dc09f309 | 19-Jun-2016 |
Christoph M. Becker |
A picture is worth a thousand message digests The bundled GD test suites makes heavy use of md5() to verify the result of drawing operations. This leads to fragile tests (even a slight c
A picture is worth a thousand message digests The bundled GD test suites makes heavy use of md5() to verify the result of drawing operations. This leads to fragile tests (even a slight change in a PNG header would cause failure, and of course there is the possibility of collisions), and even worse, eventual test failures are rather unrevealing. Therefore we replace all md5() verification with a simplistic test_image_equals_file(), which is basically a simplified port of libgd's gdTestImageCompareToFile(), adapted to the needs of PHPTs. In the long run better tests helpers should be introduced (see also <http://news.php.net/php.internals/94081>), but for now this solution is preferable over the former. (cherry picked from commit 24f9e96792518ec2a75f26b1eb2471dd7694f2b7)
show more ...
|
326a4e38 | 10-Sep-2016 |
Christoph M. Becker |
Add regression test for bug #73053 The test succeeds with libxml < 2.9.4, and is supposed to succeed with libxml > 2.9.4. Unfortunately, we can't conditionally mark a test case as XF
Add regression test for bug #73053 The test succeeds with libxml < 2.9.4, and is supposed to succeed with libxml > 2.9.4. Unfortunately, we can't conditionally mark a test case as XFAIL, so we're simply skipping the test for libxml 2.9.4 instead.
show more ...
|
6c9d37d0 | 10-Sep-2016 |
Anatol Belski |
update NEWS |
669fda00 | 10-Sep-2016 |
Anatol Belski |
Bug #73058 crypt broken when salt is 'too' long |
c42a7f2f | 09-Sep-2016 |
Christoph M. Becker |
Remove ignored --FAIL-- section from test case This is just confusing. |
23e721fc | 09-Sep-2016 |
Christoph M. Becker |
Fix #73054: default option ignored when object passed to int filter If an object that can't be converted to string is validated, we must not bail out early, but rather check for a reques
Fix #73054: default option ignored when object passed to int filter If an object that can't be converted to string is validated, we must not bail out early, but rather check for a requested default value.
show more ...
|
cb91a51b | 03-Sep-2015 |
Levi Morrison |
Partially fix bug #67167 - Wrong return value... ...from FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE The remainer of the fix would require the filter functions to only conve
Partially fix bug #67167 - Wrong return value... ...from FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE The remainer of the fix would require the filter functions to only convert to string when it makes sense for that particular filter. (cherry picked from commit 432dc527adcbc3bf4809f6315350300d42c16c52)
show more ...
|
38553e85 | 09-Sep-2016 |
Yasuo Ohgaki |
Fixed Bug #68015 Session does not report invalid uid for files save handler |
b1f33db3 | 08-Sep-2016 |
Anatol Belski |
backport 59444347 and 3d7343f6 |
8c700076 | 08-Sep-2016 |
Yasuo Ohgaki |
Fix bug26639.phpt |
fb1c46f0 | 08-Sep-2016 |
Yasuo Ohgaki |
Update NEWS |
8bbd0952 | 08-Sep-2016 |
Yasuo Ohgaki |
Fix Bug #72992 mbstring.internal_encoding doesn't inherit default_charset |
5880428d | 07-Sep-2016 |
Christoph M. Becker |
Fix potential memory issue with USE_ZEND_ALLOC=0 The PHP core and extensions are written with the assumption that memory allocation either succeeds, or the allocator bails out (i.e. the
Fix potential memory issue with USE_ZEND_ALLOC=0 The PHP core and extensions are written with the assumption that memory allocation either succeeds, or the allocator bails out (i.e. the allocator is infallible). Therefore the result of emalloc() and friends are not checked for NULL values. However, with USE_ZEND_ALLOC=0, malloc() and friends are used as allocators, but these are fallible, i.e. they return NULL instead of bailing out if they fail. This easily leads to invalid memory accesses in the following, such as in <https://bugs.php.net/73032>. Some of these cases may constitute exploitable vulnerabilities. Therefore we make the infallible __zend_alloc() and friends the default for USE_ZEND_ALLOC=0.
show more ...
|
dad79363 | 06-Sep-2016 |
Christoph M. Becker |
Fix #73025: Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c `command_length` is retrieved via strlen() and later passed to emalloc() and memcpy(), so the appropriate type is
Fix #73025: Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c `command_length` is retrieved via strlen() and later passed to emalloc() and memcpy(), so the appropriate type is `size_t`. We don't add a regression test, because that would need to allocate a string of at least 2 GiB.
show more ...
|
3a35d43a | 06-Sep-2016 |
Yasuo Ohgaki |
Update NEWS |
a25f6f89 | 06-Sep-2016 |
Yasuo Ohgaki |
Fixed Bug #66964 mb_convert_variables() cannot detect recursion |
8aad3131 | 05-Sep-2016 |
Christoph M. Becker |
Fix #70752: Depacking with wrong password leaves 0 length files We should not open the output stream before we have tried to open the archive entry, as failing the latter could leave an
Fix #70752: Depacking with wrong password leaves 0 length files We should not open the output stream before we have tried to open the archive entry, as failing the latter could leave an empty file behind.
show more ...
|
dd6da58f | 05-Sep-2016 |
Julien Pauli |
Updated NEWS |
0045d168 | 13-Jul-2016 |
Keyur |
Fixes #72590: Opcache restart with kill_all_lockers does not work ACCEL_LOG_ERROR is special and causes a zend_bailout() and the code never gets to call kill() in the next line after the
Fixes #72590: Opcache restart with kill_all_lockers does not work ACCEL_LOG_ERROR is special and causes a zend_bailout() and the code never gets to call kill() in the next line after the logging. Change the log level to WARNING.
show more ...
|
b92cb6b2 | 05-Sep-2016 |
Nikita Popov |
Limit editorconfig to C code PHPT files do not follow this. [ci skip] |
1abbcc8c | 05-Sep-2016 |
Julien Pauli |
Updated NEWS |
9834978a | 01-Sep-2016 |
Julien Pauli |
Fix #72972, Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and FILTER_FLAG_NO_PRIV_RANGE |
5c38fbe5 | 26-Jun-2016 |
Richard Fussenegger |
Added editorconfig file |
39423e42 | 21-Jul-2016 |
Christoph M. Becker |
Implement #47456: Missing PCRE option 'J' While it is possible to force the same behavior by setting the internal option (?J), having a dedicated modifier appears to be useful. After all
Implement #47456: Missing PCRE option 'J' While it is possible to force the same behavior by setting the internal option (?J), having a dedicated modifier appears to be useful. After all, J is even listed on the "Pattern Modifiers" man page[1], but the description referrs to (?J). [1] <http://php.net/manual/en/reference.pcre.pattern.modifiers.php>
show more ...
|
cee363d6 | 05-Sep-2016 |
Stanislav Malyshev |
Merge branch 'pull-request/2061' into PHP-5.6 * pull-request/2061: Recognize TDS versions 7.3 and 7.4
|