| #
e9b8b085 |
| 27-Jan-2021 |
Stanislav Malyshev |
Rm unneeded function
|
| #
4a89e726 |
| 19-Jan-2021 |
Christoph M. Becker |
Alternative fix for bug 77423
That bug report originally was about `parse_url()` misbehaving, but the
security aspect was actually only regarding `FILTER_VALIDATE_URL`.
Since the cha
Alternative fix for bug 77423
That bug report originally was about `parse_url()` misbehaving, but the
security aspect was actually only regarding `FILTER_VALIDATE_URL`.
Since the changes to `parse_url_ex()` apparently affect userland code
which is relying on the sloppy URL parsing[1], this alternative
restores the old parsing behavior, but ensures that the userinfo is
checked for correctness for `FILTER_VALIDATE_URL`.
[1] <https://github.com/php/php-src/commit/5174de7cd33c3d4fa591c9c93859ff9989b07e8c#commitcomment-45967652>
show more ...
|
|
Revision tags: php-8.0.0, php-7.3.25, php-7.4.13, php-8.0.0RC5, php-7.4.13RC1, php-8.0.0RC4, php-7.3.25RC1, php-7.4.12, php-8.0.0RC3, php-7.3.24, php-8.0.0RC2, php-7.4.12RC1, php-7.3.24RC1, php-7.2.34, php-8.0.0rc1, php-7.4.11, php-7.3.23, php-8.0.0beta4, php-7.4.11RC1, php-7.3.23RC1, php-8.0.0beta3, php-7.4.10, php-7.3.22, php-8.0.0beta2, php-7.3.22RC1, php-7.4.10RC1, php-8.0.0beta1, php-7.4.9, php-7.2.33, php-7.3.21, php-8.0.0alpha3, php-7.4.9RC1, php-7.3.21RC1, php-7.4.8, php-7.2.32, php-8.0.0alpha2, php-7.3.20, php-8.0.0alpha1, php-7.4.8RC1, php-7.3.20RC1, php-7.4.7, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1 |
|
| #
b132da7f |
| 13-May-2020 |
Christoph M. Becker |
Fix #77423: parse_url() will deliver a wrong host to user
To avoid that `parse_url()` returns an erroneous host, which would be
valid for `FILTER_VALIDATE_URL`, we make sure that only us
Fix #77423: parse_url() will deliver a wrong host to user
To avoid that `parse_url()` returns an erroneous host, which would be
valid for `FILTER_VALIDATE_URL`, we make sure that only userinfo which
is valid according to RFC 3986 is treated as such.
For consistency with the existing url parsing code, we use ctype
functions, although that is not necessarily correct.
show more ...
|
| #
2d3d7241 |
| 13-May-2020 |
Christoph M. Becker |
Fix #77423: parse_url() will deliver a wrong host to user
To avoid that `parse_url()` returns an erroneous host, which would be
valid for `FILTER_VALIDATE_URL`, we make sure that only us
Fix #77423: parse_url() will deliver a wrong host to user
To avoid that `parse_url()` returns an erroneous host, which would be
valid for `FILTER_VALIDATE_URL`, we make sure that only userinfo which
is valid according to RFC 3986 is treated as such.
For consistency with the existing url parsing code, we use ctype
functions, although that is not necessarily correct.
show more ...
|
| #
2cab085b |
| 04-Nov-2020 |
Christoph M. Becker |
Fix #80266: parse_url silently drops port number 0
As of commit 81b2f3e[1], `parse_url()` accepts URLs with a zero port,
but does not report that port, what is wrong in hindsight.
Fix #80266: parse_url silently drops port number 0
As of commit 81b2f3e[1], `parse_url()` accepts URLs with a zero port,
but does not report that port, what is wrong in hindsight.
Since the port number is stored as `unsigned short` there is no way to
distinguish between port zero and no port. For BC reasons, we thus
introduce `parse_url_ex2()` which accepts an output parameter that
allows that distinction, and use the new function to fix the behavior.
The introduction of `parse_url_ex2()` has been suggested by Nikita.
[1] <http://git.php.net/?p=php-src.git;a=commit;h=81b2f3e5d9fcdffd87a4fcd12bd8c708a97091e1>
Closes GH-6399.
show more ...
|
| #
76e4bf30 |
| 24-Oct-2020 |
Máté Kocsis |
Parameter type and name fixes in ext/standard
Closes GH-6382
|
| #
81b2f3e5 |
| 20-Sep-2020 |
Christoph M. Becker |
Fix #80114: parse_url does not accept URLs with port 0
URIs with a 0 port are generally valid, so `parse_url()` should
recognize such URIs, but still report the port as missing.
Fix #80114: parse_url does not accept URLs with port 0
URIs with a 0 port are generally valid, so `parse_url()` should
recognize such URIs, but still report the port as missing.
Co-authored-by: twosee <twose@qq.com>
Closes GH-6152.
show more ...
|
| #
4a2ae841 |
| 07-Sep-2020 |
Dmitry Stogov |
Add "const". Move constant strings to read-only memory.
|
| #
54dbd3ec |
| 02-Sep-2020 |
Nikita Popov |
Fix binary-safety of parse_url
php_parse_url() is intended to support strings that are not zero
terminated. We can't use strcspn in the implementation.
As we have two uses of st
Fix binary-safety of parse_url
php_parse_url() is intended to support strings that are not zero
terminated. We can't use strcspn in the implementation.
As we have two uses of strcspn, add a helper.
show more ...
|
| #
2b5de6f8 |
| 01-Jul-2020 |
Max Semenik |
Remove proto comments from C files
Closes GH-5758
|
|
Revision tags: php-7.4.6, php-7.2.31, php-7.4.6RC1, php-7.3.18RC1 |
|
| #
c4f716a2 |
| 24-Apr-2020 |
Alex Dowad |
Fix {{{ comment to match function name for php_replace_controlchars_ex
|
| #
e97a6796 |
| 09-May-2020 |
Xinchen Hui |
drop use of extract_epi16
|
| #
af112f65 |
| 08-May-2020 |
Xinchen Hui |
Use SSE2 instructions do url_encode
|
| #
661c0ac7 |
| 15-Apr-2020 |
Nikita Popov |
Remove support for EBCDIC
Closes GH-5390.
|
|
Revision tags: php-7.2.30, php-7.4.5, php-7.3.17 |
|
| #
9d6bf822 |
| 14-Apr-2020 |
Stanislav Malyshev |
Fix bug #79465 - use unsigneds as indexes.
|
| #
2d1bf697 |
| 09-Apr-2020 |
Nikita Popov |
Add Z_PARAM_RESOURCE_OR_NULL()
As a more explicit alternative to Z_PARAM_RESOURCE_EX(, 1, 0).
|
|
Revision tags: php-7.4.5RC1, php-7.3.17RC1, php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1 |
|
| #
bb6f3740 |
| 24-Feb-2020 |
Máté Kocsis |
Improve argument error messages in ext/standard
Closes GH-5198
|
| #
2bc92a0c |
| 16-Mar-2020 |
Stanislav Malyshev |
Fix bug #79329 - get_headers should not accept \0
|
| #
335547a0 |
| 16-Mar-2020 |
Stanislav Malyshev |
Fix bug #79329 - get_headers should not accept \0
|
| #
69fdc141 |
| 16-Mar-2020 |
Stanislav Malyshev |
Fix bug #79329 - get_headers should not accept \0
|
| #
0d139c5b |
| 16-Mar-2020 |
Stanislav Malyshev |
Fix bug #79329 - get_headers should not accept \0
|
|
Revision tags: php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14 |
|
| #
f553e676 |
| 11-Jan-2020 |
Islam Israfilov |
Fixed #78385: Distinguish absent/empty query/fragment
http://example.com/foo => query = null, fragment = null
http://example.com/foo? => query = "", fragment = null
http://examp
Fixed #78385: Distinguish absent/empty query/fragment
http://example.com/foo => query = null, fragment = null
http://example.com/foo? => query = "", fragment = null
http://example.com/foo# => query = null, fragment = ""
http://example.com/foo?# => query = "", fragment = ""
Closes GH-5078.
show more ...
|
|
Revision tags: php-7.3.14RC1, php-7.4.2RC1, php-7.4.1, php-7.2.26, php-7.3.13 |
|
| #
f0b5d55c |
| 10-Dec-2019 |
Máté Kocsis |
Promote warning to exception in parse_url()
|
|
Revision tags: php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3 |
|
| #
5d6e923d |
| 24-Sep-2019 |
Gabriel Caruso |
Remove mention of PHP major version in Copyright headers
Closes GH-4732.
|
|
Revision tags: php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3 |
|
| #
4b864c2e |
| 08-Jul-2019 |
Peter Kokot |
Remove APACHE symbol
The APACHE symbol was used in very early PHP versions to indicate the
Apache module usage. Since PHP 4 this is no longer used in the code.
|
