summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Update NEWS for PHP 7.2.24PHP-7.2.24Remi Collet2019-10-221-1/+1
|
* add NEWS entry for CVE-2019-11043Remi Collet2019-10-221-2/+4
|
* Merge branch 'PHP-7.1' into PHP-7.2Stanislav Malyshev2019-10-223-4/+72
| | | | | | | * PHP-7.1: Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043) bump versions after release set versions for release
* Update NEWS for 7.2.24Remi Collet2019-10-081-0/+3
|
* Update CREDITS for PHP 7.2.24RC1Remi Collet2019-10-082-11/+11
|
* Update NEWS for PHP 7.2.24RC1Remi Collet2019-10-081-1/+1
|
* Fix #78641: addGlob can modify given remove_path valueChristoph M. Becker2019-10-083-2/+37
| | | | | | | `remove_path` points to the given string, so we must not modify it. Instead we use a duplicate, if we need the modification. We may want to switch to `zend_string`s in master.
* Check for object_init_ex() failure in user filter factoryNikita Popov2019-10-072-3/+25
|
* Set session.gc_probability=0 in bug78624.phptNikita Popov2019-10-071-0/+1
| | | | | We only want to test manually triggered session GC. Avoid spurious output due to automatic GC.
* Fix #78623: Regression caused by "SP call yields additional empty result set"Christoph M. Becker2019-10-075-2/+12
| | | | This reverts commit 41a4379cb45419a376043ca5f8c5a2bca82cea7c.
* Split intl tests for ICU 65Christoph M. Becker2019-10-044-0/+1559
|
* Fix #78620: Out of memory errorChristoph M. Becker2019-10-044-2/+28
| | | | | The integer addition in `ZEND_MM_ALIGNED_SIZE_EX` can overflow, what we have to catch early.
* fix #78624: session_gc return value for user defined session handlersBrent Shaffer2019-10-044-7/+85
|
* Fix bug #76809 (SSL settings aren't respected when persistent connection is ↵Fábio Souto2019-10-032-4/+57
| | | | reused)
* Fix #76859 stream_get_line skips data if used with data-generating filterKonstantin Kopachev2019-10-035-6/+38
| | | | | | | | | stream_get-line repeatedly calls php_stream_fill_read_buffer until enough data is accumulated in buffer. However, when stream contains filters attached to it, then each call to fill buffer essentially resets buffer read/write pointers and new data is written over old. This causes stream_get_line to skip parts of data from stream This patch fixes such behavior, so fill buffer call will append.
* Revert "Fix #78620: Out of memory error"Christoph M. Becker2019-10-022-6/+0
| | | | | | This reverts commit 8ce04df7e0108a10f7b782a28204e9384ab1129c. Cf. <https://github.com/php/php-src/pull/4766#discussion_r330658679>.
* Fix #78620: Out of memory errorChristoph M. Becker2019-10-022-0/+6
| | | | | If the integer addition in `ZEND_MM_ALIGNED_SIZE_EX` overflows, the macro evaluates to `0`, what we should catch early.
* Fix segfault with __COMPILER_HALT_OFFSET__ and trailing {}Nikita Popov2019-10-022-0/+11
| | | | Fixes OSS-Fuzz #17895.
* Fixed test that "fails" from time to timeDmitry Stogov2019-10-021-1/+1
|
* Fixed test that "fails" from time to timeDmitry Stogov2019-10-021-1/+1
|
* Add missing skip keyword in testsFabien Villepinte2019-10-016-6/+6
|
* Fixed bug #78612Nikita Popov2019-09-303-0/+21
|
* Fix #78609: mb_check_encoding() no longer supports stringable objectsChristoph M. Becker2019-09-303-20/+30
| | | | We apply type juggling for other types than array.
* Fix build for libzip < 0.11.2Christoph M. Becker2019-09-291-0/+2
| | | | | We must not define method entries, if the actual method definitions or the arginfo structures are not defined.
* Fix SKIPIF in ext/mysqliFabien Villepinte2019-09-2711-20/+20
|
* Fix skipif.incChristoph M. Becker2019-09-271-1/+1
|
* Fix memory leak with ** on array operandsNikita Popov2019-09-262-0/+26
|
* Fix null-pointer deref in if stmt printingNikita Popov2019-09-262-1/+5
| | | | Fixes OSS-Fuzz #17721.
* Fix hash key length in umsg_parse_format()Jinesh Patel2019-09-251-3/+3
| | | | | Fix array length passed to zend_hash_str_find_ptr() casting from UChar array to char array requires mul by sizeof(UChar).
* Fix NEWS entryChristoph M. Becker2019-09-231-4/+4
| | | | Cf. <https://bugs.php.net/78590>.
* Fix skipif conditionNikita Popov2019-09-231-1/+1
|
* Skip test on 32-bitNikita Popov2019-09-231-0/+2
|
* Fix signed integer overflow in SplObjectStorage unserializationNikita Popov2019-09-232-0/+18
| | | | | | | | If count is ZEND_LONG_MIN the count-- loop underflows. This is ultimately harmless, but results in a ubsan warning. Fix this by adding a sanity check that the count isn't negative, because that doesn't make sense...
* Fix test to be skipped if dom is not availableChristoph M. Becker2019-09-221-0/+1
|
* Fix leak of temporary buffer during exif tag readingNikita Popov2019-09-223-0/+12
|
* Fix multiple leaks in exif_read_data()Nikita Popov2019-09-213-5/+15
| | | | | | | This fixes two leaks related to duplicate tags, as well as a leak of zero-length FMT_(S)BYTE with non-null value. This can show up for MAKERNOTE values where the original length is non-zero, but the first character is a null byte.
* Fix length of key passed to zend_hash_str_find_ptrJinesh Patel2019-09-211-2/+2
|
* Fix #78579: mb_decode_numericentity: args number inconsistencyChristoph M. Becker2019-09-212-0/+5
| | | | | | | | | mb_decode_numericentity() accepts a fourth optional parameter, which is unused, however. Since this parameter doesn't do any harm, and to avoid the small BC break, we're keeping this parameter for PHP 7, but adjust the arginfo. For PHP 8, we will remove this parameter.
* Fix out-of-bounds read in exif tag readingNikita Popov2019-09-194-0/+37
| | | | | | | This issue was recently introduced in c739023a50876e2a90588f915803b0140a95638e, when the restriction that components>0 has been relaxed. We now need to make sure that any tags that expect at least one component check that this is the case.
* Fix iterable return type optimizationNikita Popov2019-09-192-1/+19
|
* Fix exif leak on duplicate copyright tagsNikita Popov2019-09-193-0/+16
|
* Fix typoCJDennis2019-09-191-1/+1
| | | | `sizeof("data")-1` and `sizeof("date")-1` are both 4, so no change in behaviour
* Increase timeout in testNikita Popov2019-09-171-3/+5
|
* Fix #76342: file_get_contents waits twice specified timeoutfancyweb2019-09-174-8/+76
|
* Add tilde to allowed status/ping pathDrakano2019-09-171-4/+4
| | | | | | | Because of user specific webdirs it should be possible to set a status/ping path like "/~username/status". Closes GH-4698.
* Fix opcache return type for get_headers in zend_func_infoTyson Andre2019-09-171-1/+1
| | | | | | | | | | https://www.php.net/manual/en/function.get-headers.php#refsect1-function.get-headers-examples shows that it will return string keys when the second argument is non-zero. I've verified that this is the case. This bug was there since the initial commit in c88ffa9a567. Closes GH-4702.
* Fixed bug #78545Nikita Popov2019-09-161-2/+2
| | | | By using an explicit (double) cast.
* Fix leak in SplObjectStorage unserializationNikita Popov2019-09-162-0/+18
| | | | | The result of php_var_unserialize always needs to be destroyed, even if the call failed.
* Stick with zend_long for ABI compatibilityChristoph M. Becker2019-09-151-1/+1
| | | | Cf. <https://github.com/php/php-src/pull/4700#issuecomment-531515689>.
* Fix #78535: auto_detect_line_endings value not parsed as boolbugreportuser2019-09-145-2/+58
|
View Lorry Controller Status