|
Revision tags: php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16, php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2, php-7.2.15RC1, php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14, php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1, php-7.2.13RC1, php-7.3.0RC6, php-7.1.24, php-7.2.12, php-7.3.0RC5, php-7.1.24RC1, php-7.2.12RC1, php-7.3.0RC4, php-7.1.23, php-7.2.11, php-7.3.0RC3, php-7.1.23RC1, php-7.2.11RC1, php-7.3.0RC2, php-5.6.38, php-7.1.22, php-7.3.0RC1, php-7.2.10, php-7.0.32, php-7.1.22RC1, php-7.3.0beta3, php-7.2.10RC1, php-7.1.21, php-7.2.9, php-7.3.0beta2, php-7.1.21RC1, php-7.3.0beta1, php-7.2.9RC1, php-5.6.37, php-7.1.20, php-7.3.0alpha4, php-7.0.31, php-7.2.8, php-7.1.20RC1, php-7.2.8RC1, php-7.3.0alpha3, php-7.3.0alpha2, php-7.1.19, php-7.2.7, php-7.1.19RC1, php-7.3.0alpha1, php-7.2.7RC1, php-7.1.18, php-7.2.6, php-7.2.6RC1, php-7.1.18RC1, php-5.6.36, php-7.2.5, php-7.1.17, php-7.0.30, php-7.1.17RC1, php-7.2.5RC1, php-5.6.35, php-7.0.29, php-7.2.4, php-7.1.16, php-7.1.16RC1, php-7.2.4RC1, php-7.1.15, php-5.6.34, php-7.2.3, php-7.0.28, php-7.2.3RC1, php-7.1.15RC1, php-7.1.14, php-7.2.2, php-7.1.14RC1, php-7.2.2RC1, php-7.1.13, php-5.6.33, php-7.2.1, php-7.0.27, php-7.2.1RC1, php-7.1.13RC1, php-7.0.27RC1, php-7.2.0, php-7.1.12, php-7.0.26, php-7.1.12RC1, php-7.2.0RC6, php-7.0.26RC1, php-7.1.11, php-5.6.32, php-7.2.0RC5, php-7.0.25, php-7.1.11RC1, php-7.2.0RC4, php-7.0.25RC1, php-7.1.10, php-7.2.0RC3, php-7.0.24, php-7.2.0RC2, php-7.1.10RC1, php-7.0.24RC1, php-7.1.9, php-7.2.0RC1, php-7.0.23, php-7.1.9RC1, php-7.2.0beta3, php-7.0.23RC1, php-7.1.8, php-7.2.0beta2, php-7.0.22, php-7.1.8RC1, php-7.2.0beta1, php-7.0.22RC1, php-5.6.31, php-7.0.21, php-7.1.7, php-7.2.0alpha3, php-7.1.7RC1, php-7.0.21RC1, php-7.2.0alpha2, php-7.1.6, php-7.2.0alpha1, php-7.0.20, php-7.1.6RC1, php-7.0.20RC1, php-7.1.5, php-7.0.19, php-7.0.19RC1, php-7.1.5RC1, php-7.1.4, php-7.0.18, php-7.1.4RC1, php-7.0.18RC1, php-7.1.3, php-7.0.17, php-7.1.3RC1, php-7.0.17RC1, php-7.1.2, php-7.0.16, php-7.0.16RC1, php-7.1.2RC1, php-5.6.30, php-7.0.15, php-5.6.30RC1, php-7.1.1RC1, php-7.0.15RC1, php-7.1.1, php-5.6.29, php-7.0.14, php-7.1.0, php-5.6.29RC1, php-7.0.14RC1, php-7.1.0RC6, php-5.6.28, php-7.0.13, php-5.6.28RC1, php-7.1.0RC5, php-7.0.13RC1, php-7.1.0RC4, php-5.6.27, php-7.0.12, php-7.1.0RC3, php-5.6.27RC1, php-7.0.12RC1, php-5.6.26, php-7.1.0RC2, php-7.0.11, php-5.6.26RC1, php-7.1.0RC1, php-7.0.11RC1, php-7.1.0beta3, php-5.6.25, php-7.0.10, php-7.1.0beta2, php-5.6.25RC1, php-7.0.10RC1, php-7.1.0beta1, php-5.6.24, php-7.0.9, php-5.5.38, php-5.6.24RC1, php-7.1.0alpha3, php-7.0.9RC1, php-7.1.0alpha2, php-7.0.8, php-5.6.23, php-5.5.37, php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1, php-5.6.22, php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35, php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5, php-5.6.20RC1, php-7.0.5RC1, php-5.6.19, php-5.5.33, php-7.0.4, php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32, php-5.6.18RC1, php-7.0.3RC1, php-5.6.17, php-5.5.31, php-7.0.2, php-7.0.2RC1, php-5.6.17RC1, php-7.0.1RC1, php-7.0.0, php-5.6.16, php-7.0.0RC8, php-7.0.0RC7, php-5.6.16RC1, php-5.6.15, php-7.0.0RC6, php-7.0.1, php-5.6.15RC1, php-7.0.0RC5, php-5.5.30, php-5.6.14, php-7.0.0RC4, php-5.6.14RC1, php-7.0.0RC3, php-5.6.13, php-7.0.0RC2, php-5.5.29, php-5.4.45 |
|
| #
e8429400 |
| 01-Sep-2015 |
Stanislav Malyshev |
Fix bug #70172 - Use After Free Vulnerability in unserialize()
|
| #
df4bf28f |
| 23-Aug-2015 |
Stanislav Malyshev |
Fix bug #70219 (Use after free vulnerability in session deserializer)
|
|
Revision tags: php-5.6.13RC1, php-7.0.0RC1, php-5.6.12, php-5.5.28, php-7.0.0beta3, php-5.4.44, php-5.6.12RC1, php-7.0.0beta2, php-7.0.0beta1, php-5.6.11, php-5.5.27, php-5.4.43, php-5.6.11RC1, php-5.5.27RC1, php-7.0.0alpha2, php-5.5.26, php-7.0.0alpha1, php-5.6.10, php-5.4.42, POST_PHP7_NSAPI_REMOVAL, PRE_PHP7_NSAPI_REMOVAL, php-5.6.10RC1, php-5.5.26RC1, php-5.5.25, php-5.6.9, php-5.4.41, php-5.6.9RC1, php-5.5.25RC1, php-5.6.8, php-5.5.24, php-5.4.40, php-5.6.8RC1, php-5.5.24RC1, php-5.6.7, php-5.5.23, php-5.4.39 |
|
| #
646572d6 |
| 17-Mar-2015 |
Stanislav Malyshev |
Fixed bug #68976 - Use After Free Vulnerability in unserialize()
|
|
Revision tags: php-5.6.7RC1, php-5.5.23RC1, POST_PHP7_EREG_MYSQL_REMOVALS, PRE_PHP7_EREG_MYSQL_REMOVALS, php-5.6.6, php-5.5.22, php-5.4.38, POST_PHP7_REMOVALS, PRE_PHP7_REMOVALS, php-5.6.6RC1, php-5.5.22RC1, php-5.5.21, php-5.6.5, php-5.4.37, php-5.5.21RC1, php-5.6.5RC1 |
|
| #
b585a3ae |
| 02-Jan-2015 |
Stanislav Malyshev |
Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
|
|
Revision tags: POST_NATIVE_TLS_MERGE, PRE_NATIVE_TLS_MERGE, php-5.5.20, php-5.4.36, php-5.6.4 |
|
| #
630f9c33 |
| 12-Dec-2014 |
Stanislav Malyshev |
Fix bug #68594 - Use after free vulnerability in unserialize()
|
| #
13f1c276 |
| 10-Dec-2014 |
Anatol Belski |
Fixed bug #68545 NULL pointer dereference in unserialize.c
|
|
Revision tags: php-5.6.4RC1, php-5.5.20RC1, php-5.6.3, php-5.5.19, php-5.4.35, php-5.6.3RC1, php-5.5.19RC1, php-5.5.18, php-5.4.34, php-5.5.18RC1, php-5.6.1 |
|
| #
56754a7f |
| 28-Sep-2014 |
Stanislav Malyshev |
Fixed bug #68044: Integer overflow in unserialize() (32-bits only)
|
|
Revision tags: php-5.6.2, php-5.4.33, php-5.5.17, php-5.6.1RC1, php-5.5.17RC1, php-5.4.33RC1, php-5.6.0, POST_AST_MERGE, PRE_AST_MERGE, POST_64BIT_BRANCH_MERGE, PRE_64BIT_BRANCH_MERGE, php-5.5.16, php-5.4.32, POST_PHPNG_MERGE, PRE_PHPNG_MERGE, php-5.6.0RC4, php-5.3.29, php-5.5.16RC1, php-5.4.32RC1, php-5.3.29RC1, php-5.6.0RC3, php-5.5.15, php-5.4.31, php-5.4.31RC1, php-5.5.15RC1, php-5.6.0RC2, php-5.4.30, php-5.5.14 |
|
| #
6d97b4b2 |
| 22-Jun-2014 |
Stanislav Malyshev |
Better fix for bug #67072 with more BC provisions
|
| #
c42d5cf5 |
| 22-Jun-2014 |
Stanislav Malyshev |
Better fix for bug #67072 with more BC provisions
|
|
Revision tags: php-5.6.0RC1 |
|
| #
e667d231 |
| 16-Jun-2014 |
Lior Kaplan |
Update copyright year for re2c files as well
|
|
Revision tags: php-5.5.14RC1, php-5.4.30RC1, php-5.6.0beta4 |
|
| #
20568e50 |
| 03-Jun-2014 |
Anatol Belski |
Fixed regression introduced by patch for bug #67072
This applies to 5.4 and 5.5 only as a legacy fix.
|
|
Revision tags: php-5.4.29, php-5.5.13, php-5.5.13RC1, php-5.6.0beta3, php-5.4.29RC1, php-5.6.0beta2, php-5.5.12, php-5.4.28 |
|
| #
c2acdbdd |
| 18-Apr-2014 |
Anatol Belski |
Improved the fix for bug #67072, thanks Nikita
|
| #
5328d428 |
| 17-Apr-2014 |
Anatol Belski |
Fixed bug #67072 Echoing unserialized "SplFileObject" crash
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callba
Fixed bug #67072 Echoing unserialized "SplFileObject" crash
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.
This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
show more ...
|
|
Revision tags: php-5.4.28RC1, php-5.5.12RC1, php-5.6.0beta1, php-5.4.27, php-5.5.11, php-5.5.11RC1, php-5.4.27RC1, php-5.5.10, php-5.4.26, php-5.6.0alpha3, php-5.4.26RC1, php-5.5.10RC1, php-5.6.0alpha2, php-5.5.9, php-5.4.25, php-5.5.9RC1, php-5.4.25RC1, php-5.6.0alpha1, php-5.5.8, php-5.4.24, php-5.4.24RC1, php-5.5.8RC1, php-5.5.7, php-5.4.23, php-5.3.28, php-5.5.7RC1, php-5.4.23RC1, php-5.4.22, php-5.5.6, php-5.4.22RC1, php-5.5.6RC1, php-5.4.21, php-5.5.5, php-5.4.21RC1, php-5.5.5RC1, php-5.5.4, php-5.4.20, php-5.5.4RC1, php-5.4.20RC1, php-5.5.3, php-5.4.19, php-5.5.2, php-5.4.18, php-5.5.2RC1, php-5.4.18RC2 |
|
| #
1ac4d8f2 |
| 29-Jul-2013 |
Michael Wallner |
fix bug #65481 (shutdown segfault due to serialize)
|
|
Revision tags: php-5.5.1, php-5.4.18RC1, php-5.3.27, php-5.4.17, php-5.5.0, php-5.3.27RC1, php-5.4.17RC1, php-5.5.0RC3, php-5.3.26, php-5.4.16, php-5.5.0RC2, php-5.3.26RC1, php-5.4.16RC1, php-5.5.0RC1, php-5.3.25, php-5.4.15, php-5.3.25RC1, php-5.5.0beta4, php-5.4.15RC1, php-5.4.14, php-5.3.24, php-5.5.0beta3, php-5.3.24RC1, php-5.4.14RC1, php-5.5.0beta2, php-5.5.0beta1, php-5.3.23, php-5.4.13 |
|
| #
f52b2e6a |
| 09-Mar-2013 |
Xinchen Hui |
Fixed bug #64354 (Unserialize array of objects whose class can't be autoloaded fail)
about the __sleep one, since php_serialize_* are all void function,
so,,only check exception at the v
Fixed bug #64354 (Unserialize array of objects whose class can't be autoloaded fail)
about the __sleep one, since php_serialize_* are all void function,
so,,only check exception at the very begining
show more ...
|
|
Revision tags: php-5.5.0alpha6, php-5.3.23RC1, php-5.4.13RC1, php-5.3.22, php-5.5.0alpha5, php-5.4.12, php-5.3.22RC2, php-5.4.12RC2, php-5.3.22RC1, php-5.4.12RC1, php-5.5.0alpha4 |
|
| #
86c1a261 |
| 21-Jan-2013 |
Xinchen Hui |
Merge fix of #62836 to ?.re, and regenerate ?.c
|
|
Revision tags: php-5.3.21, php-5.4.11, php-5.5.0alpha3, php-5.3.21RC1, php-5.4.11RC1 |
|
| #
0a7395e0 |
| 01-Jan-2013 |
Xinchen Hui |
Happy New Year
|
| #
a2045ff3 |
| 01-Jan-2013 |
Xinchen Hui |
Happy New Year~
|
|
Revision tags: php-5.3.20, php-5.4.10, php-5.5.0alpha2, php-5.3.20RC1, php-5.4.10RC1, php-5.3.19, php-5.4.9, php-5.5.0alpha1, php-5.3.19RC1, php-5.4.9RC1, php-5.3.18, php-5.4.8, php-5.3.18RC1, php-5.4.8RC1, php-5.3.17, php-5.4.7, php-5.4.7RC1, php-5.3.16, php-5.4.6, php-5.4.6RC1, php-5.4.5, php-5.3.15, php-5.3.15RC1, php-5.4.5RC1, php-5.3.14, php-5.4.4, php-5.3.14RC2, php-5.4.4RC2, php-5.3.14RC1, php-5.4.4RC1, php-5.3.13, php-5.4.3, php-5.4.2, php-5.3.12, php-5.3.11, php-5.4.1, php-5.3.11RC2, php-5.4.1RC2, php-5.3.11RC1, php-5.4.1RC1, PHP-5.4.1-RC1, php-5.4.0 |
|
| #
ee772f60 |
| 28-Feb-2012 |
Pierre Joye |
- fix bug #60879, unserialize does not invoke __wakeup
|
|
Revision tags: php-5.4.0RC8, php-5.3.10, php-5.4.0RC7, php-5.4.0RC6, php-5.3.9, php-5.4.0RC5 |
|
| #
e4ca0ed0 |
| 01-Jan-2012 |
Felipe Pena |
- Year++
|
| #
4e198252 |
| 01-Jan-2012 |
Felipe Pena |
- Year++
|
|
Revision tags: php-5.3.9RC4, php-5.4.0RC4, php-5.3.9RC3, php-5.4.0RC3, php-5.3.9RC2, php-5.4.0RC2, php-5.4.0RC1 |
|
| #
6781229e |
| 09-Nov-2011 |
Felipe Pena |
- Make valgrind happy with session_decode_error2.phpt
|
|
Revision tags: php-5.3.9RC1, php-5.4.0beta2 |
|
| #
b6921369 |
| 19-Oct-2011 |
Michael Wallner |
Fix Bug #55801 Behavior of unserialize has changed:
(un)serialize in __wakeup/__sleep now use clean var_hashes
|
| #
d3fdacb9 |
| 28-Sep-2011 |
Gustavo André dos Santos Lopes |
- Fixed #55798: serialize followed by unserialize with numeric object prop.
gives integer prop.
|
| #
ecfa660a |
| 28-Sep-2011 |
Gustavo André dos Santos Lopes |
- Fixed #55798: serialize followed by unserialize with numeric object prop.
gives integer prop.
|
