9732381e | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: [ci skip] Add missing CVE to NEWS
|
96a5b4e4 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Add missing CVE to NEWS |
c014e121 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: [ci skip] Add missing NEWS entry
|
bb847223 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Add missing NEWS entry |
549cb440 | 16-Sep-2021 |
Nikita Popov |
Fix persistent smart_str allocation This would allocate a too small buffer if the first smart_str allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE. (cherry picked
Fix persistent smart_str allocation This would allocate a too small buffer if the first smart_str allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE. (cherry picked from commit af8fccee9c5a1c7302d9bfe1c7bd431374e59415)
show more ...
|
f92bae23 | 21-Sep-2021 |
Stanislav Malyshev |
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Fix #81420: ZipArchive::extractTo extracts outside of destination
|
df2ceac2 | 06-Sep-2021 |
Christoph M. Becker |
Fix #81420: ZipArchive::extractTo extracts outside of destination We need to properly detect and handle absolute paths in a portable way. |
288c25f7 | 20-Sep-2021 |
Christoph M. Becker |
Fix #61700: FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing It makes no sense to compare IPv6 address ranges as strings; there are too many different representation possibilities.
Fix #61700: FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing It makes no sense to compare IPv6 address ranges as strings; there are too many different representation possibilities. Instead, we change `_php_filter_validate_ipv6()` so that it can calculate the IP address as integer array. We do not rely on `inet_pton()` which may not be available everywhere, at least IPv6 support may not, but rather parse the IP address manually. Finally, we compare the integers. Note that this patch does not fix what we consider as reserved and private, respectively, but merely tries to keep what we had so far. Co-authored-by: Nikita Popov <nikita.ppv@gmail.com> Closes GH-7476.
show more ...
|
49c9fbbf | 19-Sep-2021 |
Anatol Belski |
NEWS: Add note for bug #78987 Signed-off-by: Anatol Belski <ab@php.net> |
8f75ab0d | 19-Sep-2021 |
Anatol Belski |
fileinfo: Fix test value for s390x on travis-ci Signed-off-by: Anatol Belski <ab@php.net> |
6e0acece | 18-Sep-2021 |
Anatol Belski |
fileinfo: Capture more sizes for test as delivered by travis-ci Signed-off-by: Anatol Belski <ab@php.net> |
e56435c8 | 18-Sep-2021 |
Anatol Belski |
fileinfo: Capture more sizes for test as delivered by AppVeyor Signed-off-by: Anatol Belski <ab@php.net> |
0208374a | 18-Sep-2021 |
Anatol Belski |
fileinfo: Adjust value in test Signed-off-by: Anatol Belski <ab@php.net> |
fa96c7e0 | 18-Sep-2021 |
Anatol Belski |
fileinfo: Fixed bug #78987 High memory usage during encoding detection The default buffer size for the encoding detection is set to 64K. Signed-off-by: Anatol Belski <ab@php.net> |
fac3fbcb | 19-Aug-2021 |
Christoph M. Becker |
Fix OOB read due to timezone_open() with 5 digit offset This has been reported as bug #78984, and is generally and properly fixed as of timelib 2020.3 (PHP-8.0). However, it is not fixe
Fix OOB read due to timezone_open() with 5 digit offset This has been reported as bug #78984, and is generally and properly fixed as of timelib 2020.3 (PHP-8.0). However, it is not fixed in PHP-7.4, where the test results in an OOB read, and an unterminated C string when calling `::getName()`. Therefore, we apply a minimal fix which just avoids this dangerous behavior.
show more ...
|
af8fccee | 16-Sep-2021 |
Nikita Popov |
Fix persistent smart_str allocation This would allocate a too small buffer if the first smart_str allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE. |
a9661a52 | 15-Sep-2021 |
Aliaksandr Bystry |
Fix #70962: XML_OPTION_SKIP_WHITE strips embedded whitespace We must never strip embedded whitespace; we only need to skip values when that option is set, and make sure that we keep BC r
Fix #70962: XML_OPTION_SKIP_WHITE strips embedded whitespace We must never strip embedded whitespace; we only need to skip values when that option is set, and make sure that we keep BC regarding the different behavior for "cdata" and "complete" elements (for the former, the whole element is skipped; for the latter only the "value" key). We also fix erroneous `int` types which should actually be `size_t`. Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de> Closes GH-7493.
show more ...
|
0badc7de | 15-Sep-2021 |
Dmitry Stogov |
Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not defined) |
b053192a | 14-Sep-2021 |
Tyson Andre |
Fix #81429: Handle resizing in SplFixedArray::offsetSet (#7487) offsetSet did not account for the fact that the array may no longer exist after the field is overwritten. This fixes that.
Fix #81429: Handle resizing in SplFixedArray::offsetSet (#7487) offsetSet did not account for the fact that the array may no longer exist after the field is overwritten. This fixes that. Add test of resizing both to the empty array and a smaller array - there should be no valgrind warnings with a proper fix. Alternate approach to #7486 (described in https://bugs.php.net/bug.php?id=81429)
show more ...
|
a2471383 | 10-Sep-2021 |
Christoph M. Becker |
Fix #81424: PCRE2 10.35 JIT performance regression We backport the respective upstream fix[1] to our bundled pcre2lib. [1] <https://github.com/PhilipHazel/pcre2/commit/dc5f966635975
Fix #81424: PCRE2 10.35 JIT performance regression We backport the respective upstream fix[1] to our bundled pcre2lib. [1] <https://github.com/PhilipHazel/pcre2/commit/dc5f96663597572f694147aeec3525003c351123> Closes GH-7484.
show more ...
|
424c2654 | 10-Sep-2021 |
Viktor |
Fix #81433: DOMElement::setIdAttribute() called twice may remove ID We must only remove the attribute id, if the user requested that. Closes GH-7482. |
95a943e2 | 07-Sep-2021 |
Derick Rethans |
The PHP 7.4 branch is for PHP 7.4.25 now |
f3d24af7 | 02-Sep-2021 |
Christoph M. Becker |
Fix #81407: shmop_open won't attach and causes php to crash We need to allocate buffers for the file mapping names which are large enough for all potential keys (`key_t` is defined as `i
Fix #81407: shmop_open won't attach and causes php to crash We need to allocate buffers for the file mapping names which are large enough for all potential keys (`key_t` is defined as `int` on Windows). Regarding the test: it's probably never a good idea to use hard-coded keys (should always use `ftok()` instead), but to reliably reproduce this Windows specific issue we need to, and it shouldn't be an issue on that OS. Closes GH-7448.
show more ...
|
8c292a2f | 15-Aug-2021 |
Alexey Zamorov <53096396+AlexeyZamorov@users.noreply.github.com> |
Avoid dangling pointer in curl header.str If buf_len is zero, this would leave behind a dangling pointer to an already released header.str. Make sure this can't happen by always over
Avoid dangling pointer in curl header.str If buf_len is zero, this would leave behind a dangling pointer to an already released header.str. Make sure this can't happen by always overwriting the pointer. Closes GH-7376.
show more ...
|
30e791ed | 31-Aug-2021 |
Nikita Popov |
Fix curl_copy_handle() with CURLINFO_HEADER_OUT The CURLOPT_DEBUGDATA will point to the old curl handle after copying. Update it to point to the new handle. We don't separately
Fix curl_copy_handle() with CURLINFO_HEADER_OUT The CURLOPT_DEBUGDATA will point to the old curl handle after copying. Update it to point to the new handle. We don't separately store whether CURLINFO_HEADER_OUT is enabled, so I'm doing this unconditionally. It should be harmless if CURLOPT_DEBUGFUNCTION is not used.
show more ...
|