#
01b3fc03 |
| 06-May-2021 |
KsaR |
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as
Update http->https in license (#6945) 1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https. 2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier". 3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted. 4. fixed indentation in some files before |
show more ...
|
#
110b4e90 |
| 02-Nov-2020 |
Anatol Belski |
hash: Support custom algo parameters The concrete need on this change is to support passing an initial seed to the murmur hash. Passing a custom seed is important in terms of randomi
hash: Support custom algo parameters The concrete need on this change is to support passing an initial seed to the murmur hash. Passing a custom seed is important in terms of randomizing the hash function. The suggested implementation adds a HashTable parameter to all the init callbacks. Further on, an array with custom arguments is accepted from `hash` or `hash_init` from the user land. Currently several things like `hash_hkdf` are not touched, as they don't need passing custom args. Some convenience macros have been added to the SHA/MD families of functions, so the consuming code doesn't have to be changed widely. Another way to implement this is to add another type of the init that would accept a HT with arguments. However, that would still require touching all the context structs in all the algos. That would also increase the size of those structs. As an init function is called just once, the way of modifying the existing init callback has been seen as more preferrable. Closes GH-6400. Signed-off-by: Anatol Belski <ab@php.net> Co-Developed-by: Nikita Popov <nikita.ppv@googlemail.com> Signed-off-by: Nikita Popov <nikita.ppv@googlemail.com> Acked-by: Michael Wallner <mike@php.net> Reviewed-by: Máté Kocsis <kocsismate@woohoolabs.com> Reviewed-by: Eddie Kohler <ekohler@gmail.com>
show more ...
|
#
ada776c8 |
| 08-Jun-2020 |
Eddie Kohler |
Make HashContexts serializable. * Modify php_hash_ops to contain the algorithm name and serialize and unserialize methods. * Implement __serialize and __unserialize magic meth
Make HashContexts serializable. * Modify php_hash_ops to contain the algorithm name and serialize and unserialize methods. * Implement __serialize and __unserialize magic methods on HashContext. Note that serialized HashContexts are not necessarily portable between PHP versions or from architecture to architecture. (Most are, though Keccak and slow SHA3s are not.) An exception is thrown when an unsupported serialization is attempted. Because of security concerns, HASH_HMAC contexts are not currently serializable; attempting to serialize one throws an exception. Serialization exposes the state of HashContext memory, so ensure that memory is zeroed before use by allocating it with a new php_hash_alloc_context function. Performance impact is negligible. Some hash internal states have logical pointers into a buffer, or sponge, that absorbs input provided in bytes rather than chunks. The unserialize functions for these hash functions must validate that the logical pointers are all within bounds, lest future hash operations cause out-of-bounds memory accesses. * Adler32, CRC32, FNV, joaat: simple state, no buffer positions * Gost, MD2, SHA3, Snefru, Tiger, Whirlpool: buffer positions must be validated * MD4, MD5, SHA1, SHA2, haval, ripemd: buffer positions encoded bitwise, forced to within bounds on use; no need to validate
show more ...
|
#
1e9ff7e7 |
| 22-Jun-2020 |
Eddie Kohler |
SHA-3 Keccak_Hash: Store Keccak_HashInstance in the main context. Previously, the Keccak_HashInstance was separately allocated. This could cause memory leaks on errors. For instance,
SHA-3 Keccak_Hash: Store Keccak_HashInstance in the main context. Previously, the Keccak_HashInstance was separately allocated. This could cause memory leaks on errors. For instance, in php_hash_do_hash_hmac, the following code cleans up after a file read error: if (n < 0) { efree(context); efree(K); zend_string_release(digest); RETURN_FALSE; } This does not call the context's hash_final operation, which was the only way to free the separately-allocated Keccak state. The simplest fix is simply to place the Keccak_HashInstance state inside the context object. Then it doesn't need to be freed. As a result, there is no need to call hash_final in the HashContext destructor: HashContexts cannot contain internally allocated resources.
show more ...
|
#
83004588 |
| 13-Apr-2020 |
George Peter Banyard |
Fix [-Wchar-subscripts] in Hash extension Use size_t type instead of char for string index. Char may be unsigned on some platforms. partial fix to bug 79431 |
Revision tags: php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3 |
|
#
5d6e923d |
| 24-Sep-2019 |
Gabriel Caruso |
Remove mention of PHP major version in Copyright headers Closes GH-4732. |
Revision tags: php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30, php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5, php-7.2.18RC1, php-7.3.5RC1 |
|
#
3eae4f67 |
| 07-Apr-2019 |
Stanislav Malyshev |
Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Always use ZEND_SECURE_ZERO() when cleaning up data bump versions after release
|
#
d1d692ab |
| 07-Apr-2019 |
Stanislav Malyshev |
Merge branch 'PHP-7.1' into PHP-7.2 * PHP-7.1: Always use ZEND_SECURE_ZERO() when cleaning up data bump versions after release
|
#
588db7ce |
| 07-Apr-2019 |
Stanislav Malyshev |
Always use ZEND_SECURE_ZERO() when cleaning up data Optimizing compilers have an annoying tendency to throw out memsets over data that they think aren't used anymore. Apply secure ze
Always use ZEND_SECURE_ZERO() when cleaning up data Optimizing compilers have an annoying tendency to throw out memsets over data that they think aren't used anymore. Apply secure zero-out in cases where this has potential to happen.
show more ...
|
Revision tags: php-7.2.17, php-7.3.4, php-7.1.28, php-7.3.4RC1, php-7.2.17RC1, php-7.1.27, php-7.3.3, php-7.2.16, php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2, php-7.2.15RC1 |
|
#
92ac598a |
| 22-Jan-2019 |
Peter Kokot |
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly
Remove local variables This patch removes the so called local variables defined per file basis for certain editors to properly show tab width, and similar settings. These are mainly used by Vim and Emacs editors yet with recent changes the once working definitions don't work anymore in Vim without custom plugins or additional configuration. Neither are these settings synced across the PHP code base. A simpler and better approach is EditorConfig and fixing code using some code style fixing tools in the future instead. This patch also removes the so called modelines for Vim. Modelines allow Vim editor specifically to set some editor configuration such as syntax highlighting, indentation style and tab width to be set in the first line or the last 5 lines per file basis. Since the php test files have syntax highlighting already set in most editors properly and EditorConfig takes care of the indentation settings, this patch removes these as well for the Vim 6.0 and newer versions. With the removal of local variables for certain editors such as Emacs and Vim, the footer is also probably not needed anymore when creating extensions using ext_skel.php script. Additionally, Vim modelines for setting php syntax and some editor settings has been removed from some *.phpt files. All these are mostly not relevant for phpt files neither work properly in the middle of the file.
show more ...
|
#
0cf7de1c |
| 30-Jan-2019 |
Zeev Suraski |
Remove yearly range from copyright notice |
Revision tags: php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14, php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1, php-7.2.13RC1, php-7.3.0RC6, php-7.1.24, php-7.2.12, php-7.3.0RC5, php-7.1.24RC1, php-7.2.12RC1, php-7.3.0RC4, php-7.1.23, php-7.2.11, php-7.3.0RC3 |
|
#
5268f367 |
| 03-Oct-2018 |
Kalle Sommer Nielsen |
Hopefully last round of size_t fixes, this makes the remaining php_hash_ops use size_t over an int |
#
84b0d0fa |
| 03-Oct-2018 |
Kalle Sommer Nielsen |
Second round of fixing compiler warnings in ext/hash. Lots of the signatures that previously was unsigned int is now size_t, there was a fair bit of inconsistency there already and this commit should
Second round of fixing compiler warnings in ext/hash. Lots of the signatures that previously was unsigned int is now size_t, there was a fair bit of inconsistency there already and this commit should make it all sync nicely
show more ...
|
Revision tags: php-7.1.23RC1, php-7.2.11RC1, php-7.3.0RC2, php-5.6.38, php-7.1.22, php-7.3.0RC1, php-7.2.10, php-7.0.32, php-7.1.22RC1, php-7.3.0beta3, php-7.2.10RC1, php-7.1.21, php-7.2.9, php-7.3.0beta2, php-7.1.21RC1, php-7.3.0beta1, php-7.2.9RC1, php-5.6.37, php-7.1.20, php-7.3.0alpha4, php-7.0.31, php-7.2.8, php-7.1.20RC1, php-7.2.8RC1, php-7.3.0alpha3, php-7.3.0alpha2, php-7.1.19, php-7.2.7, php-7.1.19RC1, php-7.3.0alpha1, php-7.2.7RC1, php-7.1.18, php-7.2.6, php-7.2.6RC1, php-7.1.18RC1, php-5.6.36, php-7.2.5, php-7.1.17, php-7.0.30, php-7.1.17RC1, php-7.2.5RC1, php-5.6.35, php-7.0.29, php-7.2.4, php-7.1.16, php-7.1.16RC1, php-7.2.4RC1, php-7.1.15, php-5.6.34, php-7.2.3, php-7.0.28, php-7.2.3RC1, php-7.1.15RC1, php-7.1.14, php-7.2.2, php-7.1.14RC1, php-7.2.2RC1, php-7.1.13, php-5.6.33, php-7.2.1, php-7.0.27 |
|
#
a6519d05 |
| 02-Jan-2018 |
Xinchen Hui |
year++ |
#
7a7ec01a |
| 02-Jan-2018 |
Xinchen Hui |
year++ |
#
ccd4716e |
| 02-Jan-2018 |
Xinchen Hui |
year++ |
Revision tags: php-7.2.1RC1, php-7.1.13RC1, php-7.0.27RC1, php-7.2.0, php-7.1.12, php-7.0.26, php-7.1.12RC1, php-7.2.0RC6, php-7.0.26RC1, php-7.1.11, php-5.6.32, php-7.2.0RC5, php-7.0.25, php-7.1.11RC1, php-7.2.0RC4, php-7.0.25RC1 |
|
#
d67873ec |
| 29-Sep-2017 |
Remi Collet |
Fix Bug #75284 sha3 is not supported on bigendian machine |
#
fa78afa1 |
| 02-Oct-2017 |
Remi Collet |
Fixed bug #75303 sha3 hangs on bigendian |
Revision tags: php-7.1.10, php-7.2.0RC3, php-7.0.24, php-7.2.0RC2, php-7.1.10RC1, php-7.0.24RC1, php-7.1.9, php-7.2.0RC1, php-7.0.23, php-7.1.9RC1, php-7.2.0beta3, php-7.0.23RC1, php-7.1.8, php-7.2.0beta2, php-7.0.22, php-7.1.8RC1, php-7.2.0beta1, php-7.0.22RC1, php-5.6.31, php-7.0.21, php-7.1.7, php-7.2.0alpha3, php-7.1.7RC1, php-7.0.21RC1, php-7.2.0alpha2, php-7.1.6, php-7.2.0alpha1, php-7.0.20, php-7.1.6RC1, php-7.0.20RC1, php-7.1.5, php-7.0.19, php-7.0.19RC1, php-7.1.5RC1, php-7.1.4, php-7.0.18 |
|
#
91663a92 |
| 05-Apr-2017 |
Christian Schneider |
Replace slow generic sha3 implementation by https://github.com/gvanas/KeccakCodePackage Fix hash_copy() tests by using correct size for sha3 context sync config.w32 with with new sh
Replace slow generic sha3 implementation by https://github.com/gvanas/KeccakCodePackage Fix hash_copy() tests by using correct size for sha3 context sync config.w32 with with new sha3 files Move dependency on KeccakHash.h to hash_sha3.c so we do not rely on it to install php_hash_sha3.h Allocate memory for KeccacInstance in hash_sha3.c so header files do not need to know about implementation details while keeping API backward compatible to original sha3 implementation Fix memory leak because hash_copy is called after init which already allocates the hashinstance
show more ...
|
Revision tags: php-7.1.4RC1, php-7.0.18RC1, php-7.1.3, php-7.0.17, php-7.1.3RC1, php-7.0.17RC1, php-7.1.2, php-7.0.16, php-7.0.16RC1, php-7.1.2RC1 |
|
#
1c807377 |
| 21-Jan-2017 |
Joe Watkins |
Merge branch 'PHP-7.1' * PHP-7.1: Fix bug #73961 environmental build dependency in hash sha3 source
|
#
1ff27053 |
| 21-Jan-2017 |
Joe Watkins |
Fix bug #73961 environmental build dependency in hash sha3 source |
Revision tags: php-5.6.30, php-7.0.15 |
|
#
d89d149e |
| 16-Jan-2017 |
Andrey Andreev |
Disallow non-crypto hashes in HMAC and PBKDF2 For this purpose add is_crypto flag to php_hash_ops. |
Revision tags: php-5.6.30RC1, php-7.1.1RC1, php-7.0.15RC1 |
|
#
dac6c639 |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017 |
#
9e29f841 |
| 02-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017 |
Revision tags: php-7.1.1, php-5.6.29, php-7.0.14, php-7.1.0, php-5.6.29RC1, php-7.0.14RC1, php-7.1.0RC6, php-5.6.28, php-7.0.13, php-5.6.28RC1, php-7.1.0RC5, php-7.0.13RC1, php-7.1.0RC4, php-5.6.27, php-7.0.12 |
|
#
65d7bbad |
| 12-Oct-2016 |
Sara Golemon |
Change Big Endian backup implementations to use signed indexes load64() counted down from 7..0, but the decrement turned 0 into 255. This means the loop would never terminate on Big Endi
Change Big Endian backup implementations to use signed indexes load64() counted down from 7..0, but the decrement turned 0 into 255. This means the loop would never terminate on Big Endian systems. Just use signed char integers since we're only dealing with values from 0..7 anyway. Closes https://bugs.php.net/bug.php?id=73282
show more ...
|