eb570294 | 16-Nov-2016 |
Christoph M. Becker |
Fix #73530: Unsetting result set may reset other result set Calling sqlite3_reset() when a result set object is freed can cause undesired and maybe even hard to track interference with o
Fix #73530: Unsetting result set may reset other result set Calling sqlite3_reset() when a result set object is freed can cause undesired and maybe even hard to track interference with other result sets. Furthermore, there is no need to call sqlite3_reset(), because that is implicitly called on SQLite3Stmt::execute(), and users are encouraged to explicitly call either SQLite3Result::finalize() or SQLite3Stmt::reset() anyway.
show more ...
|
ecba563f | 16-Nov-2016 |
Dmitry Stogov |
Fixed bug #69090 (check cached files permissions) |
e922d89f | 09-Nov-2016 |
Anatol Belski |
add missing NEWS entry |
87673d6e | 09-Nov-2016 |
Ferenc Kovacs |
add missing NEWS entries |
d6d08f97 | 08-Nov-2016 |
Anatol Belski |
fix memory leak |
33766347 | 08-Nov-2016 |
Anatol Belski |
Merge remote-tracking branch 'phpsec/PHP-5.6.28' into PHP-5.6
|
493b2bff | 06-Nov-2016 |
Jakub Zelenka |
Fix bug #72776 (Invalid parameter in memcpy function trough openssl_pbkdf2) |
b044a742 | 06-Nov-2016 |
Anatol Belski |
add missing RETURN_STRINGL_CHECK As RETVAL_STRINGL_CHECK is already there, this one is needed for completion. One place in ext/bz2 is missing that, so it will likely be useful for ot
add missing RETURN_STRINGL_CHECK As RETVAL_STRINGL_CHECK is already there, this one is needed for completion. One place in ext/bz2 is missing that, so it will likely be useful for other possible fixes.
show more ...
|
617f38b0 | 04-Nov-2016 |
Anatol Belski |
fix dir separator in test |
40f7fea8 | 04-Nov-2016 |
Stanislav Malyshev |
Add length check for bzcompress too - fix for bug #73356 |
1fd18821 | 04-Nov-2016 |
Stanislav Malyshev |
More string length checks & fixes |
ccb91cde | 03-Nov-2016 |
Derick Rethans |
Updated to version 2016.9 (2016i) |
99b242a6 | 03-Nov-2016 |
Anatol Belski |
Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads to crash |
2eacb53f | 01-Nov-2016 |
Christoph M. Becker |
Fix #73436: Setting allow_url_fopen to Off makes several tests fail We make sure that these tests run with allow_url_fopen=1. |
863d37ea | 25-Oct-2016 |
Christoph M. Becker |
Fix #72696: imagefilltoborder stackoverflow on truecolor images We must not allow negative color values be passed to gdImageFillToBorder(), because that can lead to infinite recursion
Fix #72696: imagefilltoborder stackoverflow on truecolor images We must not allow negative color values be passed to gdImageFillToBorder(), because that can lead to infinite recursion since the recursion termination condition will not necessarily be met.
show more ...
|
6499581a | 25-Oct-2016 |
Christoph M. Becker |
Fix #72482: Ilegal write/read access caused by gdImageAALine overflow Instead of rolling our own bounds check we use clip_1d() as it's done in gdImageLine() and in external libgd. We mus
Fix #72482: Ilegal write/read access caused by gdImageAALine overflow Instead of rolling our own bounds check we use clip_1d() as it's done in gdImageLine() and in external libgd. We must not pass the image width and height, respectively, but rather the largest ordinate value that is allowed to be accessed, i.e. width-1 and height-1, respectively.
show more ...
|
ef75ddd4 | 29-Oct-2016 |
Xinchen Hui |
Fixed bug #73402 (Opcache segfault when using class constant to call a method) |
9b3a1e00 | 27-Oct-2016 |
Ferenc Kovacs |
5.6.29 will be next |
cd13d026 | 25-Oct-2016 |
Christoph M. Becker |
Fix #72494: imagecropauto out-of-bounds access This issue has actually already been fixed with commit 46f2c690. We're adding a regression test and a NEWS entry, and also port the fix in
Fix #72494: imagecropauto out-of-bounds access This issue has actually already been fixed with commit 46f2c690. We're adding a regression test and a NEWS entry, and also port the fix in gdImageCropThreshold() from libgd: * <https://github.com/libgd/libgd/commit/b347e034> * <https://github.com/libgd/libgd/commit/46f2c690>
show more ...
|
4f5a755b | 24-Oct-2016 |
Derick Rethans |
Updated to version 2016.8 (2016h) |
f74d7d92 | 24-Oct-2016 |
Stanislav Malyshev |
Fix bug #73144 and bug #73341 - remove extra dtor |
6045de69 | 24-Oct-2016 |
Stanislav Malyshev |
Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle Proper soltion would be to call serialize/unserialize and deal with the result, but this requires more wo
Fix bug #73331 - do not try to serialize/unserialize objects wddx can not handle Proper soltion would be to call serialize/unserialize and deal with the result, but this requires more work that should be done by wddx maintainer (not me).
show more ...
|
6558559b | 18-Oct-2016 |
Dmitry Stogov |
Fixed bug #73337 (try/catch not working with two exceptions inside a same operation) |
86e603a6 | 17-Oct-2016 |
Christoph M. Becker |
Fix #73333: 2147483647 is fetched as string We return all integers that can be represented as such by PHP as integers, and only those that exceed the possible range as strings. On bu
Fix #73333: 2147483647 is fetched as string We return all integers that can be represented as such by PHP as integers, and only those that exceed the possible range as strings. On builds which represent integers with 64 bits, the range check is unnecessary and might cause code checkers to complain, so we skip this special casing via the preprocessor according to <http://git.php.net/?p=php-src.git;a=commit;h=99d087e5>.
show more ...
|
e1f5b6d8 | 14-Oct-2016 |
Remi Collet |
use zend_error instead of zend_error_noreturn |