| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.4:
Fix #53467: Phar cannot compress large archives
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When Phars are flushed, a new temporary file is created for each entry
which should be compressed, and the `compressed_filesize` is retrieved.
Afterwards, the Phar manifest is written, and only after that the files
are copied to the actual Phar. So for each such entry there is an open
temp file, what easily exceeds the limit.
Therefore, we use a single temporary file for all entries, and store
the start offset in the otherwise unused `header_offset` member. We
ensure that the `cfp` members are properly set to NULL even if flushing
fails, to avoid use after free scenarios.
This solution is based on a suggestion by @lserni[1].
Closes GH-6643.
[1] <https://github.com/box-project/box2/issues/80#issuecomment-77147371>
|
| | | |
| | |
| | |
| | | |
Relates to GH-6644
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | | |
Closes GH-6660
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-8.0:
Update year to 2021
|
| | |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.4:
Update year to 2021
|
| | | |
| | |
| | |
| | | |
Closes GH-6636.
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-8.0:
Remove unnecessary cast in snmp_set_oid_output_format
|
| | | |
| | |
| | |
| | |
| | | |
This cast isn't needed, and could result in the ValueError being
skipped due to truncation.
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-8.0:
Add missing derefs in CurlFile
|
| | |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.4:
Add missing derefs in CurlFile
|
| | | |
| | |
| | |
| | | |
As pointed out on GH-6456.
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-8.0:
Fix persistent leak on load_wsdl_ex failure
|
| | |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.4:
Fix persistent leak on load_wsdl_ex failure
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Move the load_wsdl_ex call into the zend_try that destroys the
docs hash table. The wsdl will be inserted into docs early on,
and will thus be released on subsequent bailout.
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-8.0:
Fix #80654: file_get_contents() maxlen fails above (2**31)-1 bytes
|
| | |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.4:
Fix #80654: file_get_contents() maxlen fails above (2**31)-1 bytes
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We remove the arbitrary restriction to `INT_MAX`; it is superfluous on
32bit systems where `ZEND_LONG_MAX == INT_MAX` anyway, and not useful
on 64bit systems, where larger files should be readable, if the
`memory_limit` is large enough.
Closes GH-6648.
|
| | | |
| | |
| | |
| | | |
Closes GH-6652.
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-8.0:
XFAIL observer_error_05.phpt test
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | | |
* PHP-8.0:
Fix build
crc32 mac build fix
|
| | |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.4:
Fix build
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Closes GH-6651.
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* PHP-8.0:
Fix bug #80672 - Null Dereference in SoapClient
|
| | |\ \
| | |/
| | |
| | |
| | | |
* PHP-7.4:
Fix bug #80672 - Null Dereference in SoapClient
|
| | | |\
| | | |
| | | |
| | | |
| | | | |
* PHP-7.3:
Fix bug #80672 - Null Dereference in SoapClient
|
| | | | | |
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-8.0:
Add missing stub for SodiumException
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-6649.
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
* PHP-8.0:
NEWS
NEWS
Fix #80682 opcache doesn't honour pcre.jit option
|
| | |\ \ \
| | |/ /
| | | |
| | | |
| | | |
| | | | |
* PHP-7.4:
NEWS
Fix #80682 opcache doesn't honour pcre.jit option
|
| | | | | |
|
| | | |\ \
| | | |/
| | | |
| | | |
| | | | |
* PHP-7.3:
Rm unneeded function
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This only moves the files, adjusts the build system, exports APIs
and does minor fixups to make sure the code builds.
This does not yet try to make the optimizer usable independently
of opcache.
Closes GH-6642.
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-8.0:
Observe fake closures
|
| | | | |
| | | |
| | | |
| | | | |
Closes GH-6607.
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-8.0:
Rm unneeded function
|
| | | | | |
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-8.0:
Alternative fix for bug 77423
|
| | |\ \ \
| | |/ /
| | | |
| | | |
| | | | |
* PHP-7.4:
Alternative fix for bug 77423
|
| | | |\ \
| | | |/
| | | |
| | | |
| | | | |
* PHP-7.3:
Alternative fix for bug 77423
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
That bug report originally was about `parse_url()` misbehaving, but the
security aspect was actually only regarding `FILTER_VALIDATE_URL`.
Since the changes to `parse_url_ex()` apparently affect userland code
which is relying on the sloppy URL parsing[1], this alternative
restores the old parsing behavior, but ensures that the userinfo is
checked for correctness for `FILTER_VALIDATE_URL`.
[1] <https://github.com/php/php-src/commit/5174de7cd33c3d4fa591c9c93859ff9989b07e8c#commitcomment-45967652>
|
| | | | | |
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-8.0:
Fixed observer API and JIT compatibility
|
| | | | | |
|
