summaryrefslogtreecommitdiff
path: root/ext/session
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'PHP-7.0' into PHP-7.1Christoph M. Becker2016-09-162-1/+23
|\
| * Merge branch 'PHP-5.6' into PHP-7.0Christoph M. Becker2016-09-162-1/+23
| |\
| | * Fix #73100: session_destroy null dereference in ps_files_path_createChristoph M. Becker2016-09-162-1/+23
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Anatol Belski2016-09-131-2/+3
|\ \ \ | |/ / | | | | | | | | | * PHP-7.0: fix test portability
| * | Merge branch 'PHP-5.6' into PHP-7.0Anatol Belski2016-09-131-2/+2
| |\ \ | | |/ | | | | | | | | | * PHP-5.6: fix test portability
| | * fix test portabilityAnatol Belski2016-09-131-2/+2
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Yasuo Ohgaki2016-09-092-2/+6
|\ \ \ | |/ / | | | | | | | | | | | | * PHP-7.0: Update NEWS Fixed Bug #68015 Session does not report invalid uid for files save handler
| * | Merge branch 'PHP-5.6' into PHP-7.0Yasuo Ohgaki2016-09-092-2/+8
| |\ \ | | |/ | | | | | | | | | * PHP-5.6: Fixed Bug #68015 Session does not report invalid uid for files save handler
| | * Fixed Bug #68015 Session does not report invalid uid for files save handlerYasuo Ohgaki2016-09-092-3/+9
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Stanislav Malyshev2016-09-041-0/+1
|\ \ \ | |/ / | | | | | | | | | * PHP-7.0: phpdbg: couple of network function return checks. Possible overflow when copy the socket_path configuration.
| * | phpdbg: couple of network function return checks. PossibleDavid Carlier2016-09-041-0/+1
| | | | | | | | | | | | overflow when copy the socket_path configuration.
* | | Revert "Revert "Implement RFC Add session_gc() ↵Yasuo Ohgaki2016-09-016-17/+62
| | | | | | | | | | | | | | | | | | https://wiki.php.net/rfc/session-gc"" This reverts commit 355c7e7d1cdc180d368c6214ea7605443fc88c92.
* | | Revert "Revert "Merge RFC https://wiki.php.net/rfc/session-create-id""Yasuo Ohgaki2016-09-011-4/+19
| | | | | | | | | | | | This reverts commit 663f1c8fb08ba51a00d7d8ed6261916c6fc8d5df.
* | | Revert "Revert "Add tests""Yasuo Ohgaki2016-09-012-0/+97
| | | | | | | | | | | | This reverts commit 4f11dedc436a160bbb90e2b2c559390119c48c0c.
* | | Merge branch 'PHP-7.0' into PHP-7.1Yasuo Ohgaki2016-09-011-41/+38
|\ \ \ | |/ / | | | | | | | | | * PHP-7.0: Fix bug #72940 properly. Reduce needless branches
| * | Fix bug #72940 properly. Reduce needless branchesYasuo Ohgaki2016-09-011-41/+38
| | |
* | | Revert "Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gc"Yasuo Ohgaki2016-09-016-62/+17
| | | | | | | | | | | | This reverts commit 1cf179e4150308d8217d9517408ca5e22b5d607f.
* | | Revert "Merge RFC https://wiki.php.net/rfc/session-create-id"Yasuo Ohgaki2016-09-011-19/+4
| | | | | | | | | | | | This reverts commit 7ee9f81c54ca888beae1c6aaeaccee1260012076.
* | | Revert "Add tests"Yasuo Ohgaki2016-09-012-97/+0
| | | | | | | | | | | | This reverts commit aff4c7d826316dc8f577d08c79a3c53c02b90910.
* | | Add testsYasuo Ohgaki2016-08-312-0/+97
| | |
* | | Merge RFC https://wiki.php.net/rfc/session-create-idYasuo Ohgaki2016-08-311-4/+19
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Yasuo Ohgaki2016-08-302-0/+36
|\ \ \ | |/ / | | | | | | | | | * PHP-7.0: Fixed bug #72940 SID always return "name=ID", even if session cookie exist
| * | Fixed bug #72940 SID always return "name=ID", even if session cookie existYasuo Ohgaki2016-08-302-0/+36
| | |
* | | Implement RFC Add session_gc() https://wiki.php.net/rfc/session-gcYasuo Ohgaki2016-08-296-17/+62
| | |
* | | Adjust test so that it passes on more restrictive filesystemsYasuo Ohgaki2016-08-221-2/+2
| | |
* | | Remove leftover of previous changeXinchen Hui2016-08-181-13/+3
| | |
* | | Remove outdate checksXinchen Hui2016-08-182-17/+6
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Xinchen Hui2016-08-172-8/+40
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0: (48 commits) Update NEWs Unused label Fixed bug #72853 (stream_set_blocking doesn't work) fix test Bug #72663 - part 3 Bug #72663 - part 2 Bug #72663 - part 1 Update NEWS BLock test with memory leak fix tests Fix TSRM build Fix bug #72850 - integer overflow in uuencode Fixed bug #72849 - integer overflow in urlencode Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption Fix bug #72838 - Integer overflow lead to heap corruption in sql_regcase Fix bug #72837 - integer overflow in bzdecompress caused heap corruption Fix bug #72836 - integer overflow in base64_decode caused heap corruption Fix for bug #72807 - do not produce strings with negative length Fix for bug #72790 and bug #72799 Fix bug #72730 - imagegammacorrect allows arbitrary write access ... Conflicts: ext/standard/var_unserializer.c
| * | Unused labelXinchen Hui2016-08-171-1/+0
| | |
| * | fix testStanislav Malyshev2016-08-171-1/+2
| | |
| * | Bug #72663 - part 3Nikita Popov2016-08-171-1/+8
| | | | | | | | | | | | | | | When using the php_serialize session serialization handler, do not use the result of the unserialization if it failed.
| * | Merge branch 'PHP-5.6' into PHP-7.0Stanislav Malyshev2016-08-172-6/+31
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: (24 commits) Update NEWS BLock test with memory leak fix tests Fix TSRM build Fix bug #72850 - integer overflow in uuencode Fixed bug #72849 - integer overflow in urlencode Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption Fix bug #72838 - Integer overflow lead to heap corruption in sql_regcase Fix bug #72837 - integer overflow in bzdecompress caused heap corruption Fix bug #72836 - integer overflow in base64_decode caused heap corruption Fix for bug #72807 - do not produce strings with negative length Fix for bug #72790 and bug #72799 Fix bug #72730 - imagegammacorrect allows arbitrary write access Fix bug#72697 - select_colors write out-of-bounds Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF Fix bug #72750: wddx_deserialize null dereference Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack Improve fix for #72663 Fix bug #70436: Use After Free Vulnerability in unserialize() Fix bug #72749: wddx_deserialize allows illegal memory access ... Conflicts: Zend/zend_API.h ext/bz2/bz2.c ext/curl/interface.c ext/ereg/ereg.c ext/exif/exif.c ext/gd/gd.c ext/gd/tests/imagetruecolortopalette_error3.phpt ext/gd/tests/imagetruecolortopalette_error4.phpt ext/session/session.c ext/snmp/snmp.c ext/standard/base64.c ext/standard/ftp_fopen_wrapper.c ext/standard/quot_print.c ext/standard/url.c ext/standard/uuencode.c ext/standard/var.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re ext/wddx/tests/bug72790.phpt ext/wddx/tests/bug72799.phpt ext/wddx/wddx.c sapi/cli/generate_mime_type_map.php
| | * Fix bug #72681 - consume data even if we're not storing themStanislav Malyshev2016-08-162-7/+34
| | |
* | | Merge RFC: Session ID without hashingYasuo Ohgaki2016-08-1211-429/+80
| | | | | | | | | | | | https://wiki.php.net/rfc/session-id-without-hashing
* | | Fix URL rewriter issuesYasuo Ohgaki2016-08-117-52/+585
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Nikita Popov2016-07-241-0/+1
|\ \ \ | |/ /
| * | Ensure session GC is not run during variation6.phptNikita Popov2016-07-241-0/+1
| | | | | | | | | | | | | | | | | | The implemented gc() handler simply deletes all sessions, including the current one. This may cause a subsequent unlink() warning. Avoid this by preventing GC from running.
* | | Merge branch 'PHP-7.0' into PHP-7.1Anatol Belski2016-07-231-3/+3
|\ \ \ | |/ / | | | | | | | | | * PHP-7.0: fix test
| * | Merge branch 'PHP-5.6' into PHP-7.0Anatol Belski2016-07-231-3/+3
| |\ \ | | |/ | | | | | | | | | * PHP-5.6: fix test
| | * fix testAnatol Belski2016-07-231-3/+3
| | |
* | | Merge branch 'PHP-7.0'Stanislav Malyshev2016-07-192-0/+45
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0: (27 commits) fix #72519, possible OOB using imagegif fix #72512, invalid read or write for palette image when invalid transparent index is used Apparently some envs miss SIZE_MAX Fix tests Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment Partial fix for bug #72613 - do not allow reading past error read Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c Fix for bug #72558, Integer overflow error within _gdContributionsAlloc() Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE update NEWS Fixed bug #72570 Segmentation fault when binding parameters on a query without placeholders Fix bug #72562 - destroy var_hash properly Fix bug #72551 and bug #72552 - check before converting size_t->int Fix bug #72541 - size_t overflow lead to heap corruption Fix bug #72533 (locale_accept_from_http out-of-bounds access) Fix fir bug #72520 Fix for bug #72513 Fix for bug #72513 CS fix and comments with bug ID ... Conflicts: ext/standard/basic_functions.c
| * | Merge branch 'PHP-5.6' into PHP-7.0Stanislav Malyshev2016-07-192-0/+45
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: fix #72519, possible OOB using imagegif fix #72512, invalid read or write for palette image when invalid transparent index is used Apparently some envs miss SIZE_MAX Fix tests Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c Fix for bug #72558, Integer overflow error within _gdContributionsAlloc() Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE Fix bug #72562 - destroy var_hash properly Fix bug #72533 (locale_accept_from_http out-of-bounds access) Fix fir bug #72520 Fix for bug #72513 Fix for bug #72513 CS fix and comments with bug ID Fix for HTTP_PROXY issue. 5.6.24RC1 add tests for bug #72512 Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access Fixed bug #72479 - same as #72434 Conflicts: Zend/zend_virtual_cwd.c ext/bz2/bz2.c ext/exif/exif.c ext/session/session.c ext/snmp/snmp.c ext/standard/basic_functions.c main/SAPI.c main/php_variables.c
| | * Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2016-07-192-1/+46
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: fix #72519, possible OOB using imagegif fix #72512, invalid read or write for palette image when invalid transparent index is used Apparently some envs miss SIZE_MAX Fix tests Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c Fix for bug #72558, Integer overflow error within _gdContributionsAlloc() Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE Fix bug #72562 - destroy var_hash properly Fix bug #72533 (locale_accept_from_http out-of-bounds access) Fix fir bug #72520 Fix for bug #72513 CS fix and comments with bug ID Fix for HTTP_PROXY issue. add tests for bug #72512 Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access Fixed bug #72479 - same as #72434 Conflicts: ext/bz2/bz2.c main/SAPI.c main/php_variables.c
| | | * Fix bug #72562 - destroy var_hash properlyStanislav Malyshev2016-07-122-1/+46
| | | |
* | | | Merge branch 'throw-error-in-extensions'Aaron Piotrowski2016-07-054-11/+19
|\ \ \ \
| * | | | E_RECOVERABLE_ERROR -> thrown ErrorAaron Piotrowski2016-06-141-4/+4
| | | | |
| * | | | Replace zend_ce_error with NULL and replace more E_ERROR with thrown ErrorAaron Piotrowski2016-06-132-7/+5
| | | | |
| * | | | Merge branch 'master' into throw-error-in-extensionsAaron Piotrowski2016-06-1044-424/+979
| |\ \ \ \
| * | | | | Update memory freeing and other issues, revert some changesAaron Piotrowski2015-07-055-28/+12
| | | | | |
| * | | | | Convert E_ERROR to thrown Error in extensionsAaron Piotrowski2015-07-057-19/+45
| | | | | |
View Lorry Controller Status