summaryrefslogtreecommitdiff
path: root/ext/pcre/php_pcre.c
Commit message (Collapse)AuthorAgeFilesLines
* Fixed bug #73174 - heap overflow in php_pcre_replace_implStanislav Malyshev2016-09-281-8/+14
|
* Fix various int size overflows.Stanislav Malyshev2016-09-121-7/+7
| | | | | Add function for detection of string zvals with length that does not fit INT_MAX.
* Implement #47456: Missing PCRE option 'J'Christoph M. Becker2016-09-051-0/+1
| | | | | | | | | While it is possible to force the same behavior by setting the internal option (?J), having a dedicated modifier appears to be useful. After all, J is even listed on the "Pattern Modifiers" man page[1], but the description referrs to (?J). [1] <http://php.net/manual/en/reference.pcre.pattern.modifiers.php>
* Fix #72688: preg_match missing group names in matchesChristoph M. Becker2016-07-271-1/+1
| | | | We have to multiply with 0x100 to properly scale the high byte.
* Happy new year (Update copyright to 2016)Lior Kaplan2016-01-011-1/+1
|
* Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2015-09-011-1/+1
|\ | | | | | | | | * PHP-5.5: More fixes for bug #70219
| * Merge branch 'PHP-5.4.45' into PHP-5.5.29Stanislav Malyshev2015-09-011-74/+74
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4.45: add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Conflicts: ext/pcre/php_pcre.c ext/standard/var_unserializer.c
* | \ Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2015-09-011-69/+69
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: update NEWS add NEWS for fixes Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) 5.4.45 next Conflicts: ext/pcre/php_pcre.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re ext/zip/php_zip.c
| * \ \ Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2015-09-011-73/+73
| |\ \ \ | | |/ / | |/| / | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) 5.4.45 next Conflicts: configure.in ext/pcre/php_pcre.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re main/php_version.h
| | * Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)Stanislav Malyshev2015-08-281-76/+76
| | |
* | | Fix #70232: Incorrect bump-along behavior with \K and empty string matchChristoph M. Becker2015-08-131-9/+14
| | | | | | | | | | | | | | | | | | | | | | | | To do global matching (/g), for every empty match we have to do a second match with PCRE_NOTEMPTY turned on. That may fail, however, when the \K escape sequence is involved. For this purpose libpcre 8.0 introduced the PCRE_NOTEMPTY_ATSTART flag, which we will use if available, and otherwise fall back to the old (possibly buggy) behavior.
* | | Merge branch 'PHP-5.5' into PHP-5.6Christoph M. Becker2015-06-231-4/+27
|\ \ \ | |/ / | | | | | | | | | | | | * PHP-5.5: updated NEWS Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the string)
| * | Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the ↵Christoph M. Becker2015-06-231-4/+27
| | | | | | | | | | | | | | | | | | | | | | | | string) When advancing after empty matches, php_pcre_match_impl() as well as php_pcre_replace_impl() always have to advance to the next code point when the u modifier is given, instead of to the next byte.
* | | Merge branch 'PHP-5.5' into PHP-5.6Christoph M. Becker2015-06-231-6/+18
|\ \ \ | |/ / | | | | | | | | | | | | * PHP-5.5: updated NEWS Fixed bug #69864 (Segfault in preg_replace_callback)
| * | Fixed bug #69864 (Segfault in preg_replace_callback)Christoph M. Becker2015-06-231-6/+18
| | | | | | | | | | | | | | | When preg_replace_callback() is used, cache entries which are in use must not be removed. We ensure that by deploying a simple refcounting mechanism.
| * | Bump yearXinchen Hui2015-01-151-1/+1
| | |
* | | bump yearXinchen Hui2015-01-151-1/+1
| | |
* | | Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2014-11-031-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Initialize the offset table - PCRE may sometimes miss offsets set default response code to 200 set default response code to 200 fix NEWS & version NEWS Fix bug #68283: fileinfo: out-of-bounds read in elf note headers Fix bug #68113 (Heap corruption in exif_thumbnail()) Fix bug #68089 - do not accept options with embedded \0 Fixed bug #68044: Integer overflow in unserialize() (32-bits only) Fix bug #68027 - fix date parsing in XMLRPC lib
| * | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2014-11-031-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Initialize the offset table - PCRE may sometimes miss offsets set default response code to 200 fix NEWS & version NEWS Fix bug #68283: fileinfo: out-of-bounds read in elf note headers Fix bug #68113 (Heap corruption in exif_thumbnail()) Fix bug #68089 - do not accept options with embedded \0 Fixed bug #68044: Integer overflow in unserialize() (32-bits only) Fix bug #68027 - fix date parsing in XMLRPC lib Conflicts: configure.in ext/curl/interface.c main/php_version.h
| | * Initialize the offset table - PCRE may sometimes miss offsetsStanislav Malyshev2014-11-031-1/+1
| | |
| | * Bump yearXinchen Hui2014-01-031-1/+1
| | |
| * | Bump yearXinchen Hui2014-01-031-1/+1
| | |
* | | Add support for PCRE marksNikita Popov2014-03-171-2/+42
| | | | | | | | | | | | | | | | | | If a MARK is set then it will be returned in the $matches array unter key "MARK". If no MARK is used or passed, the key will not be set.
* | | Bump yearXinchen Hui2014-01-031-1/+1
| | |
* | | Avoid interned hash key duplication and hash key length recaclulationDmitry Stogov2013-11-291-4/+6
|/ /
* | Merge branch 'PHP-5.4' into PHP-5.5Anatol Belski2013-03-141-1/+1
|\ \ | |/ | | | | | | * PHP-5.4: fix zts check
| * Merge branch 'PHP-5.3' into PHP-5.4Anatol Belski2013-03-141-1/+1
| |\ | | | | | | | | | | | | * PHP-5.3: fix zts check
| | * fix zts checkAnatol Belski2013-03-141-1/+1
| | |
* | | Merge branch 'PHP-5.4' into PHP-5.5Anatol Belski2013-03-041-1/+8
|\ \ \ | |/ / | | | | | | | | | * PHP-5.4: Fixed PCRE locale crash in Windows/TS
| * | Merge branch 'PHP-5.3' into PHP-5.4Anatol Belski2013-03-041-1/+8
| |\ \ | | |/ | | | | | | | | | * PHP-5.3: Fixed PCRE locale crash in Windows/TS
| | * Fixed PCRE locale crash in Windows/TSStephen A. Zarkos2013-03-041-1/+8
| | |
| | * Happy New Year~Xinchen Hui2013-01-011-1/+1
| | |
| | * Safer way to call pcre_fullinfo - bug 60986Rasmus Lerdorf2012-02-061-1/+2
| | |
| | * Fix for bug 60986Rasmus Lerdorf2012-02-061-2/+2
| | |
| | * - Year++Felipe Pena2012-01-011-1/+1
| | |
| | * - revert incorrect fix introduced in r316528Pierre Joye2011-09-121-1/+0
| | |
| | * Ensure we are working with strings hereHannes Magnusson2011-09-121-0/+1
| | |
| | * efree match_sets on an error here - found by CoverityRasmus Lerdorf2011-08-051-0/+1
| | |
| | * - Make usage of new PHP_FE_END macroFelipe Pena2011-07-251-1/+1
| | |
| | * Increase the overly conservative pcre backtrack limit from 100000 to 1000000Rasmus Lerdorf2011-05-211-1/+1
| | |
| | * - Year++Felipe Pena2011-01-011-1/+1
| | |
| | * - Coding standardsFelipe Pena2010-11-061-3/+2
| | |
| | * - Fixed bug #52732 (Docs say preg_match() returns FALSE on error, but it ↵Felipe Pena2010-11-061-1/+7
| | | | | | | | | | | | | | | | | | | | | returns int(0)) patch by: slugonamission at gmail dot com
| | * - Fixed bug #52971 (PCRE-Meta-Characters not working with utf-8)Felipe Pena2010-10-031-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | # In PCRE, by default, \d, \D, \s, \S, \w, and \W recognize only ASCII # characters, even in UTF-8 mode. However, this can be changed by setting # the PCRE_UCP option.
| * | Happy New YearXinchen Hui2013-01-011-1/+1
| | |
* | | Happy New YearXinchen Hui2013-01-011-1/+1
| | |
* | | Merge branch 'PHP-5.4'Adam Harvey2012-11-121-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | * PHP-5.4: Update arginfo for preg_match_all() to reflect reality. fix invalid read when trimming empty string
| * | Update arginfo for preg_match_all() to reflect reality.Adam Harvey2012-11-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Back when I implemented FR #53238 during the 5.4 development phase to make the $matches parameter optional in preg_match_all(), it turns out I forgot to update the arginfo to note that only 2 parameters are now required by preg_match_all(). The function itself works fine, but reflection was reporting the wrong number of required parameters.
* | | Merge branch 'PHP-5.4'Dmitry Stogov2012-10-261-0/+18
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Fixed bug #63180 (Corruption of hash tables) fix bug #63369 Conflicts: NEWS
| * | Fixed bug #63180 (Corruption of hash tables)Dmitry Stogov2012-10-261-0/+18
| | |
View Lorry Controller Status