summaryrefslogtreecommitdiff
path: root/ext/standard
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'PHP-5.6' into PHP-7.0php-7.0.9PHP-7.0.9Xinchen Hui2016-07-201-1/+2
| | | | | | | * PHP-5.6: Fixed arginfo (cherry picked from commit e4af29b0b7633cad56a46bbffafae079a0cd882c)
* Merge branch 'PHP-5.6' into PHP-7.0Stanislav Malyshev2016-07-191-9/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: fix #72519, possible OOB using imagegif fix #72512, invalid read or write for palette image when invalid transparent index is used Apparently some envs miss SIZE_MAX Fix tests Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c Fix for bug #72558, Integer overflow error within _gdContributionsAlloc() Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE Fix bug #72562 - destroy var_hash properly Fix bug #72533 (locale_accept_from_http out-of-bounds access) Fix fir bug #72520 Fix for bug #72513 Fix for bug #72513 CS fix and comments with bug ID Fix for HTTP_PROXY issue. 5.6.24RC1 add tests for bug #72512 Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access Fixed bug #72479 - same as #72434 Conflicts: Zend/zend_virtual_cwd.c ext/bz2/bz2.c ext/exif/exif.c ext/session/session.c ext/snmp/snmp.c ext/standard/basic_functions.c main/SAPI.c main/php_variables.c (cherry picked from commit b00f8f2a5bae651d6375ca34c676963f1f25ee5a)
* fix possible optimization bugphp-7.0.9RC1Anatol Belski2016-07-051-1/+1
|
* extend testAnatol Belski2016-07-031-1/+4
|
* Fixed bug #72534 stream_socket_get_name crashesAnatol Belski2016-07-032-1/+17
|
* Merge branch 'PHP-5.6' into PHP-7.0Anatol Belski2016-06-221-1/+1
|\ | | | | | | | | * PHP-5.6: fix test cleanup
| * fix test cleanupAnatol Belski2016-06-221-1/+1
| |
| * Merge branch 'PHP-5.6.23' into PHP-5.6Stanislav Malyshev2016-06-215-56/+147
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6.23: Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize Fix bug #72321 - use efree() for emalloc allocation 5.6.23RC1 Conflicts: configure.in main/php_version.h
| * | Fix bug #72138 - Integer Overflow in Length of String-typed ZVALStanislav Malyshev2016-06-141-0/+3
| | |
* | | fix two remaining testsAnatol Belski2016-06-212-5/+32
| | |
* | | Merge branch 'PHP-7.0.8' into PHP-7.0Stanislav Malyshev2016-06-212-0/+65
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0.8: iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize Fix bug #72321 - use efree() for emalloc allocation 5.6.23RC1 fix NEWS set versions Conflicts: configure.in main/php_version.h
| * \ \ Merge branch 'PHP-5.6.23' into PHP-7.0.8Stanislav Malyshev2016-06-212-0/+65
| |\ \ \ | | | |/ | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6.23: (24 commits) iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize update NEWS Fix #66387: Stack overflow with imagefilltoborder Fix bug #72321 - use efree() for emalloc allocation 5.6.23RC1 Fix bug #72140 (segfault after calling ERR_free_strings()) ... Conflicts: configure.in ext/mbstring/php_mbregex.c ext/mcrypt/mcrypt.c ext/spl/spl_array.c ext/spl/spl_directory.c ext/standard/php_smart_str.h ext/standard/string.c ext/standard/url.c ext/wddx/wddx.c ext/zip/php_zip.c main/php_version.h
| | * | Merge branch 'PHP-5.5' into PHP-5.6.23Stanislav Malyshev2016-06-215-56/+147
| | |\ \ | | | |/ | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize update NEWS Fix #66387: Stack overflow with imagefilltoborder Skip test which is 64bits only 5.5.37 now Conflicts: configure.in ext/mcrypt/mcrypt.c ext/spl/spl_directory.c main/php_version.h
| | | * Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC ↵Stanislav Malyshev2016-06-201-0/+33
| | | | | | | | | | | | | | | | algorithm and unserialize
| | | * Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and ↵Stanislav Malyshev2016-06-201-0/+32
| | | | | | | | | | | | | | | | unserialize
| | | * Fix bug #72400 and #72403 - prevent signed int overflows for string lengthsStanislav Malyshev2016-06-152-49/+72
| | | |
| | | * Fix bug #72275: don't allow smart_str to overflow intStanislav Malyshev2016-06-141-7/+10
| | | |
| | | * Skip test which is 64bits onlyRemi Collet2016-05-251-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Diff from test output 001+ Warning: fread(): Length parameter must be greater than 0 in ... 001- Warning: fread(): Length parameter must be no more than 2147483647 in ...
| | * | Skip test which is 64bits onlyRemi Collet2016-05-251-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Diff from test output 001+ Warning: fread(): Length parameter must be greater than 0 in ... 001- Warning: fread(): Length parameter must be no more than 2147483647 in ...
| | * | fix test portabilityAnatol Belski2016-05-251-1/+1
| | | |
| | * | Merge branch 'PHP-5.5' into PHP-5.6.22Stanislav Malyshev2016-05-243-23/+46
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fix memory leak in imagescale() Update NEWS Better fix for bug #72135 Fixed bug #72227: imagescale out-of-bounds read Fix bug #72241: get_icu_value_internal out-of-bounds read Fix bug #72135 - don't create strings with lengths outside int range Add check for string overflow to all string add operations Fix bug #72114 - int/size_t confusion in fread Updated NEWS Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream() Conflicts: Zend/zend_operators.c ext/phar/dirstream.c ext/phar/tests/bug71331.phpt
| | | * Better fix for bug #72135Stanislav Malyshev2016-05-241-4/+5
| | | |
| | | * Fix bug #72135 - don't create strings with lengths outside int rangeStanislav Malyshev2016-05-151-23/+27
| | | |
| | | * Fix bug #72114 - int/size_t confusion in freadStanislav Malyshev2016-05-092-0/+18
| | | |
| | * | Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2016-03-281-1/+1
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut Fix bug #71798 - Integer Overflow in php_raw_url_encode Fix bug #71860: Require valid paths for phar filenames Going for 5.5.34 Conflicts: configure.in ext/phar/tests/create_path_error.phpt main/php_version.h
* | | | Fixed bug #72306 (Heap overflow through proc_open and $env parameter)Xinchen Hui2016-06-133-35/+45
| | | |
* | | | Fixed bug #72369 (array_merge() produces references in PHP7)Dmitry Stogov2016-06-092-5/+26
|/ / /
* | | Also include ini_getXinchen Hui2016-06-011-0/+4
| | |
* | | Forgotten test script for bug #72300Xinchen Hui2016-06-011-0/+18
| | |
* | | Fixed bug #72300 (ignore_user_abort(false) has no effect)Xinchen Hui2016-05-311-1/+1
| | |
* | | Added NEWS EntryXinchen Hui2016-05-281-0/+11
| | |
* | | Let's only read-only hereXinchen Hui2016-05-171-1/+1
| | |
* | | Fixed bug #72229 (Wrong reference when serialize/unserialize an object)Xinchen Hui2016-05-172-0/+57
| | |
* | | Tidy upThomas Punt2016-05-161-2/+2
| | |
* | | Remove unnecessary boundary checksThomas Punt2016-05-161-2/+2
| | |
* | | Resolve bug #72017Thomas Punt2016-05-162-6/+23
| | |
* | | Fixed Bug #72193 (dns_get_record returns array containing elements of type ↵Xinchen Hui2016-05-111-0/+2
| | | | | | | | | | | | 'unknown')
* | | Fixed bug #72116 (7.0.6 array_fill optimization breaks implementation)Bob Weinand2016-04-282-0/+19
| | |
* | | Use zend_string_safe_allocXinchen Hui2016-04-273-3/+3
| | |
* | | Fixed bug #72100 (implode() inserts garbage into resulting string when joins ↵Dmitry Stogov2016-04-262-6/+24
| | | | | | | | | | | | very big integer). (Mikhail Galanin)
* | | Fixed bug #72035 php-cgi.exe fails to run scripts relative to drive rootAnatol Belski2016-04-231-0/+40
| | |
* | | Fixed bug #72075 (Referencing socket resources breaks stream_select)Xinchen Hui2016-04-222-0/+18
| | |
* | | Fix non-/Zend tests tooBob Weinand2016-04-161-1/+1
| | |
* | | Use symtable lookup for arrays in array_columnNikita Popov2016-04-162-1/+24
| | |
* | | Respect property visibility in array_columnNikita Popov2016-04-162-6/+32
| | |
* | | Fixed bug #72031Nikita Popov2016-04-162-1/+55
| | |
* | | Fixed bug #71995 (Returning the same var twice from __sleep() produces ↵Xinchen Hui2016-04-092-20/+73
| | | | | | | | | | | | broken serialized data)
* | | Improved fix for #71940Xinchen Hui2016-04-073-21/+21
| | |
* | | Merge branch 'PHP-7.0' of git.php.net:/php-src into PHP-7.0Xinchen Hui2016-04-071-18/+56
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 'PHP-7.0' of git.php.net:/php-src: Remove __halt_compiler from semi-reserved tokens Fixed Bug #71974 Trans sid will always be send, even if cookies are available Optimized array_fill(). This is a perfect function for fast creation of packed arrays. Fixed build fix merge mistake fix tests PostgreSQL's PDOStatement::getColumnMeta() fills in table's name. fix indent Fixed bug #71978 (Existence of return type hint affects other compatibility rules) fix test fix bug #71667 (emulate how mssql extension names "computed" columns) update NEWS add 32-bit specific variont for #62498 skip test on 32-bit make opcache lockfile path configurable return zvals instead of strings, cast or not based on stringify attribute fix test add skip slow test
| * | | Optimized array_fill(). This is a perfect function for fast creation of ↵Dmitry Stogov2016-04-071-18/+56
| | | | | | | | | | | | | | | | packed arrays.
View Lorry Controller Status