Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Update NEWS for PHP 7.2.18PHP-7.2.18 | Remi Collet | 2019-04-30 | 1 | -1/+1 |
| | |||||
* | add news entries for secfix | Remi Collet | 2019-04-30 | 1 | -3/+7 |
| | |||||
* | Merge branch 'PHP-7.1' into PHP-7.2 | Stanislav Malyshev | 2019-04-30 | 3 | -1/+13 |
| | | | | | * PHP-7.1: Fix bug #77950 - Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG | ||||
* | Merge branch 'PHP-7.1' into PHP-7.2 | Stanislav Malyshev | 2019-04-30 | 1 | -6/+7 |
| | | | | | * PHP-7.1: Fix #77821: Potential heap corruption in TSendMail() | ||||
* | news entry for litespeed | Remi Collet | 2019-04-24 | 1 | -0/+4 |
| | |||||
* | Fixed bug in litespeed_finish_request(), disable fastcgi_finish_request() ↵ | George Wang | 2019-04-24 | 1 | -2/+5 |
| | | | | alias for now. | ||||
* | typo | Remi Collet | 2019-04-16 | 1 | -1/+1 |
| | |||||
* | Update NEWS for 7.2.16 | Remi Collet | 2019-04-16 | 1 | -0/+3 |
| | |||||
* | Update CREDITS for PHP 7.2.18RC1 | Remi Collet | 2019-04-16 | 2 | -11/+11 |
| | |||||
* | Update NEWS for PHP 7.2.18RC1 | Remi Collet | 2019-04-16 | 1 | -1/+1 |
| | |||||
* | Fixed bug #77895 | Nikita Popov | 2019-04-15 | 3 | -1/+18 |
| | |||||
* | Zero sockaddr struct | Nikita Popov | 2019-04-15 | 1 | -0/+2 |
| | | | | | in6 has a bunch of extra fields that we're leaving uninitialized. I don't see them locally, but there's valgrind warnings on gcov. | ||||
* | Fix uninitialized cert_captured | Nikita Popov | 2019-04-15 | 1 | -1/+1 |
| | | | | This is a legimitimate bug and also shows up under valgrind. | ||||
* | Fixed bug #77882 | Nikita Popov | 2019-04-15 | 3 | -0/+47 |
| | |||||
* | LiteSpeed SAPI 7.3, better process management, new API function ↵ | George Wang | 2019-04-12 | 3 | -26/+152 |
| | | | | litespeed_finish_request(). | ||||
* | Fix tests wrt. internationalization | Christoph M. Becker | 2019-04-12 | 3 | -7/+7 |
| | |||||
* | Fix key leaks in mb_convert_encoding() | Nikita Popov | 2019-04-12 | 2 | -4/+22 |
| | |||||
* | Fix potential OPcache file cache related issues | Anatol Belski | 2019-04-11 | 2 | -11/+45 |
| | | | | | | | | | To solve issues detected during testing, we backport the following commits to PHP 7.2: 129c5c1181bf344b37e13fd6dc5dfe76c13d7208 9ac133a0b3863ca4d9659140154ee237e5f4669a ce72bc6b658c335dd37393d0beb28584e6805e97 | ||||
* | Fix phar:// include handling with file cache | Anatol Belski | 2019-04-10 | 2 | -1/+76 |
| | |||||
* | Fix 29nb_async_connect.phpt | Nikita Popov | 2019-04-10 | 1 | -3/+5 |
| | | | | | Intermediate states are unreliable across versions (I think), make sure we go through the whole connect procedure. | ||||
* | Fix pgsql use after free trying to reuse closed connection | Nikita Popov | 2019-04-10 | 4 | -9/+47 |
| | | | | | | | | | | | When a connection is closed, we also need to remove the hash entry from the regular_list, as it now points to freed memory. To do this store a reverse mapping from the connection to the hash string. It would be nicer to introduce a wrapping structure for the pgsql link resource that could store the hash (and notices), but that would require large changes to the extension, so I'm going for a more minimal fix here. | ||||
* | Fix use after free on pg_close() of default connection | Nikita Popov | 2019-04-10 | 2 | -5/+22 |
| | |||||
* | Repare SWITCH VM | Dmitry Stogov | 2019-04-09 | 1 | -2/+2 |
| | |||||
* | Preserve keys in emulate_read_fd_set() | twosee | 2019-04-08 | 2 | -4/+43 |
| | | | | Keys are already preserved in the non-emulated case. | ||||
* | Fixed bug #77853 | Nikita Popov | 2019-04-08 | 4 | -4/+24 |
| | |||||
* | Fixed bug #77844 | Nikita Popov | 2019-04-08 | 3 | -16/+39 |
| | | | | | We should probably return an integer result from the operation in typed mode, right now the result is always a string. | ||||
* | Merge branch 'PHP-7.1' into PHP-7.2 | Stanislav Malyshev | 2019-04-06 | 3 | -4/+4 |
|\ | | | | | | | | | | | * PHP-7.1: Always use ZEND_SECURE_ZERO() when cleaning up data bump versions after release | ||||
| * | Always use ZEND_SECURE_ZERO() when cleaning up data | Stanislav Malyshev | 2019-04-06 | 5 | -5/+7 |
| | | | | | | | | | | | | Optimizing compilers have an annoying tendency to throw out memsets over data that they think aren't used anymore. Apply secure zero-out in cases where this has potential to happen. | ||||
| * | bump versions after release | Joe Watkins | 2019-04-02 | 3 | -5/+9 |
| | | |||||
* | | Follow up #77849 PDOStatement objects in undefined state after clone | Joe Watkins | 2019-04-06 | 2 | -17/+19 |
| | | |||||
* | | Fix bug #77849 Disable cloning of PDO handle/connection objects to avoid ↵ | Cameron Porter | 2019-04-06 | 3 | -0/+28 |
| | | | | | | | | segfault | ||||
* | | Update Appveyor CI to php-sdk-2.2.0beta4 | Christoph M. Becker | 2019-04-05 | 1 | -1/+1 |
| | | |||||
* | | Ref #76801 remove old file source from file_sources hash in case of file ↵ | Alessandro Chitolina | 2019-04-03 | 1 | -0/+1 |
| | | | | | | | | included more than once | ||||
* | | Fixed CFG construction for SWITCH opcodes | Dmitry Stogov | 2019-04-03 | 1 | -2/+2 |
| | | |||||
* | | Merge branch 'PHP-7.1' into PHP-7.2 | Remi Collet | 2019-04-02 | 1 | -1/+1 |
|\ \ | |/ | | | | | | | * PHP-7.1: fix paste issue | ||||
| * | fix paste issue | Remi Collet | 2019-04-02 | 1 | -1/+1 |
| | | |||||
* | | Merge branch 'PHP-7.1' into PHP-7.2 | Christoph M. Becker | 2019-04-02 | 1 | -2/+2 |
|\ \ | |/ | | | | | | | * PHP-7.1: Pointer arithmetic on void pointers is illegal | ||||
| * | Pointer arithmetic on void pointers is illegal | Christoph M. Becker | 2019-04-02 | 1 | -2/+2 |
| | | | | | | | | | | We quick-fix this by casting to char*; it might be more appropriate to use char pointers in the first place. | ||||
* | | Merge branch 'PHP-7.1' into PHP-7.2 | Stanislav Malyshev | 2019-04-02 | 3 | -15/+41 |
|\ \ | |/ | | | | | | | * PHP-7.1: Fixed bug #77831 - Heap-buffer-overflow in exif_iif_add_value in EXIF | ||||
| * | Fixed bug #77831 - Heap-buffer-overflow in exif_iif_add_value in EXIF | Stanislav Malyshev | 2019-04-02 | 4 | -15/+42 |
| | | |||||
* | | Merge branch 'PHP-7.1' into PHP-7.2 | Stanislav Malyshev | 2019-03-31 | 0 | -0/+0 |
|\ \ | |/ | | | | | | | * PHP-7.1: Update NEWS | ||||
| * | Update NEWS | Stanislav Malyshev | 2019-03-31 | 1 | -0/+3 |
| | | |||||
* | | Merge branch 'PHP-7.1' into PHP-7.2 | Stanislav Malyshev | 2019-03-31 | 3 | -0/+20 |
|\ \ | |/ | | | | | | | * PHP-7.1: Fix bug #77753 - Heap-buffer-overflow in php_ifd_get32s | ||||
| * | Fix bug #77753 - Heap-buffer-overflow in php_ifd_get32s | Stanislav Malyshev | 2019-03-31 | 3 | -0/+20 |
| | | |||||
* | | Fix #77827: preg_match does not ignore \r in regex flags | Christoph M. Becker | 2019-03-31 | 3 | -0/+19 |
| | | |||||
* | | Fixed SKIPIF when --disable-mbregex is used | Matteo Beccati | 2019-03-30 | 18 | -15/+63 |
| | | |||||
* | | Fix test expectation | Christoph M. Becker | 2019-03-29 | 1 | -1/+1 |
| | | | | | | | | | | | | The `W32_SM_SENDMAIL_FROM_MALFORMED` error message will only be shown if the `$additional_headers` parameter is passed to `mail`, which is not the case for this test. Instead we have to expect `BAD_MSG_RPATH`. | ||||
* | | Merge branch 'PHP-7.1' into PHP-7.2 | Stanislav Malyshev | 2019-03-28 | 7 | -17/+28 |
|\ \ | |/ | | | | | | | | | | | * PHP-7.1: Validate subject encoding in mb_split and mb_ereg_match Validate pattern against mbregex encoding SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws | ||||
| * | Validate subject encoding in mb_split and mb_ereg_match | Nikita Popov | 2019-03-27 | 2 | -5/+12 |
| | | | | | | | | | | We were already validating the subject encoding in most functions, but not these two. | ||||
| * | Validate pattern against mbregex encoding | Nikita Popov | 2019-03-27 | 6 | -15/+31 |
| | | | | | | | | | | | | Oniguruma does not consistently perform this validation itself (at least on older versions), so make sure we check pattern encoding validity on the PHP side. |