From bd49622a9af2d130d68224e8739bf1bf99b9d0ce Mon Sep 17 00:00:00 2001 From: Sara Golemon Date: Tue, 14 Apr 2020 15:16:26 +0000 Subject: Update NEWS for PHP 7.2.30 --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index a1530faa03..5d925682a4 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,6 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? 2020, PHP 7.2.30 +16 Apr 2020, PHP 7.2.30 - Standard: . Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter -- cgit v1.2.1 From cf083535f8ba49e6812b4bf22c2e95dfe46d8ecd Mon Sep 17 00:00:00 2001 From: Sara Golemon Date: Tue, 14 Apr 2020 15:16:26 +0000 Subject: Update CREDITS for PHP 7.2.30 --- ext/standard/credits_ext.h | 12 ++++++------ ext/standard/credits_sapi.h | 10 +++++----- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/ext/standard/credits_ext.h b/ext/standard/credits_ext.h index cf42624977..6baede162b 100644 --- a/ext/standard/credits_ext.h +++ b/ext/standard/credits_ext.h @@ -1,11 +1,11 @@ -/* +/* DO NOT EDIT THIS FILE! - it has been automaticaly created by php7/scripts/credits from + it has been automaticaly created by php7/scripts/credits from the information found in the various php7/ext/.../CREDITS and - php7/sapi/.../CREDITS files - - if you want to change an entry you have to edit the appropriate + php7/sapi/.../CREDITS files + + if you want to change an entry you have to edit the appropriate CREDITS file instead */ @@ -28,7 +28,7 @@ CREDIT_LINE("FTP", "Stefan Esser, Andrew Skalski"); CREDIT_LINE("GD imaging", "Rasmus Lerdorf, Stig Bakken, Jim Winstead, Jouni Ahto, Ilia Alshanetsky, Pierre-Alain Joye, Marcus Boerger"); CREDIT_LINE("GetText", "Alex Plotnick"); CREDIT_LINE("GNU GMP support", "Stanislav Malyshev"); -CREDIT_LINE("Iconv", "Rui Hirokawa, Stig Bakken, Moriyoshi Koizumi "); +CREDIT_LINE("Iconv", "Rui Hirokawa, Stig Bakken, Moriyoshi Koizumi"); CREDIT_LINE("IMAP", "Rex Logan, Mark Musone, Brian Wang, Kaj-Michael Lang, Antoni Pamies Olive, Rasmus Lerdorf, Andrew Skalski, Chuck Hagenbuch, Daniel R Kalowsky"); CREDIT_LINE("Input Filter", "Rasmus Lerdorf, Derick Rethans, Pierre-Alain Joye, Ilia Alshanetsky"); CREDIT_LINE("InterBase", "Jouni Ahto, Andrew Avdeev, Ard Biesheuvel"); diff --git a/ext/standard/credits_sapi.h b/ext/standard/credits_sapi.h index f677344a54..471724f70f 100644 --- a/ext/standard/credits_sapi.h +++ b/ext/standard/credits_sapi.h @@ -1,11 +1,11 @@ -/* +/* DO NOT EDIT THIS FILE! - it has been automaticaly created by php7/scripts/credits from + it has been automaticaly created by php7/scripts/credits from the information found in the various php7/ext/.../CREDITS and - php7/sapi/.../CREDITS files - - if you want to change an entry you have to edit the appropriate + php7/sapi/.../CREDITS files + + if you want to change an entry you have to edit the appropriate CREDITS file instead */ -- cgit v1.2.1 From bef96b9d2c7330909f43faf4f8ff12c7723bf857 Mon Sep 17 00:00:00 2001 From: Sara Golemon Date: Tue, 14 Apr 2020 15:38:55 +0000 Subject: Update NEWS for 7.2.31 --- NEWS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/NEWS b/NEWS index 5d925682a4..5cc234c20c 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,8 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| +?? ??? ????, PHP 7.2.31 + + 16 Apr 2020, PHP 7.2.30 - Standard: -- cgit v1.2.1 From 1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87 Mon Sep 17 00:00:00 2001 From: "Christoph M. Becker" Date: Wed, 18 Mar 2020 10:26:53 +0100 Subject: Fix #78875: Long filenames cause OOM and temp files are not cleaned We must not cast `size_t` to `int` (unless the `size_t` value is guaranteed to be less than or equal to `INT_MAX`). In this case we can declare `array_len` as `size_t` in the first place. --- main/rfc1867.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/main/rfc1867.c b/main/rfc1867.c index bd01b34cf0..783eab4175 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -692,7 +692,8 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL; char *lbuf = NULL, *abuf = NULL; zend_string *temp_filename = NULL; - int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0, array_len = 0; + int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0; + size_t array_len = 0; int64_t total_bytes = 0, max_file_size = 0; int skip_upload = 0, anonindex = 0, is_anonymous; HashTable *uploaded_files = NULL; @@ -1126,7 +1127,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ is_arr_upload = (start_arr = strchr(param,'[')) && (param[strlen(param)-1] == ']'); if (is_arr_upload) { - array_len = (int)strlen(start_arr); + array_len = strlen(start_arr); if (array_index) { efree(array_index); } -- cgit v1.2.1 From 3c8582ca4b8e84e5647220b647914876d2c3b124 Mon Sep 17 00:00:00 2001 From: "Christoph M. Becker" Date: Wed, 18 Mar 2020 10:57:42 +0100 Subject: Fix #78876: Long variables cause OOM and temp files are not cleaned We use the proper type for size calculations, which is `size_t`. --- main/rfc1867.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/main/rfc1867.c b/main/rfc1867.c index 783eab4175..27718e72a4 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -616,7 +616,7 @@ static void *php_ap_memstr(char *haystack, int haystacklen, char *needle, int ne } /* read until a boundary condition */ -static int multipart_buffer_read(multipart_buffer *self, char *buf, size_t bytes, int *end) +static size_t multipart_buffer_read(multipart_buffer *self, char *buf, size_t bytes, int *end) { size_t len, max; char *bound; @@ -655,7 +655,7 @@ static int multipart_buffer_read(multipart_buffer *self, char *buf, size_t bytes self->buf_begin += len; } - return (int)len; + return len; } /* @@ -665,7 +665,7 @@ static int multipart_buffer_read(multipart_buffer *self, char *buf, size_t bytes static char *multipart_buffer_read_body(multipart_buffer *self, size_t *len) { char buf[FILLUNIT], *out=NULL; - int total_bytes=0, read_bytes=0; + size_t total_bytes=0, read_bytes=0; while((read_bytes = multipart_buffer_read(self, buf, sizeof(buf), NULL))) { out = erealloc(out, total_bytes + read_bytes + 1); -- cgit v1.2.1