php-src

Stanislav Malyshev 523f230c83 Fix bug #75981 : prevent reading beyond buffer start	2018-02-26 22:25:51 -08:00
..
bcmath	use zend_error instead of zend_error_noreturn	2016-10-14 10:53:40 +02:00
bz2	Add length check for bzcompress too - fix for bug #73356	2016-11-03 22:10:22 -07:00
calendar	Fix #71894 : AddressSanitizer: global-buffer-overflow in zif_cal_from_jd	2016-07-29 01:04:21 +02:00
com_dotnet	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
ctype	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
curl	Update more functions with path check	2017-01-15 17:31:08 -08:00
date	Parametrize the expected value to avoid platform false positives	2017-10-24 18:33:21 +02:00
dba	Fix #70825 : Cannot fetch multiple values with group in ini file	2016-08-25 18:18:10 +02:00
dom	Fix bug #73150 : missing NULL check in dom_document_save_html	2016-09-25 21:25:01 -07:00
enchant	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
ereg	Fix bug #73284 - heap overflow in php_ereg_replace function	2016-10-11 14:16:51 -07:00
exif	Fix test	2017-01-15 18:42:22 -08:00
fileinfo	Add test for bug #69107 : finfo no longer detects PHP files	2016-08-08 18:43:33 +02:00
filter	Fix #73054 : default option ignored when object passed to int filter	2016-09-09 14:30:24 +02:00
ftp	Test case for bug #72771	2016-08-30 13:44:34 +02:00
gd	Fixed bug #75571 : Potential infinite loop in gdImageCreateFromGifCtx	2018-01-01 19:51:26 -08:00
gettext	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
gmp	Fixed test script	2016-03-17 17:06:56 +08:00
hash	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
iconv	More string length checks & fixes	2016-11-03 21:35:09 -07:00
imap	Merge remote-tracking branch 'phpsec/PHP-5.6.28' into PHP-5.6	2016-11-08 11:06:52 +01:00
interbase	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
intl	Fix typo	2017-01-16 00:23:06 -08:00
json	Do not wrap user exception in case of custom JSON serialization	2016-09-19 16:06:12 +02:00
ldap	Fix various int size overflows.	2016-09-12 21:04:23 -07:00
libxml	Fix bug #66502 : DOM document dangling reference	2016-07-15 01:08:08 +02:00
mbstring	Patch from the upstream git	2017-07-05 09:26:06 +02:00
mcrypt	Fixed bug #72535 arcfour encryption stream filter crashes php	2017-10-24 13:59:18 +02:00
mssql	Fix the fix (Nikita), thanks!	2016-08-06 12:08:13 +02:00
mysql	Happy new year (Update copyright to 2016)	2016-01-03 01:44:37 +02:00
mysqli	Revert "Backport patch for bug #71820 "	2016-05-09 17:15:40 +02:00
mysqlnd	fix ZTS build	2016-09-15 13:27:20 +02:00
oci8	Prepare for OCI8 PECL release	2016-08-18 13:50:36 +10:00
odbc	Fix #69975 : PHP segfaults when accessing nvarchar(max) defined columns	2016-07-08 15:33:46 +02:00
opcache	Accorate handling of too big inodes of chroot directories	2016-11-17 01:08:42 +03:00
openssl	Fix bug #74651 - check EVP_SealInit as it can return -1	2017-07-04 12:32:06 -07:00
pcntl	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
pcre	Apply upstream patch for CVE-2016-1283	2017-10-24 11:10:11 +02:00
pdo	Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle	2016-10-23 20:09:23 -07:00
pdo_dblib	Merge branch 'pull-request/2061' into PHP-5.6	2016-09-05 00:29:11 -07:00
pdo_firebird	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
pdo_mysql	Skip tests when secure_file_priv dir not writable	2016-12-15 09:31:00 +01:00
pdo_oci	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
pdo_odbc	Fix ODBC bug for varchars returning with length zero	2016-06-02 12:04:10 +02:00
pdo_pgsql	put missing prototype and fix ts build	2016-08-14 22:35:01 +02:00
pdo_sqlite	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
pgsql	Fix bug #73498	2016-11-22 00:42:45 +01:00
phar	Fix bug #74782 : remove file name from output to avoid XSS	2018-01-01 19:51:02 -08:00
posix	Revert "Fixed bug #71219 "	2016-07-30 18:34:34 +02:00
pspell	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
readline	Fix header file include	2016-01-15 08:43:00 +01:00
recode	Add more checks for int overflow	2016-09-12 21:04:23 -07:00
reflection	fix: bug72222 for PHP-5.6 reflection export of array consts	2016-07-13 21:39:55 +02:00
session	Fix #73100 : session_destroy null dereference in ps_files_path_create	2016-09-16 23:41:10 +02:00
shmop	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
simplexml	Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()	2016-10-11 13:30:52 -07:00
skeleton
snmp	Fix bug #72708 - php_snmp_parse_oid integer overflow in memory allocation	2016-08-16 22:55:19 -07:00
soap	add test for bug #73452	2016-11-21 15:25:46 +01:00
sockets	Fix #72677 : SCM_CREDENTIALS related tests should be skipped on AIX	2016-07-28 17:19:47 +02:00
spl	Fix bug #73144 and bug #73341 - remove extra dtor	2016-10-23 22:03:16 -07:00
sqlite3	Revert "Fix #73530 : Unsetting result set may reset other result set"	2016-12-29 12:59:04 +01:00
standard	Fix bug #75981 : prevent reading beyond buffer start	2018-02-26 22:25:51 -08:00
sybase_ct	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
sysvmsg	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
sysvsem	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
sysvshm	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
tidy	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
tokenizer	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
wddx	Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian()	2017-10-24 11:28:17 +02:00
xml	Fix various int size overflows.	2016-09-12 21:04:23 -07:00
xmlreader	Add regression test for bug #73053	2016-09-11 00:06:45 +02:00
xmlrpc	More string length checks & fixes	2016-11-03 21:35:09 -07:00
xmlwriter	Happy new year (Update copyright to 2016)	2016-01-01 19:21:47 +02:00
xsl	fix test	2016-03-14 15:53:02 +01:00
zip	Backport and apply upstream patch for CVE-2017-14107	2017-10-27 13:16:56 +02:00
zlib	More string length checks & fixes	2016-11-03 21:35:09 -07:00
ext_skel
ext_skel_win32.php

bcmath

use zend_error instead of zend_error_noreturn

2016-10-14 10:53:40 +02:00

bz2

Add length check for bzcompress too - fix for bug #73356

2016-11-03 22:10:22 -07:00

calendar

Fix #71894 : AddressSanitizer: global-buffer-overflow in zif_cal_from_jd

2016-07-29 01:04:21 +02:00

com_dotnet

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

ctype

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

curl

Update more functions with path check

2017-01-15 17:31:08 -08:00

date

Parametrize the expected value to avoid platform false positives

2017-10-24 18:33:21 +02:00

dba

Fix #70825 : Cannot fetch multiple values with group in ini file

2016-08-25 18:18:10 +02:00

dom

Fix bug #73150 : missing NULL check in dom_document_save_html

2016-09-25 21:25:01 -07:00

enchant

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

ereg

Fix bug #73284 - heap overflow in php_ereg_replace function

2016-10-11 14:16:51 -07:00

exif

Fix test

2017-01-15 18:42:22 -08:00

fileinfo

Add test for bug #69107 : finfo no longer detects PHP files

2016-08-08 18:43:33 +02:00

filter

Fix #73054 : default option ignored when object passed to int filter

2016-09-09 14:30:24 +02:00

ftp

Test case for bug #72771

2016-08-30 13:44:34 +02:00

gd

Fixed bug #75571 : Potential infinite loop in gdImageCreateFromGifCtx

2018-01-01 19:51:26 -08:00

gettext

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

gmp

Fixed test script

2016-03-17 17:06:56 +08:00

hash

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

iconv

More string length checks & fixes

2016-11-03 21:35:09 -07:00

imap

Merge remote-tracking branch 'phpsec/PHP-5.6.28' into PHP-5.6

2016-11-08 11:06:52 +01:00

interbase

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

intl

Fix typo

2017-01-16 00:23:06 -08:00

json

Do not wrap user exception in case of custom JSON serialization

2016-09-19 16:06:12 +02:00

ldap

Fix various int size overflows.

2016-09-12 21:04:23 -07:00

libxml

Fix bug #66502 : DOM document dangling reference

2016-07-15 01:08:08 +02:00

mbstring

Patch from the upstream git

2017-07-05 09:26:06 +02:00

mcrypt

Fixed bug #72535 arcfour encryption stream filter crashes php

2017-10-24 13:59:18 +02:00

mssql

Fix the fix (Nikita), thanks!

2016-08-06 12:08:13 +02:00

mysql

Happy new year (Update copyright to 2016)

2016-01-03 01:44:37 +02:00

mysqli

Revert "Backport patch for bug #71820 "

2016-05-09 17:15:40 +02:00

mysqlnd

fix ZTS build

2016-09-15 13:27:20 +02:00

oci8

Prepare for OCI8 PECL release

2016-08-18 13:50:36 +10:00

odbc

Fix #69975 : PHP segfaults when accessing nvarchar(max) defined columns

2016-07-08 15:33:46 +02:00

opcache

Accorate handling of too big inodes of chroot directories

2016-11-17 01:08:42 +03:00

openssl

Fix bug #74651 - check EVP_SealInit as it can return -1

2017-07-04 12:32:06 -07:00

pcntl

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

pcre

Apply upstream patch for CVE-2016-1283

2017-10-24 11:10:11 +02:00

pdo

Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle

2016-10-23 20:09:23 -07:00

pdo_dblib

Merge branch 'pull-request/2061' into PHP-5.6

2016-09-05 00:29:11 -07:00

pdo_firebird

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

pdo_mysql

Skip tests when secure_file_priv dir not writable

2016-12-15 09:31:00 +01:00

pdo_oci

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

pdo_odbc

Fix ODBC bug for varchars returning with length zero

2016-06-02 12:04:10 +02:00

pdo_pgsql

put missing prototype and fix ts build

2016-08-14 22:35:01 +02:00

pdo_sqlite

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

pgsql

Fix bug #73498

2016-11-22 00:42:45 +01:00

phar

Fix bug #74782 : remove file name from output to avoid XSS

2018-01-01 19:51:02 -08:00

posix

Revert "Fixed bug #71219 "

2016-07-30 18:34:34 +02:00

pspell

Happy new year (Update copyright to 2016)

2016-01-01 19:21:47 +02:00

readline

Fix header file include

2016-01-15 08:43:00 +01:00

recode

Add more checks for int overflow

2016-09-12 21:04:23 -07:00

reflection

fix: bug72222 for PHP-5.6 reflection export of array consts

2016-07-13 21:39:55 +02:00

session

Fix #73100 : session_destroy null dereference in ps_files_path_create

2016-09-16 23:41:10 +02:00

shmop

2016-01-01 19:21:47 +02:00

simplexml

Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()

2016-10-11 13:30:52 -07:00

snmp

Fix bug #72708 - php_snmp_parse_oid integer overflow in memory allocation

2016-08-16 22:55:19 -07:00

soap

add test for bug #73452

2016-11-21 15:25:46 +01:00

sockets

Fix #72677 : SCM_CREDENTIALS related tests should be skipped on AIX

2016-07-28 17:19:47 +02:00

spl

Fix bug #73144 and bug #73341 - remove extra dtor

2016-10-23 22:03:16 -07:00

sqlite3

Revert "Fix #73530 : Unsetting result set may reset other result set"

2016-12-29 12:59:04 +01:00

standard

Fix bug #75981 : prevent reading beyond buffer start

2018-02-26 22:25:51 -08:00

sybase_ct

2016-01-01 19:21:47 +02:00

sysvmsg

2016-01-01 19:21:47 +02:00

sysvsem

2016-01-01 19:21:47 +02:00

sysvshm

2016-01-01 19:21:47 +02:00

tidy

2016-01-01 19:21:47 +02:00

tokenizer

2016-01-01 19:21:47 +02:00

wddx

Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian()

2017-10-24 11:28:17 +02:00

xml

Fix various int size overflows.

2016-09-12 21:04:23 -07:00

xmlreader

Add regression test for bug #73053

2016-09-11 00:06:45 +02:00

xmlrpc

More string length checks & fixes

2016-11-03 21:35:09 -07:00

xmlwriter

2016-01-01 19:21:47 +02:00

xsl

fix test

2016-03-14 15:53:02 +01:00

zip

Backport and apply upstream patch for CVE-2017-14107

2017-10-27 13:16:56 +02:00

zlib

More string length checks & fixes

2016-11-03 21:35:09 -07:00