summaryrefslogtreecommitdiff
path: root/ext
Commit message (Collapse)AuthorAgeFilesLines
* Fix bug #79330 - make all execution modes consistent in rejecting \0Stanislav Malyshev2020-04-131-0/+9
|
* Fix testStanislav Malyshev2020-03-151-1/+1
|
* Fix bug #79329 - get_headers should not accept \0Stanislav Malyshev2020-03-151-1/+1
|
* Fixed bug #79282Stanislav Malyshev2020-03-152-1/+21
|
* Mark bug76348.phpt as online testNikita Popov2020-02-161-0/+1
|
* Fix bug #79082 - Files added to tar with Phar::buildFromIterator have ↵Stanislav Malyshev2020-02-164-0/+65
| | | | all-access permissions
* Fix bug #79221 - Null Pointer Dereference in PHP Session Upload ProgressStanislav Malyshev2020-02-152-4/+51
|
* Fix typo in recent bugfixChristoph M. Becker2020-02-141-1/+1
|
* Fix #77569: Write Acess Violation in DomImplementationChristoph M. Becker2020-02-132-1/+15
| | | | We must not assume that the zval IS_STRING.
* More checks for php_strip_tags_exStanislav Malyshev2020-01-221-2/+2
|
* Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)Stanislav Malyshev2020-01-202-5/+22
|
* Fix #79099: OOB read in php_strip_tags_exStanislav Malyshev2020-01-202-3/+35
|
* Fix #79091: heap use-after-free in session_create_id()Christoph M. Becker2020-01-202-0/+68
| | | | If the `new_id` is released, we must not use it again.
* Fix testStanislav Malyshev2019-12-161-1/+1
|
* Fix bug #78793Stanislav Malyshev2019-12-162-2/+15
|
* Fixed bug #78910Stanislav Malyshev2019-12-162-1/+19
|
* Fix #78878: Buffer underflow in bc_shift_addsubChristoph M. Becker2019-12-162-2/+15
| | | | | We must not rely on `isdigit()` to detect digits, since we only support decimal ASCII digits in the following processing.
* Fix testStanislav Malyshev2019-12-161-1/+1
|
* Fix #78862: link() silently truncates after a null byte on WindowsChristoph M. Becker2019-12-162-1/+18
| | | | | Since link() is supposed to accepts paths (i.e. strings without NUL bytes), we must not accept arbitrary strings.
* Fix #78863: DirectoryIterator class silently truncates after a null byteChristoph M. Becker2019-12-162-2/+33
| | | | | | Since the constructor of DirectoryIterator and friends is supposed to accepts paths (i.e. strings without NUL bytes), we must not accept arbitrary strings.
* Fix #78814: strip_tags allows / in tag name => whitelist bypassChristoph M. Becker2019-12-022-1/+9
| | | | | | | When normalizing tags to check whether they are contained in the set of allowable tags, we must not strip slashes, unless they come immediately after the opening `<`, or immediately before the closing `>`.
* Fix #78833: Integer overflow in pack causes out-of-bound accessChristoph M. Becker2019-12-022-1/+13
| | | | | We check for potential signed integer overflow, and bail out gracefully, in that case.
* Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOWChristoph M. Becker2019-11-211-1/+1
| | | | | | Apparently, this has not been tested for a long time, and might be a refactoring relict. Anyhow, we have to pass the context to `GIFNextPixel` as well.
* Fix $x = (bool)$x; for undefined with opcacheTyson Andre2019-11-181-0/+34
| | | | | | | | | | | | | | And `$x = !$x` Noticed while working on GH-4912 The included test would not emit undefined variable errors in php 8.0 with opcache enabled. The command used: ``` php -d zend_extension=opcache.so --no-php-ini -d error_reporting=E_ALL \ -d opcache.file_cache= -d opcache.enable_cli=1 test.php ```
* Fix bug #78804 - Segmentation fault in Locale::filterMatchesStanislav Malyshev2019-11-112-2/+15
|
* Remove outdated comments in testNikita Popov2019-11-071-3/+3
|
* Fixed bug #78759Nikita Popov2019-11-072-4/+19
| | | | Handle INDIRECT values in array.
* Fixed bug #78775Nikita Popov2019-11-052-0/+36
| | | | | | Clear the OpenSSL error queue before performing SSL stream operations. As we don't control all code that could possibly be using OpenSSL, we can't rely on the error queue being empty.
* Fix test cases for libxml2 2.9.10Christoph M. Becker2019-10-312-4/+4
| | | | | Since the error reporting has been slightly changed, we have to adapt the two affected test cases.
* Merge branch 'PHP-7.1' into PHP-7.2Stanislav Malyshev2019-10-282-4/+4
|\ | | | | | | | | | | | | * PHP-7.1: Fix libmagic buffer overflow issue (CVE-2019-18218) bump version set versions for release
| * Fix libmagic buffer overflow issue (CVE-2019-18218)Stanislav Malyshev2019-10-272-4/+4
| | | | | | | | Ported from https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
* | Fix #78751: Serialising DatePeriod converts DateTimeImmutableChristoph M. Becker2019-10-282-6/+22
| | | | | | | | | | | | When getting the properties of a DatePeriod instance we have to retain the proper classes, and when restoring a DatePeriod instance we have to cater to DateTimeImmutable instances as well.
* | Fixed bug #78747Nikita Popov2019-10-253-13/+41
| |
* | Fix bug #78697: inaccurate error messageFabien Villepinte2019-10-213-31/+45
| |
* | Fix #78694: Appending to a variant array causes segfaultChristoph M. Becker2019-10-192-0/+24
| | | | | | | | | | | | `write_dimension` object handlers have to be able to handle `NULL` `offset`s; for now we simply throw an exception instead of following the `NULL` pointer.
* | Fix #70153 \DateInterval incorrectly unserializedm.yakunin2019-10-185-4/+32
| | | | | | | | | | Added a separate macro for reading 'days' property, so that bool(false) is correctly converted to the proper internal representation.
* | Fix checksum calculation for opcacheMitch Hagstrand2019-10-143-11/+14
| |
* | Fix #78665: Multicasting may leak memoryChristoph M. Becker2019-10-121-0/+6
| |
* | Fix leak in phar openNikita Popov2019-10-102-7/+8
| |
* | Avoid float to int cast UB in exifNikita Popov2019-10-091-2/+3
| |
* | Remove redundant components < 0 checkNikita Popov2019-10-091-5/+0
| | | | | | | | components is an unsigned number, it cannot be smaller than zero.
* | Add pcre_get_compiled_regex_cache_ex() with local_aware flagSergei Turchanov2019-10-082-2/+11
| | | | | | | | | | | | | | | | | | A new function `pcre_get_compiled_regex_cache_ex()` is introduced, which allows to compile regexp pattern using the "C" locale instead of a current locale. This will be needed to replace setlocale() usage in fileinfo, which is not thread-safe.
* | Add missing SKIPIFs in exif testsFabien Villepinte2019-10-084-0/+24
| |
* | Fix #78642: Wrong libiconv version displayedChristoph M. Becker2019-10-081-1/+1
| | | | | | | | | | The high byte of `_libiconv_version` specifies the major version; the low byte the minor version.
* | Fix #78641: addGlob can modify given remove_path valueChristoph M. Becker2019-10-082-2/+34
| | | | | | | | | | | | | | `remove_path` points to the given string, so we must not modify it. Instead we use a duplicate, if we need the modification. We may want to switch to `zend_string`s in master.
* | Check for object_init_ex() failure in user filter factoryNikita Popov2019-10-072-3/+25
| |
* | Set session.gc_probability=0 in bug78624.phptNikita Popov2019-10-071-0/+1
| | | | | | | | | | We only want to test manually triggered session GC. Avoid spurious output due to automatic GC.
* | Fix #78623: Regression caused by "SP call yields additional empty result set"Christoph M. Becker2019-10-074-2/+8
| | | | | | | | This reverts commit 41a4379cb45419a376043ca5f8c5a2bca82cea7c.
* | Split intl tests for ICU 65Christoph M. Becker2019-10-044-0/+1559
| |
* | Fix #78620: Out of memory errorChristoph M. Becker2019-10-042-0/+20
| | | | | | | | | | The integer addition in `ZEND_MM_ALIGNED_SIZE_EX` can overflow, what we have to catch early.
View Lorry Controller Status