| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
| |
This is very similar to the existing mbstring.regex_stack_limit,
but for backtracking. The default value matches pcre.backtrack_limit.
Only used on libonig >= 2.8.0.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a max_depth option to unserialize and an unserialize_max_depth
ini setting, which can be used to control the depth limit. The
default value is 4096.
This option is intended to prevent stack overflows during the
unserialization of deeply nested structures.
This fixes bug #78549 and addresses oss-fuzz #17581, #17589, #17664,
and #17788.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Formerly, there was at most a single OPcache instance per user and the
so called system ID (which is determined from the PHP version).
Sometimes multiple OPcaches might be desired, though, particularly for
unrelated CLI scripts, which may even be necessary (e.g. for our test
suite in parallel mode).
We therefore introduce a new INI directive `opcache.cache_id` which
allows to configure independent OPcache instances for the same user.
We also use `GetUserNameW()` instead of `php_win32_get_username()`,
because the latter retrieves the user name encoded in the
`default_charset`, which can obviously yield different results for
different charsets, leading to OPcache "incompatibilities". Slightly
worse, some characters may not even be encodeable in the
`default_charset` and would be replaced by question marks, which could
result in different users sharing the same OPcache.
We also refactor, and re-use existing APIs to avoid duplicated code.
|
| |
|
|\ |
|
| |
| |
| |
| |
| | |
This passes through syslog message unchanged, without splitting
messages at newlines.
|
| | |
|
| |
| |
| |
| | |
Engine values
|
| | |
|
| |
| |
| |
| | |
Some default opcache settings were missing.
|
|\ \
| |/
| |
| |
| |
| |
| |
| | |
* PHP-7.3:
Update NEWS & UPGRADING
Add fallbacks for older oniguruma versions
Add mbstring.regex_stack_limit to php.ini-*
Implement RF bug #72777 - ensure stack limits on mbstring functions.
|
| | |
|
|\ \
| |/
| |
| |
| | |
* PHP-7.3:
comment out sqlite3.defensive = 1 follow common practice, this is the default value
|
| |\
| | |
| | |
| | |
| | | |
* PHP-7.2:
comment out sqlite3.defensive = 1 follow common practice, this is the default value
|
| | |
| | |
| | |
| | | |
follow common practice, this is the default value
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-7.3:
Fix #76956: Wrong value for 'syslog.filter' documented in php.ini
|
| | | |
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-7.3:
SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws
|
| |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.2:
SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws
|
| | |
| | |
| | |
| | | |
against potential security flaws
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch removes the so called local variables defined per
file basis for certain editors to properly show tab width, and
similar settings. These are mainly used by Vim and Emacs editors
yet with recent changes the once working definitions don't work
anymore in Vim without custom plugins or additional configuration.
Neither are these settings synced across the PHP code base.
A simpler and better approach is EditorConfig and fixing code
using some code style fixing tools in the future instead.
This patch also removes the so called modelines for Vim. Modelines
allow Vim editor specifically to set some editor configuration such as
syntax highlighting, indentation style and tab width to be set in the
first line or the last 5 lines per file basis. Since the php test
files have syntax highlighting already set in most editors properly and
EditorConfig takes care of the indentation settings, this patch removes
these as well for the Vim 6.0 and newer versions.
With the removal of local variables for certain editors such as
Emacs and Vim, the footer is also probably not needed anymore when
creating extensions using ext_skel.php script.
Additionally, Vim modelines for setting php syntax and some editor
settings has been removed from some *.phpt files. All these are
mostly not relevant for phpt files neither work properly in the
middle of the file.
|
| | | |
|
|\ \ \
| |/ /
| | |
| | | |
[ci skip]
|
| |\ \
| | |/
| | |
| | | |
[ci skip]
|
| | |
| | |
| | |
| | | |
[ci skip]
|
| | | |
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-7.3:
add imap.enable_insecure_rsh in php.ini
|
| |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.2:
add imap.enable_insecure_rsh in php.ini
|
| | |\
| | | |
| | | |
| | | |
| | | | |
* PHP-7.1:
add imap.enable_insecure_rsh in php.ini
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
|/ / /
| | |
| | |
| | |
| | | |
On line 512, I clarified the sentence which uses effect, previously the sentence was awkward.
On line 656, the wrong word is used, I changed affect to effect.
|
| | |
| | |
| | |
| | | |
https://tools.ietf.org/html/draft-west-first-party-cookies-07 see https://scotthelme.co.uk/csrf-is-dead/
|
| | | |
|
| | |
| | |
| | |
| | | |
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| | | |
|
| | |
| | |
| | |
| | | |
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| | | |
|
|\ \ \
| |/ / |
|
| |\ \
| | |/ |
|
| | | |
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-7.2:
Fix #74139: mail.add_x_header default inconsistent with docs [ci skip]
|
| |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.1:
Fix #74139: mail.add_x_header default inconsistent with docs [ci skip]
|
| | |
| | |
| | |
| | |
| | | |
mail.add_x_header actually defaults to `Off`, so we should use this
default in the provided `php.ini`s.
|