summaryrefslogtreecommitdiff
path: root/ext
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'bug68710' into PHP-5.4Stanislav Malyshev2015-01-203-3/+28
|\ | | | | | | | | * bug68710: Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
| * Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())Stanislav Malyshev2015-01-013-3/+28
| |
* | Merge branch 'bug68799' into PHP-5.4Stanislav Malyshev2015-01-203-1/+64
|\ \ | | | | | | | | | | | | * bug68799: Fix bug #68799: Free called on unitialized pointer
| * | Fix bug #68799: Free called on unitialized pointerStanislav Malyshev2015-01-113-1/+64
| |/
* | Fixed bug #55618 (use case-insensitive cert name matching)Daniel Lowrey2015-01-141-2/+2
| |
* | updated libmagic.patch in 5.4Anatol Belski2015-01-041-315/+139
| |
* | Fixed bug #68735 fileinfo out-of-bounds memory accessAnatol Belski2015-01-043-2/+21
| |
* | removed dead codeRemi Collet2015-01-045-1544/+2
|/
* add missing test fileStanislav Malyshev2014-12-161-0/+7
|
* Fix bug #68594 - Use after free vulnerability in unserialize()Stanislav Malyshev2014-12-163-32/+62
|
* Fix undefined behaviour in strnatcmpAndrea Faulds2014-12-131-2/+2
|
* move the test to the right placeAnatol Belski2014-12-111-0/+11
|
* Fixed bug #68545 NULL pointer dereference in unserialize.cAnatol Belski2014-12-112-33/+45
|
* Fixed possible read after end of buffer and use after free.Dmitry Stogov2014-12-081-2/+6
|
* Revert unintentional docblock changeChris Christoff2014-12-051-1/+1
| | | | | | | | Revert unintentional docblock change It looks like commit dd8e59da8f5aafd9d77a0f1f17e5e272d09f643f introduced an unintended docbloc change. I have reverted this change in this commit.
* update newsStanislav Malyshev2014-11-301-5/+5
|
* Bug fixes in light of failing bcrypt testsLeigh2014-11-302-1/+3
| | | | | Conflicts: ext/standard/crypt.c
* Add tests from 1.3. Add missing tests.Leigh2014-11-301-2/+31
| | | | 3 of the missing tests fail. // TODO
* Upgrade crypt_blowfish to version 1.3Leigh2014-11-301-19/+24
|
* Fixed bug #66584 Segmentation fault on statement deallocationMatteo Beccati2014-11-112-1/+67
|
* Fix bug #63595 GMP memory management conflicts with other libraries using GMPRemi Collet2014-11-031-26/+0
| | | | | | | | | | | | | | | | | | Drop use of php memory allocators as this raise various conflicts with other extensions and libraries which use libgmp. No other solution found. We cannot for ensure correct use of allocator with shared lib. Some memory can allocated before php init Some memory can be freed after php shutdown Known broken run cases - php + curl + gnutls + gmp - mod_gnutls + mod_php + gnutls + gmp - php + freetds + gnutls + gmp - php + odbc + freetds + gnutls + gmp - php + php-mapi (zarafa) + gnutls + gmp
* Initialize the offset table - PCRE may sometimes miss offsetsStanislav Malyshev2014-11-031-1/+1
|
* Fix bug #68283: fileinfo: out-of-bounds read in elf note headersRemi Collet2014-10-221-0/+7
| | | | | | | Upstream commit https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0 CVE -2014-3710
* Fix bug #68113 (Heap corruption in exif_thumbnail())Stanislav Malyshev2014-10-133-2/+19
|
* Fix bug #68089 - do not accept options with embedded \0Stanislav Malyshev2014-10-132-0/+24
| | | | | Conflicts: ext/curl/interface.c
* Fixed bug #68044: Integer overflow in unserialize() (32-bits only)Stanislav Malyshev2014-10-133-3/+15
|
* Fix bug #68027 - fix date parsing in XMLRPC libStanislav Malyshev2014-10-132-5/+52
|
* Set an LDAP error code when failing ldap_bind due to null bytesMatthew Daley2014-09-281-2/+21
| | | | | | | | Some applications check a LDAP link's error code after seeing ldap_bind fail due to a null byte bind attempt and hence incorrectly receive the last set error code. Fix by setting an LDAP error code before returning in this case.
* - Updated to version 2014.8 (2014h)Derick Rethans2014-09-261-608/+610
|
* Revert xp_ssl.c to the state of 5.4.32 due to regressionsStanislav Malyshev2014-09-261-61/+0
|
* Fixed bug #66242 (don't assume char is signed)Ard Biesheuvel2014-09-201-1/+1
| | | | | | | | | This fixes a bug in libmagic where a cast to 'char' is assumed to result in sign extension to occur. However, unqualified 'char' is unsigned on architectures such as ARM, so the cast needs to be to 'signed char' explicitly. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
* Fixed freetype test on multiple environmentsMatteo Beccati2014-09-162-30/+4
| | | | | | Some environments, apparently regardless to the freetype version, output 155, while others 156. I guess we can accept both ;) This reverts commit 592df890276604c790d02be26b1b3c3710b3b888.
* Bug #41631: Fix regression from first attempt (6569db8)Daniel Lowrey2014-09-091-1/+1
|
* Bug #67965: Fix blocking behavior in non-blocking crypto streamsDaniel Lowrey2014-09-091-11/+13
|
* Fixed test with freetype >= 2.4.12Matteo Beccati2014-09-032-2/+28
|
* - Updated to version 2014.7 (2014g)Derick Rethans2014-09-011-667/+652
|
* Fix stream_select() issue with OpenSSL bufferChris Wright2014-08-271-0/+13
| | | | | | | | | | | | Ensure data from OpenSSL internal buffer has been transfered to PHP stream buffer before a select() emulation operation is performed Addresses bug #65137 https://bugs.php.net/bug.php?id=65137 Conflicts: ext/openssl/xp_ssl.c
* Bug #67730: Add tests by Ryan Mauger <ryan@rmauger.co.uk>Lior Kaplan2014-08-257-0/+252
|
* this test depends on the simplexml ext, not just on xmlFerenc Kovacs2014-08-241-3/+1
|
* fix bug #67865Michael Wallner2014-08-211-2/+1
|
* fixed variable corruption under win x64Anatol Belski2014-08-201-4/+4
|
* Switch use of strtok() to gd_strtok_r()Sara Golemon2014-08-191-2/+4
| | | | | | | | | strtok() is not thread safe, so this will potentially break in very bad ways if used in ZTS mode. I'm not sure why gd_strtok_r() exists since it seems to do the same thing as strtok_r(), but I'll assume it's a portability decision and do as the Romans do.
* Merge tag 'PHP-5.4.32' into PHP-5.4Stanislav Malyshev2014-08-191-0/+5
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 5.4.32 * tag 'PHP-5.4.32': 5.4.32 fix potentially missing NUL termination Fix bug #67730 - Null byte injection possible with imagexxx functions Fixed bug #67717 - segfault in dns_get_record Fix bug #67716 - Segfault in cdf.c 5.4.32 RC1 Conflicts: configure.in main/php_version.h
| * Fix bug #67730 - Null byte injection possible with imagexxx functionsStanislav Malyshev2014-08-181-0/+5
| |
| * Fixed bug #67717 - segfault in dns_get_recordStanislav Malyshev2014-08-181-24/+60
| |
| * Fix bug #67716 - Segfault in cdf.cRemi Collet2014-08-141-1/+1
| |
* | Fixed Sec Bug #67717 segfault in dns_get_record CVE-2014-3597Remi Collet2014-08-191-24/+60
| | | | | | | | | | | | | | | | Incomplete fix for CVE-2014-4049 Check possible buffer overflow - pass real buffer end to dn_expand calls - check buffer len before each read
* | Correct typo in comments: 'initialized'Lior Kaplan2014-08-173-3/+3
| |
* | typofixesVeres Lajos2014-08-178-8/+8
| |
* | Merge branch 'pull-request/772' into PHP-5.4Keyur Govande2014-08-1510-18/+158
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * pull-request/772: Fix failing tests Patch for bug #67839 (mysqli does not handle 4-byte floats correctly) Before the patch, a value of 9.99 in a FLOAT column came out of mysqli as 9.9998998641968. This is because it would naively cast a 4-byte float into PHP's internal 8-byte double. To fix this, with GCC we use the built-in decimal support to "up-convert" the 4-byte float to a 8-byte double. When that is not available, we fall back to converting the float to a string and then converting the string to a double. This mimics what MySQL does.
View Lorry Controller Status