#
44e0b79a |
| 19-Sep-2017 |
Dmitry Stogov |
Refactored array creation API. array_init() and array_init_size() are converted into macros calling zend_new_array(). They are not functions anymore and don't return any values. |
Revision tags: php-7.2.0RC2, php-7.1.10RC1, php-7.0.24RC1, php-7.1.9, php-7.2.0RC1, php-7.0.23, php-7.1.9RC1, php-7.2.0beta3, php-7.0.23RC1, php-7.1.8, php-7.2.0beta2, php-7.0.22, php-7.1.8RC1, php-7.2.0beta1, php-7.0.22RC1, php-5.6.31, php-7.0.21, php-7.1.7, php-7.2.0alpha3, php-7.1.7RC1, php-7.0.21RC1, php-7.2.0alpha2, php-7.1.6, php-7.2.0alpha1, php-7.0.20, php-7.1.6RC1, php-7.0.20RC1, php-7.1.5, php-7.0.19, php-7.0.19RC1, php-7.1.5RC1, php-7.1.4, php-7.0.18, php-7.1.4RC1, php-7.0.18RC1, php-7.1.3, php-7.0.17, php-7.1.3RC1, php-7.0.17RC1, php-7.1.2, php-7.0.16, php-7.0.16RC1, php-7.1.2RC1, php-5.6.30, php-7.0.15, php-5.6.30RC1, php-7.1.1RC1, php-7.0.15RC1 |
|
#
dac6c639 |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017 |
#
478f119a |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017 |
#
9e29f841 |
| 02-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017 |
Revision tags: php-7.1.1, php-5.6.29, php-7.0.14, php-7.1.0, php-5.6.29RC1, php-7.0.14RC1, php-7.1.0RC6, php-5.6.28, php-7.0.13, php-5.6.28RC1, php-7.1.0RC5, php-7.0.13RC1, php-7.1.0RC4, php-5.6.27, php-7.0.12, php-7.1.0RC3, php-5.6.27RC1, php-7.0.12RC1, php-5.6.26, php-7.1.0RC2, php-7.0.11, php-5.6.26RC1, php-7.1.0RC1, php-7.0.11RC1, php-7.1.0beta3, php-5.6.25, php-7.0.10, php-7.1.0beta2, php-5.6.25RC1, php-7.0.10RC1, php-7.1.0beta1, php-5.6.24, php-7.0.9, php-5.5.38, php-5.6.24RC1, php-7.1.0alpha3, php-7.0.9RC1, php-7.1.0alpha2 |
|
#
323b2733 |
| 21-Jun-2016 |
Dmitry Stogov |
Fixed compilation warnings |
Revision tags: php-7.0.8, php-5.6.23 |
|
#
16160386 |
| 21-Jun-2016 |
Dmitry Stogov |
Added ZEND_ATTRIBUTE_FORMAT to some middind functions. "%p" replaced by ZEND_LONG_FMT to avoid compilation warnings. Fixed most incorrect use cases of format specifiers. |
Revision tags: php-5.5.37, php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1, php-5.6.22, php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35, php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5 |
|
#
28a6ed9f |
| 21-Mar-2016 |
Stanislav Malyshev |
Fix bug #71735: Double-free in SplDoublyLinkedList::offsetSet |
Revision tags: php-5.6.20RC1, php-7.0.5RC1 |
|
#
753bbad5 |
| 10-Mar-2016 |
Xinchen Hui |
Useless check (part of #71753) |
Revision tags: php-5.6.19, php-5.5.33, php-7.0.4, php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32, php-5.6.18RC1, php-7.0.3RC1, php-5.6.17, php-5.5.31, php-7.0.2 |
|
#
ed35de78 |
| 01-Jan-2016 |
Lior Kaplan |
Merge branch 'PHP-5.6' into PHP-7.0 * PHP-5.6: Happy new year (Update copyright to 2016)
|
#
49493a2d |
| 01-Jan-2016 |
Lior Kaplan |
Happy new year (Update copyright to 2016) |
Revision tags: php-7.0.2RC1, php-5.6.17RC1, php-7.0.1RC1, php-7.0.0, php-5.6.16, php-7.0.0RC8, php-7.0.0RC7, php-5.6.16RC1, php-5.6.15, php-7.0.0RC6, php-7.0.1, php-5.6.15RC1, php-7.0.0RC5, php-5.5.30, php-5.6.14, php-7.0.0RC4, php-5.6.14RC1, php-7.0.0RC3, php-5.6.13, php-7.0.0RC2, php-5.5.29, php-5.4.45 |
|
#
9b1a224d |
| 01-Sep-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.6' * PHP-5.6: (21 commits) fix unit tests update NEWS add NEWS for fixes Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in
Merge branch 'PHP-5.6' * PHP-5.6: (21 commits) fix unit tests update NEWS add NEWS for fixes Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) ... Conflicts: ext/exif/exif.c ext/gmp/gmp.c ext/pcre/php_pcre.c ext/session/session.c ext/session/tests/session_decode_variation3.phpt ext/soap/soap.c ext/spl/spl_observer.c ext/standard/var.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re ext/xsl/xsltprocessor.c
show more ...
|
#
c19d59c5 |
| 01-Sep-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: update NEWS add NEWS for fixes Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases
Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: update NEWS add NEWS for fixes Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) 5.4.45 next Conflicts: ext/pcre/php_pcre.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re ext/zip/php_zip.c
show more ...
|
#
33d3acaa |
| 01-Sep-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #703
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) 5.4.45 next Conflicts: configure.in ext/pcre/php_pcre.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re main/php_version.h
show more ...
|
#
259057b2 |
| 01-Sep-2015 |
Stanislav Malyshev |
Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList |
Revision tags: php-5.6.13RC1, php-7.0.0RC1, php-5.6.12, php-5.5.28, php-7.0.0beta3, php-5.4.44 |
|
#
ed709d5a |
| 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: update NEWS fix test update NEWS Fix bug #70019 - limit extracted files to given directory Do not do convert_to_*
Merge branch 'PHP-5.5' into PHP-5.6 * PHP-5.5: update NEWS fix test update NEWS Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: ext/soap/php_http.c ext/spl/spl_observer.c
show more ...
|
#
69ed3969 |
| 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: .gitignore ext/date/php_date.c ext/spl/spl_array.c ext/spl/spl_observer.c
show more ...
|
#
863bf294 |
| 02-Aug-2015 |
Stanislav Malyshev |
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) |
#
feeb2fba |
| 05-Aug-2015 |
Stanislav Malyshev |
fix merge |
Revision tags: php-5.6.12RC1, php-7.0.0beta2, php-7.0.0beta1, php-5.6.11, php-5.5.27, php-5.4.43 |
|
#
53403fe5 |
| 30-Jun-2015 |
Dmitry Stogov |
Get rid of ZVAL_ZVAL() macro usages. Replace them with more clear and optimal equialent sequences. |
Revision tags: php-5.6.11RC1, php-5.5.27RC1 |
|
#
28d7bb97 |
| 23-Jun-2015 |
Rasmus Lerdorf |
Fix more proto comments |
Revision tags: php-7.0.0alpha2, php-5.5.26, php-7.0.0alpha1, php-5.6.10, php-5.4.42, POST_PHP7_NSAPI_REMOVAL, PRE_PHP7_NSAPI_REMOVAL, php-5.6.10RC1, php-5.5.26RC1, php-5.5.25, php-5.6.9, php-5.4.41, php-5.6.9RC1, php-5.5.25RC1 |
|
#
c77d97f3 |
| 16-Apr-2015 |
Nikita Popov |
Implement GC for spl dll As far as I can discern this should be safe, because the rc on the linked list elements is only > 1 if an iterator points to it and the iterator will also ho
Implement GC for spl dll As far as I can discern this should be safe, because the rc on the linked list elements is only > 1 if an iterator points to it and the iterator will also hold a reference to the list object. The implementation for mangagement of the GC array is the same as with the spl object storage.
show more ...
|
#
dc764bf6 |
| 15-Apr-2015 |
Nikita Popov |
Use object apply count in var_dump / print_r Instead of using the array apply count on the debug_info array, use the object apply count for recursion detection when dumping. This han
Use object apply count in var_dump / print_r Instead of using the array apply count on the debug_info array, use the object apply count for recursion detection when dumping. This handles recursion in a more generic way and does not require each debug_info handler to deal with this. This allows returning a temporary debug_info array, instead of having to store it in the object (thus delaying destruction of the values). Switch SPL debug_info handlers to use a temporary array.
show more ...
|
Revision tags: php-5.6.8, php-5.5.24, php-5.4.40, php-5.6.8RC1, php-5.5.24RC1, php-5.6.7, php-5.5.23, php-5.4.39 |
|
#
86336856 |
| 12-Mar-2015 |
Dmitry Stogov |
Use specialized macro for string zval creation |
Revision tags: php-5.6.7RC1, php-5.5.23RC1, POST_PHP7_EREG_MYSQL_REMOVALS, PRE_PHP7_EREG_MYSQL_REMOVALS, php-5.6.6, php-5.5.22, php-5.4.38, POST_PHP7_REMOVALS, PRE_PHP7_REMOVALS, php-5.6.6RC1, php-5.5.22RC1 |
|
#
9e70d767 |
| 04-Feb-2015 |
Dmitry Stogov |
Move zend_object->guards into additional slot of zend_object->properties_table[]. As result size of objects without __get/__set/__unset/__isset magic methods is reduced. |
Revision tags: php-5.5.21, php-5.6.5, php-5.4.37 |
|
#
fc33f52d |
| 15-Jan-2015 |
Xinchen Hui |
bump year |