| eb570294 | 16-Nov-2016 |
Christoph M. Becker |
Fix #73530: Unsetting result set may reset other result set
Calling sqlite3_reset() when a result set object is freed can cause
undesired and maybe even hard to track interference with o
Fix #73530: Unsetting result set may reset other result set
Calling sqlite3_reset() when a result set object is freed can cause
undesired and maybe even hard to track interference with other result
sets. Furthermore, there is no need to call sqlite3_reset(), because
that is implicitly called on SQLite3Stmt::execute(), and users are
encouraged to explicitly call either SQLite3Result::finalize() or
SQLite3Stmt::reset() anyway.
show more ...
|
| ecba563f | 16-Nov-2016 |
Dmitry Stogov |
Fixed bug #69090 (check cached files permissions) |
| e922d89f | 09-Nov-2016 |
Anatol Belski |
add missing NEWS entry |
| 87673d6e | 09-Nov-2016 |
Ferenc Kovacs |
add missing NEWS entries |
| d6d08f97 | 08-Nov-2016 |
Anatol Belski |
fix memory leak |
| 33766347 | 08-Nov-2016 |
Anatol Belski |
Merge remote-tracking branch 'phpsec/PHP-5.6.28' into PHP-5.6
|
| 493b2bff | 06-Nov-2016 |
Jakub Zelenka |
Fix bug #72776 (Invalid parameter in memcpy function trough openssl_pbkdf2) |
| b044a742 | 06-Nov-2016 |
Anatol Belski |
add missing RETURN_STRINGL_CHECK
As RETVAL_STRINGL_CHECK is already there, this one is needed for
completion. One place in ext/bz2 is missing that, so it will likely
be useful for ot
add missing RETURN_STRINGL_CHECK
As RETVAL_STRINGL_CHECK is already there, this one is needed for
completion. One place in ext/bz2 is missing that, so it will likely
be useful for other possible fixes.
show more ...
|
| 617f38b0 | 04-Nov-2016 |
Anatol Belski |
fix dir separator in test |
| 40f7fea8 | 04-Nov-2016 |
Stanislav Malyshev |
Add length check for bzcompress too - fix for bug #73356 |
| 1fd18821 | 04-Nov-2016 |
Stanislav Malyshev |
More string length checks & fixes |
| ccb91cde | 03-Nov-2016 |
Derick Rethans |
Updated to version 2016.9 (2016i) |
| 99b242a6 | 03-Nov-2016 |
Anatol Belski |
Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash |
| 2eacb53f | 01-Nov-2016 |
Christoph M. Becker |
Fix #73436: Setting allow_url_fopen to Off makes several tests fail
We make sure that these tests run with allow_url_fopen=1. |
| 863d37ea | 25-Oct-2016 |
Christoph M. Becker |
Fix #72696: imagefilltoborder stackoverflow on truecolor images
We must not allow negative color values be passed to
gdImageFillToBorder(), because that can lead to infinite recursion
Fix #72696: imagefilltoborder stackoverflow on truecolor images
We must not allow negative color values be passed to
gdImageFillToBorder(), because that can lead to infinite recursion
since the recursion termination condition will not necessarily be met.
show more ...
|
| 6499581a | 25-Oct-2016 |
Christoph M. Becker |
Fix #72482: Ilegal write/read access caused by gdImageAALine overflow
Instead of rolling our own bounds check we use clip_1d() as it's done
in gdImageLine() and in external libgd. We mus
Fix #72482: Ilegal write/read access caused by gdImageAALine overflow
Instead of rolling our own bounds check we use clip_1d() as it's done
in gdImageLine() and in external libgd. We must not pass the image
width and height, respectively, but rather the largest ordinate value
that is allowed to be accessed, i.e. width-1 and height-1,
respectively.
show more ...
|
| ef75ddd4 | 29-Oct-2016 |
Xinchen Hui |
Fixed bug #73402 (Opcache segfault when using class constant to call a method) |
| 9b3a1e00 | 27-Oct-2016 |
Ferenc Kovacs |
5.6.29 will be next |
| cd13d026 | 25-Oct-2016 |
Christoph M. Becker |
Fix #72494: imagecropauto out-of-bounds access
This issue has actually already been fixed with commit 46f2c690. We're
adding a regression test and a NEWS entry, and also port the fix in
Fix #72494: imagecropauto out-of-bounds access
This issue has actually already been fixed with commit 46f2c690. We're
adding a regression test and a NEWS entry, and also port the fix in
gdImageCropThreshold() from libgd:
* <https://github.com/libgd/libgd/commit/b347e034>
* <https://github.com/libgd/libgd/commit/46f2c690>
show more ...
|
| 4f5a755b | 24-Oct-2016 |
Derick Rethans |
Updated to version 2016.8 (2016h) |
| f74d7d92 | 24-Oct-2016 |
Stanislav Malyshev |
Fix bug #73144 and bug #73341 - remove extra dtor |
| 6045de69 | 24-Oct-2016 |
Stanislav Malyshev |
Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more wo
Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle
Proper soltion would be to call serialize/unserialize and deal with the result,
but this requires more work that should be done by wddx maintainer (not me).
show more ...
|
| 6558559b | 18-Oct-2016 |
Dmitry Stogov |
Fixed bug #73337 (try/catch not working with two exceptions inside a same operation) |
| 86e603a6 | 17-Oct-2016 |
Christoph M. Becker |
Fix #73333: 2147483647 is fetched as string
We return all integers that can be represented as such by PHP as
integers, and only those that exceed the possible range as strings.
On bu
Fix #73333: 2147483647 is fetched as string
We return all integers that can be represented as such by PHP as
integers, and only those that exceed the possible range as strings.
On builds which represent integers with 64 bits, the range check is
unnecessary and might cause code checkers to complain, so we skip this
special casing via the preprocessor according to
<http://git.php.net/?p=php-src.git;a=commit;h=99d087e5>.
show more ...
|
| e1f5b6d8 | 14-Oct-2016 |
Remi Collet |
use zend_error instead of zend_error_noreturn |
