summaryrefslogtreecommitdiff
path: root/ext/standard
Commit message (Collapse)AuthorAgeFilesLines
* Fix testsStanislav Malyshev2017-07-041-2/+2
|
* Fixed bug #74111Nikita Popov2017-07-044-517/+501
|
* fix test for 32bits (int -> float)Remi Collet2017-02-011-2/+2
| | | | (cherry picked from commit 0f1ae93bfa2feb3d0fd0b8d3036148df8ef856e2)
* Add additional serialize tests for fixed bugsNikita Popov2017-01-163-0/+120
| | | | | These have been fixed as a side-effect of the delayed __wakeup patch.
* Fix glob-wrapper.phpt to not fail in WindowsMitch Hagstrand2017-01-101-5/+5
|
* Fix open_basedir check for glob:// opendir wrapperSara Golemon2017-01-091-0/+35
| | | | | | | | php_check_open_basedir() expects a local filesystem path, but we're handing it a `glob://...` URI instead. Move the check to after the path trim so that we're checking a meaningful pathspec.
* add skip when json not loadedRemi Collet2017-01-061-0/+2
|
* Add tests for delayed __wakeup()Nikita Popov2017-01-057-0/+263
|
* Implement delayed __wakeupNikita Popov2017-01-052-535/+622
|
* Merge branch 'PHP-5.6.30' into PHP-5.6Stanislav Malyshev2017-01-023-506/+523
|\ | | | | | | | | | | | | | | | | * PHP-5.6.30: Fix bug #73737 FPE when parsing a tag format Fix bug #73773 - Seg fault when loading hostile phar Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data() Fix bug #73768 - Memory corruption when loading hostile phar Fix int overflows in phar (bug #73764)
| * Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()Stanislav Malyshev2016-12-303-36/+76
| |
* | FIx bug #70213Nikita Popov2017-01-013-474/+531
|/
* Add more mbfl string size checks (bug #73505)Stanislav Malyshev2016-11-261-2/+0
|
* Make php_url_parse_ex() respect length argumentNikita Popov2016-11-221-20/+28
| | | | | | This should fix all out-of-bounds reads that could previously occur if the string passed to php_url_parse_ex() is not NUL terminated.
* Cleanup parse_url() query/fragment handlingNikita Popov2016-11-221-40/+21
| | | | | | The query/fragment handling was pretty convoluted, with many parts being duplicated. Simplify by checking for fragment, then for query, then for path.
* Cleanup parse_url() gotosNikita Popov2016-11-221-17/+7
| | | | | | Simplify some unnecessarily complicated code. In particular the length updates are unnecessary (length is only used at the very start) and we're goto'ing around a bit too much.
* Fix the lchwon error test for Travis CI.Mitch Hagstrand2016-11-181-1/+1
| | | | | | The E_WARNING message from the PHP function lchown is passed from the system function lchown. The error message returned from lchown can be filesystem dependent.
* Improvement for bug73297Julien Pauli2016-11-171-1/+1
|
* Simplify ext/standard/tests/http/bug73297.phptRowan Collins2016-11-171-26/+18
|
* http_fopen_wrapper.c - bug#73297 Skip past "100 Continue" responsesRowan Collins2016-11-171-0/+18
|
* Add failing test for bug#73297Rowan Collins2016-11-171-0/+41
|
* Merge remote-tracking branch 'phpsec/PHP-5.6.28' into PHP-5.6Anatol Belski2016-11-081-0/+24
|\
| * Fix bug #73144 and bug #73341 - remove extra dtorStanislav Malyshev2016-10-231-0/+24
| |
* | fix dir separator in testAnatol Belski2016-11-041-1/+1
| |
* | More string length checks & fixesStanislav Malyshev2016-11-032-6/+7
| |
* | Fix #73436: Setting allow_url_fopen to Off makes several tests failChristoph M. Becker2016-11-013-0/+6
|/ | | | We make sure that these tests run with allow_url_fopen=1.
* Clear FG(user_stream_current_filename) when bailing outSara Golemon2016-10-111-0/+16
| | | | | | | | | | If a userwrapper opener E_ERRORs then FG(user_stream_current_filename) would remain set until the next request and would not be pointing at unallocated memory. Catch the bailout, clear the variable, then continue bailing. Closes https://bugs.php.net/bug.php?id=73188
* Merge branch 'PHP-5.6.27' into PHP-5.6Stanislav Malyshev2016-10-112-50/+60
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6.27: Fix tests fix tsrm Fix bug #73284 - heap overflow in php_ereg_replace function Fix bug #73276 - crash in openssl_random_pseudo_bytes function Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML() fix bug #73275 - crash in openssl_encrypt function Fix for #73240 - Write out of bounds at number_format Bug #73218: add mitigation for ICU int overflow Add more locale length checks, due to ICU bugs. Fix bug #73208 - another missing length check Fix bug #73190: memcpy negative parameter _bc_new_num_ex Fix bug #73189 - Memcpy negative size parameter php_resolve_path Fixed bug #73174 - heap overflow in php_pcre_replace_impl Fix bug #73150: missing NULL check in dom_document_save_html Fix bug #73147: Use After Free in PHP7 unserialize() Fix bug #73082 Fix bug #73073 - CachingIterator null dereference when convert to string
| * Fix testsStanislav Malyshev2016-10-111-2/+0
| |
| * fix tsrmStanislav Malyshev2016-10-111-2/+2
| |
| * Fix for #73240 - Write out of bounds at number_formatStanislav Malyshev2016-10-101-48/+60
| |
* | Fix bug #73192Nikita Popov2016-10-0811-56/+49
| |
* | Revert "Fixed test"Nikita Popov2016-10-081-2/+32
| | | | | | | | This reverts commit a10d03ac166daba646b6023e0f12e9ee8040c909.
* | Revert "Added validation to parse_url() to prohibit restricted characters ↵Nikita Popov2016-10-0811-46/+52
| | | | | | | | | | | | inside login/pass components based on RFC3986" This reverts commit 085dfca02b64588317a233eb191d07a75511fff2.
* | Fix bug #73037, second roundAnatol Belski2016-10-051-1/+5
| |
* | Fixed testIlia Alshanetsky2016-10-041-32/+2
| |
* | Added validation to parse_url() to prohibit restricted characters inside ↵Ilia Alshanetsky2016-10-0411-52/+46
| | | | | | | | login/pass components based on RFC3986
* | Apparently negative wordwrap is a thing and should work as length = 0.Stanislav Malyshev2016-10-031-1/+5
| | | | | | | | I'll leave it as is for now.
* | Really fix bug #73017Stanislav Malyshev2016-10-031-4/+10
| |
* | Fix #73203: passing additional_parameters causes mail to failChristoph M. Becker2016-09-302-2/+26
|/ | | | We make sure that there's no unsigned underflow, which happened for `y==0`.
* fix test (32bits)Remi Collet2016-09-151-1/+1
|
* Fix bug #73052 - Memory Corruption in During Deserialized-object DestructionStanislav Malyshev2016-09-123-30/+50
|
* Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)Stanislav Malyshev2016-09-121-0/+4
|
* Also fix overflow in wordwrapStanislav Malyshev2016-09-121-1/+1
|
* Add more checks for int overflowStanislav Malyshev2016-09-121-2/+2
|
* Fix various int size overflows.Stanislav Malyshev2016-09-121-13/+10
| | | | | Add function for detection of string zvals with length that does not fit INT_MAX.
* Bug #73058 crypt broken when salt is 'too' longAnatol Belski2016-09-103-8/+33
|
* Fix #71882 amendment 2: Negative ftruncate() on php://memory exhausts memoryChristoph M. Becker2016-08-311-2/+2
|
* Fix #71882 amendment: Negative ftruncate() on php://memory exhausts memoryChristoph M. Becker2016-08-311-1/+1
| | | | To avoid BC breaks, we do not raise a warning for now.
* Test case for bug #72771Ville Hukkamäki2016-08-301-0/+23
|
View Lorry Controller Status