| #
6e12e49b |
| 04-Nov-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
More string length checks & fixes
|
| #
ea9fac94 |
| 04-Nov-2016 |
Stanislav Malyshev |
More string length checks & fixes |
| #
1928cdca |
| 05-Sep-2016 |
Christoph M. Becker |
Merge branch 'PHP-7.0' into PHP-7.1
|
| #
81ec843d |
| 05-Sep-2016 |
Christoph M. Becker |
Merge branch 'PHP-5.6' into PHP-7.0
|
| #
8aad3131 |
| 05-Sep-2016 |
Christoph M. Becker |
Fix #70752: Depacking with wrong password leaves 0 length files
We should not open the output stream before we have tried to open the
archive entry, as failing the latter could leave an
Fix #70752: Depacking with wrong password leaves 0 length files
We should not open the output stream before we have tried to open the
archive entry, as failing the latter could leave an empty file behind.
show more ...
|
| #
393d56f1 |
| 24-Jul-2016 |
Xinchen Hui |
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Fixed bug #72660 (NULL Pointer dereference in zend_virtual_cwd)
|
| #
ad96a052 |
| 24-Jul-2016 |
Xinchen Hui |
Fixed bug #72660 (NULL Pointer dereference in zend_virtual_cwd) |
| #
24237027 |
| 05-Jul-2016 |
Aaron Piotrowski |
Merge branch 'throw-error-in-extensions'
|
| #
323b2733 |
| 21-Jun-2016 |
Dmitry Stogov |
Fixed compilation warnings |
| #
16160386 |
| 21-Jun-2016 |
Dmitry Stogov |
Added ZEND_ATTRIBUTE_FORMAT to some middind functions.
"%p" replaced by ZEND_LONG_FMT to avoid compilation warnings.
Fixed most incorrect use cases of format specifiers. |
| #
3e0397c2 |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-7.0'
* PHP-7.0:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Merge branch 'PHP-7.0'
* PHP-7.0:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
Fix bug #72321 - use efree() for emalloc allocation
5.6.23RC1
fix NEWS
set versions
show more ...
|
| #
2a65544f |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.6.23' into PHP-7.0.8
* PHP-5.6.23: (24 commits)
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
Merge branch 'PHP-5.6.23' into PHP-7.0.8
* PHP-5.6.23: (24 commits)
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
update NEWS
Fix #66387: Stack overflow with imagefilltoborder
Fix bug #72321 - use efree() for emalloc allocation
5.6.23RC1
Fix bug #72140 (segfault after calling ERR_free_strings())
...
Conflicts:
configure.in
ext/mbstring/php_mbregex.c
ext/mcrypt/mcrypt.c
ext/spl/spl_array.c
ext/spl/spl_directory.c
ext/standard/php_smart_str.h
ext/standard/string.c
ext/standard/url.c
ext/wddx/wddx.c
ext/zip/php_zip.c
main/php_version.h
show more ...
|
| #
7dde353e |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.5' into PHP-5.6.23
* PHP-5.5:
Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
Merge branch 'PHP-5.5' into PHP-5.6.23
* PHP-5.5:
Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
update NEWS
Fix #66387: Stack overflow with imagefilltoborder
Skip test which is 64bits only
5.5.37 now
Conflicts:
configure.in
ext/mcrypt/mcrypt.c
ext/spl/spl_directory.c
main/php_version.h
show more ...
|
| #
f6aef680 |
| 21-Jun-2016 |
Stanislav Malyshev |
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize |
| #
771e5cc2 |
| 11-Jun-2016 |
Aaron Piotrowski |
Replace zend_ce_error with NULL and replace more E_ERROR with thrown Error |
| #
e3c681aa |
| 11-Jun-2016 |
Aaron Piotrowski |
Merge branch 'master' into throw-error-in-extensions
|
|
Revision tags: php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1 |
|
| #
2c80459c |
| 30-May-2016 |
Anatol Belski |
Expose missing flags from libzip at least >= 0.11.x
These are helpful with reading/writing zips containing non UTF-8
filenames to mitigate possibly changed libzip behaviors.
Par
Expose missing flags from libzip at least >= 0.11.x
These are helpful with reading/writing zips containing non UTF-8
filenames to mitigate possibly changed libzip behaviors.
Partial cherry-pick of 893c2405ff34250ffefbbc1d223de4df6c154c8a
show more ...
|
|
Revision tags: php-5.6.22 |
|
| #
893c2405 |
| 25-May-2016 |
Anatol Belski |
Expose missing flags from libzip at least >= 0.11.x
These are helpful with reading/writing zips containing non UTF-8
filenames to mitigate possibly changed libzip behaviors. |
|
Revision tags: php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35 |
|
| #
ccc12efa |
| 20-Apr-2016 |
Stanislav Malyshev |
Fix bug #71923 - integer overflow in ZipArchive::getFrom* |
|
Revision tags: php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5, php-5.6.20RC1, php-7.0.5RC1, php-5.6.19, php-5.5.33, php-7.0.4 |
|
| #
e8385a60 |
| 22-Feb-2016 |
Remi Collet |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
cleanup $Id
|
| #
d20f1d8f |
| 22-Feb-2016 |
Remi Collet |
cleanup $Id |
| #
9afb29aa |
| 18-Feb-2016 |
Stanislav Malyshev |
Remove TSRMLS_* from code, they are not used anymore |
|
Revision tags: php-5.6.19RC1, php-7.0.4RC1 |
|
| #
c9357f82 |
| 14-Feb-2016 |
Nikita Popov |
Format string fixes
Conflicts:
ext/pgsql/pgsql.c |
| #
33417bf4 |
| 09-Feb-2016 |
Xinchen Hui |
Merge branch 'PHP-5.6' into PHP-7.0
Conflicts:
ext/zip/php_zip.c
|
| #
f45752eb |
| 09-Feb-2016 |
Xinchen Hui |
Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo) |
