| #
f752e23c |
| 11-Sep-2024 |
Derick Rethans |
Fix GH-15582: Crash when not calling parent constructor of DateTimeZone
|
| #
7a67fb03 |
| 10-Sep-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix bug #62900: Wrong namespace on xsd import error message
The one error message indeed had a wrong namespace, and in general they
weren't very descriptive, this also makes them more de
Fix bug #62900: Wrong namespace on xsd import error message
The one error message indeed had a wrong namespace, and in general they
weren't very descriptive, this also makes them more descriptive.
Furthermore, two additional bugs were fixed:
- Persistent memory leak of `location`.
- UAF issues when printing the error message.
Closes GH-15830.
show more ...
|
| #
7e722e3b |
| 10-Sep-2024 |
Pierrick Charron |
PHP-8.2 is now for PHP 8.2.25-dev
|
| #
72a2cbcc |
| 09-Sep-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix bug #73182: PHP SOAPClient does not support stream context HTTP headers in array form
This code is modelled after how `http_fopen_wrapper.c` does things,
which apparently is just loo
Fix bug #73182: PHP SOAPClient does not support stream context HTTP headers in array form
This code is modelled after how `http_fopen_wrapper.c` does things,
which apparently is just looping over the array and handling each string
the same way as if we passed a header string directly.
Also fixes a potential crash in `php_sdl.c` but without adding support
for header arrays there (yet) because the code is untested.
Closes GH-15817.
show more ...
|
| #
bb2b7df9 |
| 10-Sep-2024 |
Eric Mann |
PHP-8.3 is now for PHP 8.3.13-dev
|
| #
c1ffd4b4 |
| 06-Sep-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-15658: Segmentation fault in Zend/zend_vm_execute.h
Implement a minimal ZEND_MATCH handler using a tail call.
Closes GH-15782.
|
| #
86ef8d54 |
| 30-Aug-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-15661: Access null pointer in Zend/Optimizer/zend_inference.c
Closes GH-15666.
|
| #
08e0729c |
| 08-Sep-2024 |
Ilija Tovilo |
Fix uninitialized lineno in constant AST of internal enums
Closes GH-15806
|
| #
c5e0a6aa |
| 04-Sep-2024 |
Daniel Scherzer |
Fix GH-15752: `finfo_file()` - parameter validation error messages
Show the correct parameter names and numbers - the errors are caused by the
second parameter being empty or having null
Fix GH-15752: `finfo_file()` - parameter validation error messages
Show the correct parameter names and numbers - the errors are caused by the
second parameter being empty or having null bytes, not the first.
close GH-15755
show more ...
|
| #
08841bf7 |
| 25-Aug-2024 |
Christoph M. Becker |
Fix GH-15552: Signed integer overflow in ext/standard/scanf.c
We ensure that the argnum `value` is in the allowed range, *before*
mapping it to the `objIndex`, not *afterwards*.
Fix GH-15552: Signed integer overflow in ext/standard/scanf.c
We ensure that the argnum `value` is in the allowed range, *before*
mapping it to the `objIndex`, not *afterwards*.
Closes GH-15581.
show more ...
|
| #
93021c63 |
| 30-Aug-2024 |
Christoph M. Becker |
Fix GH-15628: php_stream_memory_get_buffer() not zero-terminated
We're reasonably sure that appending the NUL is not an OOB write, since
the memory stream implementation uses `zend_strin
Fix GH-15628: php_stream_memory_get_buffer() not zero-terminated
We're reasonably sure that appending the NUL is not an OOB write, since
the memory stream implementation uses `zend_string` APIs instead of
fiddling with the buffer.
We don't add a regression test because that would require to set up
something in the zend_test extension, and regressions are supposed
to be caught by external consumers of this API, such as mailparse.
Closes GH-15648.
show more ...
|
| #
9cb23a3d |
| 30-Aug-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-15654: Signed integer overflow in ext/dom/nodelist.c
There's implicit truncation casts from zend_long to int which cause
issues because checks are done against the zend_longs. Sin
Fix GH-15654: Signed integer overflow in ext/dom/nodelist.c
There's implicit truncation casts from zend_long to int which cause
issues because checks are done against the zend_longs. Since the
iterator infrastructure uses zend_longs, just convert everything to
zend_long.
Closes GH-15669.
show more ...
|
| #
7db1a584 |
| 30-Aug-2024 |
David Carlier |
Fix GH-15653: fgetcsv overflow on length parameter.
close GH-15655
|
| #
0e9e5912 |
| 28-Aug-2024 |
Arnaud Le Blanc |
[ci skip] NEWS for GH-15330
|
| #
4db78140 |
| 28-Aug-2024 |
Arnaud Le Blanc |
[ci skip] NEWS for GH-15330
|
| #
cc67220e |
| 22-Aug-2024 |
David Carlier |
Fixed GH-15547: curl_multi_wait expects a signed int for timeout.
confusion might come from the previous argument type.
PHP expects ms so we check it fits integer boundaries before the c
Fixed GH-15547: curl_multi_wait expects a signed int for timeout.
confusion might come from the previous argument type.
PHP expects ms so we check it fits integer boundaries before the cast.
raising a warning at least for stable branches.
close GH-15548
show more ...
|
| #
5947db6b |
| 25-Aug-2024 |
Bernd Kuhls |
Fix GH-15587: Autotools: fix configure check for aarch64 CRC32 API
On arm32 bit the check succeeds leading to a build error later on:
/home/autobuild/autobuild/instance-3/output-1/b
Fix GH-15587: Autotools: fix configure check for aarch64 CRC32 API
On arm32 bit the check succeeds leading to a build error later on:
/home/autobuild/autobuild/instance-3/output-1/build/php-8.3.10/ext/standard/crc32.c:70:12:
error: 'armv8-a' does not support feature 'nothing'
70 | # pragma GCC target ("+nothing+crc")
Co-authored-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[http://lists.busybox.net/pipermail/buildroot/2024-August/761151.html]
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
show more ...
|
| #
4b6575a1 |
| 24-Aug-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-15565: --disable-ipv6 during compilation produces error EAI_SYSTEM not found
Closes GH-15567.
|
| #
9af574c2 |
| 23-Aug-2024 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-15551: Segmentation fault (access null pointer) in ext/dom/xml_common.h
Closes GH-15556.
|
| #
70c5e366 |
| 22-Aug-2024 |
Jakub Zelenka |
Revert fix for GH-14930: truncating readdir output (#15533)
|
| #
48a18e5b |
| 21-Aug-2024 |
Peter Kokot |
Fix bug GH-15514 (Configure error: genif.sh: syntax error)
Autoconf assigns the current suitable shell to SHELL variable. This
notably fixes cases on Solaris 10 when using C shell or Kor
Fix bug GH-15514 (Configure error: genif.sh: syntax error)
Autoconf assigns the current suitable shell to SHELL variable. This
notably fixes cases on Solaris 10 when using C shell or KornShell where
genif.sh: syntax error at line 35 occurs due to using the `sh` command.
show more ...
|
| #
63841ba7 |
| 21-Aug-2024 |
Peter Kokot |
Fix GH-15515: Configure error grep illegal option q (#15516)
On Solaris default grep doesn't support the -q option. In such cases
the grep output can be redirected to /dev/null and the e
Fix GH-15515: Configure error grep illegal option q (#15516)
On Solaris default grep doesn't support the -q option. In such cases
the grep output can be redirected to /dev/null and the exit status is
checked.
show more ...
|
| #
6652a340 |
| 20-Aug-2024 |
Christoph M. Becker |
[skip ci] Fix NEWS
|
| #
b1211c1e |
| 16-Aug-2024 |
Christoph M. Becker |
Fix GH-15432: Heap corruption when querying a vector
Since the mysqlnd result set is arena allocated, we must not simply
free it, but rather call the appropriate `free_result` method.
Fix GH-15432: Heap corruption when querying a vector
Since the mysqlnd result set is arena allocated, we must not simply
free it, but rather call the appropriate `free_result` method.
Co-authored-by: Kamil Tekiela <tekiela246@gmail.com>
show more ...
|
| #
bd843d76 |
| 16-Aug-2024 |
Go Kudo |
[ci skip] fix NEWS
|
