| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.0:
Detect invalid port in xp_socket parse ip address
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For historical reasons, fsockopen() accepts the port and hostname
separately: fsockopen('127.0.0.1', 80)
However, with the introdcution of stream transports in PHP 4.3,
it became possible to include the port in the hostname specifier:
fsockopen('127.0.0.1:80')
Or more formally: fsockopen('tcp://127.0.0.1:80')
Confusing results when these two forms are combined, however.
fsockopen('127.0.0.1:80', 443) results in fsockopen() attempting
to connect to '127.0.0.1:80:443' which any reasonable stack would
consider invalid.
Unfortunately, PHP parses the address looking for the first colon
(with special handling for IPv6, don't worry) and calls atoi()
from there. atoi() in turn, simply stops parsing at the first
non-numeric character and returns the value so far.
The end result is that the explicitly supplied port is treated
as ignored garbage, rather than producing an error.
This diff replaces atoi() with strtol() and inspects the
stop character. If additional "garbage" of any kind is found,
it fails and returns an error.
|
| | | |
|
| | | |
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| | |
At least on some architectures memmove() on FreeBSD does not
short-curcuit if src==dst. Check for it explicitly to avoid
quadratic copying.
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.0:
Fixed bug #74090 stream_get_contents maxlength>-1 returns empty string
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.0:
Fixed #73496 (Invalid memory access in zend_inline_hash_func)
|
| | |
| |
| |
| | |
no test script is added because it requre too much memory
|
| |\ \
| |/ |
|
| | | |
|
| |\ \
| |/ |
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* PHP-7.0:
Fix open_basedir check for glob:// opendir wrapper
|
| | |\
| | |
| | |
| | |
| | | |
* PHP-5.6:
Fix open_basedir check for glob:// opendir wrapper
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
php_check_open_basedir() expects a local filesystem path,
but we're handing it a `glob://...` URI instead.
Move the check to after the path trim so that we're checking
a meaningful pathspec.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.
Catch the bailout, clear the variable, then continue bailing.
Closes https://bugs.php.net/bug.php?id=73188
|
| | | |\
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* PHP-5.6.27:
Fix tests
fix tsrm
Fix bug #73284 - heap overflow in php_ereg_replace function
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
fix bug #73275 - crash in openssl_encrypt function
Fix for #73240 - Write out of bounds at number_format
Bug #73218: add mitigation for ICU int overflow
Add more locale length checks, due to ICU bugs.
Fix bug #73208 - another missing length check
Fix bug #73190: memcpy negative parameter _bc_new_num_ex
Fix bug #73189 - Memcpy negative size parameter php_resolve_path
Fixed bug #73174 - heap overflow in php_pcre_replace_impl
Fix bug #73150: missing NULL check in dom_document_save_html
Fix bug #73147: Use After Free in PHP7 unserialize()
Fix bug #73082
Fix bug #73073 - CachingIterator null dereference when convert to string
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As fcgi_request is an opaque struct as of PHP 7, expose a new API
function fcgi_end() which does fcgi_flush() with end=1 and checks/
sets the ->ended flag.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
"closed" refers to whether FCGI_END_REQUEST has been sent, while
the "close" operation does something entirely different. It gets
extra confusing when fcgi_is_closed() does not actually return
fcgi_request.closed...
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
* PHP-7.0:
add 'e' flag for fopen() to enable CLOEXEC
|
| | | | | |
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | |
| | | | |
* PHP-7.0:
Increase realpath_cache_size default value
add UPGRADING note for realpath_cache_size
|
| | | | |
| | | |
| | | |
| | | | |
TODO: adjust php.ini defaults
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| |/ / / |
|
| | | | |
| | | |
| | | |
| | | | |
This allows us to unfork a bunch of tests for Windows.
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
(cherry picked from commit da7e89cde880c66887caacd0a3eae7ecdacf9b2a)
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If a userwrapper opener E_ERRORs then FG(user_stream_current_filename)
would remain set until the next request and would not be pointing
at unallocated memory.
Catch the bailout, clear the variable, then continue bailing.
Closes https://bugs.php.net/bug.php?id=73188
|
