| #
127ad707 |
| 24-Jul-2023 |
Ilija Tovilo |
Fix open_basedir leak
Fixes oss-fuzz #60741
Closes GH-11780
|
| #
9bcdf219 |
| 31-Mar-2023 |
Ilija Tovilo |
Resolve open_basedir paths on ini update
Closes GH-10987
|
| #
732d92c0 |
| 28-Apr-2023 |
Javier Eguiluz |
[skip ci] Fix various typos and grammar issues (#11143)
|
| #
a7f91e37 |
| 26-Mar-2023 |
Ilija Tovilo |
Fix buffer-overflow in open_basedir()
|
| #
61e98bf3 |
| 23-Mar-2023 |
Ilija Tovilo |
Disallow parent dir components (..) in open_basedir() at runtime
Fix GH-10469
Closes GH-10913
|
| #
df579ada |
| 25-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10692: PHP crashes on Windows when an inexistent filename is executed
Fixes GH-10692
php_fopen_primary_script() does not initialize all fields of
zend_file_handle. So whe
Fix GH-10692: PHP crashes on Windows when an inexistent filename is executed
Fixes GH-10692
php_fopen_primary_script() does not initialize all fields of
zend_file_handle. So when it fails and when fastcgi is true, the
zend_destroy_file_handle() function will try to free uninitialized
pointers, causing a segmentation fault. Fix it by zero-initializing file
handles just like the zend_stream_init_fp() counterpart does.
Closes GH-10697.
show more ...
|
| #
ec10b28d |
| 27-Jan-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix array overrun when appending slash to paths
Fix it by extending the array sizes by one character. As the input is
limited to the maximum path length, there will always be place to ap
Fix array overrun when appending slash to paths
Fix it by extending the array sizes by one character. As the input is
limited to the maximum path length, there will always be place to append
the slash. As the php_check_specific_open_basedir() simply uses the
strings to compare against each other, no new failures related to too
long paths are introduced.
We'll let the DOM and XML case handle a potentially too long path in the
library code.
show more ...
|
|
Revision tags: php-8.2.0RC1, php-8.1.10, php-8.0.23, php-8.0.23RC1, php-8.1.10RC1, php-8.2.0beta3, php-8.2.0beta2, php-8.1.9, php-8.0.22, php-8.1.9RC1, php-8.2.0beta1, php-8.0.22RC1, php-8.0.21, php-8.1.8, php-8.2.0alpha3, php-8.1.8RC1, php-8.2.0alpha2, php-8.0.21RC1, php-8.0.20, php-8.1.7, php-8.2.0alpha1, php-7.4.30, php-8.1.7RC1, php-8.0.20RC1, php-8.1.6, php-8.0.19, php-8.1.6RC1, php-8.0.19RC1, php-8.0.18, php-8.1.5, php-7.4.29, php-8.1.5RC1, php-8.0.18RC1, php-8.1.4, php-8.0.17, php-8.1.4RC1, php-8.0.17RC1, php-8.1.3, php-8.0.16, php-7.4.28, php-8.1.3RC1, php-8.0.16RC1, php-8.1.2, php-8.0.15, php-8.1.2RC1, php-8.0.15RC1, php-8.0.14, php-8.1.1, php-7.4.27, php-8.1.1RC1, php-8.0.14RC1, php-7.4.27RC1, php-8.1.0, php-8.0.13, php-7.4.26 |
|
| #
96da4619 |
| 16-Nov-2021 |
jlbprof |
Fix for bug in file handling refactor.
While testing the cPanel usage of PHP-FPM, we stumbled on this bug.
Without the fix, the zend_string is corrupted and getting odd filenames
Fix for bug in file handling refactor.
While testing the cPanel usage of PHP-FPM, we stumbled on this bug.
Without the fix, the zend_string is corrupted and getting odd filenames
When using FPM we kept getting "No input file specified".
I work for cPanel and we use PHP extensively.
show more ...
|
|
Revision tags: php-7.3.33, php-8.1.0RC6, php-7.4.26RC1, php-8.0.13RC1, php-8.1.0RC5, php-7.3.32, php-7.4.25, php-8.0.12, php-8.1.0RC4, php-8.0.12RC1, php-7.4.25RC1, php-8.1.0RC3, php-8.0.11, php-7.4.24, php-7.3.31, php-8.1.0RC2, php-7.4.24RC1, php-8.0.11RC1, php-8.1.0RC1, php-7.4.23, php-8.0.10, php-7.3.30, php-8.1.0beta3, php-8.0.10RC1, php-7.4.23RC1, php-8.1.0beta2, php-8.0.9, php-7.4.22, php-8.1.0beta1, php-7.4.22RC1, php-8.0.9RC1, php-8.1.0alpha3 |
|
| #
083d7f58 |
| 02-Jul-2021 |
Nikita Popov |
Reduce stack usage in php_resolve_path()
tsrm_realpath() internally always allocates a string. If the out
parameter is provided it gets copied there and freed. What we
were doing her
Reduce stack usage in php_resolve_path()
tsrm_realpath() internally always allocates a string. If the out
parameter is provided it gets copied there and freed. What we
were doing here was to first copy the path from the allocated
string to a stack buffer, and then copy it from the stack buffer
to a zend_string. We might as well save one copy and one buffer.
show more ...
|
|
Revision tags: php-7.4.21, php-7.3.29, php-8.0.8, php-8.1.0alpha2, php-7.4.21RC1, php-8.0.8RC1, php-8.1.0alpha1, php-8.0.7, php-7.4.20 |
|
| #
fda53548 |
| 25-May-2021 |
Christoph M. Becker |
Merge branch 'PHP-8.0'
* PHP-8.0:
Fix #76359: open_basedir bypass through adding ".."
|
| #
a5601b2a |
| 25-May-2021 |
Christoph M. Becker |
Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
Fix #76359: open_basedir bypass through adding ".."
|
| #
ee9e0754 |
| 21-May-2021 |
Christoph M. Becker |
Fix #76359: open_basedir bypass through adding ".."
We explicitly forbid adding paths with a leading `..` to `open_basedir`
at runtime.
Closes GH-7024. |
| #
f9990009 |
| 20-May-2021 |
Nikita Popov |
Merge branch 'PHP-8.0'
* PHP-8.0:
Fix handling of open_basedir that contains cwd
|
| #
ef59d09a |
| 20-May-2021 |
Nikita Popov |
Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
Fix handling of open_basedir that contains cwd
|
|
Revision tags: php-8.0.7RC1 |
|
| #
ee7a8acd |
| 19-May-2021 |
Nikita Popov |
Fix handling of open_basedir that contains cwd
While resolving the path, the last step will reduce it down to ""
(an empty string) and realpath() will resolve this to getcwd().
If op
Fix handling of open_basedir that contains cwd
While resolving the path, the last step will reduce it down to ""
(an empty string) and realpath() will resolve this to getcwd().
If open_basedir contains the CWD, then that means open_basedir
will be bypassed for paths that don't have any components that
exist (if one of the components exists, then we abort the realpath
loop at that point).
Closes GH-7015.
show more ...
|
|
Revision tags: php-7.4.20RC1 |
|
| #
aca6aefd |
| 14-May-2021 |
George Peter Banyard |
Remove 'register' type qualifier (#6980)
The compiler should be smart enough to optimize this on its own |
| #
01b3fc03 |
| 06-May-2021 |
KsaR |
Update http->https in license (#6945)
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as
Update http->https in license (#6945)
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
show more ...
|
|
Revision tags: php-8.0.6, php-7.4.19, php-7.4.18, php-7.3.28, php-8.0.5, php-8.0.5RC1, php-7.4.18RC1 |
|
| #
c732ab40 |
| 16-Mar-2021 |
Dmitry Stogov |
Change Zend Stream API to use zend_string* instead of char*.
This allows to eliminate re-calculation of string lenght and hash value.
See the detailed list of changes in UPGRADING.INTERN
Change Zend Stream API to use zend_string* instead of char*.
This allows to eliminate re-calculation of string lenght and hash value.
See the detailed list of changes in UPGRADING.INTERNALS.
show more ...
|
|
Revision tags: php-8.0.4RC1, php-7.4.17RC1, php-8.0.3, php-7.4.16, php-8.0.3RC1, php-7.4.16RC1, php-8.0.2, php-7.4.15, php-7.3.27, php-8.0.2RC1, php-7.4.15RC2, php-7.4.15RC1 |
|
| #
3e01f5af |
| 15-Jan-2021 |
Nikita Popov |
Replace zend_bool uses with bool
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool
Replace zend_bool uses with bool
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool is retained as an alias.
show more ...
|
|
Revision tags: php-8.0.1, php-7.4.14, php-7.3.26, php-7.4.14RC1, php-8.0.1RC1, php-7.3.26RC1, php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1, php-8.0.0beta3, php-7.4.10, php-7.3.22, php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1, php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8, php-7.2.32, php-8.0.0alpha2, php-7.3.20 |
|
| #
2b5de6f8 |
| 01-Jul-2020 |
Max Semenik |
Remove proto comments from C files
Closes GH-5758 |
|
Revision tags: php-8.0.0alpha1, php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1, php-7.4.6, php-7.2.31, php-7.4.6RC1, php-7.3.18RC1 |
|
| #
41c7d28c |
| 27-Apr-2020 |
Nikita Popov |
Add macro to get ini target address |
|
Revision tags: php-7.2.30, php-7.4.5, php-7.3.17, php-7.4.5RC1, php-7.3.17RC1, php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14, php-7.3.14RC1, php-7.4.2RC1 |
|
| #
3262c28d |
| 30-Dec-2019 |
Nikita Popov |
Merge branch 'PHP-7.4'
* PHP-7.4:
Also propagate include exceptions in opcache
Make url_stats in resolve_path quiet
|
| #
003be875 |
| 30-Dec-2019 |
Nikita Popov |
Make url_stats in resolve_path quiet
These stats are used to check whether the file exists -- they
should not generate errors. Having the flag set is particularly
important for custo
Make url_stats in resolve_path quiet
These stats are used to check whether the file exists -- they
should not generate errors. Having the flag set is particularly
important for custom stream wrappers.
show more ...
|
| #
d5c886ab |
| 30-Dec-2019 |
Nikita Popov |
Merge branch 'PHP-7.4'
* PHP-7.4:
Properly propagate url_stat exceptions during include
|
| #
f77747b0 |
| 30-Dec-2019 |
Nikita Popov |
Properly propagate url_stat exceptions during include
Make sure we abort operations early, and that we don't emit
additional warnings or errors if an exception has been thrown. |
