|
Revision tags: php-7.1.8RC1, php-7.2.0beta1, php-7.0.22RC1, php-5.6.31, php-7.0.21, php-7.1.7, php-7.2.0alpha3, php-7.1.7RC1, php-7.0.21RC1, php-7.2.0alpha2, php-7.1.6, php-7.2.0alpha1, php-7.0.20, php-7.1.6RC1, php-7.0.20RC1, php-7.1.5, php-7.0.19 |
|
| #
6a010ad4 |
| 27-Apr-2017 |
Anatol Belski |
Avoid unnecessary string copy
which is the case when there's no impersonation.
|
| #
24ae8810 |
| 27-Apr-2017 |
Anatol Belski |
get rid of two strlen calls
|
|
Revision tags: php-7.0.19RC1, php-7.1.5RC1, php-7.1.4, php-7.0.18 |
|
| #
ad4ef13c |
| 07-Apr-2017 |
Anatol Belski |
Switch to FindFirstFileEx with basic info level
That omits querying of short names, thus improving perf.
|
| #
936e341b |
| 03-Apr-2017 |
Anatol Belski |
missing bits for php_sys_stat_ex so everything is handled with wide chars
rename to pathw_len
|
| #
feeb35e4 |
| 03-Apr-2017 |
Anatol Belski |
fix possible out of bounds buffer access
|
|
Revision tags: php-7.1.4RC1, php-7.0.18RC1, php-7.1.3, php-7.0.17 |
|
| #
edcabf6d |
| 12-Mar-2017 |
Nikita Popov |
Drop unnecessary allocator return value checks
|
|
Revision tags: php-7.1.3RC1, php-7.0.17RC1, php-7.1.2, php-7.0.16, php-7.0.16RC1, php-7.1.2RC1 |
|
| #
5b5130c4 |
| 31-Jan-2017 |
Anatol Belski |
Revert "backport 51e1da6ea1e663908302e162ced1b7a8cb5aee05 into 7.0"
This reverts commit 8da87563122e4d14208b2827fd6b2807578677ec.
|
| #
403f3524 |
| 24-Jan-2017 |
Anatol Belski |
make length check more robust
|
| #
8da87563 |
| 21-Jan-2017 |
Anatol Belski |
backport 51e1da6ea1e663908302e162ced1b7a8cb5aee05 into 7.0
|
| #
51e1da6e |
| 21-Jan-2017 |
Anatol Belski |
exclude debug code
|
| #
6b6122a9 |
| 21-Jan-2017 |
Anatol Belski |
ensure the string for conversion is \0 terminated and integrade
additional path length check
|
| #
95406c87 |
| 20-Jan-2017 |
Anatol Belski |
Fixed bug #73962 bug with symlink related to cyrillic directory
|
|
Revision tags: php-5.6.30, php-7.0.15 |
|
| #
b716a1fb |
| 07-Jan-2017 |
Anatol Belski |
fix edge case leak
|
| #
0f410f80 |
| 07-Jan-2017 |
Anatol Belski |
Fixed bug #73877 readlink() returns garbage for UTF-8 paths
|
|
Revision tags: php-5.6.30RC1, php-7.1.1RC1, php-7.0.15RC1 |
|
| #
dac6c639 |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
| #
478f119a |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
| #
9e29f841 |
| 02-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
| #
758af77e |
| 22-Dec-2016 |
Anatol Belski |
Path handling related refactorings
Primarily related to the path handling datatypes, to avoid unnecessary
casts, where possible. Also some rework to avoid code dup. Probably
more pla
Path handling related refactorings
Primarily related to the path handling datatypes, to avoid unnecessary
casts, where possible. Also some rework to avoid code dup. Probably
more places are to go, even not path related, primarily to have less
casts and unsigned integers where possible. That way, we've not only
less warnings and casts, but are also safer with regard to the
integer overflows. OFC it's not a panacea, but still significantly
reduces the vulnerability potential.
show more ...
|
|
Revision tags: php-7.1.1, php-5.6.29, php-7.0.14, php-7.1.0, php-5.6.29RC1, php-7.0.14RC1 |
|
| #
4d790486 |
| 13-Nov-2016 |
Anatol Belski |
reduce realpath_cache_bucket size by 8 bytes on 64-bit
This limits the path length to 64kb which is already far above the
use case. In return, the whole path cache storage size is reduce
reduce realpath_cache_bucket size by 8 bytes on 64-bit
This limits the path length to 64kb which is already far above the
use case. In return, the whole path cache storage size is reduced
by 8kb.
show more ...
|
| #
2104bea5 |
| 12-Nov-2016 |
Kalle Sommer Nielsen |
Remove Netware support
If this does not break the Unix system somehow, I'll be amazed. This should get most of it out, apologies for any errors this may cause on non-Windows ends which I can
Remove Netware support
If this does not break the Unix system somehow, I'll be amazed. This should get most of it out, apologies for any errors this may cause on non-Windows ends which I cannot test atm.
show more ...
|
|
Revision tags: php-7.1.0RC6, php-5.6.28, php-7.0.13, php-5.6.28RC1, php-7.1.0RC5, php-7.0.13RC1 |
|
| #
71f73d7f |
| 24-Oct-2016 |
Anatol Belski |
remove dead code
|
| #
6679df14 |
| 24-Oct-2016 |
Anatol Belski |
reset also the cwd_length, when cwd is free'd
|
|
Revision tags: php-7.1.0RC4, php-5.6.27, php-7.0.12, php-7.1.0RC3, php-5.6.27RC1, php-7.0.12RC1, php-5.6.26, php-7.1.0RC2, php-7.0.11 |
|
| #
dad79363 |
| 06-Sep-2016 |
Christoph M. Becker |
Fix #73025: Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c
`command_length` is retrieved via strlen() and later passed to emalloc()
and memcpy(), so the appropriate type is
Fix #73025: Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c
`command_length` is retrieved via strlen() and later passed to emalloc()
and memcpy(), so the appropriate type is `size_t`.
We don't add a regression test, because that would need to allocate a string
of at least 2 GiB.
show more ...
|
| #
0382a64f |
| 01-Sep-2016 |
Anatol Belski |
remove unused assignment
|
| #
ac82a341 |
| 01-Sep-2016 |
Anatol Belski |
rewrite the getcwd part
Also fixes a possible memory leak. Still not ideal, as seems CWD
longer than MAX_PATH is still not supported. But a heap allocation
is not needed anyway, as M
rewrite the getcwd part
Also fixes a possible memory leak. Still not ideal, as seems CWD
longer than MAX_PATH is still not supported. But a heap allocation
is not needed anyway, as MAXPATHLEN value is the maximum supported.
show more ...
|
