summaryrefslogtreecommitdiff
path: root/ext/xsl/xsltprocessor.c
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'PHP-7.3' into PHP-7.4Christoph M. Becker2020-01-301-1/+1
|\ | | | | | | | | * PHP-7.3: Fix #70078: XSL callbacks with nodes as parameter leak memory
| * Fix #70078: XSL callbacks with nodes as parameter leak memoryChristoph M. Becker2020-01-301-1/+1
| | | | | | | | | | | | | | | | | | The fix for bug #49634 solved a double-free by copying the node with `xmlDocCopyNodeList()`, but the copied node is later freed by calling `xmlFreeNode()` instead of `xmlFreeNodeList()`, thus leaking memory. However, there is no need to treat the node as node list, i.e. to copy also the node's siblings; just creating a recursive copy of the node with `xmlDocCopyNode()` is sufficient, while that also avoids the leak.
* | Cheaper checks for exceptions thrown from __toString()Dmitry Stogov2019-06-061-4/+7
| |
* | Allow exceptions in __toString()Nikita Popov2019-06-051-7/+17
| | | | | | | | | | | | | | | | | | | | RFC: https://wiki.php.net/rfc/tostring_exceptions And convert some object to string conversion related recoverable fatal errors into Error exceptions. Improve exception safety of internal code performing string conversions.
* | Fix strict aliasing violation in phpdbgNikita Popov2019-04-121-1/+1
| | | | | | | | | | | | By explicitly computing the message length from bytes. This also makes sure that the length is interpreted in an endianness-independent manner.
* | Remove local variablesPeter Kokot2019-02-031-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly used by Vim and Emacs editors yet with recent changes the once working definitions don't work anymore in Vim without custom plugins or additional configuration. Neither are these settings synced across the PHP code base. A simpler and better approach is EditorConfig and fixing code using some code style fixing tools in the future instead. This patch also removes the so called modelines for Vim. Modelines allow Vim editor specifically to set some editor configuration such as syntax highlighting, indentation style and tab width to be set in the first line or the last 5 lines per file basis. Since the php test files have syntax highlighting already set in most editors properly and EditorConfig takes care of the indentation settings, this patch removes these as well for the Vim 6.0 and newer versions. With the removal of local variables for certain editors such as Emacs and Vim, the footer is also probably not needed anymore when creating extensions using ext_skel.php script. Additionally, Vim modelines for setting php syntax and some editor settings has been removed from some *.phpt files. All these are mostly not relevant for phpt files neither work properly in the middle of the file.
* | Remove yearly range from copyright noticeZeev Suraski2019-01-301-1/+1
| |
* | Use ZEND_THIS macro to hide implementation details in extensions code.Dmitry Stogov2018-11-151-4/+4
| |
* | Replace zend_parse_method_parameters() by zend_parse_parameters() and avoid ↵Dmitry Stogov2018-11-141-1/+2
| | | | | | | | useless checks.
* | Replace getThis() by EX(This), when additional check is not necessary.Dmitry Stogov2018-11-141-3/+3
|/
* Remove unused Git attributes identPeter Kokot2018-07-251-2/+0
| | | | | | | | | | | | | | | The $Id$ keywords were used in Subversion where they can be substituted with filename, last revision number change, last changed date, and last user who changed it. In Git this functionality is different and can be done with Git attribute ident. These need to be defined manually for each file in the .gitattributes file and are afterwards replaced with 40-character hexadecimal blob object name which is based only on the particular file contents. This patch simplifies handling of $Id$ keywords by removing them since they are not used anymore.
* Update http to httpsDusta2018-06-251-1/+1
|
* Export standard object handlers, to avoid indirect accessDmitry Stogov2018-05-311-7/+2
|
* Use zend_string_release_ex() instread of zend_string_release() in places, ↵Dmitry Stogov2018-05-281-1/+1
| | | | where we sure about string persistence.
* Keep initialized object_handlers structures in read-only memory.Dmitry Stogov2018-03-141-2/+2
|
* Use int instead of long in protosGabriel Caruso2018-02-231-2/+2
|
* year++Xinchen Hui2018-01-021-1/+1
|
* Cleanup type conversionDmitry Stogov2017-12-071-2/+1
|
* RC manipulation cleanup 2Xinchen Hui2017-11-021-3/+1
|
* Avoid HashTable allocations for empty arrays (using zend_empty_array).Dmitry Stogov2017-10-241-1/+3
|
* Refactored array creation API. array_init() and array_init_size() are ↵Dmitry Stogov2017-09-201-2/+1
| | | | converted into macros calling zend_new_array(). They are not functions anymore and don't return any values.
* Update copyright headers to 2017Sammy Kaye Powers2017-01-021-1/+1
|
* Fixed compilation warningsDmitry Stogov2016-06-221-5/+4
|
* Removed "zend_fcall_info.function_table". It was assigned in many places, ↵Dmitry Stogov2016-04-271-1/+0
| | | | but is never used.
* Removed zend_fcall_info.symbol_tableDmitry Stogov2016-03-021-1/+0
|
* More fixing for bug #71540Stanislav Malyshev2016-02-151-1/+1
|
* Fix bug #71540 - NULL pointer dereference in xsl_ext_function_php()Stanislav Malyshev2016-02-151-0/+4
|
* Merge branch 'PHP-5.6' into PHP-7.0Lior Kaplan2016-01-011-1/+1
|\ | | | | | | | | * PHP-5.6: Happy new year (Update copyright to 2016)
| * Happy new year (Update copyright to 2016)Lior Kaplan2016-01-011-1/+1
| |
* | Fixed bug #70678 (PHP7 returns true when false is expected)Felipe Pena2015-10-161-1/+1
| | | | | | | | Cherry-pick from master.
* | Removed or simplified incorrect SEPARATE_*() macros usage.Dmitry Stogov2015-09-291-3/+0
| |
* | Merge branch 'PHP-5.6'Stanislav Malyshev2015-09-021-1/+3
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.6: (21 commits) fix unit tests update NEWS add NEWS for fixes Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) ... Conflicts: ext/exif/exif.c ext/gmp/gmp.c ext/pcre/php_pcre.c ext/session/session.c ext/session/tests/session_decode_variation3.phpt ext/soap/soap.c ext/spl/spl_observer.c ext/standard/var.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re ext/xsl/xsltprocessor.c
| * Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2015-09-011-69/+73
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) 5.4.45 next Conflicts: configure.in ext/pcre/php_pcre.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re main/php_version.h
| | * Fix for bug #69782Stanislav Malyshev2015-08-161-69/+73
| | |
| | * Bump yearXinchen Hui2014-01-031-1/+1
| | |
| * | Bump yearXinchen Hui2015-01-151-1/+1
| | |
| * | Bump yearXinchen Hui2014-01-031-1/+1
| |/
* | Partially fix XSLT warningsNikita Popov2015-07-171-13/+12
| | | | | | | | | | | | | | The two remaining issues seem to be genuine problems. We're treating node->children as a string, even though it's actually an xmlNode. The same code exists twice in xpath.c. In all cases gcov shows no coverage for it.
* | Use ZSTR_ API to access zend_string elements (this is just renaming without ↵Dmitry Stogov2015-06-301-4/+4
| | | | | | | | semantick changes).
* | Fix more minor mistakes in the proto commentsRasmus Lerdorf2015-06-231-9/+9
| |
* | Use specialized macro for string zval creationDmitry Stogov2015-03-121-1/+1
| |
* | Remove xsl.security_prefs ini optionNikita Popov2015-03-091-18/+1
| | | | | | | | | | | | Conflicts: ext/xsl/php_xsl.c ext/xsl/xsltprocessor.c
* | bump yearXinchen Hui2015-01-151-1/+1
| |
* | trailing whitespace removalStanislav Malyshev2015-01-101-61/+61
| |
* | first shot remove TSRMLS_* thingsAnatol Belski2014-12-131-54/+53
| |
* | bring back all the TSRMLS_FETCH() stuffAnatol Belski2014-10-151-0/+2
| | | | | | | | for better comparability with the mainstream
* | drop TSRMLS_FETCH in xslAnatol Belski2014-09-261-2/+0
| |
* | s/PHP 5/PHP 7/Johannes Schlüter2014-09-191-1/+1
| |
* | Avoid double IS_INTERNED() checkDmitry Stogov2014-09-191-1/+1
| |
* | 's' works with size_t round 3Anatol Belski2014-08-271-2/+2
| |
View Lorry Controller Status