| 6f18d7e2 | 27-Jul-2020 |
Christoph M. Becker |
Fix #77932: File extensions are case-sensitive
The file extension to mime type mapping *must* not depend on the file
extension's case for case-insensitive file systems, and *should* not
Fix #77932: File extensions are case-sensitive
The file extension to mime type mapping *must* not depend on the file
extension's case for case-insensitive file systems, and *should* not
for case-sensitive file systems.
show more ...
|
| 874284d1 | 23-Jul-2020 |
George Wang |
Merge branch 'PHP-7.2' into PHP-7.3
|
| c39f5fe9 | 23-Jul-2020 |
George Wang |
Security: update to LiteSpeed SAPI v7.7 to address an buffer overflow, and some log message tunings. |
| 15efb96d | 22-Jul-2020 |
Christoph M. Becker |
Fix #79884: PHP_CONFIG_FILE_PATH is meaningless
It does not make sense to make assumptions about `PHP_CONFIG_FILE_PATH`
during build time, since that value is never used during run time
Fix #79884: PHP_CONFIG_FILE_PATH is meaningless
It does not make sense to make assumptions about `PHP_CONFIG_FILE_PATH`
during build time, since that value is never used during run time on
Windows. Since there is no `--with-config-file-path` on Windows
either, we define `PHP_CONFIG_FILE_PATH` as `""`.
show more ...
|
| 6b99a8be | 22-Jul-2020 |
Christoph M. Becker |
Fix brittle test
This test fails occasionally due to timing issues, because the session
file may have been unlinked by the first `session_start()`'s GC. We
adapt the test expectatio
Fix brittle test
This test fails occasionally due to timing issues, because the session
file may have been unlinked by the first `session_start()`'s GC. We
adapt the test expectation to this reality.
show more ...
|
| 2c0a6977 | 21-Jul-2020 |
Christoph M. Becker |
7.3 is now 7.3.22-dev |
| b2e3fd1e | 10-Jul-2020 |
Christoph M. Becker |
Fix #63527: DCOM does not work with Username, Password parameter
We must not mix multibyte and wide character strings in the
`COAUTHIDENTITY` structure. Using wide character strings thr
Fix #63527: DCOM does not work with Username, Password parameter
We must not mix multibyte and wide character strings in the
`COAUTHIDENTITY` structure. Using wide character strings throughout
would have the advantage that the remote connection can be established
regardless of the code page of the server, but that would more likely
break BC, so we just drop the wide character string conversion of the
username.
show more ...
|
| 2c57378b | 14-Jul-2020 |
Andy Postnikov |
Fix bug #78008: dns_check_record() always return true on Alpine
- free handle before return result
- cleaned up remaining usage of MAXPACKET
- update dns_get_mx() to use the same app
Fix bug #78008: dns_check_record() always return true on Alpine
- free handle before return result
- cleaned up remaining usage of MAXPACKET
- update dns_get_mx() to use the same approach
Closes GH-5854.
show more ...
|
| ce149b0c | 13-Jul-2020 |
Evgeny Stepanischev |
Fixed bug #79849
Closes GH-5853. |
| f0b2c2cb | 11-Jul-2020 |
twosee |
Fixed BC break of php_debug_zval_dump
It introduced by fixing bug #79830 |
| 56dec3cc | 11-Jul-2020 |
twosee |
Fixed bug #79830 introduced by fixing bug #79821
This also fixes memory error in debug_zval_dump and var_export. |
| 150504e6 | 10-Jul-2020 |
twosee |
Fixed bug #79821
HashTable was reallocated (zend_hash_packed_grow) during php_var_dump, so we should call GC_ADDREF to make SEPARATE_ARRAY work.
Closes GH-5837. |
| a72c53a0 | 10-Jul-2020 |
Nikita Popov |
Fixed bug #79817
Use *_IND macros in a few places in string.c. |
| 23ef0a12 | 03-Jul-2020 |
Paweł Tomulik |
Fix some memory bugs in ldap.c |
| 3d5de7d7 | 04-Jul-2020 |
XXiang |
Fix bug #79787
Closes GH-5807. |
| e6160e99 | 03-Jun-2020 |
Nikita Popov |
Report len as -1 instead of INT_MAX
Per docs it should be -1. And would be on 32-bit systems, but
not on 64-bit systems.
(cherry picked from commit 39111585a2f8e40e72bdc662eb8b2
Report len as -1 instead of INT_MAX
Per docs it should be -1. And would be on 32-bit systems, but
not on 64-bit systems.
(cherry picked from commit 39111585a2f8e40e72bdc662eb8b2e3c19e93615)
show more ...
|
| f23bd488 | 07-Jul-2020 |
Christoph M. Becker |
Don't use deprecated curly brace offset syntax
(cherry picked from commit 7ec3aa1871074f5de25865af42c984a7668eb85f)
Better safe than sorry in case someone ever builds PHP 7.3 with a
Don't use deprecated curly brace offset syntax
(cherry picked from commit 7ec3aa1871074f5de25865af42c984a7668eb85f)
Better safe than sorry in case someone ever builds PHP 7.3 with a
future version of PHP SDK with bundled PHP 8.
show more ...
|
| 64931fd3 | 07-Jul-2020 |
Nikita Popov |
Fixed bug #79792
We need to remove the iterators even if the array is empty (we
will not create one if the first place, but the array may become
empty after the fact). |
| b765f96f | 07-Jul-2020 |
Nikita Popov |
Fixed bug #79778
In the interest of avoiding side-effects during dumping, I'm
replacing the value with a <constant ast> string instead of
performing an update constant operation. |
| 187a72d5 | 30-Jun-2020 |
Nikita Popov |
Remove bogus generator iterator dtor
Fixes a use-after-free encountered in Symfony's SecurityBundle.
I don't have a reproducer for this, and believe the issue can only
occur if we le
Remove bogus generator iterator dtor
Fixes a use-after-free encountered in Symfony's SecurityBundle.
I don't have a reproducer for this, and believe the issue can only
occur if we leak an iterator (the leak is a separate issue).
We should not free the generator iterator here, because we do not
own it. The code that fetched the iterator is responsible for
releasing it. In the rare case where we do hit this code-path,
we cause a use-after-free.
show more ...
|
| fc6f53d4 | 30-Jun-2020 |
Nikita Popov |
Fix leak when setting cyclic previous exception in finally
A curious exception handling pattern found in Symfony's HttpClient. |
| 7f3bc642 | 05-Mar-2020 |
Christoph M. Becker |
Fix #70362: Can't copy() large 'data://' with open_basedir
open_basedir is only relevant for plain files, so there is no need to
check it for other URL wrappers. |
| a385cfa7 | 29-Jun-2020 |
Christoph M. Becker |
Fix #63208: BSTR to PHP string conversion not binary safe
A `BSTR` is similar to a `zend_string`; it stores the length of the
string just before the actual string, and thus the string ma
Fix #63208: BSTR to PHP string conversion not binary safe
A `BSTR` is similar to a `zend_string`; it stores the length of the
string just before the actual string, and thus the string may contain
NUL bytes. However, `php_com_olestring_to_string()` is supposed to
deal with arbitrary `OLECHAR*`s which may not be `BSTR`s, so we
introduce `php_com_bstr_to_string()` and use it for the only case where
we actually have to deal with `BSTR`s which may contain NUL bytes.
Contrary to `php_com_olestring_to_string()` we return a `zend_string`,
so we can save the re-allocation when converting to a `zval`.
We also cater to `php_com_string_to_olestring()` not being binary safe,
with basically the same fix we did for `php_com_olestring_to_string()`.
show more ...
|
| 816b4c12 | 29-Jun-2020 |
Christoph M. Becker |
Fix #79756: finfo_file crash (FILEINFO_MIME)
If `ctime` or `asctime` return `NULL`, we must not attempt to copy the
buffer, but rather return `NULL` as well. |
| 43cd3f68 | 26-Jun-2020 |
Nikita Popov |
Fixed bug #79741 |
