#
a92acbad |
| 23-Jan-2023 |
Tim Düsterhus |
crypt: Fix possible buffer overread in php_crypt()
|
Revision tags: php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1 |
|
#
032f8621 |
| 07-Sep-2020 |
Nikita Popov |
Drop support for crypt() without explicit salt crypt() without salt generates a weak $1$ MD5 hash. It has been throwing a notice since 2013 and we provide a much better alternative i
Drop support for crypt() without explicit salt crypt() without salt generates a weak $1$ MD5 hash. It has been throwing a notice since 2013 and we provide a much better alternative in password_hash() (which can auto-generate salts for strong password hashes), so keeping this is just a liability.
show more ...
|
Revision tags: php-8.0.0beta3, php-7.4.10, php-7.3.22, php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1, php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8, php-7.2.32, php-8.0.0alpha2, php-7.3.20 |
|
#
2b5de6f8 |
| 01-Jul-2020 |
Max Semenik |
Remove proto comments from C files Closes GH-5758
|
Revision tags: php-8.0.0alpha1 |
|
#
19d3e29b |
| 23-Jun-2020 |
Alex Dowad |
Clean house in cryptographic hashing code - Remove dead code from php_crypt_r.c This code has been commented out since the file was added in 2008. It's safe to say that no-o
Clean house in cryptographic hashing code - Remove dead code from php_crypt_r.c This code has been commented out since the file was added in 2008. It's safe to say that no-one is ever going to use it. - Fix typo in comment in php_crypt_r.c - Remove redundant Windows-only implementation of php_md5_crypt_r There is a portable implementation in the same file, which is selected if not building for Windows. But why should Windows have its own special implementation of this function at all? There doesn't seem to be any good reason. Better to use the portable implementation on all platforms. - Don't define useless __CONST macro in php_crypt_r.h This preprocessor macro is not used anywhere. - Add comment on functions for encoding data as Base64 - Remove dead code from crypt_blowfish.h - Remove unneeded junk comments from crypt_freesec.c - Remove dead code from crypt_blowfish.c This function has been commented out since 2011.
show more ...
|
#
187d7f05 |
| 24-Jun-2020 |
Nikita Popov |
Fix potential use-after-scope if crypt_r is used
|
#
d579b10c |
| 24-Jun-2020 |
Nikita Popov |
Remove deprecated DES fallback in crypt()
|
#
565baf05 |
| 24-Jun-2020 |
Nikita Popov |
Handle *0 / *1 more consistently Avoid throwing a DES salt deprecation warning if the libc crypt implementation is used.
|
Revision tags: php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1, php-7.4.6, php-7.2.31, php-7.4.6RC1, php-7.3.18RC1, php-7.2.30, php-7.4.5, php-7.3.17, php-7.4.5RC1, php-7.3.17RC1, php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14, php-7.3.14RC1, php-7.4.2RC1, php-7.4.1, php-7.2.26, php-7.3.13, php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3 |
|
#
5d6e923d |
| 24-Sep-2019 |
Gabriel Caruso |
Remove mention of PHP major version in Copyright headers Closes GH-4732.
|
Revision tags: php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8 |
|
#
946a1e43 |
| 24-Jul-2019 |
Remi Collet |
Fix build warnings - switch from strncpy to memcpy for -Wstringop-truncation
|
Revision tags: php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3 |
|
#
4b5e824a |
| 19-Jun-2019 |
Nikita Popov |
Use unsigned char in _crypt_extended_r Avoid signed shift UB.
|
Revision tags: php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16, php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2, php-7.2.15RC1 |
|
#
92ac598a |
| 22-Jan-2019 |
Peter Kokot |
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly used by Vim and Emacs editors yet with recent changes the once working definitions don't work anymore in Vim without custom plugins or additional configuration. Neither are these settings synced across the PHP code base. A simpler and better approach is EditorConfig and fixing code using some code style fixing tools in the future instead. This patch also removes the so called modelines for Vim. Modelines allow Vim editor specifically to set some editor configuration such as syntax highlighting, indentation style and tab width to be set in the first line or the last 5 lines per file basis. Since the php test files have syntax highlighting already set in most editors properly and EditorConfig takes care of the indentation settings, this patch removes these as well for the Vim 6.0 and newer versions. With the removal of local variables for certain editors such as Emacs and Vim, the footer is also probably not needed anymore when creating extensions using ext_skel.php script. Additionally, Vim modelines for setting php syntax and some editor settings has been removed from some *.phpt files. All these are mostly not relevant for phpt files neither work properly in the middle of the file.
show more ...
|
#
0cf7de1c |
| 30-Jan-2019 |
Zeev Suraski |
Remove yearly range from copyright notice
|
#
38c337f2 |
| 30-Jan-2019 |
Zeev Suraski |
Remove year range from copyright notice
|
Revision tags: php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14, php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1, php-7.2.13RC1, php-7.3.0RC6, php-7.1.24, php-7.2.12, php-7.3.0RC5 |
|
#
9afce019 |
| 01-Nov-2018 |
Zeev Suraski |
Future-proof email addresses
|
#
67e0138c |
| 01-Nov-2018 |
Zeev Suraski |
Future-proof email addresses...
|
Revision tags: php-7.1.24RC1, php-7.2.12RC1, php-7.3.0RC4, php-7.1.23, php-7.2.11, php-7.3.0RC3, php-7.1.23RC1, php-7.2.11RC1, php-7.3.0RC2 |
|
#
d3ca28f5 |
| 15-Sep-2018 |
Peter Kokot |
Remove HAVE_STRING_H The C89 standard and later defines the `<string.h>` header as part of the standard headers [1] and on current systems it is always present. Code included al
Remove HAVE_STRING_H The C89 standard and later defines the `<string.h>` header as part of the standard headers [1] and on current systems it is always present. Code included also `<strings.h>` header as an alterinative in some files. This kind of check was relevant on some older systems where the `<strings.h>` file included definitions for the C89 compliant `<string.h>`. Today such alternative check is not required anymore. The `<strings.h>` file is part of the POSIX definition these days. Also Autoconf suggests doing this and relying on C89 or above [2] and [3]. This patch also cleans few unused `<strings.h>` inclusions in the libmbfl. [1]: https://port70.net/~nsz/c/c89/c89-draft.html#4.1.2 [2]: http://git.savannah.gnu.org/cgit/autoconf.git/tree/lib/autoconf/headers.m4 [3]: https://www.gnu.org/software/autoconf/manual/autoconf-2.69/autoconf.html
show more ...
|
Revision tags: php-5.6.38, php-7.1.22, php-7.3.0RC1, php-7.2.10, php-7.0.32, php-7.1.22RC1, php-7.3.0beta3, php-7.2.10RC1 |
|
#
cbc785dc |
| 26-Aug-2018 |
Peter Kokot |
Remove AC_STRUCT_TM macro Autoconf 2.59d (released in 2006) [1] started promoting several macros as not relevant for newer systems anymore, including the `AC_STRUCT_TM`. This ma
Remove AC_STRUCT_TM macro Autoconf 2.59d (released in 2006) [1] started promoting several macros as not relevant for newer systems anymore, including the `AC_STRUCT_TM`. This macro checks if `struct tm` is defined in either `<sys/time.h>` or `<time.h>` and defines the `TM_IN_SYS_TIME` symbol accordingly. This check was relevant in times before the C89 for some embedded systems, microcontrollers or very old systems. For newer systems it can be avoided and the `<time.h>` should be included instead since current systems should be well supported by now. [2] Since PHP requires at least C89, this patch removes the obsolescent call and time.h checks. Refs: - [1]: http://git.savannah.gnu.org/cgit/autoconf.git/tree/NEWS - [2]: https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Particular-Structures.html
show more ...
|
Revision tags: php-7.1.21, php-7.2.9, php-7.3.0beta2, php-7.1.21RC1, php-7.3.0beta1, php-7.2.9RC1, php-5.6.37, php-7.1.20, php-7.3.0alpha4, php-7.0.31, php-7.2.8, php-7.1.20RC1, php-7.2.8RC1, php-7.3.0alpha3 |
|
#
8d3f8ca1 |
| 03-Jul-2018 |
Peter Kokot |
Remove unused Git attributes ident The $Id$ keywords were used in Subversion where they can be substituted with filename, last revision number change, last changed date, and last use
Remove unused Git attributes ident The $Id$ keywords were used in Subversion where they can be substituted with filename, last revision number change, last changed date, and last user who changed it. In Git this functionality is different and can be done with Git attribute ident. These need to be defined manually for each file in the .gitattributes file and are afterwards replaced with 40-character hexadecimal blob object name which is based only on the particular file contents. This patch simplifies handling of $Id$ keywords by removing them since they are not used anymore.
show more ...
|
Revision tags: php-7.3.0alpha2, php-7.1.19, php-7.2.7, php-7.1.19RC1, php-7.3.0alpha1, php-7.2.7RC1, php-7.1.18, php-7.2.6, php-7.2.6RC1, php-7.1.18RC1, php-5.6.36, php-7.2.5, php-7.1.17, php-7.0.30, php-7.1.17RC1, php-7.2.5RC1, php-5.6.35, php-7.0.29, php-7.2.4, php-7.1.16, php-7.1.16RC1, php-7.2.4RC1, php-7.1.15, php-5.6.34, php-7.2.3, php-7.0.28, php-7.2.3RC1, php-7.1.15RC1, php-7.1.14, php-7.2.2, php-7.1.14RC1, php-7.2.2RC1, php-7.1.13, php-5.6.33, php-7.2.1, php-7.0.27 |
|
#
a6519d05 |
| 02-Jan-2018 |
Xinchen Hui |
year++
|
#
7a7ec01a |
| 02-Jan-2018 |
Xinchen Hui |
year++
|
#
ccd4716e |
| 02-Jan-2018 |
Xinchen Hui |
year++
|
Revision tags: php-7.2.1RC1, php-7.1.13RC1, php-7.0.27RC1, php-7.2.0, php-7.1.12, php-7.0.26, php-7.1.12RC1, php-7.2.0RC6, php-7.0.26RC1, php-7.1.11, php-5.6.32, php-7.2.0RC5, php-7.0.25, php-7.1.11RC1, php-7.2.0RC4, php-7.0.25RC1, php-7.1.10, php-7.2.0RC3, php-7.0.24, php-7.2.0RC2, php-7.1.10RC1, php-7.0.24RC1, php-7.1.9, php-7.2.0RC1, php-7.0.23, php-7.1.9RC1, php-7.2.0beta3, php-7.0.23RC1, php-7.1.8, php-7.2.0beta2, php-7.0.22, php-7.1.8RC1, php-7.2.0beta1, php-7.0.22RC1, php-5.6.31, php-7.0.21, php-7.1.7, php-7.2.0alpha3, php-7.1.7RC1, php-7.0.21RC1, php-7.2.0alpha2, php-7.1.6, php-7.2.0alpha1, php-7.0.20, php-7.1.6RC1, php-7.0.20RC1, php-7.1.5, php-7.0.19, php-7.0.19RC1, php-7.1.5RC1, php-7.1.4, php-7.0.18, php-7.1.4RC1, php-7.0.18RC1, php-7.1.3, php-7.0.17, php-7.1.3RC1, php-7.0.17RC1, php-7.1.2, php-7.0.16, php-7.0.16RC1, php-7.1.2RC1, php-5.6.30, php-7.0.15, php-5.6.30RC1, php-7.1.1RC1, php-7.0.15RC1 |
|
#
dac6c639 |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
#
478f119a |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
#
9e29f841 |
| 02-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
#
6f3945a9 |
| 30-Dec-2016 |
Sara Golemon |
Use new param API in standard
|