| #
c2eafc29 |
| 29-Mar-2022 |
Christoph M. Becker |
Fix #81714: segfault when serializing finalized HashContext
We must not allow to serialize already finalized `HashContext`s, since
the internal context is already freed. Since there is
Fix #81714: segfault when serializing finalized HashContext
We must not allow to serialize already finalized `HashContext`s, since
the internal context is already freed. Since there is not much point
in serializing finalized `HashContext`s, we just bail out in that case.
Closes GH-8265.
show more ...
|
|
Revision tags: php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1 |
|
| #
7e339a33 |
| 08-Sep-2020 |
Nikita Popov |
Make null byte error a ValueError
Currently we treat paths with null bytes as a TypeError, which is
incorrect, and rather inconsistent, as we treat empty paths as
ValueError. We do t
Make null byte error a ValueError
Currently we treat paths with null bytes as a TypeError, which is
incorrect, and rather inconsistent, as we treat empty paths as
ValueError. We do this because the error is generated by zpp and
it's easier to always throw TypeError there.
This changes the zpp implementation to throw a TypeError only if
the type is actually wrong and throw ValueError for null bytes.
The error message is also split accordingly, to be more precise.
Closes GH-6094.
show more ...
|
|
Revision tags: php-8.0.0beta3, php-7.4.10, php-7.3.22 |
|
| #
736c5dca |
| 19-Aug-2020 |
Dmitry Stogov |
Fixed memory leak (ext/hash/tests/mhash_001.phpt failure)
|
|
Revision tags: php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1 |
|
| #
f83368c6 |
| 13-Aug-2020 |
Máté Kocsis |
Fix ZPP for mhash()
Closes GH-5985
|
|
Revision tags: php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8, php-7.2.32, php-8.0.0alpha2, php-7.3.20 |
|
| #
2b5de6f8 |
| 01-Jul-2020 |
Max Semenik |
Remove proto comments from C files
Closes GH-5758
|
|
Revision tags: php-8.0.0alpha1, php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19 |
|
| #
ada776c8 |
| 08-Jun-2020 |
Eddie Kohler |
Make HashContexts serializable.
* Modify php_hash_ops to contain the algorithm name and
serialize and unserialize methods.
* Implement __serialize and __unserialize magic meth
Make HashContexts serializable.
* Modify php_hash_ops to contain the algorithm name and
serialize and unserialize methods.
* Implement __serialize and __unserialize magic methods on
HashContext.
Note that serialized HashContexts are not necessarily portable
between PHP versions or from architecture to architecture.
(Most are, though Keccak and slow SHA3s are not.)
An exception is thrown when an unsupported serialization is
attempted.
Because of security concerns, HASH_HMAC contexts are not
currently serializable; attempting to serialize one throws
an exception.
Serialization exposes the state of HashContext memory, so ensure
that memory is zeroed before use by allocating it with a new
php_hash_alloc_context function. Performance impact is
negligible.
Some hash internal states have logical pointers into a buffer,
or sponge, that absorbs input provided in bytes rather than
chunks. The unserialize functions for these hash functions
must validate that the logical pointers are all within bounds,
lest future hash operations cause out-of-bounds memory accesses.
* Adler32, CRC32, FNV, joaat: simple state, no buffer positions
* Gost, MD2, SHA3, Snefru, Tiger, Whirlpool: buffer positions
must be validated
* MD4, MD5, SHA1, SHA2, haval, ripemd: buffer positions encoded
bitwise, forced to within bounds on use; no need to validate
show more ...
|
| #
1e9ff7e7 |
| 22-Jun-2020 |
Eddie Kohler |
SHA-3 Keccak_Hash: Store Keccak_HashInstance in the main context.
Previously, the Keccak_HashInstance was separately allocated.
This could cause memory leaks on errors. For instance,
SHA-3 Keccak_Hash: Store Keccak_HashInstance in the main context.
Previously, the Keccak_HashInstance was separately allocated.
This could cause memory leaks on errors. For instance,
in php_hash_do_hash_hmac, the following code cleans up after
a file read error:
if (n < 0) {
efree(context);
efree(K);
zend_string_release(digest);
RETURN_FALSE;
}
This does not call the context's hash_final operation, which
was the only way to free the separately-allocated Keccak state.
The simplest fix is simply to place the Keccak_HashInstance state
inside the context object. Then it doesn't need to be freed.
As a result, there is no need to call hash_final in the
HashContext destructor: HashContexts cannot contain internally
allocated resources.
show more ...
|
|
Revision tags: php-7.4.7RC1, php-7.3.19RC1, php-7.4.6, php-7.2.31 |
|
| #
3ebce8e9 |
| 02-May-2020 |
Máté Kocsis |
Fix UNKNOWN default values in various extensions
Closes GH-5514
|
|
Revision tags: php-7.4.6RC1, php-7.3.18RC1 |
|
| #
6111d64c |
| 16-Apr-2020 |
Máté Kocsis |
Improve a last couple of argument error messages
Closes GH-5404
|
|
Revision tags: php-7.2.30, php-7.4.5, php-7.3.17 |
|
| #
3fe49d81 |
| 11-Apr-2020 |
Máté Kocsis |
Generate method entries from stubs for a couple of extensions
Closes GH-5368
|
| #
3e5fdef9 |
| 06-Apr-2020 |
Nikita Popov |
Inline a ZEND_NUM_ARGS() variable
|
| #
5322de1b |
| 04-Apr-2020 |
Máté Kocsis |
Generate functions entries from stubs for another set of extensions
Closes GH-5351
|
|
Revision tags: php-7.4.5RC1, php-7.3.17RC1 |
|
| #
c5fe1a19 |
| 18-Mar-2020 |
Máté Kocsis |
Improve error messages of ext/hash
Closes GH-5275
|
| #
d5871e26 |
| 18-Mar-2020 |
Máté Kocsis |
Promote warnings to exceptions in ext/hash
|
|
Revision tags: php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28 |
|
| #
80392253 |
| 13-Feb-2020 |
Nikita Popov |
Add arginfo for HashContext::__construct()
Arginfo was already generated, just not referenced.
|
|
Revision tags: php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14 |
|
| #
99db00b1 |
| 19-Jan-2020 |
Máté Kocsis |
Fix #78880 Another round
|
| #
d1764ca3 |
| 15-Jan-2020 |
Máté Kocsis |
Make error messages more consistent by fixing capitalization
Closes GH-5066 As a first step, let's capitalize their initial letter when it is applicable.
|
|
Revision tags: php-7.3.14RC1, php-7.4.2RC1 |
|
| #
a6486088 |
| 30-Dec-2019 |
Nikita Popov |
Switch hash() function to use fastzpp
For short inputs ZPP can be a large fraction of the hash()
execution time.
|
| #
7c787e56 |
| 30-Dec-2019 |
Nikita Popov |
Switch php_hash_fetch_ops() to use zend_string
This has two advantages: If the string is already lowercase, we
do not need to copy it, and it will hopefully match the interned
string
Switch php_hash_fetch_ops() to use zend_string
This has two advantages: If the string is already lowercase, we
do not need to copy it, and it will hopefully match the interned
string name of the hash, making the comparison more efficient.
show more ...
|
| #
349a2864 |
| 01-Jan-2020 |
Máté Kocsis |
Use RETURN_THROWS() after zend_throw_error()
|
| #
9099dbd9 |
| 01-Jan-2020 |
Máté Kocsis |
Use RETURN_THROWS() after zend_type_error()
|
| #
d9ac1ca8 |
| 30-Dec-2019 |
Máté Kocsis |
Use ZEND_THROWS() during ZPP in the GD, gettext, GMP, and hash extensions
|
| #
d59bc807 |
| 18-Dec-2019 |
Máté Kocsis |
Fix smaller issues with stubs
GH-5025
|
|
Revision tags: php-7.4.1, php-7.2.26, php-7.3.13, php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1 |
|
| #
94938934 |
| 29-Oct-2019 |
Máté Kocsis |
Cleanup return values when parameter parsing is unsuccessful
|
|
Revision tags: php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1 |
|
| #
95181553 |
| 07-Oct-2019 |
Gabriel Caruso |
Add missing zend_parse_parameters_none() checks
Closes GH-4796.
|
