#
9e29f841 |
| 02-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017 |
#
489d5ac2 |
| 01-Jan-2017 |
Nikita Popov |
Merge branch 'PHP-7.1'
|
#
878b8f04 |
| 01-Jan-2017 |
Nikita Popov |
Merge branch 'PHP-7.0' into PHP-7.1
|
#
9f560bae |
| 01-Jan-2017 |
Nikita Popov |
Merge branch 'PHP-5.6' into PHP-7.0
|
#
a65ad951 |
| 01-Jan-2017 |
Nikita Popov |
FIx bug #70213 |
#
16b3003f |
| 31-Dec-2016 |
Stanislav Malyshev |
Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data() |
#
d8f27b2b |
| 26-Oct-2016 |
Andrea Faulds |
Merge branch 'DedupNANINF'
|
#
6a7cc8ff |
| 12-Sep-2016 |
Stanislav Malyshev |
Fix bug #73052 - Memory Corruption in During Deserialized-object Destruction |
#
09f7bb20 |
| 06-Sep-2016 |
Nikita Popov |
Followup for bug #72785 Fix incorrect handling of nesting ... need to reset to the old value afterwards. |
#
747d21cf |
| 06-Sep-2016 |
Stanislav Malyshev |
Fix bug #72785 - allowed_classes only applies to outermost unserialize() |
#
ce6ad9bd |
| 17-Aug-2016 |
Xinchen Hui |
Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: (48 commits) Update NEWs Unused label Fixed bug #72853 (stream_set_blocking doesn't work) fix test Bug #72663 - p
Merge branch 'PHP-7.0' into PHP-7.1 * PHP-7.0: (48 commits) Update NEWs Unused label Fixed bug #72853 (stream_set_blocking doesn't work) fix test Bug #72663 - part 3 Bug #72663 - part 2 Bug #72663 - part 1 Update NEWS BLock test with memory leak fix tests Fix TSRM build Fix bug #72850 - integer overflow in uuencode Fixed bug #72849 - integer overflow in urlencode Fix bug #72848 - integer overflow in quoted_printable_encode caused heap corruption Fix bug #72838 - Integer overflow lead to heap corruption in sql_regcase Fix bug #72837 - integer overflow in bzdecompress caused heap corruption Fix bug #72836 - integer overflow in base64_decode caused heap corruption Fix for bug #72807 - do not produce strings with negative length Fix for bug #72790 and bug #72799 Fix bug #72730 - imagegammacorrect allows arbitrary write access ... Conflicts: ext/standard/var_unserializer.c
show more ...
|
#
61f2f5a0 |
| 10-Aug-2016 |
Nikita Popov |
Bug #72663 - part 2 If a (nested) unserialize() call fails, we remove all the values that were inserted into var_hash during that call. This prevents their use in other unserializati
Bug #72663 - part 2 If a (nested) unserialize() call fails, we remove all the values that were inserted into var_hash during that call. This prevents their use in other unserializations in the same context.
show more ...
|
#
2135fdef |
| 08-Aug-2016 |
Nikita Popov |
Bug #72663 - part 1 Don't call __destruct() on an unserialized object that has a __wakeup() method if either a) unserialization of its properties fails or b) the __wakeup() call
Bug #72663 - part 1 Don't call __destruct() on an unserialized object that has a __wakeup() method if either a) unserialization of its properties fails or b) the __wakeup() call fails (e.g. by throwing). This basically treats __wakeup() as a form of constructor and aligns us with the usual behavior that if the constructor call fails the destructor should not be called. The security aspect here is that people use __wakeup() to prevent unserialization of objects with dangerous __destruct() methods, but this is ineffective if __destruct() can still be called while __wakeup() was skipped.
show more ...
|
#
639f7fde |
| 07-Aug-2016 |
Stanislav Malyshev |
Improve fix for #72663 |
#
448c9be1 |
| 02-Aug-2016 |
Stanislav Malyshev |
Fix bug #72663 - destroy broken object when unserializing |
#
f7caa2bd |
| 10-Aug-2016 |
Nikita Popov |
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds.
Hide (un)serialize data from ABI The (UN)SERIALIZE_INIT/DESTROY macros now go through non-inlined functions, so any changes to them will apply to extensions without rebuilds. Additionally, the (un)serialize_data structures are now no longer exported. This means that we are allowed to change these structures in patch releases without breaking the ABI.
show more ...
|
#
16160386 |
| 21-Jun-2016 |
Dmitry Stogov |
Added ZEND_ATTRIBUTE_FORMAT to some middind functions. "%p" replaced by ZEND_LONG_FMT to avoid compilation warnings. Fixed most incorrect use cases of format specifiers. |
Revision tags: php-7.0.6, php-5.6.21, php-5.5.35 |
|
#
c89b7a48 |
| 27-Apr-2016 |
Xinchen Hui |
Use zend_string_safe_alloc |
Revision tags: php-5.6.21RC1, php-7.0.6RC1 |
|
#
c8590768 |
| 07-Apr-2016 |
Xinchen Hui |
Improved fix for #71940 |
#
7e042224 |
| 07-Apr-2016 |
Xinchen Hui |
Fixed bug #71940 (Unserialize crushes on restore object reference) |
Revision tags: php-5.6.20, php-5.5.34, php-7.0.5 |
|
#
1c1e20d7 |
| 20-Mar-2016 |
Andrea Faulds |
Deduplicate NAN/INF portability, move to Zend |
#
fe1a3fc0 |
| 17-Mar-2016 |
Xinchen Hui |
Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: Fixed bug #71841 (EG(error_zval) is not handled well) Fixed bug #71840 (Unserialize accepts wrongly data) Conflicts:
Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: Fixed bug #71841 (EG(error_zval) is not handled well) Fixed bug #71840 (Unserialize accepts wrongly data) Conflicts: Zend/zend_vm_def.h Zend/zend_vm_execute.h ext/standard/var_unserializer.c
show more ...
|
#
6f241f5f |
| 17-Mar-2016 |
Xinchen Hui |
Fixed bug #71840 (Unserialize accepts wrongly data) |
Revision tags: php-5.6.20RC1, php-7.0.5RC1 |
|
#
5602f642 |
| 03-Mar-2016 |
Nikita Popov |
Eliminate usages of _PP macros These are either in debug code (fix them), commented out (drop them) or in dead compatibility macros (drop them). One usage was in php_stream_get_
Eliminate usages of _PP macros These are either in debug code (fix them), commented out (drop them) or in dead compatibility macros (drop them). One usage was in php_stream_get_from_zval(), which we have not used since at least PHP 5.2 and, judging from the fact that nobody complained about it causing compile errors in PHP 7, nobody else uses it either, so drop it. There are still remaining uses in mysqli embedded and odbc birdstep. These probably need to be dropped outright.
show more ...
|
Revision tags: php-5.6.19, php-5.5.33, php-7.0.4, php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32, php-5.6.18RC1, php-7.0.3RC1 |
|
#
bcd64a9b |
| 18-Jan-2016 |
Stanislav Malyshev |
Fixed bug #71311: Use-after-free vulnerability in SPL(ArrayObject, unserialize) |