| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Update copyright headers to 2017 | Sammy Kaye Powers | 2017-01-04 | 1 | -1/+1 |
| | | |||||
| * | remove TSRMLS_* | Anatol Belski | 2016-11-21 | 1 | -1/+1 |
| | | |||||
| * | Merge branch 'PHP-5.6' into PHP-7.0 | Christoph M. Becker | 2016-08-20 | 1 | -2/+2 |
| |\ | |||||
| | * | Improvements to fix #72714, suggested by nikic | Christoph M. Becker | 2016-08-20 | 1 | -2/+2 |
| | | | |||||
| * | | Merge branch 'PHP-5.6' into PHP-7.0 | Christoph M. Becker | 2016-08-20 | 1 | -6/+14 |
| |\ \ | |/ | |||||
| | * | Fix #72714: _xml_startElementHandler() segmentation fault | Christoph M. Becker | 2016-08-20 | 1 | -8/+16 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The issue is caused by an integer overflow when the `long` passed as XML_OPTION_SKIP_TAGSTART is assigned to `xml_parser::toffset` which is declared as `int`. We can simply work around this issue, by clipping resulting negative values to 0 (and raising a notice in this case), because the reasonable range for this value is certainly catered to by positive `int`s. However, there still remains the issue that `xml_parser::toffset` is later added to `char *`s, which can cause OOB reads, so we make sure that the upper bound never exceeds the strlen(). We eschew optimizing `SKIP_TAGSTART` wrt. to the potentially duplicate strlen() call, because that code path is unexpected anyway. | ||||
| * | | Unused var | Xinchen Hui | 2016-08-17 | 1 | -1/+0 |
| | | | |||||
| * | | Merge branch 'PHP-5.6' into PHP-7.0 | Christoph M. Becker | 2016-08-17 | 1 | -1/+2 |
| |\ \ | |/ | |||||
| | * | #72085: SEGV on unknown address zif_xml_parse | Christoph M. Becker | 2016-08-17 | 1 | -1/+2 |
| | | | | | | | | | | | We better make sure that the ZVALs we're accessing as arrays are indeed arrays. | ||||
| * | | fix #72206 (xml_parser_create/xml_parser_free leaks mem) | Joe Watkins | 2016-05-14 | 1 | -3/+4 |
| | | | |||||
| * | | Merge branch 'PHP-5.6' into PHP-7.0 | Anatol Belski | 2016-04-27 | 1 | -30/+30 |
| |\ \ | |/ | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix memory leak Fix bug #72099: xml_parse_into_struct segmentation fault 5.5.36 now Fix bug #72094 - Out of bounds heap read access in exif header processing Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset Fix for bug #71912 (libgd: signedness vulnerability) Typo in NEWS | ||||
| | * | Merge branch 'PHP-5.5' into PHP-5.6 | Stanislav Malyshev | 2016-04-26 | 1 | -53/+53 |
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fix memory leak Fix bug #72099: xml_parse_into_struct segmentation fault 5.5.36 now Fix bug #72094 - Out of bounds heap read access in exif header processing Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset Fix for bug #71912 (libgd: signedness vulnerability) Typo in NEWS Conflicts: configure.in main/php_version.h | ||||
| | | * | Fix bug #72099: xml_parse_into_struct segmentation fault | Stanislav Malyshev | 2016-04-26 | 1 | -53/+53 |
| | | | | |||||
| | | * | Bump year | Xinchen Hui | 2015-01-15 | 1 | -1/+1 |
| | | | | |||||
| | | * | Bump year | Xinchen Hui | 2014-01-03 | 1 | -1/+1 |
| | | | | |||||
| * | | | Move semicolon into TSRMLS_CACHE_EXTERN/DEFINE | Nikita Popov | 2016-03-03 | 1 | -1/+1 |
| | | | | | | | | | | | | | Also re bug #71575. | ||||
| * | | | Fix bug #71637: Multiple Heap Overflow due to integer overflows | Stanislav Malyshev | 2016-02-21 | 1 | -1/+1 |
| | | | | |||||
| * | | | Merge branch 'PHP-5.6' into PHP-7.0 | Lior Kaplan | 2016-01-01 | 1 | -1/+1 |
| |\ \ \ | |/ / | | | | | | | | | | * PHP-5.6: Happy new year (Update copyright to 2016) | ||||
| | * | | Happy new year (Update copyright to 2016) | Lior Kaplan | 2016-01-01 | 1 | -1/+1 |
| | | | | |||||
| | * | | bump year | Xinchen Hui | 2015-01-15 | 1 | -1/+1 |
| | | | | |||||
| * | | | Internal function argumensts cleanup (strict_types) | Xinchen Hui | 2015-12-12 | 1 | -3/+3 |
| | | | | |||||
| * | | | Use ZSTR_ API to access zend_string elements (this is just renaming without ↵ | Dmitry Stogov | 2015-06-30 | 1 | -35/+35 |
| | | | | | | | | | | | | | semantick changes). | ||||
| * | | | cleanup mod version macros and mod defs, round x | Anatol Belski | 2015-03-23 | 1 | -1/+1 |
| | | | | |||||
| * | | | fix exports | Anatol Belski | 2015-03-23 | 1 | -3/+3 |
| | | | | |||||
| * | | | Optimize zend_string_realloc() add more specialized versions ↵ | Dmitry Stogov | 2015-03-20 | 1 | -4/+4 |
| | | | | | | | | | | | | | zend_string_extend() and zend_string_truncate() | ||||
| * | | | made ZEND_TSRMLS_CACHE_* macros look like function calls | Anatol Belski | 2015-02-16 | 1 | -2/+2 |
| | | | | | | | | | | | | | which also comply with the current semantics for such macros | ||||
| * | | | Cleanup resource handling APIs | Xinchen Hui | 2015-02-02 | 1 | -20/+62 |
| | | | | |||||
| * | | | bump year | Xinchen Hui | 2015-01-15 | 1 | -1/+1 |
| | | | | |||||
| * | | | first shot remove TSRMLS_* things | Anatol Belski | 2014-12-13 | 1 | -39/+36 |
| | | | | |||||
| * | | | ext/libxml, ext/xml and ext/soap use static tsrmls pointer | Anatol Belski | 2014-10-17 | 1 | -0/+6 |
| | | | | |||||
| * | | | bring back all the TSRMLS_FETCH() stuff | Anatol Belski | 2014-10-15 | 1 | -0/+3 |
| | | | | | | | | | | | | | for better comparability with the mainstream | ||||
| * | | | cleanup TSRMLS_FETCH in ext/xml | Anatol Belski | 2014-09-26 | 1 | -3/+0 |
| | | | | |||||
| * | | | s/PHP 5/PHP 7/ | Johannes Schlüter | 2014-09-19 | 1 | -1/+1 |
| | | | | |||||
| * | | | make xml_utf8_ encode/decode work with size_t | Anatol Belski | 2014-09-14 | 1 | -4/+4 |
| | | | | |||||
| * | | | 's' works with size_t round 3 | Anatol Belski | 2014-08-27 | 1 | -4/+6 |
| | | | | |||||
| * | | | first show to make 's' work with size_t | Anatol Belski | 2014-08-27 | 1 | -4/+4 |
| | | | | |||||
| * | | | fixed several long vs zend_long casts | Anatol Belski | 2014-08-26 | 1 | -1/+1 |
| | | | | |||||
| * | | | master renames phase 7PRE_AST_MERGE | Anatol Belski | 2014-08-25 | 1 | -4/+4 |
| | | | | |||||
| * | | | master renames phase 1 | Anatol Belski | 2014-08-25 | 1 | -73/+73 |
| | | | | |||||
| * | | | fix zpp | Anatol Belski | 2014-08-21 | 1 | -8/+8 |
| | | | | |||||
| * | | | Merge remote-tracking branch 'php/master' | Anatol Belski | 2014-08-19 | 1 | -1/+1 |
| |\ \ \ | | | | | | | | | | | | | | | | | Conflicts: ext/date/lib/parse_date.c | ||||
| | * | | | Fixed encoding support | Dmitry Stogov | 2014-08-19 | 1 | -1/+1 |
| | | | | | |||||
| * | | | | basic macro replacements, all at once | Anatol Belski | 2014-08-19 | 1 | -54/+54 |
| |/ / / | |||||
| * | | | cleanup | Dmitry Stogov | 2014-08-13 | 1 | -16/+18 |
| | | | | |||||
| * | | | Use reference counting instead of zval duplication | Dmitry Stogov | 2014-06-05 | 1 | -4/+2 |
| | | | | |||||
| * | | | cleanup | Dmitry Stogov | 2014-06-03 | 1 | -1/+1 |
| | | | | |||||
| * | | | Fixed bug introduced during conversion to "phpng" | Dmitry Stogov | 2014-05-07 | 1 | -1/+2 |
| | | | | |||||
| * | | | Initialize "retval" | Dmitry Stogov | 2014-05-07 | 1 | -27/+10 |
| | | | | |||||
| * | | | Fix memory error in ext/xml | Nikita Popov | 2014-05-05 | 1 | -1/+3 |
| | | | | |||||
| * | | | Fixed segfault in _xml_xmlchar_zval | Xinchen Hui | 2014-05-05 | 1 | -1/+2 |
| | | | | |||||
 |
index : delta/php-git.git | |
| git.php.net: repository/php-src.git |
| summaryrefslogtreecommitdiff |