#
432bf196 |
| 27-Sep-2022 |
Christoph M. Becker |
Fix regression introduced by fixing bug 81726 When a tar phar is created, `phar_open_from_fp()` is also called, but since the file has just been created, none of the format checks can
Fix regression introduced by fixing bug 81726 When a tar phar is created, `phar_open_from_fp()` is also called, but since the file has just been created, none of the format checks can succeed, so we continue to loop, but must not check again for the format. Therefore, we bring back the old `test` variable. Closes GH-9620.
show more ...
|
#
404e8bdb |
| 25-Jul-2022 |
Christoph M. Becker |
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. Th
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. This raises potential DOS issues regarding too deep or even infinite recursion (the latter are called compressed file quines[1]). We avoid that by introducing a recursion limit; we choose the somewhat arbitrary limit `3`. This issue has been reported by real_as3617 and gPayl0ad. [1] <https://honno.dev/gzip-quine/>
show more ...
|
#
1bb2a4f9 |
| 26-Jan-2021 |
Christoph M. Becker |
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrie
Fix #53467: Phar cannot compress large archives When Phars are flushed, a new temporary file is created for each entry which should be compressed, and the `compressed_filesize` is retrieved. Afterwards, the Phar manifest is written, and only after that the files are copied to the actual Phar. So for each such entry there is an open temp file, what easily exceeds the limit. Therefore, we use a single temporary file for all entries, and store the start offset in the otherwise unused `header_offset` member. We ensure that the `cfp` members are properly set to NULL even if flushing fails, to avoid use after free scenarios. This solution is based on a suggestion by @lserni[1]. Closes GH-6643. [1] <https://github.com/box-project/box2/issues/80#issuecomment-77147371>
show more ...
|
#
61ed904c |
| 25-Jan-2021 |
Christoph M. Becker |
Fix #75850: Unclear error message wrt. __halt_compiler() w/o semicolon We add the failure reason to the error message. Closes GH-6638.
|
#
92c23e1f |
| 09-Dec-2019 |
Dmitry Stogov |
Call zend_unregister_ini_entries() when unload extension loaded through dl() without MSHUTDOWN callback. Extensions with MSHUTDOWN should use UNREGISTER_INI_ENTRIES().
|
Revision tags: php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4 |
|
#
46561dab |
| 10-Oct-2019 |
Nikita Popov |
Fix leak in phar open
|
Revision tags: php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1 |
|
#
d9680272 |
| 24-Jul-2019 |
Nikita Popov |
Revert "Drop free_filename field from zend_file_handle" This reverts commit e0eca262852dba1a78afcde64a49126c81fead1a. free_filename is used by the wincache extension, restore this
Revert "Drop free_filename field from zend_file_handle" This reverts commit e0eca262852dba1a78afcde64a49126c81fead1a. free_filename is used by the wincache extension, restore this field for PHP 7.4.
show more ...
|
#
5664035f |
| 22-Jul-2019 |
Nikita Popov |
Also report errors from Zend stream reader operation
|
#
856c5d28 |
| 17-Jul-2019 |
Nikita Popov |
Revert "Avoid unused fstat() call" This reverts commit 5a90dc77b8f244f603082aea022fadc0ce2c009c. Let's try to go with the reverse direction here and actually trust the reported
Revert "Avoid unused fstat() call" This reverts commit 5a90dc77b8f244f603082aea022fadc0ce2c009c. Let's try to go with the reverse direction here and actually trust the reported size...
show more ...
|
#
5a90dc77 |
| 17-Jul-2019 |
Nikita Popov |
Avoid unused fstat() call If we're including a file via PHP streams, we're not going to trust the reported file size anyway and populate in a loop -- so don't bother determining the
Avoid unused fstat() call If we're including a file via PHP streams, we're not going to trust the reported file size anyway and populate in a loop -- so don't bother determining the file size in the first place. Only do this for non-tty HANDLE_FP now, which is the only case where this information was used.
show more ...
|
#
b317f0eb |
| 16-Jul-2019 |
Nikita Popov |
Remove ZEND_HANDLE_MAPPED The buf/len members are now simply used in addition to the main stream, without changing the handle kind.
|
#
e0eca262 |
| 16-Jul-2019 |
Nikita Popov |
Drop free_filename field from zend_file_handle free_filename was always zero.
|
#
290e520c |
| 16-Jul-2019 |
Nikita Popov |
Use ZEND_HASH_FOREACH APIs in a few more places
|
Revision tags: php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20 |
|
#
033cafac |
| 26-Jun-2019 |
Peter Kokot |
Sync HAVE_HASH, HAVE_HASH_EXT, PHAR_HASH_OK symbols The hash extension is always available since PHP-7.4. The symbol HAVE_HASH_EXT is kept for BC reasons and removed in PHP-8.0.
Sync HAVE_HASH, HAVE_HASH_EXT, PHAR_HASH_OK symbols The hash extension is always available since PHP-7.4. The symbol HAVE_HASH_EXT is kept for BC reasons and removed in PHP-8.0. This patch also removes the PHAR_HASH_OK since it is no longer relevant.
show more ...
|
Revision tags: php-7.4.0alpha2 |
|
#
c7962207 |
| 24-Jun-2019 |
Nikita Popov |
Fix stream leak in phar cache_list
|
#
43dd1ac5 |
| 24-Jun-2019 |
Nikita Popov |
Avoid confusing gotos in phar_split_cache_list
|
Revision tags: php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5 |
|
#
be74a004 |
| 26-Apr-2019 |
Christoph M. Becker |
Fix VirtualProtect() related Phar issues We must not (try to) modify shared values, but rather have to use our own copies, if unixified filenames are required on Windows. To avoid e
Fix VirtualProtect() related Phar issues We must not (try to) modify shared values, but rather have to use our own copies, if unixified filenames are required on Windows. To avoid excessive string duplication, we add checks whether the filenames are already unixified (i.e. do not contain backslashes). To improve the performance if we need to copy strings, we use do_alloca() and friends. Besides generally being somewhat messy, the handling of unixified filenames is still suboptimal performance-wise, but we leave this for a future cleanup, and focus on fixing the issue at hand for now. We also enable opcache.protect_memory for the AppVeyor CI.
show more ...
|
Revision tags: php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16 |
|
#
7f0ab7c2 |
| 04-Mar-2019 |
Stanislav Malyshev |
Fix bug #77396 - Null Pointer Dereference in phar_create_or_parse_filename
|
Revision tags: php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2 |
|
#
c245898b |
| 03-Feb-2019 |
Peter Kokot |
Update and fix remaining year ranges (2019) This patch follows previous license year ranges updates. With new approach source code files now have simplified headers with license info
Update and fix remaining year ranges (2019) This patch follows previous license year ranges updates. With new approach source code files now have simplified headers with license information without year ranges.
show more ...
|
Revision tags: php-7.2.15RC1 |
|
#
92ac598a |
| 22-Jan-2019 |
Peter Kokot |
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly used by Vim and Emacs editors yet with recent changes the once working definitions don't work anymore in Vim without custom plugins or additional configuration. Neither are these settings synced across the PHP code base. A simpler and better approach is EditorConfig and fixing code using some code style fixing tools in the future instead. This patch also removes the so called modelines for Vim. Modelines allow Vim editor specifically to set some editor configuration such as syntax highlighting, indentation style and tab width to be set in the first line or the last 5 lines per file basis. Since the php test files have syntax highlighting already set in most editors properly and EditorConfig takes care of the indentation settings, this patch removes these as well for the Vim 6.0 and newer versions. With the removal of local variables for certain editors such as Emacs and Vim, the footer is also probably not needed anymore when creating extensions using ext_skel.php script. Additionally, Vim modelines for setting php syntax and some editor settings has been removed from some *.phpt files. All these are mostly not relevant for phpt files neither work properly in the middle of the file.
show more ...
|
Revision tags: php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14 |
|
#
78bd3477 |
| 30-Dec-2018 |
Stanislav Malyshev |
Fix bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext)
|
#
428d8164 |
| 30-Dec-2018 |
Stanislav Malyshev |
Fix bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext)
|
#
c706adaa |
| 27-Dec-2018 |
Dmitry Stogov |
Added missing invalidations.
|
#
675a8a64 |
| 27-Dec-2018 |
Dmitry Stogov |
Use HT_IS_INITIALIZED() and HT_INVALIDATE() macros instead of hackish HT_FLAGS assumtions.
|
Revision tags: php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1, php-7.2.13RC1, php-7.3.0RC6 |
|
#
48f0f73f |
| 12-Nov-2018 |
Stanislav Malyshev |
Fix bug #77143 - add more checks to buffer reads
|