| 9732381e | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
[ci skip] Add missing CVE to NEWS
|
| 96a5b4e4 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Add missing CVE to NEWS |
| c014e121 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
[ci skip] Add missing NEWS entry
|
| bb847223 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Add missing NEWS entry |
| 549cb440 | 16-Sep-2021 |
Nikita Popov |
Fix persistent smart_str allocation
This would allocate a too small buffer if the first smart_str
allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE.
(cherry picked
Fix persistent smart_str allocation
This would allocate a too small buffer if the first smart_str
allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE.
(cherry picked from commit af8fccee9c5a1c7302d9bfe1c7bd431374e59415)
show more ...
|
| f92bae23 | 21-Sep-2021 |
Stanislav Malyshev |
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Fix #81420: ZipArchive::extractTo extracts outside of destination
|
| df2ceac2 | 06-Sep-2021 |
Christoph M. Becker |
Fix #81420: ZipArchive::extractTo extracts outside of destination
We need to properly detect and handle absolute paths in a portable way. |
| 288c25f7 | 20-Sep-2021 |
Christoph M. Becker |
Fix #61700: FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing
It makes no sense to compare IPv6 address ranges as strings; there are
too many different representation possibilities.
Fix #61700: FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing
It makes no sense to compare IPv6 address ranges as strings; there are
too many different representation possibilities. Instead, we change
`_php_filter_validate_ipv6()` so that it can calculate the IP address
as integer array. We do not rely on `inet_pton()` which may not be
available everywhere, at least IPv6 support may not, but rather parse
the IP address manually. Finally, we compare the integers.
Note that this patch does not fix what we consider as reserved and
private, respectively, but merely tries to keep what we had so far.
Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
Closes GH-7476.
show more ...
|
| 49c9fbbf | 19-Sep-2021 |
Anatol Belski |
NEWS: Add note for bug #78987
Signed-off-by: Anatol Belski <ab@php.net> |
| 8f75ab0d | 19-Sep-2021 |
Anatol Belski |
fileinfo: Fix test value for s390x on travis-ci
Signed-off-by: Anatol Belski <ab@php.net> |
| 6e0acece | 18-Sep-2021 |
Anatol Belski |
fileinfo: Capture more sizes for test as delivered by travis-ci
Signed-off-by: Anatol Belski <ab@php.net> |
| e56435c8 | 18-Sep-2021 |
Anatol Belski |
fileinfo: Capture more sizes for test as delivered by AppVeyor
Signed-off-by: Anatol Belski <ab@php.net> |
| 0208374a | 18-Sep-2021 |
Anatol Belski |
fileinfo: Adjust value in test
Signed-off-by: Anatol Belski <ab@php.net> |
| fa96c7e0 | 18-Sep-2021 |
Anatol Belski |
fileinfo: Fixed bug #78987 High memory usage during encoding detection
The default buffer size for the encoding detection is set to 64K.
Signed-off-by: Anatol Belski <ab@php.net> |
| fac3fbcb | 19-Aug-2021 |
Christoph M. Becker |
Fix OOB read due to timezone_open() with 5 digit offset
This has been reported as bug #78984, and is generally and properly
fixed as of timelib 2020.3 (PHP-8.0). However, it is not fixe
Fix OOB read due to timezone_open() with 5 digit offset
This has been reported as bug #78984, and is generally and properly
fixed as of timelib 2020.3 (PHP-8.0). However, it is not fixed in
PHP-7.4, where the test results in an OOB read, and an unterminated
C string when calling `::getName()`. Therefore, we apply a minimal
fix which just avoids this dangerous behavior.
show more ...
|
| af8fccee | 16-Sep-2021 |
Nikita Popov |
Fix persistent smart_str allocation
This would allocate a too small buffer if the first smart_str
allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE. |
| a9661a52 | 15-Sep-2021 |
Aliaksandr Bystry |
Fix #70962: XML_OPTION_SKIP_WHITE strips embedded whitespace
We must never strip embedded whitespace; we only need to skip values
when that option is set, and make sure that we keep BC r
Fix #70962: XML_OPTION_SKIP_WHITE strips embedded whitespace
We must never strip embedded whitespace; we only need to skip values
when that option is set, and make sure that we keep BC regarding the
different behavior for "cdata" and "complete" elements (for the former,
the whole element is skipped; for the latter only the "value" key).
We also fix erroneous `int` types which should actually be `size_t`.
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
Closes GH-7493.
show more ...
|
| 0badc7de | 15-Sep-2021 |
Dmitry Stogov |
Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not defined) |
| b053192a | 14-Sep-2021 |
Tyson Andre |
Fix #81429: Handle resizing in SplFixedArray::offsetSet (#7487)
offsetSet did not account for the fact that the array may no longer exist after
the field is overwritten. This fixes that.
Fix #81429: Handle resizing in SplFixedArray::offsetSet (#7487)
offsetSet did not account for the fact that the array may no longer exist after
the field is overwritten. This fixes that.
Add test of resizing both to the empty array and a smaller array - there should
be no valgrind warnings with a proper fix.
Alternate approach to #7486 (described in https://bugs.php.net/bug.php?id=81429)
show more ...
|
| a2471383 | 10-Sep-2021 |
Christoph M. Becker |
Fix #81424: PCRE2 10.35 JIT performance regression
We backport the respective upstream fix[1] to our bundled pcre2lib.
[1] <https://github.com/PhilipHazel/pcre2/commit/dc5f966635975
Fix #81424: PCRE2 10.35 JIT performance regression
We backport the respective upstream fix[1] to our bundled pcre2lib.
[1] <https://github.com/PhilipHazel/pcre2/commit/dc5f96663597572f694147aeec3525003c351123>
Closes GH-7484.
show more ...
|
| 424c2654 | 10-Sep-2021 |
Viktor |
Fix #81433: DOMElement::setIdAttribute() called twice may remove ID
We must only remove the attribute id, if the user requested that.
Closes GH-7482. |
| 95a943e2 | 07-Sep-2021 |
Derick Rethans |
The PHP 7.4 branch is for PHP 7.4.25 now |
| f3d24af7 | 02-Sep-2021 |
Christoph M. Becker |
Fix #81407: shmop_open won't attach and causes php to crash
We need to allocate buffers for the file mapping names which are large
enough for all potential keys (`key_t` is defined as `i
Fix #81407: shmop_open won't attach and causes php to crash
We need to allocate buffers for the file mapping names which are large
enough for all potential keys (`key_t` is defined as `int` on Windows).
Regarding the test: it's probably never a good idea to use hard-coded
keys (should always use `ftok()` instead), but to reliably reproduce
this Windows specific issue we need to, and it shouldn't be an issue on
that OS.
Closes GH-7448.
show more ...
|
| 8c292a2f | 15-Aug-2021 |
Alexey Zamorov <53096396+AlexeyZamorov@users.noreply.github.com> |
Avoid dangling pointer in curl header.str
If buf_len is zero, this would leave behind a dangling pointer
to an already released header.str. Make sure this can't happen
by always over
Avoid dangling pointer in curl header.str
If buf_len is zero, this would leave behind a dangling pointer
to an already released header.str. Make sure this can't happen
by always overwriting the pointer.
Closes GH-7376.
show more ...
|
| 30e791ed | 31-Aug-2021 |
Nikita Popov |
Fix curl_copy_handle() with CURLINFO_HEADER_OUT
The CURLOPT_DEBUGDATA will point to the old curl handle after
copying. Update it to point to the new handle.
We don't separately
Fix curl_copy_handle() with CURLINFO_HEADER_OUT
The CURLOPT_DEBUGDATA will point to the old curl handle after
copying. Update it to point to the new handle.
We don't separately store whether CURLINFO_HEADER_OUT is enabled,
so I'm doing this unconditionally. It should be harmless if
CURLOPT_DEBUGFUNCTION is not used.
show more ...
|
