granicus.if.org Git - php/commit

Merge branch 'PHP-5.4' into PHP-5.5

* PHP-5.4:
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
.gitignore
ext/date/php_date.c
ext/spl/spl_array.c
ext/spl/spl_observer.c

author	Stanislav Malyshev <stas@php.net>
	Tue, 4 Aug 2015 21:10:57 +0000 (14:10 -0700)
committer	Stanislav Malyshev <stas@php.net>
	Tue, 4 Aug 2015 21:10:57 +0000 (14:10 -0700)
commit	69ed3969dd3b00feaa62f611c5095e27ba96274d
tree	0eaaac44be832888b856808ec83153f42ccc577c	tree \| snapshot
parent	66edc158755a8e960499913f16f6455797bb5803	commit \| diff
parent	51f9a00b47159ed13dfe5bd5af7e98986aa1a6fa	commit \| diff

.gitignore	diff1 \|	diff2 \|	blob \| history
Zend/zend_exceptions.c	diff1 \|	diff2 \|	blob \| history
ext/date/php_date.c	diff1 \|	diff2 \|	blob \| history
ext/openssl/openssl.c	diff1 \|	diff2 \|	blob \| history
ext/phar/phar_internal.h	diff1 \|	diff2 \|	blob \| history
ext/phar/phar_object.c	diff1 \|	diff2 \|	blob \| history
ext/soap/php_http.c	diff1 \|	diff2 \|	blob \| history
ext/spl/spl_array.c	diff1 \|	diff2 \|	blob \| history
ext/spl/spl_dllist.c	diff1 \|	diff2 \|	blob \| history
ext/spl/spl_observer.c	diff1 \|	diff2 \|	blob \| history