#
df579ada |
| 25-Feb-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix GH-10692: PHP crashes on Windows when an inexistent filename is executed Fixes GH-10692 php_fopen_primary_script() does not initialize all fields of zend_file_handle. So whe
Fix GH-10692: PHP crashes on Windows when an inexistent filename is executed Fixes GH-10692 php_fopen_primary_script() does not initialize all fields of zend_file_handle. So when it fails and when fastcgi is true, the zend_destroy_file_handle() function will try to free uninitialized pointers, causing a segmentation fault. Fix it by zero-initializing file handles just like the zend_stream_init_fp() counterpart does. Closes GH-10697.
show more ...
|
#
ec10b28d |
| 27-Jan-2023 |
Niels Dossche <7771979+nielsdos@users.noreply.github.com> |
Fix array overrun when appending slash to paths Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to ap
Fix array overrun when appending slash to paths Fix it by extending the array sizes by one character. As the input is limited to the maximum path length, there will always be place to append the slash. As the php_check_specific_open_basedir() simply uses the strings to compare against each other, no new failures related to too long paths are introduced. We'll let the DOM and XML case handle a potentially too long path in the library code.
show more ...
|
Revision tags: php-8.1.7RC1, php-8.1.4RC1, php-8.1.3, php-8.1.2RC1, php-8.1.0 |
|
#
96da4619 |
| 16-Nov-2021 |
jlbprof |
Fix for bug in file handling refactor. While testing the cPanel usage of PHP-FPM, we stumbled on this bug. Without the fix, the zend_string is corrupted and getting odd filenames
Fix for bug in file handling refactor. While testing the cPanel usage of PHP-FPM, we stumbled on this bug. Without the fix, the zend_string is corrupted and getting odd filenames When using FPM we kept getting "No input file specified". I work for cPanel and we use PHP extensively.
show more ...
|
Revision tags: php-7.3.33, php-7.3.32, php-7.3.31, php-7.3.30 |
|
#
083d7f58 |
| 02-Jul-2021 |
Nikita Popov |
Reduce stack usage in php_resolve_path() tsrm_realpath() internally always allocates a string. If the out parameter is provided it gets copied there and freed. What we were doing her
Reduce stack usage in php_resolve_path() tsrm_realpath() internally always allocates a string. If the out parameter is provided it gets copied there and freed. What we were doing here was to first copy the path from the allocated string to a stack buffer, and then copy it from the stack buffer to a zend_string. We might as well save one copy and one buffer.
show more ...
|
Revision tags: php-7.3.29 |
|
#
ee9e0754 |
| 21-May-2021 |
Christoph M. Becker |
Fix #76359: open_basedir bypass through adding ".." We explicitly forbid adding paths with a leading `..` to `open_basedir` at runtime. Closes GH-7024.
|
#
ee7a8acd |
| 19-May-2021 |
Nikita Popov |
Fix handling of open_basedir that contains cwd While resolving the path, the last step will reduce it down to "" (an empty string) and realpath() will resolve this to getcwd(). If op
Fix handling of open_basedir that contains cwd While resolving the path, the last step will reduce it down to "" (an empty string) and realpath() will resolve this to getcwd(). If open_basedir contains the CWD, then that means open_basedir will be bypassed for paths that don't have any components that exist (if one of the components exists, then we abort the realpath loop at that point). Closes GH-7015.
show more ...
|
#
aca6aefd |
| 14-May-2021 |
George Peter Banyard |
Remove 'register' type qualifier (#6980) The compiler should be smart enough to optimize this on its own
|
#
01b3fc03 |
| 06-May-2021 |
KsaR |
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier". 3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted. 4. fixed indentation in some files before |
show more ...
|
Revision tags: php-7.3.28 |
|
#
c732ab40 |
| 16-Mar-2021 |
Dmitry Stogov |
Change Zend Stream API to use zend_string* instead of char*. This allows to eliminate re-calculation of string lenght and hash value. See the detailed list of changes in UPGRADING.INTERN
Change Zend Stream API to use zend_string* instead of char*. This allows to eliminate re-calculation of string lenght and hash value. See the detailed list of changes in UPGRADING.INTERNALS.
show more ...
|
Revision tags: php-7.3.27 |
|
#
3e01f5af |
| 15-Jan-2021 |
Nikita Popov |
Replace zend_bool uses with bool We're starting to see a mix between uses of zend_bool and bool. Replace all usages with the standard bool type everywhere. Of course, zend_bool
Replace zend_bool uses with bool We're starting to see a mix between uses of zend_bool and bool. Replace all usages with the standard bool type everywhere. Of course, zend_bool is retained as an alias.
show more ...
|
Revision tags: php-7.3.26, php-7.3.26RC1, php-7.3.25, php-7.3.25RC1, php-7.3.24, php-7.3.24RC1, php-7.3.23, php-7.3.23RC1, php-7.3.22, php-7.3.22RC1, php-7.3.21, php-7.3.21RC1, php-7.3.20 |
|
#
2b5de6f8 |
| 01-Jul-2020 |
Max Semenik |
Remove proto comments from C files Closes GH-5758
|
Revision tags: php-7.3.20RC1, php-7.3.19, php-7.4.7RC1, php-7.3.19RC1, php-7.3.18RC1 |
|
#
41c7d28c |
| 27-Apr-2020 |
Nikita Popov |
Add macro to get ini target address
|
Revision tags: php-7.2.30, php-7.3.17, php-7.3.17RC1, php-7.3.18, php-7.3.16, php-7.3.16RC1, php-7.3.15RC1, php-7.3.15, php-7.3.14, php-7.3.14RC1 |
|
#
003be875 |
| 30-Dec-2019 |
Nikita Popov |
Make url_stats in resolve_path quiet These stats are used to check whether the file exists -- they should not generate errors. Having the flag set is particularly important for custo
Make url_stats in resolve_path quiet These stats are used to check whether the file exists -- they should not generate errors. Having the flag set is particularly important for custom stream wrappers.
show more ...
|
#
f77747b0 |
| 30-Dec-2019 |
Nikita Popov |
Properly propagate url_stat exceptions during include Make sure we abort operations early, and that we don't emit additional warnings or errors if an exception has been thrown.
|
Revision tags: php-7.3.13, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3 |
|
#
5d6e923d |
| 24-Sep-2019 |
Gabriel Caruso |
Remove mention of PHP major version in Copyright headers Closes GH-4732.
|
Revision tags: php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16, php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2, php-7.2.15RC1 |
|
#
92ac598a |
| 22-Jan-2019 |
Peter Kokot |
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly used by Vim and Emacs editors yet with recent changes the once working definitions don't work anymore in Vim without custom plugins or additional configuration. Neither are these settings synced across the PHP code base. A simpler and better approach is EditorConfig and fixing code using some code style fixing tools in the future instead. This patch also removes the so called modelines for Vim. Modelines allow Vim editor specifically to set some editor configuration such as syntax highlighting, indentation style and tab width to be set in the first line or the last 5 lines per file basis. Since the php test files have syntax highlighting already set in most editors properly and EditorConfig takes care of the indentation settings, this patch removes these as well for the Vim 6.0 and newer versions. With the removal of local variables for certain editors such as Emacs and Vim, the footer is also probably not needed anymore when creating extensions using ext_skel.php script. Additionally, Vim modelines for setting php syntax and some editor settings has been removed from some *.phpt files. All these are mostly not relevant for phpt files neither work properly in the middle of the file.
show more ...
|
#
0cf7de1c |
| 30-Jan-2019 |
Zeev Suraski |
Remove yearly range from copyright notice
|
#
38c337f2 |
| 30-Jan-2019 |
Zeev Suraski |
Remove year range from copyright notice
|
Revision tags: php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14, php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1, php-7.2.13RC1, php-7.3.0RC6, php-7.1.24, php-7.2.12, php-7.3.0RC5, php-7.1.24RC1, php-7.2.12RC1, php-7.3.0RC4, php-7.1.23, php-7.2.11, php-7.3.0RC3, php-7.1.23RC1, php-7.2.11RC1, php-7.3.0RC2, php-5.6.38, php-7.1.22, php-7.3.0RC1, php-7.2.10, php-7.0.32, php-7.1.22RC1, php-7.3.0beta3, php-7.2.10RC1, php-7.1.21, php-7.2.9, php-7.3.0beta2, php-7.1.21RC1, php-7.3.0beta1, php-7.2.9RC1, php-5.6.37, php-7.1.20, php-7.3.0alpha4, php-7.0.31, php-7.2.8, php-7.1.20RC1, php-7.2.8RC1, php-7.3.0alpha3 |
|
#
8d3f8ca1 |
| 03-Jul-2018 |
Peter Kokot |
Remove unused Git attributes ident The $Id$ keywords were used in Subversion where they can be substituted with filename, last revision number change, last changed date, and last use
Remove unused Git attributes ident The $Id$ keywords were used in Subversion where they can be substituted with filename, last revision number change, last changed date, and last user who changed it. In Git this functionality is different and can be done with Git attribute ident. These need to be defined manually for each file in the .gitattributes file and are afterwards replaced with 40-character hexadecimal blob object name which is based only on the particular file contents. This patch simplifies handling of $Id$ keywords by removing them since they are not used anymore.
show more ...
|
Revision tags: php-7.3.0alpha2, php-7.1.19, php-7.2.7, php-7.1.19RC1, php-7.3.0alpha1, php-7.2.7RC1 |
|
#
5eb1f92f |
| 28-May-2018 |
Dmitry Stogov |
Use zend_string_release_ex() instread of zend_string_release() in places, where we sure about string persistence.
|
Revision tags: php-7.1.18, php-7.2.6, php-7.2.6RC1, php-7.1.18RC1, php-5.6.36, php-7.2.5, php-7.1.17, php-7.0.30, php-7.1.17RC1, php-7.2.5RC1, php-5.6.35, php-7.0.29, php-7.2.4, php-7.1.16, php-7.1.16RC1, php-7.2.4RC1, php-7.1.15, php-5.6.34, php-7.2.3, php-7.0.28, php-7.2.3RC1, php-7.1.15RC1, php-7.1.14, php-7.2.2, php-7.1.14RC1, php-7.2.2RC1, php-7.1.13, php-5.6.33, php-7.2.1, php-7.0.27 |
|
#
a6519d05 |
| 02-Jan-2018 |
Xinchen Hui |
year++
|
#
7a7ec01a |
| 02-Jan-2018 |
Xinchen Hui |
year++
|
#
ccd4716e |
| 02-Jan-2018 |
Xinchen Hui |
year++
|
Revision tags: php-7.2.1RC1, php-7.1.13RC1, php-7.0.27RC1, php-7.2.0, php-7.1.12, l, php-7.1.12RC1, php-7.2.0RC6, php-7.0.26RC1, php-7.1.11, php-5.6.32, php-7.2.0RC5, php-7.0.25, php-7.1.11RC1, php-7.2.0RC4, php-7.0.25RC1, php-7.1.10, php-7.2.0RC3, php-7.0.24, php-7.2.0RC2, php-7.1.10RC1, php-7.0.24RC1, php-7.1.9, php-7.2.0RC1, php-7.0.23, php-7.1.9RC1, php-7.2.0beta3, php-7.0.23RC1, php-7.1.8, php-7.2.0beta2, php-7.0.22 |
|
#
49d9b301 |
| 26-Jul-2017 |
Anatol Belski |
Move cwd_state and path related routines to size_t Having `int` there is no real profit in the size or speed, while unsigned improves security and overall integration. ZPP supplied strin
Move cwd_state and path related routines to size_t Having `int` there is no real profit in the size or speed, while unsigned improves security and overall integration. ZPP supplied strings can be then accepted directly and structs can be still handled with smaller unsigned types for size reasons, which is safe. Yet some related places are to go. basic move tsrm_realpath_r to size_t fix conditions and sync with affected places touch ocurrences of php_sys_readlink usage follow up on phar path handling remove duplicated check move zend_resolve_path and related pieces to size_t touch yet resolve path related places remove cast missing pieces missing piece yet cleanups for php_sys_readlink for ssize_t fix wrong return
show more ...
|
Revision tags: php-7.1.8RC1, php-7.2.0beta1, php-7.0.22RC1 |
|
#
72b0a3a8 |
| 09-Jul-2017 |
Anatol Belski |
remove some casts
|