summaryrefslogtreecommitdiff
path: root/ext/standard/string.c
Commit message (Collapse)AuthorAgeFilesLines
* Fixed bug #72979 money_format stores wrong length on AIXJoe Watkins2017-01-091-0/+8
|
* Update copyright headers to 2017Sammy Kaye Powers2017-01-041-1/+1
|
* Merge branch 'PHP-5.6' into PHP-7.0Stanislav Malyshev2016-11-261-2/+0
|\ | | | | | | | | * PHP-5.6: Add more mbfl string size checks (bug #73505)
| * Add more mbfl string size checks (bug #73505)Stanislav Malyshev2016-11-261-2/+0
| |
| * Apparently negative wordwrap is a thing and should work as length = 0.Stanislav Malyshev2016-10-031-1/+5
| | | | | | | | I'll leave it as is for now.
| * Really fix bug #73017Stanislav Malyshev2016-10-031-4/+10
| |
| * Also fix overflow in wordwrapStanislav Malyshev2016-09-121-1/+1
| |
| * Fix various int size overflows.Stanislav Malyshev2016-09-121-13/+10
| | | | | | | | | | Add function for detection of string zvals with length that does not fit INT_MAX.
| * Fix #72823: strtr out-of-bound accessChristoph M. Becker2016-08-131-1/+7
| | | | | | | | | | If php_strtr_array_prepare_repls() reports pattern_len == 0, we return early to avoid OOB accesses, and because there is nothing to replace anyway.
* | pick up the safe alloc pieces fromAnatol Belski2016-09-131-4/+4
| | | | | | | | 19866fb76cf4c95d904ebb0e08592cf38303fae9
* | Remove zpp fallback code (always use Fast ZPP)Andrea Faulds2016-09-111-102/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Squashed commit of the following: commit 3e27fbb3d22b42d181e15c345f1c59a007b6b58c Author: Andrea Faulds <ajf@ajf.me> Date: Sun Sep 11 19:14:37 2016 +0100 Keep dummy FAST_ZPP macro for compatibility commit 8a7cfd00deaa4a3c5026c97580c49c886c72a5b4 Author: Andrea Faulds <ajf@ajf.me> Date: Mon Sep 5 22:36:03 2016 +0100 Remove FAST_ZPP macro and plain zpp fallback code
* | fix leakAnatol Belski2016-08-291-0/+1
| |
* | Fix bug #55451Lauri Kenttä2016-08-071-2/+3
| | | | | | | | | | Make substr_compare ignore the length if it's NULL. This allows to use the last parameter (case_insensitivity) with the default length.
* | Merge branch 'PHP-5.6' into PHP-7.0Julien Pauli2016-07-081-6/+3
|\ \ | |/ | | | | | | | | | | | | | | | | * PHP-5.6: Updated NEWS Backported bug #71144 (Segmentation fault when using cURL with ZTS) fix bug #72024 (microtime() leaks memory) Conflicts: ext/curl/interface.c
| * fix bug #72024 (microtime() leaks memory)Michael Maroszek2016-07-081-6/+3
| |
| * Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2016-06-271-1/+1
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fix the fix for #72403 on nl2br 5.5.38 now Conflicts: configure.in main/php_version.h
| | * Fix the fix for #72403 on nl2brStanislav Malyshev2016-06-271-1/+1
| | |
| * | Merge branch 'PHP-5.6.23' into PHP-5.6Stanislav Malyshev2016-06-211-3/+22
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6.23: Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize Fix bug #72321 - use efree() for emalloc allocation 5.6.23RC1 Conflicts: configure.in main/php_version.h
| | * \ Merge branch 'PHP-5.5' into PHP-5.6.23Stanislav Malyshev2016-06-211-3/+22
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow update NEWS fix tests fix build Fix bug #72455: Heap Overflow due to integer overflows Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize Fix bug #72407: NULL Pointer Dereference at _gdScaleVert Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free Fix bug #72298 pass2_no_dither out-of-bounds access Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow Fix bug #72262 - do not overflow int Fix bug #72400 and #72403 - prevent signed int overflows for string lengths Fix bug #72275: don't allow smart_str to overflow int Fix bug #72340: Double Free Courruption in wddx_deserialize update NEWS Fix #66387: Stack overflow with imagefilltoborder Skip test which is 64bits only 5.5.37 now Conflicts: configure.in ext/mcrypt/mcrypt.c ext/spl/spl_directory.c main/php_version.h
| | | * Fix bug #72400 and #72403 - prevent signed int overflows for string lengthsStanislav Malyshev2016-06-151-3/+22
| | | |
| * | | Fix bug #72138 - Integer Overflow in Length of String-typed ZVALStanislav Malyshev2016-06-141-0/+3
| |/ /
* | | Use zend_string_safe_allocXinchen Hui2016-04-271-1/+1
| | |
* | | Fixed bug #72100 (implode() inserts garbage into resulting string when joins ↵Dmitry Stogov2016-04-261-6/+6
| | | | | | | | | | | | very big integer). (Mikhail Galanin)
* | | Fixed bug #71969 (str_replace returns an incorrect resulting array after a ↵Xinchen Hui2016-04-061-0/+1
| | | | | | | | | | | | foreach by reference)
* | | fix #71287 (substr_replace bug when length type is string)Joe Watkins2016-03-311-3/+4
| | |
* | | Fix bug #71637: Multiple Heap Overflow due to integer overflowsStanislav Malyshev2016-02-211-1/+1
| | |
* | | Merge branch 'PHP-5.6' into PHP-7.0Nikita Popov2016-02-131-1/+1
|\ \ \ | |/ /
| * | Fix bounds check in strip_tags()Nikita Popov2016-02-131-1/+1
| | |
* | | Merge branch 'PHP-5.6' into PHP-7.0Julien Pauli2016-02-021-3/+7
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: Updated NEWS Fix #70720 Conflicts: ext/standard/string.c ext/standard/tests/strings/bug70720.phpt
| * | Fix #70720Julien Pauli2016-02-021-3/+4
| | |
* | | Merge branch 'PHP-7.0.3' into PHP-7.0Stanislav Malyshev2016-02-011-4/+1
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0.3: (35 commits) fix tests update NEWS fix tests fix NEWS Update NEWS update NEWS Fixed bug #71475: openssl_seal() uninitialized memory usage Fixed bug #71488: Stack overflow when decompressing tar archives fix tests fix wrong gc sequence revert the API string as well update NEWS Revert "Fix #70720" sync NEWS reset ext/session to the state of 7.0.2 update NEWS update NEWS add missing headers for SIZE_MAX backport the escapeshell* functions hardening branch add tests ... Conflicts: configure.in ext/session/tests/bug69111.phpt main/php_version.h
| * | | Revert "Fix #70720"Anatol Belski2016-01-291-4/+1
| | | | | | | | | | | | | | | | This reverts commit ff7ed9021cd72a7f82dd4301cdc266afdff458ad.
* | | | Use safe alloc functions when calculations are made on sizes.Stanislav Malyshev2016-01-261-14/+26
|/ / / | | | | | | | | | Fixes bug #71449, bug #71450
* | | Merge branch 'PHP-5.6' into PHP-7.0Lior Kaplan2016-01-011-1/+1
|\ \ \ | |/ / | | | | | | | | | * PHP-5.6: Happy new year (Update copyright to 2016)
| * | Happy new year (Update copyright to 2016)Lior Kaplan2016-01-011-1/+1
| | |
* | | Merge branch 'PHP-5.6' into PHP-7.0Julien Pauli2015-12-221-1/+4
|\ \ \ | |/ / | | | | | | | | | | | | * PHP-5.6: Fix #70720 Align NEWS entry format
| * | Fix #70720Julien Pauli2015-12-221-1/+4
| | |
* | | release only appropriate stringAnatol Belski2015-12-221-1/+5
| | |
* | | Fixed bug #71190 (substr_replace converts integers in original $search array ↵Xinchen Hui2015-12-221-9/+10
| | | | | | | | | | | | to strings)
* | | Fixed #71188 (str_replace converts integers in original $search array to ↵Xinchen Hui2015-12-221-8/+11
| | | | | | | | | | | | strings)
* | | Fixed bug #70667 (strtr() causes invalid writes and a crashes)Dmitry Stogov2015-10-081-1/+1
| | |
* | | Removed or simplified incorrect SEPARATE_*() macros usage.Dmitry Stogov2015-09-291-1/+0
| | |
* | | Fixed incorrect usage of HASH_OF() macro. Replaced HASH_OF() with more ↵Dmitry Stogov2015-09-241-1/+1
| | | | | | | | | | | | appropriate Z_ARRVAL_P() or Z_OBJPROP_P().
* | | Make bin2hex() and hex2bin() timing safeBob Weinand2015-08-041-13/+18
| | |
* | | fix memleakRemi Collet2015-07-271-0/+1
| | |
* | | Cleanup and also include the error path into testXinchen Hui2015-07-271-6/+4
| | |
* | | Fix #70112 RFE Allow dirname to go up various timesRemi Collet2015-07-271-3/+18
| | |
* | | Fixed bug #70140 (str_ireplace/php_string_tolower - Arbitrary Code Execution)Xinchen Hui2015-07-271-1/+1
| | |
* | | More warning fixesNikita Popov2015-07-171-9/+0
| | |
* | | Merge branch 'PHP-5.6'Ferenc Kovacs2015-07-071-1/+1
|\ \ \ | |/ / | | | | | | | | | * PHP-5.6: add missing second argument for ucfirst to the proto
View Lorry Controller Status