History log of /php-src/NEWS (Results 151 – 175 of 15454)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
# a5e8ac62 06-Oct-2024 David Carlier

Fix GH-16258 overflow on jddayofweek argument.

close GH-16263


# 2d05da2e 06-Oct-2024 David Carlier

Fix GH-16260: overflow/underflow on imagerotate degrees argument.

close GH-16264


# 39ae00fa 05-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

NEWS and UPGRADING for outerHTML

Closes GH-15887.


# 1e949d18 04-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix edge-case in DOM parsing decoding

There are three connected subtle issues:
1) The fast path didn't correctly handle the case where the decoder
requests more data. This caused

Fix edge-case in DOM parsing decoding

There are three connected subtle issues:
1) The fast path didn't correctly handle the case where the decoder
requests more data. This caused a bogus additional replacement
sequence to be outputted when encountering an incomplete sequence at
the edges of a buffer.
2) The finishing of decoding incorrectly assumed that the fast path
cannot be in a state where the last few bytes were an incomplete
sequence, but this is not true as shown by test 08.
3) The finishing of decoding could output bytes twice because it called
into dom_process_parse_chunk() twice without clearing the decoded
data. However, calling twice is not even necessary as the entire
buffer cannot be filled up entirely.

Closes GH-16226.

show more ...


# 809a58bc 05-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix GH-16237: Segmentation fault when cloning SoapServer

Bisect points to 94ee4f9, however this only reveals the problem.
Cloning an object on a lower branch and trying to call its metho

Fix GH-16237: Segmentation fault when cloning SoapServer

Bisect points to 94ee4f9, however this only reveals the problem.
Cloning an object on a lower branch and trying to call its methods
crashes as well. Cloning the object shouldn't be possible in the first
place because there's an engine constraint that when we have a new
object handler we should also have a clone handler. This constraint is
not fulfilled here.

Closes GH-16245.

show more ...


# a3ff092c 05-Oct-2024 David Carlier

Fix GH-16228 overflow on easter_days/easter_date year argument.

close GH-16241


# 54973c93 05-Oct-2024 David Carlier

Fix GH-16232: bitshift overflow on wbmp file content reading.

backport from https://github.com/libgd/libgd/commit/a8f1d5cab0cad2bca2ed88a49c3f3de8585ff19b

close GH-16239


# f4d2dd03 05-Oct-2024 David Carlier

Fix GH-16231 jdtounix overflow on argument value.

Close GH-16240


# 331da7e8 03-Oct-2024 Daniel Scherzer

Fix GH-16187: ReflectionClass::__toString() with packed properties hash table

Closes GH-16192.


# 3d80d98a 01-Oct-2024 David Carlier

Fix GH-16137: "Deduplicate" http headers values but Set-Cookie.

Those are meant to have 1 or plus values separated by a comma even
if the client set them separately.

close GH-1

Fix GH-16137: "Deduplicate" http headers values but Set-Cookie.

Those are meant to have 1 or plus values separated by a comma even
if the client set them separately.

close GH-16154

show more ...


# c4bb0755 03-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix GH-16184: UBSan address overflowed in ext/pcre/php_pcre.c

libpcre2 can return the special value -1 for a non-match.
In this case we get pointer overflow, although it doesn't matter i

Fix GH-16184: UBSan address overflowed in ext/pcre/php_pcre.c

libpcre2 can return the special value -1 for a non-match.
In this case we get pointer overflow, although it doesn't matter in
practice because the pointer will be in bounds and the copy length will
be 0. Still, we should fix the UBSAN warning.

Closes GH-16205.

show more ...


# d4a4d2e7 02-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix bugs GH-16150 and GH-16152: intern document mismanagement

The reference counts of the internal document pointer are mismanaged.
In the case of fragments the refcount may be increased

Fix bugs GH-16150 and GH-16152: intern document mismanagement

The reference counts of the internal document pointer are mismanaged.
In the case of fragments the refcount may be increased too much, while
for other cases the document reference may not be applied to all
children.

This bug existed for a long time and this doesn't reproduce (easily)
on 8.2 due to other bugs. Furthermore 8.2 will enter security mode soon,
and this change may be too risky.

Fixes GH-16150.
Fixed GH-16152.
Closes GH-16178.

show more ...


# 3be6ff66 03-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix GH-16190: Using reflection to call Dom\Node::__construct causes assertion failure

Closes GH-16193.


# e915ed75 28-Aug-2024 Peter Kokot

Fix GH-16199: GREP_HEADER() is broken

This also fixes the libxml version check when the libxml/xmlversion.h
is located elsewhere than libxml2 include directory.

Closes GH-15619.


# 7c31e5f9 03-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-16055


# e02e6be6 03-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-15960


# f453d1ae 03-Oct-2024 David Carlier

Fix GH-16189: underflow on preg_match/preg_match_all start_offset.

close GH-16191


# f14e5cfa 02-Oct-2024 Christoph M. Becker

Fix GH-16181: phpdbg: exit in exception handler reports fatal error

When running PHP code, we must not handle `UnwindExit` exceptions, but
rather have to ignore them.

Closes GH-

Fix GH-16181: phpdbg: exit in exception handler reports fatal error

When running PHP code, we must not handle `UnwindExit` exceptions, but
rather have to ignore them.

Closes GH-16182.

show more ...


# bd724bdf 01-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix GH-15169: stack overflow when var serialization in ext/standard/var

Adding a stack check here as I consider serialization to be a more
sensitive place where erroring out with an exce

Fix GH-15169: stack overflow when var serialization in ext/standard/var

Adding a stack check here as I consider serialization to be a more
sensitive place where erroring out with an exception seems appropriate.

Closes GH-16159.

show more ...


# 2bcf3f9e 02-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-16061


# ca8888ab 02-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-16061


# 0516d95a 02-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-16061


# cd647807 02-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-16025


# 26fd8d2c 02-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-16025


# 36945ecb 02-Oct-2024 Arnaud Le Blanc

[ci skip] NEWS for GH-16025


12345678910>>...619