 2014-04-17 11:06:55 +02:00
Anatol Belski
5328d42899 Fixed bug #67072 Echoing unserialized "SplFileObject" crash 
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.

This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
 2014-04-17 10:48:14 +02:00
Anatol Belski
228a3537d3 updated NEWS 2014-04-16 14:15:26 +02:00
Anatol Belski
5224614f23 Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset 2014-04-16 14:13:45 +02:00
Anatol Belski
9eb726b3ab Fixed bug #67079 Missing MIME types for XML/XSL files 2014-04-16 09:47:49 +02:00
Stanislav Malyshev
1d34d82231 5.4.29 is next 2014-04-15 16:51:38 -07:00
Julien Pauli
b8d029435d 5.5.12RC1 setup 2014-04-15 17:57:27 +02:00
Stanislav Malyshev
8bc82718ae Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix #66942: openssl_seal() memory leak
  ws fix

Conflicts:
	ext/openssl/openssl.c
 2014-04-14 13:35:24 -07:00
Chuan Ma
a186312832 Fix #66942: openssl_seal() memory leak 
Fix #66952: memory leak in openssl_open()
 2014-04-14 13:24:14 -07:00
Stanislav Malyshev
ad1b9eef98 Fix null byte in LDAP bindings 2014-04-14 10:44:53 -07:00
Stanislav Malyshev
40a9316dff Fix bug #66171: better handling of symlinks 2014-04-14 10:44:53 -07:00
Stanislav Malyshev
b80243aece fix NEWS 2014-04-13 20:16:27 -07:00
Stanislav Malyshev
9bba219c75 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix #66021 (Blank line inside empty array/object)
 2014-04-13 18:55:28 -07:00
Stanislav Malyshev
30ec1c0051 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #64604
 2014-04-13 18:38:36 -07:00
Ingo Walz
b05c088a3a Fixed bug #64604 2014-04-13 18:37:40 -07:00
Stanislav Malyshev
f1206aef70 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix #66562: Consistency bug where curl_multi_getcontent behaves different from curl_exec
 2014-04-13 18:13:09 -07:00
Freek
5558d0db9b Fix #66562: Consistency bug where curl_multi_getcontent behaves different from curl_exec 
curl_exec returns an empty string when data is received from a domain that returns zero content. curl_multi_getcontent
returned null. Now it returns an empty string fixing the incosistency
 2014-04-13 18:12:17 -07:00
Stanislav Malyshev
5811610d71 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #66482, replace wrong item name 'priority' with 'process.priority' in php-fpm.conf
 2014-04-13 17:31:44 -07:00
itxx00
636adf251c Fix bug #66482, replace wrong item name 'priority' with 'process.priority' in php-fpm.conf 2014-04-13 17:30:50 -07:00
Stanislav Malyshev
733b09442d Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #66721
 2014-04-13 15:55:07 -07:00
Boro Sitnikovski
8c88b6e81c Fix bug #66721 
Add NULL check to php_date_parse_tzfile's retval
 2014-04-13 15:51:55 -07:00
Stanislav Malyshev
c5275b4a92 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix apr_psprintf format string from e0df4e3dba
 2014-04-13 15:37:55 -07:00
Jeff Trawick
442264ffd6 fix apr_psprintf format string from e0df4e3dba 2014-04-13 15:36:43 -07:00
Stanislav Malyshev
fe72caa6e5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #67024 - getimagesize should recognize BMP files with negative height
 2014-04-13 15:23:32 -07:00
Gabor Buella
1010200da5 Fixed bug #67024 - getimagesize should recognize BMP files with negative height 2014-04-13 15:17:04 -07:00
Bob Weinand
bf3edbada6 Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 23:03:53 +02:00
Bob Weinand
beda5093b4 Reverted to 5a0da281e5 
Discussion: http://news.php.net/php.cvs/76836
 2014-04-13 23:01:31 +02:00
Bob Weinand
191d9fc227 Merge branch 'PHP-5.4' into PHP-5.5 2014-04-13 19:37:06 +02:00
Bob Weinand
2f3056fecc Updated NEWS 2014-04-13 19:32:51 +02:00
Anatol Belski
e08172e0d5 Fixed bug #66967 Updated the bundled libsqlite to 3.8.4.3 2014-04-11 11:00:10 +02:00
Ferenc Kovacs
49d46ad29e fix typo 2014-04-10 07:05:55 +02:00
Ferenc Kovacs
9540ced221 fix typo 2014-04-10 07:05:07 +02:00
Etienne Kneuss
a95a6e93ee Updated NEWS 2014-04-09 11:35:54 +02:00
Tjerk Meesters
032921d80c Fixed bug 67043 2014-04-09 07:33:55 +08:00
Anatol Belski
a3d6f28312 updated NEWS 2014-04-05 09:48:20 +02:00
Anatol Belski
a0beddf5e9 Fixed bug #66084 simplexml_load_string() mangles empty node name 2014-04-05 09:46:24 +02:00
Stanislav Malyshev
7e5de3a1ce cleanup NEWS 2014-04-03 15:54:00 -07:00
Michael Wallner
60ef357ffc NEWS 2014-04-03 10:40:42 +02:00
Michael Wallner
d08b4dbf23 Fix Bug #66736 fpassthru broken 2014-04-03 10:40:06 +02:00
Michael Wallner
f17fe2cabc NEWS 2014-04-03 09:09:15 +02:00
Michael Wallner
7ab5c593f7 Fix bug #66182 exit in stream filter produces segfault 
Unfortunately, a segv caused by exit cannot be tested reliably.
 2014-04-03 09:07:35 +02:00
Michael Wallner
9eb0c634d4 NEWS 2014-04-02 15:38:22 +02:00
Michael Wallner
1ec83d44a1 Fixed bug #61019 (Out of memory on command stream_get_contents) 2014-04-02 15:36:39 +02:00
Michael Wallner
68556f3384 NEWS 2014-04-02 11:13:21 +02:00
Michael Wallner
91a9d24aa3 Fix bug #64330 
stream_socket_server() creates wrong Abstract Namespace UNIX sockets
 2014-04-02 11:09:26 +02:00
Anatol Belski
8e238148f9 updated NEWS 2014-04-01 10:12:56 +02:00
Anatol Belski
f244513fc0 updated NEWS 2014-04-01 10:11:40 +02:00
Remi Collet
60fb57d4f6 NEWS 2014-03-31 16:57:29 +02:00
Remi Collet
fca331cae9 NEWS 2014-03-31 16:57:02 +02:00
Remi Collet
8b7b67a21b NEWS 2014-03-25 11:01:56 +01:00
Remi Collet
3616db6d38 NEWS 2014-03-25 11:00:47 +01:00
Anatol Belski
8558640a6a updated NEWS 2014-03-24 10:29:39 +01:00
Anatol Belski
5efda763be updated NEWS 2014-03-24 10:28:21 +01:00
Andrey Hristov
44fb74fad1 fix typo 2014-03-19 18:54:56 +02:00
Andrey Hristov
d63ed101ee Fix problem with mysqli_commt()/mysqli_rollback() 2014-03-19 18:32:19 +02:00
Julien Pauli
c4145619be 5.5.11RC1 preparation 2014-03-19 10:43:32 +01:00
Stanislav Malyshev
9b88bc494e prep for 5.4.27 rc1 2014-03-18 23:19:09 -07:00
Stanislav Malyshev
66bf216c66 Fix bug #66873: check if obj->src is set 2014-03-17 01:19:02 -07:00
Remi Collet
80fa2ff646 NEWS 2014-03-14 09:52:37 +01:00
Remi Collet
87a87c6682 NEWS 2014-03-14 09:51:53 +01:00
David Zülke
db6c33875c Fix 5.5.10 NEWS 
The FPM change didn't make it into 5.5.10 but will instead be in 5.5.11; http://php.net/Changelog-5.php, the release and the NEWS file in the release accurately reflect this, but the 5.5 branch NEWS doesn't (as the release was made and tagged from the last RC, which didn't contain that change yet).
 2014-03-13 16:51:44 +01:00
Remi Collet
495d5335f9 NEWS 2014-03-12 17:13:24 +01:00
Nikita Popov
06bbb657ad Fix hash_pbkdf2() with missing $length argument 
Also change the type of some string length variables to ensure
that the zpp call works correctly on platforms where sizeof(int)
!= sizeof(long).
 2014-03-12 14:16:18 +01:00
Remi Collet
68f318a422 typo in NEWS 2014-03-12 14:08:02 +01:00
Remi Collet
119821a452 NEWS 2014-03-12 13:46:29 +01:00
Adam Harvey
f8252aa537 Fix compile error with theoretically supported versions of libcurl < 7.12.3. 2014-03-11 11:04:26 -07:00
Anatol Belski
73b3f58bcd updated libsqlite to 3.8.3.1 in 5.5 branch, too 2014-03-10 17:49:35 +01:00
Pierre Joye
cf7e73cf26 update NEWS 2014-03-10 12:12:46 +01:00
Pierre Joye
28fa31d6e5 fix #66872, invalid argument crashes gmp_testbit 2014-03-10 12:07:58 +01:00
Pierre Joye
1fdca8208f update news 2014-03-09 21:13:15 +01:00
Tjerk Meesters
091b7f841b Updated NEWS for #65545 2014-03-07 18:51:16 +08:00
Remi Collet
70dd3f1731 Fix order in NEWS 2014-03-06 10:55:10 +01:00
Remi Collet
9acdf71194 Add CVE ref (not known at release time) 2014-03-06 10:54:18 +01:00
Remi Collet
cab1894b81 Fix NEWS for 5.5.11 fix (really not in 5.5.10) 2014-03-06 10:53:07 +01:00
Julien Pauli
b31a9cd4da 5.5.10 release date for NEWS 2014-03-06 10:18:10 +01:00
Remi Collet
515c103a08 NEWS 2014-03-05 10:43:45 +01:00
Remi Collet
014b95a0a7 NEWS 2014-03-04 20:36:31 +01:00
Remi Collet
c2a9f73c99 NEWS 2014-03-04 20:35:56 +01:00
Tjerk Meesters
c34f26a938 Fixed news for #60602 2014-03-03 05:57:36 +08:00
Tjerk Meesters
1533f98afd Updated news for #60602 2014-03-03 05:54:09 +08:00
Derick Rethans
3eb8102348 Fixed NEWS. 2014-03-02 13:27:35 -05:00
Tjerk Meesters
c9680697ec Updated news for #66535 and #66109 2014-03-01 12:27:22 +08:00
Tjerk Meesters
362b70a32c Updated NEWS for #66535 2014-03-01 08:47:32 +08:00
Remi Collet
cb0e6124d4 NEWS 2014-02-27 08:49:56 +01:00
Remi Collet
33d372a45f NEWS 2014-02-27 08:49:08 +01:00
Ferenc Kovacs
38797e598b add missing NEWS entry 2014-02-27 01:18:11 +01:00
Antony Dovgal
e1b1ef0d79 add news entry 2014-02-25 12:15:35 +04:00
Antony Dovgal
4d9c556b5d add news entry 2014-02-25 12:14:50 +04:00
Dmitry Stogov
851f362882 Added information about interned strings usage 2014-02-21 12:43:42 +04:00
Dmitry Stogov
884bbcd537 Added function opcache_is_script_cached(). (Danack) 2014-02-21 11:59:14 +04:00
Stanislav Malyshev
ee4b3892f8 update news with CVE 2014-02-18 08:36:51 -08:00
Julien Pauli
be354936b7 5.5.11 next for NEWS 2014-02-18 16:40:19 +01:00
Remi Collet
a6ad3a558a NEWS 2014-02-18 13:57:28 +01:00
Remi Collet
9f449df1e4 NEWS 2014-02-18 13:56:58 +01:00
Stanislav Malyshev
c612440e0f 5.4.27 now 2014-02-17 21:19:25 -08:00
Stanislav Malyshev
b79d2285df update NEWS 2014-02-17 21:16:48 -08:00
Julien Pauli
66f76ec1f9 Updated NEWS for #65753 2014-02-17 11:13:38 +01:00
Julien Pauli
b04159eed4 Updated NEWS for #65753 2014-02-17 11:05:34 +01:00
Yasuo Ohgaki
f7f524aada Update NEWS 2014-02-16 10:47:13 +09:00
Yasuo Ohgaki
f275fdcf00 Fixed possbile injections against pg_insert()/pg_delete()/pg_update()/pg_select() 2014-02-16 10:45:15 +09:00
Yasuo Ohgaki
fbb1827da8 Update NEWS 2014-02-15 19:21:54 +09:00
Yasuo Ohgaki
7ce88b2d8a Update NEWS 2014-02-15 19:20:34 +09:00
Daniel Lowrey
cf0741fd5b Update NEWS 2014-02-14 21:42:36 -07:00
Daniel Lowrey
5cc851e83e Update NEWS 2014-02-14 21:41:18 -07:00
Derick Rethans
39e721cf50 Fixed ZTS and added fix to NEWS. 2014-02-11 11:27:01 +00:00
Hannes Magnusson
1e0fdf0256 Fix year 2014-02-05 10:15:11 -08:00
Julien Pauli
2c34d81e7d 5.5.9 now released 2014-02-06 15:16:16 +01:00
Anatol Belski
918f626d97 move the NEWS entry into the right section 2014-02-05 10:51:08 +01:00
Anatol Belski
465d5db693 updated NEWS 2014-02-04 10:38:17 +01:00
Remi Collet
da84f3af75 Fixed Request #66574 Allow multiple paths in php_ini_scanned_path 
php_ini_scanned_path, from --with-config-file-scan-dir option or
from PHP_INI_SCAN_DIR environment variable allow a single path.

In some case it could be useful to allow multiple.

In the proposed patch, multiple paths are allow, using syntax inspired
from Unix MANPATH (: separated list, empty string for builtin value).

For example, this allow to use:
PHP_INI_SCAN_DIR=/foo/php.d:/bar/php.d   php
PHP_INI_SCAN_DIR=:/myproject/php.d       php
PHP_INI_SCAN_DIR=/myproject/php.d:       php

Real use case: in SCL for dependent collections where each collection
provides a separate tree for extensions, libraries and ini files.
 2014-01-29 09:53:22 +01:00
Stanislav Malyshev
6fca805b3b Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Implement ldap_modify_batch.

Conflicts:
	ext/ldap/ldap.c
 2014-01-25 22:04:28 -08:00
Stanislav Malyshev
0742de587a Merge branch 'pull-request/571' into PHP-5.4 
* pull-request/571:
  Implement ldap_modify_batch.
 2014-01-25 21:59:57 -08:00
Julien Pauli
706d67787a 5.5.10 next 2014-01-22 18:28:09 +01:00
Stanislav Malyshev
093ff4b624 fix CVE ref for bug #66060 2014-01-21 13:27:18 -08:00
Stanislav Malyshev
1bc16fbfcd fix CVE ref for bug #66060 2014-01-21 13:26:56 -08:00
Stanislav Malyshev
ac6bd1e346 5.4.26 next 2014-01-21 12:13:42 -08:00
Stanislav Malyshev
2de24f182c fix news 2014-01-21 12:11:59 -08:00
Johannes Schlüter
5c964fb332 fix NEWS formatting 2014-01-21 16:35:51 +01:00
Johannes Schlüter
2311ba7d3f Fix bug #66283 (Segmentation fault after memory_limit) 
There are situations where mysqlnd dupliates zvals while freeing result
sets. If the memory_limit is reached during this operation the engine
will bailout. This patch makes sure that a later attempt (during
RSHIUTDOWN) won't cause a double free, instead we rely on the engine to
free emalloc()ed memory after bailout.
 2014-01-21 16:28:30 +01:00
Will Fitch
a3837d88aa Updating NEWS with PDO change 2014-01-20 12:19:42 -05:00
Remi Collet
31d67bd353 Fixed Bug #66412 readline_clear_history() with libedit causes segfault after #65714 
Checking all libedit functions, this check is done in each functions (add_history,
read_history, write_history, ...) but is missing in clear_history.

Test coverage: readline_clear_history_001.phpt
 2014-01-20 08:38:53 +01:00
Will Fitch
b2606f669a Update NEWS for bug fix #62479 2014-01-19 13:12:06 -05:00
Will Fitch
767e6d2e08 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #66509: copy() arginfo incorrect since 5.4

Conflicts:
	NEWS
 2014-01-18 11:39:32 -05:00
Will Fitch
5b906ce6eb Fix bug #66509: copy() arginfo incorrect since 5.4 
Since 5.4, the ZEND_BEGIN_ARG_INFO_EX was replaced
by non _EX, causing Reflection to assume the
$context parameter is required.
 2014-01-18 11:25:53 -05:00
Yasuo Ohgaki
b070f1080b Update NEWS 2014-01-17 12:34:23 +09:00
Xinchen Hui
b777248ded Re-fixed Bug #66481 (Calls to session_name() segfault when session.name is null) 2014-01-16 14:41:12 +08:00
Xinchen Hui
57cf8eaccd Revert "Update NEWS" 
This reverts commit 8f5de8ddcf.
 2014-01-16 14:38:22 +08:00
Yasuo Ohgaki
ffcff225fd Update NEWS 2014-01-16 11:41:30 +09:00
Yasuo Ohgaki
8f5de8ddcf Update NEWS 2014-01-16 11:40:33 +09:00
Yasuo Ohgaki
f52c251f60 Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1 2014-01-15 11:06:06 +09:00
Dmitry Stogov
ce2f024e9f Fixed bug #66461 (PHP crashes if opcache.interned_strings_buffer=0) 2014-01-13 18:05:21 +04:00
Dmitry Stogov
fcd75690fe Fixed bug #66474 (Optimizer bug in constant string to boolean conversion) 2014-01-13 12:06:19 +04:00
Julien Pauli
277895717c 5.5.9-dev now 2014-01-10 10:01:30 +01:00
Anatol Belski
aaec199050 updated NEWS 2014-01-04 01:41:02 +01:00
Nikita Popov
7e8e21df0c Fix bug #66286: Incorrect object comparison with inheritance 
std_compare_objects immidiately returned 0 if the property tables
of both objects contain NULL at some index. Thus it would report
objects as equal even though properties following after that
differ.
 2014-01-04 01:22:14 +01:00
Anatol Belski
8a5ac85fa6 updated NEWS 2014-01-03 22:42:38 +01:00
Anatol Belski
46f60fae22 Fixed bug #66395 basename function doesn't remove drive letter 2014-01-03 22:25:58 +01:00
Felipe Pena
9eb7997852 - BFN 2014-01-01 22:33:12 -02:00
Xinchen Hui
04c8ce259f Fixed bug #66298 (ext/opcache/Optimizer/zend_optimizer.c has dos-style ^M as lineend) 
Use git blame -w to ingore the space changes
 2013-12-30 10:50:46 +08:00
Remi Collet
8f4a5373bb Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()) 
Initial fix was PHP stuff
This one is libgd fix.

- filter invalid crop size
- dont try to copy on invalid position
- fix crop size when out of src image
- fix possible NULL deref
- fix possible integer overfloow
 2013-12-28 14:22:13 +01:00
Xinchen Hui
2938329ce1 Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()) 
And also fixed the bug: arguments are altered after some calls
 2013-12-27 14:04:59 +08:00
Dmitry Stogov
6414fe283e Fixed ZEND_MM_MEM_TYPE=mmap_zero 2013-12-26 11:51:32 +04:00
Stanislav Malyshev
8e5048f9fb 5.4.25 next 2013-12-24 22:22:04 -08:00
Dmitry Stogov
0dcaf0f445 Fixed Issue #140: "opcache.enable_file_override" doesn't respect "opcache.revalidate_freq" 2013-12-23 12:46:30 +04:00
krakjoe
247ec0d81f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  stop warnings from unused opcode map
  - BFN
 2013-12-22 13:07:41 +00:00
Felipe Pena
c14388d63f - BFN 2013-12-22 09:43:53 -02:00
Boris Lytochkin
a7c50ccc67 keep 'em sorted 2013-12-20 00:51:59 +04:00
Boris Lytochkin
324eb07440 Fixed SNMP_ERR_TOOBIG handling for bulk walk operations. (Boris Lytochkin) 2013-12-20 00:37:29 +04:00
Boris Lytochkin
bb51d0e4c0 Fixed SNMP_ERR_TOOBIG handling for bulk walk operations 2013-12-20 00:25:16 +04:00
Remi Collet
eda1cec694 NEWS 2013-12-19 10:56:07 +01:00
Remi Collet
20eb8e4d11 Fixed Bug #66321 (ZipArchive::open() ze_obj->filename_len not real) 2013-12-19 10:53:38 +01:00
Dmitry Stogov
16e95d9137 Fixed reavlidate_path=1 behavior to avoid caching of symlinks values. 2013-12-18 19:19:53 +04:00
Stanislav Malyshev
57408f9c85 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #65873 - Integer overflow in exif_read_data()
 2013-12-16 11:36:33 -08:00
Stanislav Malyshev
cbcf6e1880 Fix bug #65873 - Integer overflow in exif_read_data() 2013-12-16 11:34:24 -08:00
Xinchen Hui
54213b462d Disallowed JMP into a finally block. 2013-12-13 01:44:54 +08:00
Julien Pauli
3248b3c4d8 Update NEWS for 5.5.7 release 2013-12-12 17:16:13 +01:00
Anatol Belski
da62fd5ed8 Fixed bug #65486 mysqli_poll() is broken on Win x64 
While this issue is visible in mysqli_poll() functions, the cause
lays deeper in the stream to socket casting API. On Win x64 the
SOCKET datatype is a 64 or 32 bit unsigned, while on Linux/Unix-like
it's 32 bit signed integer. The game of casting 32 bit var to/from
64 bit pointer back and forth is the best way to break it.

Further more, while socket and file descriptors are always integers
on Linux, those are different things using different APIs on Windows.
Even though using integer instead of SOCKET might work on Windows, this
issue might need to be revamped more carefully later. By this time
this patch is tested well with phpt and apps and shows no regressions,
neither in mysqli_poll() nor in any other parts.
 2013-12-12 10:17:01 +01:00
Adam Harvey
d7a45a67be Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Switch to using freetype-config for freetype detection.
 2013-12-07 19:41:23 -08:00
Remi Collet
bc8f7761f3 NEWS 2013-12-10 16:10:02 +01:00
Dmitry Stogov
552e8b2b4c Fixed bug #66112 (Use after free condition in SOAP extension). (martin dot koegler at brz dot gv dot at) 2013-12-10 17:57:05 +04:00
Stanislav Malyshev
744f35d2ab Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Replace invalid code with a proper #error
 2013-12-08 15:52:56 -08:00
Lior Kaplan
c062c18d42 Replace invalid code with a proper #error 
This code creates a nasty error as mentioned in bugs #31131, #37062
Patch taken from Debian's PHP package: 044-strtod_arm_fix
 2013-12-08 15:49:22 -08:00
Adam Harvey
a0955f351c Switch to using freetype-config for freetype detection. 
This fixes GD compilation against libfreetype 2.5.1 and later after they made
the rather interesting decision to change their include directory layout in a
point release.

The original suggestion in the bug was to use pkg-config, but my inclination is
to use freetype-config instead: we should be able to get the same configuration
information without actually needing pkg-config installed, since pkg-config is
by no means guaranteed to exist on many Unices and distros, whereas
freetype-config should always be present if a libfreetype build environment is
installed. Let's try it out and see what happens.

Fixes bug #64405 (Use freetype-config for determining freetype2 dir(s)).
 2013-12-07 19:39:40 -08:00
Stanislav Malyshev
71daf3229b Merge branch 'PHP-5.3' into PHP-5.4 
* PHP-5.3:
  5.3.29-dev
  Fix CVE-2013-6420 - memory corruption in openssl_x509_parse

Conflicts:
	configure.in
	main/php_version.h
 2013-12-10 11:34:35 -08:00
Stanislav Malyshev
8650bbc8dc 5.3.29-dev 2013-12-10 11:32:11 -08:00
Stanislav Malyshev
c1224573c7 Fix CVE-2013-6420 - memory corruption in openssl_x509_parse 2013-12-10 11:03:49 -08:00
Michael Wallner
51f01a43a7 BFN 2013-12-06 10:39:02 +01:00
Michael Wallner
b5f5bff965 Fixed bug #61645 (fopen and O_NONBLOCK) 
if a mode like "rn" was passed to fopen(), then
php_stream_parse_fopen_modes() would assign O_WRONLY to
flags, because O_NONBLOCK tainted flags for the r/w/+ check
 2013-12-06 10:29:24 +01:00
Adam Harvey
6f52f566f3 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Remove 128.0.0.0/16 and 191.255.0.0/16 from the reserved list.
 2013-12-03 14:51:03 -08:00
Adam Harvey
d1314893fd Remove 128.0.0.0/16 and 191.255.0.0/16 from the reserved list. 
These were returned to the general allocation pool by RFC 3330, and hence
shouldn't cause an IP address validation failure due to being reserved. At
least 128.0.0.0/16 is in use on the public Internet today.

Fixes bug #66229 (128.0.0.0/16 isn't reserved any longer).
 2013-12-03 14:46:15 -08:00
Michael Wallner
ffbb56685f BFN 2013-12-02 17:02:01 +01:00
Michael Wallner
22fa3fbc5f Fix bug #65196 
Passing DOMDocumentFragment to DOMDocument::saveHTML()
produces invalid markup, because a DocumentFragment is just a container
for child nodes and not a real node itself.
 2013-12-02 17:00:13 +01:00
Michael Wallner
6eae927413 BFN 2013-12-02 12:14:26 +01:00
Michael Wallner
6408a1a59e fix bug #49634x 2013-12-02 12:10:00 +01:00
Nikita Popov
02dca18b90 Fix bug #65764 
I'm not exactly sure whether this is the right way to fix it. The
question is whether Generator::throw() on a newborn generator (i.e.
a generator that is not yet at yield expression) should first advance to
the first yield and throw the exception there or whether it should
instead throw the exception in the caller's context.

The old behavior was to throw it at the start of the function (i.e.
the very first opcode), which causes issues like the one in #65764.
Effectively it's impossible to properly handle the exceptions in this
case.

For now I choose the variant where the generator advances to the
first yield before throwing, as that's consistent with how all other
methods on the Generator object currently behave. This does not
necessarily match the behavior in other languages, e.g. Python would throw
the exception in the caller's context. But then our send() method already
has this kind of deviation, so it stays internally consistent at least.
 2013-12-01 13:37:56 +01:00
Felipe Pena
af60886962 - BFN 2013-11-30 12:05:51 -02:00
Nikita Popov
9589cae8cb Fixed bug #66041: list() fails to unpack yielded ArrayAccess object 
Yield return values now use IS_VAR rather than IS_TMP_VAR. This
fixes the issue with list() and should also be faster as it avoids
doing a zval copy.
 2013-11-30 13:08:31 +01:00
nikita2206
5f09944662 Fixed bug #65768: DateTimeImmutable::diff does not work 
This commit also prevents user classes from directly implementing
DateTimeInterface, because ext/date relies on classes implementing
it to support certain internal structures.
 2013-11-29 23:31:07 +01:00
Dmitry Stogov
967abd6153 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Added validation of class names in the autoload process
 2013-11-29 12:54:22 +04:00
Dmitry Stogov
2d31eadbbf Added validation of class names in the autoload process 2013-11-29 12:53:02 +04:00
Derick Rethans
d22cc5c816 Fixed bug #65199 (Wrong Day of Week) and fixed bug #63391 (Incorrect/inconsistent day of week prior to the year 1600) 2013-11-28 16:32:11 +00:00
Dmitry Stogov
504c60dc44 Merge branch 'PHP-5.4' of git.php.net:php-src into PHP-5.4 
* 'PHP-5.4' of git.php.net:php-src:
  Fixed bug #66060 (Heap buffer over-read in DateInterval)
 2013-11-27 14:58:54 +04:00
Dmitry Stogov
65803c8fac Merge branch 'PHP-5.5' of git.php.net:php-src into PHP-5.5 
* 'PHP-5.5' of git.php.net:php-src:
  NEWS
  Fixed bug #66060 (Heap buffer over-read in DateInterval)
 2013-11-27 14:58:35 +04:00
Dmitry Stogov
92b76680e9 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed bug #65969 (Chain assignment with T_LIST failure)

Conflicts:
	NEWS
	Zend/zend_vm_def.h
	Zend/zend_vm_execute.h
 2013-11-27 14:39:40 +04:00
Dmitry Stogov
16d59aa171 Fixed bug #65969 (Chain assignment with T_LIST failure) 2013-11-27 14:26:34 +04:00
Remi Collet
0dfdb1a491 NEWS 2013-11-27 11:15:34 +01:00
Remi Collet
12fe4e90be Fixed bug #66060 (Heap buffer over-read in DateInterval) 2013-11-27 11:13:16 +01:00
Julien Pauli
e9c6a1cfd2 5.5.8-dev now 2013-11-27 09:34:40 +01:00
Stanislav Malyshev
63f3ff7b5f 5.4.24-dev now 2013-11-27 00:13:45 -08:00
Andrey Hristov
74ba88e186 Fix for Bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES after failed query) 2013-11-26 19:01:49 +02:00
Dmitry Stogov
d85ac7fb3f Fixed bug #66176 (Invalid constant substitution) 2013-11-26 17:47:02 +04:00
Dmitry Stogov
a8c7e50f4d Fixed bug #65559 (Opcache: cache not cleared if changes occur while running) 2013-11-26 11:34:41 +04:00
Andrey Hristov
1b0e6067d5 bring the news 2013-11-25 21:31:51 +02:00
Dmitry Stogov
27dc82d0ec Fixed bug #65915 (Inconsistent results with require return value) 2013-11-25 14:07:24 +04:00
Andrea Faulds
e3528f086a Updated NEWS 2013-11-18 21:23:45 +00:00
Xinchen Hui
5e9268f469 Update NEWS 2013-11-17 17:06:27 +08:00
Xinchen Hui
823e330c75 Fixed Bug #66094 (unregister_tick_function tries to cast a Closure to a string) 2013-11-17 17:04:37 +08:00
Christopher Jones
d0cd112702 This is CLI web server change. Added some common MIME types to the 
existing lookup list, pending a more thorough lookup solution, if
anyone wants to do that.  Ref http://news.php.net/php.internals/69990

A router can be used to add to, or override, the MIME type lookups,
see http://php.net/manual/en/features.commandline.webserver.php
 2013-11-15 12:36:25 -08:00
Remi Collet
cd6eda5e5f NEWS 2013-11-15 09:52:48 +01:00
Adam Harvey
d7441f6695 Move the JSON bugfix into the 5.5.6 changelog. 2013-11-14 10:52:07 -08:00
Julien Pauli
1984919ddc 5.5.7 now 2013-11-12 18:20:09 +01:00
Adam Harvey
304bff90f4 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Update NEWS and remove the unnecessary UPGRADING note.
  UPGRADING and NEWS
  Better test: Check combined leading/trailing
  Fixed whitespace part of bug #64874 ("json_decode handles whitespace and case-sensitivity incorrectly")
 2013-11-10 16:11:28 -05:00
Adam Harvey
c9cfd98bcd Update NEWS and remove the unnecessary UPGRADING note. 2013-11-10 15:46:31 -05:00
Dmitry Stogov
915c428ba1 Fixed issue #115 (path issue when using phar). 
Fixed issue #149 (Phar mount points not working with OPcache enabled).
 2013-11-08 16:35:05 +04:00
Xinchen Hui
717268cb1e Update NEWS 2013-11-08 15:33:49 +08:00
Xinchen Hui
cf2626f10c Fixed bug #65947 (basename is no more working after fgetcsv in certain situation) 
previous codes: "#define php_mblen(ptr, len) ((ptr) == NULL ? mbsinit(&BG(mblen_state)):
(int)mbrlen(ptr, len, &BG(mblen_state)))#

it use mbsinit there, seems try to initialize the mblen_state, but:
"This function does not change the state identified by ps. Typical ways
to make the state pointed by ps an initial state are:

memset (ps,0,sizeof(*ps));  // ps points to zero-valued object
"
http://www.cplusplus.com/reference/cwchar/mbsinit/?kw=mbsinit
 2013-11-08 15:32:28 +08:00
Xinchen Hui
f345152037 Update NEWS 2013-11-08 15:08:07 +08:00
Xinchen Hui
fd3fa9b53c Fixed Bug #66043 (Segfault calling bind_param() on mysqli) 
Although the doc said it is (unsigned int *), but it is ulong* in the
libmysql 5.0 's source codes
 2013-11-08 15:06:36 +08:00
Rasmus Lerdorf
caab95155d NEWS entry 2013-11-07 18:16:12 -08:00
Rasmus Lerdorf
224dc52ea9 NEWS entry 2013-11-07 18:15:15 -08:00
Xinchen Hui
9d75b9fb27 Revert "Fixed issue #115 (path issue when using phar)." 
We need another better way to fix this

This reverts commit 098855433d.

Conflicts:
	ext/opcache/ZendAccelerator.c
 2013-11-06 16:53:45 +08:00
Xinchen Hui
906d3ae0ed Update NEWS 2013-11-05 11:08:55 +08:00
Xinchen Hui
e3d9e18e7b Fixed Bug #66034 (Segmentation Fault when constructor of PDO statement throws an exception) 
I know zend_call_function will initilize retval_ptr_ptr, but still set
it to NULL explict is more readable
 2013-11-05 11:04:55 +08:00
Antony Dovgal
7cd5ae6fab add news entry about FPM backlog change 
and move the other entry to its proper place
 2013-10-31 15:04:33 +04:00
Stanislav Malyshev
4ded6ee971 5.4.23-dev 2013-10-29 18:11:02 -07:00
Yasuo Ohgaki
4c45e95cfe Update NEWS 2013-10-29 17:29:53 +09:00
Yasuo Ohgaki
16a9fec889 Update NEWS 2013-10-29 17:27:49 +09:00
Dmitry Stogov
eb22041ffe Increased limit for opcache.max_accelerated_files to 1,000,000. (Chris) 2013-10-28 14:19:40 +04:00
Dmitry Stogov
1dcca1fdb9 Merge branch 'PHP-5.5' of git.php.net:php-src into PHP-5.5 
* 'PHP-5.5' of git.php.net:php-src:
  increase backlog to the highest value everywhere
  Update NEWS
  Fixed bug #65950 Field name truncation if the field name is bigger than 32 characters

Conflicts:
	NEWS
 2013-10-28 13:50:04 +04:00
Dmitry Stogov
5c0890ba8a Improved performance of array_merge() by eliminating useless copying 2013-10-28 13:31:44 +04:00
Dmitry Stogov
91b8a6752e Improved performance of func_get_args() by eliminating useless copying 2013-10-28 13:17:55 +04:00
Yasuo Ohgaki
66fe7fabad Update NEWS 2013-10-26 10:42:55 +09:00
Yasuo Ohgaki
e50eb1ce34 Fixed bug #65950 Field name truncation if the field name is bigger than 32 characters 2013-10-26 10:31:21 +09:00
Christopher Jones
b6ceea4a25 Fixed bug #65939 (Space before ";" breaks php.ini parsing). (brainstorm at nopcode dot org) 2013-10-21 14:20:35 -07:00
Michael Wallner
5cc797d119 exif NEWS 2013-10-21 22:44:37 +02:00
Antony Dovgal
b636c03426 fix bug #65936 (dangling context pointer causes crash) 
reported by Leon Sorokin
 2013-10-21 15:09:29 +04:00
Xinchen Hui
098855433d Fixed issue #115 (path issue when using phar). 2013-10-21 17:40:39 +08:00
Stanislav Malyshev
27ebcb8d0e 5.4.21 release date 2013-10-20 23:04:16 -07:00
Nikita Popov
865f221627 Merge branch 'PHP-5.4' into PHP-5.5 2013-10-16 18:37:49 +02:00
bwoebi
4c0bb6d76e Fixed bug #65911 ($this not usable as static property) 
In context of static accesses like classname::$this, the string
"$this" should not be handled like a $this variable, but as an
identifier for a static variable.
 2013-10-16 18:33:14 +02:00
Julien Pauli
aa76f779ef 5.5.6 now 2013-10-15 16:11:11 +02:00
Dmitry Stogov
ef8cf76815 Fixed bug #65845 (Error when Zend Opcache Optimizer is fully enabled). 2013-10-10 15:32:30 +04:00
Michael Wallner
e3c7b48709 consolidate NEWS with 5.4 2013-10-09 08:16:00 +02:00
Michael Wallner
f32d2ac3aa fix bug #51076 (race condition in shtool's mkdir -p) 2013-10-08 08:37:08 +02:00
Felipe Pena
248afd1c3c - BFN 2013-10-05 12:52:32 -03:00
Philip Hofstetter
96cc419924 Fix bug #65667: ftp_nb_continue produces segfault 
the idea behind ftp_nb_get is for it to be followed by multiple calls
to ftp_nb_continue in order to download a file piece-by-piece.

As such, it's unwise to close the stream used to write the downloaded
data to when the file hasn't been completely downloaded within the first
call to ftp_nb_get.

This regression was added in a93a462dce
and this patch restores the behavior that was seen pre-patch.
 2013-10-04 17:25:46 +02:00
Nikita Popov
536260f2c5 Fix bug #65821: By-ref foreach on property access of string offset segfaults 
This removes the now unnecessary ZEND_FETCH_ADD_LOCK on the
container of a property fetch of a by-reference foreach.
 2013-10-04 13:13:46 +02:00