summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* | Add NEWS entry for bug #67730Lior Kaplan2014-08-201-0/+2
| | | | | | | | Included in 5.4.32 with commit 706aefb
* | Add CVE ID for bug #67539Lior Kaplan2014-08-201-1/+1
| |
* | Switch use of strtok() to gd_strtok_r()Sara Golemon2014-08-192-2/+7
| | | | | | | | | | | | | | | | | | strtok() is not thread safe, so this will potentially break in very bad ways if used in ZTS mode. I'm not sure why gd_strtok_r() exists since it seems to do the same thing as strtok_r(), but I'll assume it's a portability decision and do as the Romans do.
* | Merge tag 'PHP-5.4.32' into PHP-5.4Stanislav Malyshev2014-08-192-0/+7
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 5.4.32 * tag 'PHP-5.4.32': 5.4.32 fix potentially missing NUL termination Fix bug #67730 - Null byte injection possible with imagexxx functions Fixed bug #67717 - segfault in dns_get_record Fix bug #67716 - Segfault in cdf.c 5.4.32 RC1 Conflicts: configure.in main/php_version.h
| * | 5.4.32Stanislav Malyshev2014-08-193-4/+4
| | |
| * | fix potentially missing NUL terminationStanislav Malyshev2014-08-181-0/+2
| | |
| * | Fix bug #67730 - Null byte injection possible with imagexxx functionsStanislav Malyshev2014-08-182-0/+7
| | |
| * | Fixed bug #67717 - segfault in dns_get_recordStanislav Malyshev2014-08-182-25/+64
| | |
| * | Fix bug #67716 - Segfault in cdf.cRemi Collet2014-08-142-1/+2
| | |
| * | 5.4.32 RC1php-5.4.32RC1Stanislav Malyshev2014-08-053-4/+4
| | |
* | | NEWSRemi Collet2014-08-191-0/+3
| | |
* | | Fixed Sec Bug #67717 segfault in dns_get_record CVE-2014-3597Remi Collet2014-08-191-24/+60
| | | | | | | | | | | | | | | | | | | | | | | | Incomplete fix for CVE-2014-4049 Check possible buffer overflow - pass real buffer end to dn_expand calls - check buffer len before each read
* | | Correct typo in comments: 'initialized'Lior Kaplan2014-08-173-3/+3
| | |
* | | typofixesVeres Lajos2014-08-1713-13/+13
| | |
* | | Add NEWSKeyur Govande2014-08-151-0/+3
| | |
* | | Merge branch 'pull-request/772' into PHP-5.4Keyur Govande2014-08-1510-18/+158
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * pull-request/772: Fix failing tests Patch for bug #67839 (mysqli does not handle 4-byte floats correctly) Before the patch, a value of 9.99 in a FLOAT column came out of mysqli as 9.9998998641968. This is because it would naively cast a 4-byte float into PHP's internal 8-byte double. To fix this, with GCC we use the built-in decimal support to "up-convert" the 4-byte float to a 8-byte double. When that is not available, we fall back to converting the float to a string and then converting the string to a double. This mimics what MySQL does.
| * | | Fix failing testsKeyur Govande2014-08-147-14/+29
| | | |
| * | | Patch for bug #67839 (mysqli does not handle 4-byte floats correctly)Keyur Govande2014-08-143-4/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before the patch, a value of 9.99 in a FLOAT column came out of mysqli as 9.9998998641968. This is because it would naively cast a 4-byte float into PHP's internal 8-byte double. To fix this, with GCC we use the built-in decimal support to "up-convert" the 4-byte float to a 8-byte double. When that is not available, we fall back to converting the float to a string and then converting the string to a double. This mimics what MySQL does.
* | | | Fix bug #67716 - Segfault in cdf.cRemi Collet2014-08-142-5/+6
| | | |
* | | | fix testStanislav Malyshev2014-08-141-1/+2
| | | |
* | | | split the glob() test to test different basedirAnatol Belski2014-08-144-39/+99
| | | |
* | | | fixed glob() edge case on windows, ref bug #47358Anatol Belski2014-08-142-0/+57
| | | |
* | | | - fix bug #47358, glob returns error, should be empty array()Pierre Joye2014-08-143-4/+6
|/ / / | | | | | | | | | | | | Conflicts: ext/standard/dir.c
* | | Merge branch 'PHP-5.3' into PHP-5.4Johannes Schlüter2014-08-141-4/+2
|\ \ \
| * | | Update Git rulesPHP-5.3Johannes Schlüter2014-08-141-4/+2
| | | |
| * | | Back to -dev (with EOL notice in NEWS)Johannes Schlüter2014-08-143-6/+10
| | | |
| * | | It's 2014 already, fix copyright year where user visiblephp-5.3.29PHP-5.3.29Johannes Schlüter2014-08-138-12/+12
| | | | | | | | | | | | | | | | Left out all file headers
| * | | PHP 5.3.29Johannes Schlüter2014-08-133-4/+4
| | | |
| * | | PHP 5.3.29RC1php-5.3.29RC1Johannes Schlüter2014-07-313-4/+4
| | | |
| * | | Fix missing type checks in various functionsStanislav Malyshev2014-07-315-19/+41
| | | |
| * | | update NEWSStanislav Malyshev2014-07-181-0/+50
| | | |
| * | | Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type ConfusionStanislav Malyshev2014-07-183-5/+8
| | | | | | | | | | | | | | | | | | | | | | | | Conflicts: ext/spl/spl_array.c ext/spl/tests/SplObjectStorage_unserialize_bad.phpt
| * | | Fixed bug #67359 (Segfault in recursiveDirectoryIterator)Xinchen Hui2014-07-183-0/+32
| | | |
| * | | Fix bug #66127 (Segmentation fault with ArrayObject unset)Stanislav Malyshev2014-07-183-1/+28
| | | |
| * | | Fix test - because of big #67397 we don't allow overlong locales anymoreStanislav Malyshev2014-07-181-3/+4
| | | |
| * | | Fix bug #67397 (Buffer overflow in ↵Stanislav Malyshev2014-07-182-1/+30
| | | | | | | | | | | | | | | | locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
| * | | Fix bug #67349: Locale::parseLocale Double FreeStanislav Malyshev2014-07-182-5/+8
| | | |
| * | | Fixed bug #67399 (putenv with empty variable may lead to crash)Stanislav Malyshev2014-07-182-55/+63
| | | | | | | | | | | | | | | | | | | | Conflicts: ext/standard/basic_functions.c
| * | | Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary checRemi Collet2014-07-181-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Upstream: https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d Adapted for C standard.
| * | | Bug #67412 fileinfo: cdf_count_chain insufficient boundary checkRemi Collet2014-07-181-3/+4
| | | | | | | | | | | | | | | | | | | | Upstream: https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
| * | | Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary checkRemi Collet2014-07-181-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upstream: https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67 Conflicts: ext/fileinfo/libmagic/cdf.c
| * | | Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal ↵Remi Collet2014-07-181-3/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | string size Upstream https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08
| * | | Fix bug #67498 - phpinfo() Type Confusion Information Leak VulnerabilityStanislav Malyshev2014-07-182-4/+19
| | | |
| * | | Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary checkRemi Collet2014-07-181-2/+2
| | | | | | | | | | | | | | | | | | | | Upstream fix https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391.patch Only revelant part applied
| * | | fix bug #67253: timelib_meridian_with_check out-of-bounds readStanislav Malyshev2014-07-184-101/+151
| | | | | | | | | | | | | | | | | | | | Conflicts: ext/date/lib/parse_date.c
| * | | Fix bug #67252: convert_uudecode out-of-bounds readStanislav Malyshev2014-07-182-0/+16
| | | |
| * | | Fix bug #67250 (iptcparse out-of-bounds read)Stanislav Malyshev2014-07-182-0/+11
| | | |
| * | | Fix bug #67247 spl_fixedarray_resize integer overflowStanislav Malyshev2014-07-182-1/+14
| | | |
| * | | Fix bug #67328 (fileinfo: numerous file_printf calls resulting in ↵Stanislav Malyshev2014-07-181-12/+4
| | | | | | | | | | | | | | | | | | | | | | | | performance degradation) Upstream patch: https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
| * | | Fix bug #67327: fileinfo: CDF infinite loop in nelements DoSStanislav Malyshev2014-07-181-1/+7
| | | | | | | | | | | | | | | | Upstream fix: https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0