| #
03d03243 |
| 30-Jul-2016 |
ju1ius |
Fix #72711: `mb_ereg` does not clear the `$regs` parameter on failure
When `mb_ereg` failed to match, it didn't update the `$regs` argument.
Now it will always set it to the empty array. |
| #
9c281431 |
| 30-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-7.0' into PHP-7.1
|
| #
e5940aa7 |
| 30-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-5.6' into PHP-7.0
|
| #
1d32b809 |
| 30-Jul-2016 |
ju1ius |
fixes bad address given to onig_error_code_to_str
Closes bug #72710
(cherry picked from commit 0fb7eb6723bcc6fd98053911543e801edb5ab763) |
| #
de755310 |
| 28-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-7.0' into PHP-7.1
# Resolved conflicts:
# ext/mbstring/php_mbregex.c
|
| #
805dc0ea |
| 28-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-5.6' into PHP-7.0
# Resolved conflicts:
# ext/mbstring/php_mbregex.c
|
| #
ee6900c3 |
| 28-Jul-2016 |
Christoph M. Becker |
Fix #72694: mb_ereg_search_setpos does not accept a string's last position
Setting the search position immediately behind the last character should be
allowed, so we fix this off-by-one
Fix #72694: mb_ereg_search_setpos does not accept a string's last position
Setting the search position immediately behind the last character should be
allowed, so we fix this off-by-one error.
show more ...
|
| #
6aaef1ed |
| 28-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-7.0' into PHP-7.1
|
| #
a6210231 |
| 28-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-5.6' into PHP-7.0
|
| #
56cdaecb |
| 28-Jul-2016 |
Christoph M. Becker |
Fix #72693: mb_ereg_search increments search position when a match zero-width
That's caused by an off-by-one error, which we fix. |
| #
db69ea32 |
| 28-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-7.0' into PHP-7.1
|
| #
18a37eee |
| 28-Jul-2016 |
Christoph M. Becker |
Merge branch 'PHP-5.6' into PHP-7.0
# Resolved conflicts:
# ext/mbstring/php_mbregex.c
|
| #
d276e6a8 |
| 28-Jul-2016 |
Christoph M. Becker |
Fix #72691: mb_ereg_search raises a warning if a match zero-width
That warning doesn't make sense (PCRE doesn't throw such a warning either),
so we remove it. |
|
Revision tags: php-7.1.0beta1, php-5.6.24, php-7.0.9, php-5.5.38, php-5.6.24RC1, php-7.1.0alpha3, php-7.0.9RC1, php-7.1.0alpha2, php-7.0.8, php-5.6.23, php-5.5.37, php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1, php-5.6.22, php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35, php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5, php-5.6.20RC1, php-7.0.5RC1, php-5.6.19, php-5.5.33, php-7.0.4, php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32, php-5.6.18RC1, php-7.0.3RC1, php-5.6.17, php-5.5.31, php-7.0.2, php-7.0.2RC1, php-5.6.17RC1, php-7.0.1RC1, php-7.0.0, php-5.6.16, php-7.0.0RC8, php-7.0.0RC7, php-5.6.16RC1, php-5.6.15, php-7.0.0RC6, php-7.0.1, php-5.6.15RC1, php-7.0.0RC5, php-5.5.30, php-5.6.14, php-7.0.0RC4, php-5.6.14RC1, php-7.0.0RC3, php-5.6.13, php-7.0.0RC2, php-5.5.29, php-5.4.45, php-5.6.13RC1, php-7.0.0RC1, php-5.6.12, php-5.5.28, php-7.0.0beta3, php-5.4.44, php-5.6.12RC1, php-7.0.0beta2, php-7.0.0beta1, php-5.6.11, php-5.5.27, php-5.4.43, php-5.6.11RC1, php-5.5.27RC1, php-7.0.0alpha2, php-5.5.26, php-7.0.0alpha1, php-5.6.10, php-5.4.42, POST_PHP7_NSAPI_REMOVAL, PRE_PHP7_NSAPI_REMOVAL, php-5.6.10RC1, php-5.5.26RC1, php-5.5.25, php-5.6.9, php-5.4.41, php-5.6.9RC1, php-5.5.25RC1, php-5.6.8, php-5.5.24, php-5.4.40, php-5.6.8RC1, php-5.5.24RC1, php-5.6.7, php-5.5.23, php-5.4.39, php-5.6.7RC1, php-5.5.23RC1, POST_PHP7_EREG_MYSQL_REMOVALS, PRE_PHP7_EREG_MYSQL_REMOVALS |
|
| #
eb3e7f7c |
| 01-Mar-2015 |
Masaki Kagaya |
check the encoding of argument for mb_ereg, mb_ereg_replace, mb_ereg_search_init |
| #
0c98f51c |
| 09-Jul-2016 |
Christoph M. Becker |
Implement RFC "Deprecate mb_ereg_replace eval option"
<https://wiki.php.net/rfc/deprecate_mb_ereg_replace_eval_option> has been
accepted, so we implement it. |
| #
24237027 |
| 05-Jul-2016 |
Aaron Piotrowski |
Merge branch 'throw-error-in-extensions'
|
| #
323b2733 |
| 21-Jun-2016 |
Dmitry Stogov |
Fixed compilation warnings |
| #
3e0397c2 |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-7.0'
* PHP-7.0:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Merge branch 'PHP-7.0'
* PHP-7.0:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
Fix bug #72321 - use efree() for emalloc allocation
5.6.23RC1
fix NEWS
set versions
show more ...
|
| #
8705254f |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-7.0.8' into PHP-7.0
* PHP-7.0.8:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
Merge branch 'PHP-7.0.8' into PHP-7.0
* PHP-7.0.8:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
Fix bug #72321 - use efree() for emalloc allocation
5.6.23RC1
fix NEWS
set versions
Conflicts:
configure.in
main/php_version.h
show more ...
|
| #
2a65544f |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.6.23' into PHP-7.0.8
* PHP-5.6.23: (24 commits)
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
Merge branch 'PHP-5.6.23' into PHP-7.0.8
* PHP-5.6.23: (24 commits)
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
update NEWS
Fix #66387: Stack overflow with imagefilltoborder
Fix bug #72321 - use efree() for emalloc allocation
5.6.23RC1
Fix bug #72140 (segfault after calling ERR_free_strings())
...
Conflicts:
configure.in
ext/mbstring/php_mbregex.c
ext/mcrypt/mcrypt.c
ext/spl/spl_array.c
ext/spl/spl_directory.c
ext/standard/php_smart_str.h
ext/standard/string.c
ext/standard/url.c
ext/wddx/wddx.c
ext/zip/php_zip.c
main/php_version.h
show more ...
|
| #
7dde353e |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.5' into PHP-5.6.23
* PHP-5.5:
Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
Merge branch 'PHP-5.5' into PHP-5.6.23
* PHP-5.5:
Fixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
update NEWS
Fix #66387: Stack overflow with imagefilltoborder
Skip test which is 64bits only
5.5.37 now
Conflicts:
configure.in
ext/mcrypt/mcrypt.c
ext/spl/spl_directory.c
main/php_version.h
show more ...
|
| #
5b597a2e |
| 19-Jun-2016 |
Stanislav Malyshev |
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free |
| #
85fd2609 |
| 15-Jun-2016 |
Xinchen Hui |
Merge branch 'PHP-7.0'
* PHP-7.0:
Fixed(attempt to) bug #72405 (mb_ereg_replace - mbc_to_code (oniguruma) - oob read access)
|
| #
999a3553 |
| 15-Jun-2016 |
Xinchen Hui |
Fixed(attempt to) bug #72405 (mb_ereg_replace - mbc_to_code (oniguruma) - oob read access)
according to ext/mbstring/oniguruma/enc/utf8.c, max bytes are 6 |
| #
14e790a0 |
| 14-Jun-2016 |
Xinchen Hui |
Merge branch 'PHP-7.0'
|
