summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Merge branch 'PHP-5.6.30' into PHP-5.6Stanislav Malyshev2017-01-0211-511/+571
|\ | | | | | | | | | | | | | | | | * PHP-5.6.30: Fix bug #73737 FPE when parsing a tag format Fix bug #73773 - Seg fault when loading hostile phar Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data() Fix bug #73768 - Memory corruption when loading hostile phar Fix int overflows in phar (bug #73764)
| * Fix bug #73737 FPE when parsing a tag formatStanislav Malyshev2016-12-313-1/+13
| |
| * Fix bug #73773 - Seg fault when loading hostile pharStanislav Malyshev2016-12-311-2/+2
| |
| * Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()Stanislav Malyshev2016-12-303-36/+76
| |
| * Fix bug #73768 - Memory corruption when loading hostile pharStanislav Malyshev2016-12-303-2/+17
| |
| * Fix int overflows in phar (bug #73764)Stanislav Malyshev2016-12-303-2/+18
| |
* | FIx bug #70213Nikita Popov2017-01-014-474/+535
|/
* Revert "Fix #73530: Unsetting result set may reset other result set"Christoph M. Becker2016-12-293-32/+8
| | | | | | | This reverts commit eb570294a289b45d0dd38efc71065d6b0d314c4b. That commit caused a regression, so it's probably best to revert it, and to tackle the issue for the next minor release.
* fix C89 compatAnatol Belski2016-12-171-3/+6
|
* Skip tests when secure_file_priv dir not writableMatteo Beccati2016-12-152-1/+23
|
* update NEWSFerenc Kovacs2016-12-081-4/+4
|
* fix leak, take 2Anatol Belski2016-12-061-1/+1
|
* fix leak, take on 5.6Anatol Belski2016-12-062-2/+2
|
* This still leaks memory, I don't have enough knowledge in WDDX code to fix ↵Stanislav Malyshev2016-12-051-1/+2
| | | | them :(
* Fix bug #73631 - Invalid read when wddx decodes empty boolean elementStanislav Malyshev2016-12-053-0/+28
|
* Fix minor typoAdrien Crivelli2016-12-031-1/+1
|
* Workaround for GCC-4.9.2 bugDmitry Stogov2016-12-011-0/+4
|
* oops, changed in wrong placeStanislav Malyshev2016-11-271-3/+3
|
* add NEWSStanislav Malyshev2016-11-271-0/+4
|
* Merge branch 'pull-request/1974' into PHP-5.6Stanislav Malyshev2016-11-272-53/+60
|\ | | | | | | | | * pull-request/1974: Fix #68447: grapheme_extract take an extra trailing character
| * Fix #68447: grapheme_extract take an extra trailing characterSATO Kentaro2016-07-012-49/+56
| | | | | | | | | | | | | | grapheme_extract() converts UTF-8 string in the argument to UTF-16 to iterate through graphemes, and count each UTF-16 character as one Unicode character, which is not correct for UTF-16 surrogate pairs. The patch removes the conversion and counts UTF-8 directly if needed.
* | Fix #73549: Use after free when stream is passed to imagepngChristoph M. Becker2016-11-273-1/+42
| | | | | | | | | | If a stream is passed to imagepng() or other image output functions, opposed to a filename, we must not close this stream.
* | Fix occasionaly failing testMatteo Beccati2016-11-271-4/+4
| |
* | Added missing array key to $JUNITMatteo Beccati2016-11-271-0/+1
| |
* | acinclude.m4: fix krb5-config detection and usage in PHP_SETUP_KERBEROS.Michael Orlitzky2016-11-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When building with kerberos support (--with-kerberos), a few libraries and flags need to be added to various parts of the build system. The most reliable way to get those flags is through the krb5-config program that ships with both major implementations of kerberos. The PHP_SETUP_KERBEROS macro in acinclude.m4 attempts to detect krb5-config, and use it. However, there's a bug in that macro. The --with-kerberos parameter accepts a directory where the kerberos libraries can be found. When a directory is given, it is stored in the PHP_KERBEROS variable. The following test, if test "$PHP_KERBEROS" = "yes" && test -x "$KRB5_CONFIG"; then thus fails whenever a directory is passed to --with-kerberos, since it compares a directory name against the string "yes". This causes krb5-config to go unused, and some unreliable fallback logic is attempted instead. One consequence of this is that the Heimdal kerberos implementation cannot be substituted for the MIT one, at least when a directory is passed to --with-kerberos. This commit reverses the logic and checks for "$PHP_KERBEROS" != "no". To confirm that this fixes the issue, one can inspect the "-l" library flags that get appended to the command-line. On a machine with Heimdal and the unmodified acinclude.m4, running ./configure --with-openssl --with-kerberos=/usr will log (for example) to config.log, configure:18082: checking for krb5-config configure:18101: found /usr/bin/krb5-config configure:18114: result: /usr/bin/krb5-config configure:18450: checking for RAND_egd configure:18450: cc ... conftest.c ... -lgssapi_krb5 -lkrb5 ... which are the library names for the MIT implementation. After patching acinclude.m4 to negate the logic, the same command on the same machine outputs (to config.log): configure:18450: cc ... conftest.c -lgssapi -lheimntlm ... These are the correct library names for the Heimdal implementation. PHP-Bug: 73214
* | Add more mbfl string size checks (bug #73505)Stanislav Malyshev2016-11-263-3/+33
| |
* | Fix #73582: Failing ext/gd/tests/imagettftext_charmap_order.phptChristoph M. Becker2016-11-251-0/+1
| | | | | | | | | | This test is not supposed to work with JIS-mapped Japanese font support enabled.
* | Updated to version 2016.10 (2016j)Derick Rethans2016-11-241-432/+583
| |
* | 5.6.30 will be nextFerenc Kovacs2016-11-243-5/+7
| |
* | Make php_url_parse_ex() respect length argumentNikita Popov2016-11-221-20/+28
| | | | | | | | | | | | This should fix all out-of-bounds reads that could previously occur if the string passed to php_url_parse_ex() is not NUL terminated.
* | Cleanup parse_url() query/fragment handlingNikita Popov2016-11-221-40/+21
| | | | | | | | | | | | The query/fragment handling was pretty convoluted, with many parts being duplicated. Simplify by checking for fragment, then for query, then for path.
* | Cleanup parse_url() gotosNikita Popov2016-11-221-17/+7
| | | | | | | | | | | | Simplify some unnecessarily complicated code. In particular the length updates are unnecessary (length is only used at the very start) and we're goto'ing around a bit too much.
* | update libs versions.txtAnatol Belski2016-11-221-2/+2
| |
* | update NEWSAnatol Belski2016-11-221-0/+3
| |
* | Fix bug #73498Craig Duncan2016-11-221-2/+2
| | | | | | | | | | Postgres uses the DELIMITER keyword since 7.3 And WITH is no longer required/used
* | Add a test for bug 73498Craig Duncan2016-11-224-0/+28
| |
* | update php.ini-* according to changes for bug #69090Anatol Belski2016-11-212-0/+12
| |
* | update NEWSAnatol Belski2016-11-211-0/+3
| |
* | add test for bug #73452Anatol Belski2016-11-211-0/+17
| |
* | Backport 15ac4904 to 5.6Anatol Belski2016-11-211-5/+26
| |
* | Fix the lchwon error test for Travis CI.Mitch Hagstrand2016-11-181-1/+1
| | | | | | | | | | | | The E_WARNING message from the PHP function lchown is passed from the system function lchown. The error message returned from lchown can be filesystem dependent.
* | Fix #64526: Add missing mysqlnd.* parameters to php.ini-*Christoph M. Becker2016-11-183-0/+47
| |
* | Fixed testDmitry Stogov2016-11-171-1/+1
| |
* | Updated NEWSJulien Pauli2016-11-171-0/+4
| |
* | Improvement for bug73297Julien Pauli2016-11-171-1/+1
| |
* | Simplify ext/standard/tests/http/bug73297.phptRowan Collins2016-11-171-26/+18
| |
* | http_fopen_wrapper.c - bug#73297 Skip past "100 Continue" responsesRowan Collins2016-11-171-0/+18
| |
* | Add failing test for bug#73297Rowan Collins2016-11-171-0/+41
| |
* | Accorate handling of too big inodes of chroot directoriesDmitry Stogov2016-11-171-12/+8
| |
* | "opcache.validate_root" is useless on WindowsDmitry Stogov2016-11-162-0/+6
| |
View Lorry Controller Status