| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
(cherry picked from commit 5ba9eab4361cf9d0d9085f969acc2e96b8af3241)
|
|
|
|
| |
(cherry picked from commit 730288ae41fe0d40d00b27174b558cf260b1a7df)
|
| |
|
|
|
|
| |
(cherry picked from commit 9c50ba42d6503a5fcfffad6c6823a9bee0e033c0)
|
|
|
|
|
|
| |
Even though datalen can't be over int, outlen can.
(cherry picked from commit cd8c9b06149dc7dc0415524f1d74880fd6f2d25c)
|
|
|
|
| |
(cherry picked from commit 2301608736c82183f8210053a45f78eeef5b0c74)
|
| |
|
|
|
|
|
| |
(cherry picked from commit da7e89cde880c66887caacd0a3eae7ecdacf9b2a)
(cherry picked from commit c4c2cce37dd99bbcf1411ad8d6884c3c927d7bc9)
|
|
|
|
| |
(cherry picked from commit 58b18892bf3db0adf2a01f92adb4c907700fbbdd)
|
|
|
|
|
| |
(cherry picked from commit 40e7baab3c90001beee4c8f0ed0ef79ad18ee0d6)
(cherry picked from commit 74b5662536ccdf9b7b02c495f02a27c64e27fff7)
|
|
|
|
|
| |
(cherry picked from commit 0e6fe3a4c96be2d3e88389a5776f878021b4c59f)
(cherry picked from commit f42cbd749cde1f91274c1d03df9024baba141a8f)
|
|
|
|
| |
(cherry picked from commit efc1f33b58b0936539ea6ca1de345bd83c7e8f26)
|
|
|
|
| |
(cherry picked from commit b135ba3fa93fd4f085322573d2850b29cb662e21)
|
|
|
|
| |
(cherry picked from commit 7c6cb1282d539c4d5ff5adc8f7a6926c83b98e20)
|
|
|
|
|
| |
(cherry picked from commit 85a22a0af0722ef3a8d49a056a0b2b18be1fb981)
(cherry picked from commit 7dc8b5e7aefce963a7a222c48ee3506725c4776b)
|
|
|
|
|
| |
(cherry picked from commit 96a8cf8e1b5dc1b0c708bb5574e0d6727cc56d9e)
(cherry picked from commit 4ef79370a82d6c92f4ea0cd462274ba24e007f56)
|
|
|
|
| |
(cherry picked from commit aaa5d07365b54f35ba3b5024492450f3d2fe4ee5)
|
|
|
|
|
| |
(cherry picked from commit d946d102936525bc7dcd01f3827d0a6e0bb971b0)
(cherry picked from commit b26b02b2df95eaa647ea3f4e7b42bd11eea4ed2c)
|
|
|
|
|
| |
(cherry picked from commit d3eb58332af433982f1e2ae9095fb087974a95f2)
(cherry picked from commit 87a8240b5adc730153e6df54f33195aee1325e6f)
|
|
|
|
|
| |
(cherry picked from commit 1c0e9126fbfb7fde3173347b7464237f56c38bfa)
(cherry picked from commit d1e878f2726e65502fdd992c5b57feeada57893f)
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* origin/PHP-7.0.12: (99 commits)
set versions and release date
sync NEWS
Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
set versions
update NEWS
Ignore potentially misleading dberr values
update NEWS
Fixed bug #73172 parse error: Invalid numeric literal
Fix #53745: cgi.discard_path option is missing from php.ini
update libs_versions.txt
update libs_versions.txt
Fixed bug #73156 (segfault on undefined function)
Add an include path for freetype which is relevant for cmake builds
Fix test_image_equals_file() wrt. palette images
Fixed bug #73163
Fix #73161: imagecreatefromgd2() may leak memory
Fix #73159: imagegd2(): unrecognized formats may result in corrupted files
Fix #73155: imagegd2() writes wrong chunk sizes on boundaries
Fix #73157 (again): imagegd2() ignores 3rd param if 4 are given
Fix #73157: imagegd2() ignores 3rd param if 4 are given
...
|
| | |
|
| | |
|
| |
| |
| |
| | |
This reverts commit 2d8ab51576695630a7471ff829cc5ea10becdc0f.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
FreeTDS had a buggy behavior where it would pass invalid values:
https://sourceforge.net/p/freetds/bugs/59/
The fix for this issue -- bc22b2ef817fb5d102bd758111ff3634b39a1319 on their
repo -- was to always use SYBESMSG for dberr. This makes it so the existing
pdo_dblib code would work as is. But by ignoring the dberr value in this
function, it will behave correctly, even with older versions of FreeTDS.
|
| | |
|
| |\ |
|
| | |\ |
|
| | | |
| | | |
| | | |
| | | | |
Also cgi.check_shebang_line has been missing.
|
| |/ / |
|
| | | |
|
| |\ \
| | |/
| | |
| | |
| | | |
* PHP-5.6:
update libs_versions.txt
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |/ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The recently introduced test_image_equals_file() doesn't properly work for
palette images, because in this case only the palette indexes are compared,
what can lead to false positives and negatives as shown in the added test.
To fix that we convert palette images to truecolor, what is supposed to be
faster than calling imagecolorsforindex() for each pixel.
We furthermore rely on PHP's refcounting to free unused images; after all,
this is not C.
|
| |\ \
| | |/ |
|
| | |\ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The PHP core and extensions are written with the assumption that memory
allocation either succeeds, or the allocator bails out (i.e. the allocator
is infallible). Therefore the result of emalloc() and friends are not checked
for NULL values.
However, with USE_ZEND_ALLOC=0, malloc() and friends are used as allocators,
but these are fallible, i.e. they return NULL instead of bailing out if they
fail. This easily leads to invalid memory accesses in the following, such as
in <https://bugs.php.net/73032>. Some of these cases may constitute
exploitable vulnerabilities.
Therefore we make the infallible __zend_alloc() and friends the default for
USE_ZEND_ALLOC=0.
|
| | | | |
|
| |\ \ \
| | |/ / |
|
| | | | |
|
| |\ \ \
| | |/ / |
|
| | | |
| | | |
| | | |
| | | | |
We must not apply the format correction twice for truecolor images.
|
| |\ \ \
| | |/ / |
|
| | | | |
|
| |\ \ \
| | |/ / |
|