|
Revision tags: php-7.4.5RC1, php-7.3.17RC1 |
|
| #
12ca4fe6 |
| 31-Mar-2020 |
Christoph M. Becker |
Merge branch 'PHP-7.4'
* PHP-7.4:
Fix #79413: session_create_id() fails for active sessions
|
| #
d533fa15 |
| 31-Mar-2020 |
Christoph M. Becker |
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Fix #79413: session_create_id() fails for active sessions
|
| #
b510250b |
| 26-Mar-2020 |
Christoph M. Becker |
Fix #79413: session_create_id() fails for active sessions
The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session alre
Fix #79413: session_create_id() fails for active sessions
The comment on `PS_VALIDATE_SID_FUNC(files)` is very clear that the
function is supposed to return `SUCCESS` if the session already exists.
So to detect a collision, we have to check for `SUCCESS`, not
`FAILURE`.
We also fix the wrong condition in session_regenerate_id() as well.
show more ...
|
|
Revision tags: php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28 |
|
| #
90ae1818 |
| 16-Feb-2020 |
Stanislav Malyshev |
Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress |
| #
282bfb10 |
| 16-Feb-2020 |
Stanislav Malyshev |
Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress |
| #
409965fe |
| 16-Feb-2020 |
Stanislav Malyshev |
Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress |
|
Revision tags: php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14 |
|
| #
545f77d3 |
| 21-Jan-2020 |
Stanislav Malyshev |
Merge branch 'PHP-7.4'
* PHP-7.4:
Update NEWS
Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
Fix #79099: OOB read in php_strip_tags_ex
Fix #79
Merge branch 'PHP-7.4'
* PHP-7.4:
Update NEWS
Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
Fix #79099: OOB read in php_strip_tags_ex
Fix #79091: heap use-after-free in session_create_id()
show more ...
|
| #
a29c7933 |
| 21-Jan-2020 |
Stanislav Malyshev |
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Update NEWS
Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
Fix #79099: OOB read in php_strip_tags_ex
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Update NEWS
Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
Fix #79099: OOB read in php_strip_tags_ex
Fix #79091: heap use-after-free in session_create_id()
show more ...
|
| #
25ec7eb3 |
| 21-Jan-2020 |
Stanislav Malyshev |
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Update NEWS
Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
Fix #79099: OOB read in php_strip_tags_ex
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Update NEWS
Fix bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`)
Fix #79099: OOB read in php_strip_tags_ex
Fix #79091: heap use-after-free in session_create_id()
show more ...
|
| #
f79c7742 |
| 20-Jan-2020 |
Christoph M. Becker |
Fix #79091: heap use-after-free in session_create_id()
If the `new_id` is released, we must not use it again. |
|
Revision tags: php-7.3.14RC1, php-7.4.2RC1 |
|
| #
349a2864 |
| 01-Jan-2020 |
Máté Kocsis |
Use RETURN_THROWS() after zend_throw_error() |
| #
34570372 |
| 31-Dec-2019 |
Máté Kocsis |
Use RETURN_THROWS() during ZPP in most of the extensions
Except for some bigger ones: reflection, sodium, spl |
| #
d8bd113b |
| 30-Dec-2019 |
Nikita Popov |
Merge branch 'PHP-7.4'
* PHP-7.4:
Add test for bug #79031
Revert "Increase serialize_lock while decoding session"
|
| #
ed3811e7 |
| 30-Dec-2019 |
Nikita Popov |
Revert "Increase serialize_lock while decoding session"
This reverts commit b8ef7c35abd31666d9fb317db4b09a9eef0ede6c.
See bug #79031. The semantics of serialize locking aren't quite
Revert "Increase serialize_lock while decoding session"
This reverts commit b8ef7c35abd31666d9fb317db4b09a9eef0ede6c.
See bug #79031. The semantics of serialize locking aren't quite
correct right now, and the use of the lock in this particular
place makes us hit the issue in a common case. I'm reverting this
commit for PHP 7.4 and will try to fix this properly for PHP 8,
as I believe it will require ABI breakage.
show more ...
|
|
Revision tags: php-7.4.1, php-7.2.26, php-7.3.13, php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1 |
|
| #
2204dbde |
| 31-Oct-2019 |
Máté Kocsis |
Add missing ZPP checks
Closes GH-4878. |
| #
94938934 |
| 29-Oct-2019 |
Máté Kocsis |
Cleanup return values when parameter parsing is unsuccessful |
|
Revision tags: php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3 |
|
| #
5d6e923d |
| 24-Sep-2019 |
Gabriel Caruso |
Remove mention of PHP major version in Copyright headers
Closes GH-4732. |
| #
fb60ccc6 |
| 25-Sep-2019 |
Nikita Popov |
Merge branch 'PHP-7.4'
|
| #
b8ef7c35 |
| 25-Sep-2019 |
Nikita Popov |
Increase serialize_lock while decoding session
Avoid leaking state between Serializable::unserialize() and
session_decode(). |
|
Revision tags: php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1 |
|
| #
1fc2fec1 |
| 10-Aug-2019 |
Craig Duncan |
Convert session functions arginfo to php stubs |
|
Revision tags: php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1 |
|
| #
7686b0b8 |
| 05-Jun-2019 |
Nikita Popov |
Merge branch 'PHP-7.4'
|
|
Revision tags: php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16 |
|
| #
a31f4642 |
| 26-Feb-2019 |
Nikita Popov |
Allow exceptions in __toString()
RFC: https://wiki.php.net/rfc/tostring_exceptions
And convert some object to string conversion related recoverable
fatal errors into Error excep
Allow exceptions in __toString()
RFC: https://wiki.php.net/rfc/tostring_exceptions
And convert some object to string conversion related recoverable
fatal errors into Error exceptions.
Improve exception safety of internal code performing string
conversions.
show more ...
|
| #
034babbc |
| 17-Apr-2019 |
Christoph M. Becker |
Merge branch 'PHP-7.4'
* PHP-7.4:
Fix #77911: Wrong warning for session.sid_bits_per_character
|
| #
87912ca3 |
| 17-Apr-2019 |
Christoph M. Becker |
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Fix #77911: Wrong warning for session.sid_bits_per_character
|
| #
f0ccd9ff |
| 17-Apr-2019 |
Christoph M. Becker |
Merge branch 'PHP-7.2' into PHP-7.3
* PHP-7.2:
Fix #77911: Wrong warning for session.sid_bits_per_character
|
