summaryrefslogtreecommitdiff
path: root/ext/xml
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'PHP-7.0' into PHP-7.1Christoph M. Becker2016-08-202-3/+3
|\
| * Merge branch 'PHP-5.6' into PHP-7.0Christoph M. Becker2016-08-202-3/+3
| |\
| | * Improvements to fix #72714, suggested by nikicChristoph M. Becker2016-08-202-3/+3
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Christoph M. Becker2016-08-202-6/+49
|\ \ \ | |/ /
| * | Merge branch 'PHP-5.6' into PHP-7.0Christoph M. Becker2016-08-202-6/+49
| |\ \ | | |/
| | * Fix #72714: _xml_startElementHandler() segmentation faultChristoph M. Becker2016-08-202-8/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The issue is caused by an integer overflow when the `long` passed as XML_OPTION_SKIP_TAGSTART is assigned to `xml_parser::toffset` which is declared as `int`. We can simply work around this issue, by clipping resulting negative values to 0 (and raising a notice in this case), because the reasonable range for this value is certainly catered to by positive `int`s. However, there still remains the issue that `xml_parser::toffset` is later added to `char *`s, which can cause OOB reads, so we make sure that the upper bound never exceeds the strlen(). We eschew optimizing `SKIP_TAGSTART` wrt. to the potentially duplicate strlen() call, because that code path is unexpected anyway.
| * | Unused varXinchen Hui2016-08-171-1/+0
| | |
* | | Merge branch 'PHP-7.0' into PHP-7.1Christoph M. Becker2016-08-172-1/+76
|\ \ \ | |/ /
| * | Merge branch 'PHP-5.6' into PHP-7.0Christoph M. Becker2016-08-172-1/+76
| |\ \ | | |/
| | * #72085: SEGV on unknown address zif_xml_parseChristoph M. Becker2016-08-172-1/+76
| | | | | | | | | | | | | | | We better make sure that the ZVALs we're accessing as arrays are indeed arrays.
| * | fix #72206 (xml_parser_create/xml_parser_free leaks mem)Joe Watkins2016-05-141-3/+4
| | |
* | | Fix bug #72099: xml_parse_into_struct segmentation faultStanislav Malyshev2016-06-281-1/+1
| | |
* | | Fixed compilation warningsDmitry Stogov2016-06-231-2/+2
| | |
* | | Unused varXinchen Hui2016-06-141-1/+0
| | |
* | | fix #72206 (xml_parser_create/xml_parser_free leaks mem)Joe Watkins2016-05-141-3/+4
| | |
* | | Removed "zend_fcall_info.function_table". It was assigned in many places, ↵Dmitry Stogov2016-04-271-1/+0
| | | | | | | | | | | | but is never used.
* | | Merge branch 'PHP-7.0'Anatol Belski2016-04-271-0/+17
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0: fix merge Fix memory leak Fix bug #72099: xml_parse_into_struct segmentation fault 5.5.36 now Fix bug #72094 - Out of bounds heap read access in exif header processing Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset Fix for bug #71912 (libgd: signedness vulnerability) Typo in NEWS
| * | Merge branch 'PHP-5.6' into PHP-7.0Anatol Belski2016-04-272-30/+47
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: Fix memory leak Fix bug #72099: xml_parse_into_struct segmentation fault 5.5.36 now Fix bug #72094 - Out of bounds heap read access in exif header processing Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset Fix for bug #71912 (libgd: signedness vulnerability) Typo in NEWS
| | * Merge branch 'PHP-5.5' into PHP-5.6Stanislav Malyshev2016-04-262-53/+70
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Fix memory leak Fix bug #72099: xml_parse_into_struct segmentation fault 5.5.36 now Fix bug #72094 - Out of bounds heap read access in exif header processing Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset Fix for bug #71912 (libgd: signedness vulnerability) Typo in NEWS Conflicts: configure.in main/php_version.h
| | | * Fix bug #72099: xml_parse_into_struct segmentation faultStanislav Malyshev2016-04-262-53/+70
| | | |
| | | * Bump yearXinchen Hui2015-01-154-4/+4
| | | |
* | | | Merge branch 'PHP-7.0'Nikita Popov2016-03-032-2/+2
|\ \ \ \ | |/ / /
| * | | Move semicolon into TSRMLS_CACHE_EXTERN/DEFINENikita Popov2016-03-032-2/+2
| | | | | | | | | | | | | | | | Also re bug #71575.
* | | | Removed zend_fcall_info.symbol_tableDmitry Stogov2016-03-021-1/+0
| | | |
* | | | Merge branch 'PHP-7.0'Stanislav Malyshev2016-03-011-1/+1
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.0: (25 commits) Update NEWS update NEWS fix test file Fix version update NEWS Update NEWS Fix bug #71610: Type Confusion Vulnerability - SOAP / make_http_soap_request() Fix bug #71637: Multiple Heap Overflow due to integer overflows extend check for add_flag Fixed another segfault with file_cache_only now set version fix nmake clean in phpize mode Fixed segfault with file_cache_only Fixed possible crash at PCRE on MSHUTDOWN Fixed more synchronisation issues during SHM reload Set proper type flags (REFCOUNTED and COPYABLE) according to interned or regular string sync with improvements in NEWS Fixed process synchronisation problem, that may cause crashes after opcache restart Fix bug #71610: Type Confusion Vulnerability - SOAP / make_http_soap_request() Fix bug #71637: Multiple Heap Overflow due to integer overflows ...
| * | | Fix bug #71637: Multiple Heap Overflow due to integer overflowsStanislav Malyshev2016-02-211-1/+1
| | | |
* | | | Remove version checksNikita Popov2016-01-301-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PHP_VERSION_ID PHP_API_VERSION ZEND_MODULE_API_NO PHP_MAJOR_VERSION, PHP_MINOR_VERSION ZEND_ENGINE_2 I've left litespeed alone, as it seems to genuinely maintain support for many PHP versions.
* | | | Merge branch 'PHP-7.0'Lior Kaplan2016-01-014-4/+4
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | * PHP-7.0: Update header to PHP Version 7 Happy new year (Update copyright to 2016) Happy new year (Update copyright to 2016)
| * | | Merge branch 'PHP-5.6' into PHP-7.0Lior Kaplan2016-01-014-4/+4
| |\ \ \ | | |/ / | | | | | | | | | | | | * PHP-5.6: Happy new year (Update copyright to 2016)
| | * | Happy new year (Update copyright to 2016)Lior Kaplan2016-01-014-4/+4
| | | |
* | | | Merge branch 'PHP-7.0'Xinchen Hui2015-12-121-3/+3
|\ \ \ \ | |/ / /
| * | | Internal function argumensts cleanup (strict_types)Xinchen Hui2015-12-121-3/+3
| | | |
* | | | Make 2nd arg of xml_set_object by valueNikita Popov2015-12-101-2/+2
|/ / / | | | | | | | | | | | | The argument is not being modified. Probably holdover from PHP 4 days.
* | | Merge branch 'PHP-5.6'Christoph M. Becker2015-09-091-0/+2
|\ \ \ | |/ / | | | | | | | | | * PHP-5.6: Skip test for old glibc iconv
| * | Skip test for old glibc iconvChristoph M. Becker2015-09-091-0/+2
| | | | | | | | | | | | | | | | | | | | | bug32001.phpt has a high failure rate for the submitted reports. According to several samples it seems the iconv implementation of glibc 2.12 (released 2010-05) is the culprit. It seems appropriate to skip the test for such old versions.
| * | bump yearXinchen Hui2015-01-154-4/+4
| |/
* | switch to the unified globals accessor where appropriateAnatol Belski2015-07-291-6/+3
| |
* | Use ZSTR_ API to access zend_string elements (this is just renaming without ↵Dmitry Stogov2015-06-301-35/+35
| | | | | | | | semantick changes).
* | improve searchability for libxml2 headersAnatol Belski2015-05-101-2/+5
| | | | | | | | and bring the configs inline with the current libxml2 build
* | Deprecate PHP 4 constructorsAndrea Faulds2015-03-311-1/+1
| |
* | cleanup mod version macros and mod defs, round xAnatol Belski2015-03-232-1/+5
| |
* | fix exportsAnatol Belski2015-03-234-54/+61
| |
* | Optimize zend_string_realloc() add more specialized versions ↵Dmitry Stogov2015-03-201-4/+4
| | | | | | | | zend_string_extend() and zend_string_truncate()
* | made ZEND_TSRMLS_CACHE_* macros look like function callsAnatol Belski2015-02-162-3/+3
| | | | | | | | which also comply with the current semantics for such macros
* | Cleanup resource handling APIsXinchen Hui2015-02-021-20/+62
| |
* | bump yearXinchen Hui2015-01-154-4/+4
| |
* | trailing whitespace removalStanislav Malyshev2015-01-101-25/+25
| |
* | Use "float" and "integer" in typehint and zpp errorsAndrea Faulds2014-12-2123-131/+131
| |
* | first shot remove TSRMLS_* thingsAnatol Belski2014-12-131-39/+36
| |
* | Merge remote-tracking branch 'origin/master' into native-tlsAnatol Belski2014-12-133-2/+3
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * origin/master: (37 commits) NEWS NEWS Fix bug #68601 buffer read overflow in gd_gif_in.c Fixed compilation warnings Removed unnecessary checks pcntl_signal_dispatch: Speed up by preventing system calls when unnecessary Merged PR #911. Removed ZEND_ACC_FINAL_CLASS which is unnecessary. This also fixed some currently defined classes as final which were just not being considered as such before. Updated NEWS Updated NEWS Updated NEWS Fix bug #68532: convert.base64-encode omits padding bytes Updated NEWS Updated NEWS Updated NEWS Fixed Bug #65576 (Constructor from trait conflicts with inherited constructor) Updated NEWS Updated NEWS Fix MySQLi tests Fixed gd test ...
View Lorry Controller Status