Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Update NEWS for PHP 7.2.34PHP-7.2.34 | Remi Collet | 2020-09-30 | 1 | -1/+1 |
| | |||||
* | [ci skip] typo | Remi Collet | 2020-09-29 | 1 | -2/+2 |
| | |||||
* | Update NEWS & UPGRADING | Stanislav Malyshev | 2020-09-28 | 2 | -3/+15 |
| | |||||
* | Do not decode cookie names anymore | Stanislav Malyshev | 2020-09-26 | 4 | -6/+38 |
| | |||||
* | Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV) | Stanislav Malyshev | 2020-09-26 | 4 | -22/+57 |
| | |||||
* | bump version to 7.2.34-dev | Remi Collet | 2020-08-04 | 3 | -5/+8 |
| | |||||
* | Update NEWS | Stanislav Malyshev | 2020-08-03 | 1 | -0/+7 |
| | |||||
* | Fix #79877: getimagesize function silently truncates after a null byte | Christoph M. Becker | 2020-08-02 | 2 | -0/+14 |
| | | | | We have to check for NUL bytes if `getimagesize()` has been called. | ||||
* | Fix #79797: Use of freed hash key in the phar_parse_zipfile function | Christoph M. Becker | 2020-08-02 | 3 | -1/+15 |
| | | | | We must not use heap memory after we freed it. | ||||
* | Prep for 7.2.33 | Sara Golemon | 2020-07-07 | 1 | -0/+3 |
| | |||||
* | Prep NEWS for 7.2.32 releasePHP-7.2.32 | Sara Golemon | 2020-07-07 | 1 | -1/+4 |
| | |||||
* | bump version to 7.2.32-dev | Remi Collet | 2020-05-12 | 3 | -5/+8 |
| | |||||
* | Update NEWS | Stanislav Malyshev | 2020-05-11 | 1 | -0/+5 |
| | |||||
* | Fix #78876: Long variables cause OOM and temp files are not cleaned | Christoph M. Becker | 2020-05-11 | 1 | -3/+3 |
| | | | | We use the proper type for size calculations, which is `size_t`. | ||||
* | Fix #78875: Long filenames cause OOM and temp files are not cleaned | Christoph M. Becker | 2020-05-11 | 1 | -2/+3 |
| | | | | | | We must not cast `size_t` to `int` (unless the `size_t` value is guaranteed to be less than or equal to `INT_MAX`). In this case we can declare `array_len` as `size_t` in the first place. | ||||
* | Update NEWS for 7.2.31 | Sara Golemon | 2020-04-14 | 1 | -0/+3 |
| | |||||
* | Update CREDITS for PHP 7.2.30 | Sara Golemon | 2020-04-14 | 2 | -11/+11 |
| | |||||
* | Update NEWS for PHP 7.2.30 | Sara Golemon | 2020-04-14 | 1 | -1/+1 |
| | |||||
* | Fixed bug #79468 | dinosaur | 2020-04-14 | 3 | -0/+29 |
| | | | | Close the stream filter resources when removing them from the stream. | ||||
* | NEWS | Sara Golemon | 2020-04-14 | 1 | -0/+3 |
| | |||||
* | Fix bug #79465 - use unsigneds as indexes. | Stanislav Malyshev | 2020-04-13 | 1 | -2/+2 |
| | |||||
* | Fix bug #79330 - make all execution modes consistent in rejecting \0 | Stanislav Malyshev | 2020-04-13 | 1 | -0/+9 |
| | |||||
* | bump verison to 7.2.30-dev | Remi Collet | 2020-03-17 | 3 | -5/+8 |
| | |||||
* | Fix NEWS | Christoph M. Becker | 2020-03-17 | 1 | -5/+5 |
| | |||||
* | [ci skip] Update NEWS | Stanislav Malyshev | 2020-03-15 | 1 | -0/+7 |
| | |||||
* | Fix test | Stanislav Malyshev | 2020-03-15 | 1 | -1/+1 |
| | |||||
* | Fix bug #79329 - get_headers should not accept \0 | Stanislav Malyshev | 2020-03-15 | 1 | -1/+1 |
| | |||||
* | Fixed bug #79282 | Stanislav Malyshev | 2020-03-15 | 2 | -1/+21 |
| | |||||
* | bump version to 7.2.29 | Remi Collet | 2020-02-18 | 3 | -5/+8 |
| | |||||
* | Update NEWS [ci skip] | Christoph M. Becker | 2020-02-17 | 1 | -0/+8 |
| | |||||
* | Mark bug76348.phpt as online test | Nikita Popov | 2020-02-16 | 1 | -0/+1 |
| | |||||
* | Fix bug #79082 - Files added to tar with Phar::buildFromIterator have ↵ | Stanislav Malyshev | 2020-02-16 | 4 | -0/+65 |
| | | | | all-access permissions | ||||
* | Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress | Stanislav Malyshev | 2020-02-15 | 2 | -4/+51 |
| | |||||
* | Fix typo in recent bugfix | Christoph M. Becker | 2020-02-14 | 2 | -2/+2 |
| | |||||
* | Fix #77569: Write Acess Violation in DomImplementation | Christoph M. Becker | 2020-02-13 | 3 | -1/+18 |
| | | | | We must not assume that the zval IS_STRING. | ||||
* | More checks for php_strip_tags_ex | Stanislav Malyshev | 2020-01-22 | 1 | -2/+2 |
| | |||||
* | next will be 7.2.28 | Remi Collet | 2020-01-22 | 3 | -5/+8 |
| | |||||
* | Update NEWS | Stanislav Malyshev | 2020-01-20 | 1 | -0/+9 |
| | |||||
* | Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`) | Stanislav Malyshev | 2020-01-20 | 2 | -5/+22 |
| | |||||
* | Fix #79099: OOB read in php_strip_tags_ex | Stanislav Malyshev | 2020-01-20 | 2 | -3/+35 |
| | |||||
* | Fix #79091: heap use-after-free in session_create_id() | Christoph M. Becker | 2020-01-20 | 2 | -0/+68 |
| | | | | If the `new_id` is released, we must not use it again. | ||||
* | fix release date | Remi Collet | 2019-12-18 | 1 | -1/+1 |
| | |||||
* | [ci skip] Update NEWS | Stanislav Malyshev | 2019-12-16 | 1 | -0/+16 |
| | |||||
* | Fix test | Stanislav Malyshev | 2019-12-16 | 1 | -1/+1 |
| | |||||
* | Fix bug #78793 | Stanislav Malyshev | 2019-12-16 | 2 | -2/+15 |
| | |||||
* | Fixed bug #78910 | Stanislav Malyshev | 2019-12-16 | 2 | -1/+19 |
| | |||||
* | Fix #78878: Buffer underflow in bc_shift_addsub | Christoph M. Becker | 2019-12-16 | 2 | -2/+15 |
| | | | | | We must not rely on `isdigit()` to detect digits, since we only support decimal ASCII digits in the following processing. | ||||
* | Fix test | Stanislav Malyshev | 2019-12-16 | 1 | -1/+1 |
| | |||||
* | Fix #78862: link() silently truncates after a null byte on Windows | Christoph M. Becker | 2019-12-16 | 2 | -1/+18 |
| | | | | | Since link() is supposed to accepts paths (i.e. strings without NUL bytes), we must not accept arbitrary strings. | ||||
* | Fix #78863: DirectoryIterator class silently truncates after a null byte | Christoph M. Becker | 2019-12-16 | 2 | -2/+33 |
| | | | | | | Since the constructor of DirectoryIterator and friends is supposed to accepts paths (i.e. strings without NUL bytes), we must not accept arbitrary strings. |