]>
granicus.if.org Git - php/log
Stanislav Malyshev [Tue, 2 Apr 2019 07:12:26 +0000 (00:12 -0700)]
Fixed bug #77831 - Heap-buffer-overflow in exif_iif_add_value in EXIF
Stanislav Malyshev [Mon, 1 Apr 2019 06:11:15 +0000 (23:11 -0700)]
Update NEWS
Stanislav Malyshev [Mon, 18 Mar 2019 05:54:46 +0000 (22:54 -0700)]
Fix bug #77753 - Heap-buffer-overflow in php_ifd_get32s
Nikita Popov [Mon, 11 Feb 2019 11:31:59 +0000 (12:31 +0100)]
Validate subject encoding in mb_split and mb_ereg_match
We were already validating the subject encoding in most functions,
but not these two.
Nikita Popov [Mon, 11 Feb 2019 11:10:40 +0000 (12:10 +0100)]
Validate pattern against mbregex encoding
Oniguruma does not consistently perform this validation itself (at least
on older versions), so make sure we check pattern encoding validity on the
PHP side.
bohwaz [Sun, 16 Dec 2018 21:52:37 +0000 (22:52 +0100)]
SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation strategy against potential security flaws
Anatol Belski [Thu, 28 Feb 2019 11:48:47 +0000 (12:48 +0100)]
Sync with behavior change in OpenSSL 1.1.1b
A behavior change in revealed by some openssl_decrypt() based test,
where an encrypt API is used with a decrypt context. The EVP_Cipher*
functions will automatically choose the right operation depending on the
context passed.
(cherry picked from commit
19a44ffb7be91344550fa700830b8e62a73031ba )
Joe Watkins [Tue, 5 Mar 2019 19:50:07 +0000 (20:50 +0100)]
fix news
Joe Watkins [Tue, 5 Mar 2019 17:28:47 +0000 (18:28 +0100)]
bump versions after release
Stanislav Malyshev [Sun, 3 Mar 2019 07:42:53 +0000 (23:42 -0800)]
Fix bug #77630 - safer rename() procedure
In order to rename safer, we do the following:
- set umask to 077 (unfortunately, not TS, so excluding ZTS)
- chown() first, to set proper group before allowing group access
- chmod() after, even if chown() fails
Stanislav Malyshev [Mon, 4 Mar 2019 06:33:38 +0000 (22:33 -0800)]
Fix bug #77586 - phar_tar_writeheaders_int() buffer overflow
Stanislav Malyshev [Mon, 4 Mar 2019 04:10:12 +0000 (20:10 -0800)]
Update NEWS
Stanislav Malyshev [Mon, 4 Mar 2019 03:30:14 +0000 (19:30 -0800)]
Fix test error message
Stanislav Malyshev [Sat, 2 Mar 2019 23:07:40 +0000 (15:07 -0800)]
Fix bug #77563 - Uninitialized read in exif_process_IFD_in_MAKERNOTE
Also fix for bug #77659
Stanislav Malyshev [Sat, 2 Mar 2019 21:38:00 +0000 (13:38 -0800)]
Fix bug #77540 - Invalid Read on exif_process_SOFn
Stanislav Malyshev [Sat, 2 Mar 2019 07:25:45 +0000 (23:25 -0800)]
Fix integer overflows on 32-bits
Christoph M. Becker [Wed, 9 Jan 2019 13:26:18 +0000 (14:26 +0100)]
Fix #77431 SplFileInfo::__construct() accepts NUL bytes
`SplFileInfo::__construct()` has to expect a path instead of a string,
analogous to `SplFileObject::__construct()`.
Stanislav Malyshev [Mon, 4 Mar 2019 02:22:32 +0000 (18:22 -0800)]
Fix bug #77396 - Null Pointer Dereference in phar_create_or_parse_filename
Derick Rethans [Wed, 6 Feb 2019 10:39:55 +0000 (10:39 +0000)]
Use pkg-config for ICU, as the old icu-config has been deprecated
Sara Golemon [Tue, 8 Jan 2019 19:17:43 +0000 (14:17 -0500)]
Bump for 7.1.27
Stanislav Malyshev [Mon, 7 Jan 2019 09:03:04 +0000 (01:03 -0800)]
Still leaking for some reason, XFAIL for now, I'll look into it later.
Stanislav Malyshev [Mon, 7 Jan 2019 07:32:36 +0000 (23:32 -0800)]
Merge branch 'PHP-5.6' into PHP-7.1
* PHP-5.6:
Fix bug #77418 - Heap overflow in utf32be_mbc_to_code
[ci skip] Add NEWS
Fix more issues with encodilng length
Fix #77270: imagecolormatch Out Of Bounds Write on Heap
Fix bug #77380 (Global out of bounds read in xmlrpc base64 code)
Fix bug #77371 (heap buffer overflow in mb regex functions - compile_string_node)
Fix bug #77370 - check that we do not read past buffer end when parsing multibytes
Fix #77269: Potential unsigned underflow in gdImageScale
Fix bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext)
Fix bug #77242 (heap out of bounds read in xmlrpc_decode())
Regenerate certs for openssl tests
Stanislav Malyshev [Mon, 7 Jan 2019 07:31:15 +0000 (23:31 -0800)]
Fix bug #77418 - Heap overflow in utf32be_mbc_to_code
Stanislav Malyshev [Sun, 6 Jan 2019 21:04:51 +0000 (13:04 -0800)]
Add NEWS
Stanislav Malyshev [Sun, 6 Jan 2019 21:03:38 +0000 (13:03 -0800)]
[ci skip] Add NEWS
Stanislav Malyshev [Sun, 6 Jan 2019 20:30:44 +0000 (12:30 -0800)]
Fix test
Stanislav Malyshev [Sun, 30 Dec 2018 04:39:08 +0000 (20:39 -0800)]
Fix #77369 - memcpy with negative length via crafted DNS response
Stanislav Malyshev [Wed, 2 Jan 2019 08:36:30 +0000 (00:36 -0800)]
Fix more issues with encodilng length
Should fix bug #77381, bug #77382, bug #77385, bug #77394.
Christoph M. Becker [Sun, 30 Dec 2018 12:59:26 +0000 (13:59 +0100)]
Fix #77270: imagecolormatch Out Of Bounds Write on Heap
At least some of the image reading functions may return images which
use color indexes greater than or equal to im->colorsTotal. We cater
to this by always using a buffer size which is sufficient for
`gdMaxColors` in `gdImageColorMatch()`.
Stanislav Malyshev [Wed, 2 Jan 2019 01:15:20 +0000 (17:15 -0800)]
Fix bug #77380 (Global out of bounds read in xmlrpc base64 code)
Stanislav Malyshev [Sun, 30 Dec 2018 04:06:08 +0000 (20:06 -0800)]
Fix bug #77371 (heap buffer overflow in mb regex functions - compile_string_node)
Stanislav Malyshev [Sun, 30 Dec 2018 03:51:24 +0000 (19:51 -0800)]
Fix bug #77370 - check that we do not read past buffer end when parsing multibytes
Christoph M. Becker [Wed, 12 Dec 2018 15:00:59 +0000 (16:00 +0100)]
Fix #77269: Potential unsigned underflow in gdImageScale
Belatedly, we're porting the respective upstream patch[1].
[1] <https://github.com/libgd/libgd/commit/
60bfb401ad5a4a8ae995dcd36372fe15c71e1a35 >
Stanislav Malyshev [Sun, 30 Dec 2018 02:25:37 +0000 (18:25 -0800)]
Fix bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext)
Stanislav Malyshev [Sun, 30 Dec 2018 01:56:36 +0000 (17:56 -0800)]
Fix bug #77242 (heap out of bounds read in xmlrpc_decode())
Alexander Kurilo [Mon, 31 Dec 2018 09:19:36 +0000 (12:19 +0300)]
Regenerate certs for openssl tests
Stanislav Malyshev [Wed, 2 Jan 2019 08:36:30 +0000 (00:36 -0800)]
Fix more issues with encodilng length
Should fix bug #77381, bug #77382, bug #77385, bug #77394.
Christoph M. Becker [Sun, 30 Dec 2018 12:59:26 +0000 (13:59 +0100)]
Fix #77270: imagecolormatch Out Of Bounds Write on Heap
At least some of the image reading functions may return images which
use color indexes greater than or equal to im->colorsTotal. We cater
to this by always using a buffer size which is sufficient for
`gdMaxColors` in `gdImageColorMatch()`.
Stanislav Malyshev [Wed, 2 Jan 2019 01:15:20 +0000 (17:15 -0800)]
Fix bug #77380 (Global out of bounds read in xmlrpc base64 code)
Stanislav Malyshev [Sun, 30 Dec 2018 04:06:08 +0000 (20:06 -0800)]
Fix bug #77371 (heap buffer overflow in mb regex functions - compile_string_node)
Stanislav Malyshev [Sun, 30 Dec 2018 03:51:24 +0000 (19:51 -0800)]
Fix bug #77370 - check that we do not read past buffer end when parsing multibytes
Christoph M. Becker [Wed, 12 Dec 2018 15:00:59 +0000 (16:00 +0100)]
Fix #77269: Potential unsigned underflow in gdImageScale
Belatedly, we're porting the respective upstream patch[1].
[1] <https://github.com/libgd/libgd/commit/
60bfb401ad5a4a8ae995dcd36372fe15c71e1a35 >
Stanislav Malyshev [Sun, 30 Dec 2018 02:25:37 +0000 (18:25 -0800)]
Fix bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext)
Stanislav Malyshev [Sun, 30 Dec 2018 01:56:36 +0000 (17:56 -0800)]
Fix bug #77242 (heap out of bounds read in xmlrpc_decode())
Alexander Kurilo [Mon, 31 Dec 2018 09:19:36 +0000 (12:19 +0300)]
Regenerate certs for openssl tests
Remi Collet [Sat, 8 Dec 2018 09:24:36 +0000 (10:24 +0100)]
add imap.enable_insecure_rsh in php.ini
Remi Collet [Sat, 8 Dec 2018 09:06:19 +0000 (10:06 +0100)]
missing entry for #77020
Ferenc Kovacs [Wed, 5 Dec 2018 08:30:20 +0000 (09:30 +0100)]
Merge branch 'PHP-7.0' into PHP-7.1
Ferenc Kovacs [Wed, 5 Dec 2018 08:25:53 +0000 (09:25 +0100)]
Merge branch 'PHP-5.6' into PHP-7.0
Ferenc Kovacs [Wed, 5 Dec 2018 08:13:30 +0000 (09:13 +0100)]
5.6.40 will be next. probably not
Anatol Belski [Tue, 4 Dec 2018 11:49:42 +0000 (12:49 +0100)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Sync NEWS [ci skip]
Anatol Belski [Tue, 4 Dec 2018 11:49:10 +0000 (12:49 +0100)]
Sync NEWS [ci skip]
Stanislav Malyshev [Mon, 3 Dec 2018 18:19:57 +0000 (10:19 -0800)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Fix null pointer deref in qprint-encode filter (bug #77231)
Stanislav Malyshev [Mon, 3 Dec 2018 18:19:49 +0000 (10:19 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fix null pointer deref in qprint-encode filter (bug #77231)
Stanislav Malyshev [Mon, 3 Dec 2018 10:12:11 +0000 (02:12 -0800)]
Fix null pointer deref in qprint-encode filter (bug #77231)
Stanislav Malyshev [Mon, 3 Dec 2018 08:42:45 +0000 (00:42 -0800)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Fix bug #77143 - add more checks to buffer reads
Fix bug #77143 - add more checks to buffer reads
Fix #77020: null pointer dereference in imap_mail
Stanislav Malyshev [Mon, 3 Dec 2018 08:42:35 +0000 (00:42 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fix bug #77143 - add more checks to buffer reads
Stanislav Malyshev [Mon, 12 Nov 2018 22:02:26 +0000 (14:02 -0800)]
Fix bug #77143 - add more checks to buffer reads
Stanislav Malyshev [Mon, 3 Dec 2018 08:39:03 +0000 (00:39 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fix bug #77143 - add more checks to buffer reads
Fix #77020: null pointer dereference in imap_mail
Stanislav Malyshev [Mon, 12 Nov 2018 22:02:26 +0000 (14:02 -0800)]
Fix bug #77143 - add more checks to buffer reads
Stanislav Malyshev [Sun, 11 Nov 2018 18:04:01 +0000 (10:04 -0800)]
Fix #77020: null pointer dereference in imap_mail
If an empty $message is passed to imap_mail(), we must not set message
to NULL, since _php_imap_mail() is not supposed to handle NULL pointers
(opposed to pointers to NUL).
Philip Prindeville [Sun, 8 Jul 2018 16:55:54 +0000 (10:55 -0600)]
Don't need interactive progress on git clones in Travis
Travis logs are usually inspected after the build completes, by which time
progress info is useless.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Stanislav Malyshev [Sun, 2 Dec 2018 21:38:59 +0000 (13:38 -0800)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Fix TSRM signature - php_stream_stat macro has it's own TSRM
Regenerate certificates for openssl tests
Improve test for bug77022
Stanislav Malyshev [Sun, 2 Dec 2018 21:18:07 +0000 (13:18 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fix TSRM signature - php_stream_stat macro has it's own TSRM
Regenerate certificates for openssl tests
Improve test for bug77022
Stanislav Malyshev [Sun, 2 Dec 2018 20:54:19 +0000 (12:54 -0800)]
Fix TSRM signature - php_stream_stat macro has it's own TSRM
Alexander Kurilo [Sun, 2 Dec 2018 07:53:45 +0000 (10:53 +0300)]
Regenerate certificates for openssl tests
Stanislav Malyshev [Sun, 2 Dec 2018 20:06:13 +0000 (12:06 -0800)]
Improve test for bug77022
Stanislav Malyshev [Sun, 2 Dec 2018 05:48:35 +0000 (21:48 -0800)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Stanislav Malyshev [Sun, 2 Dec 2018 05:07:05 +0000 (21:07 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fix bug #77022 - use file mode or umask for new files
Stanislav Malyshev [Sun, 2 Dec 2018 05:47:37 +0000 (21:47 -0800)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Fix bug #77022 - use file mode or umask for new files
Stanislav Malyshev [Sun, 2 Dec 2018 05:07:05 +0000 (21:07 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fix bug #77022 - use file mode or umask for new files
Stanislav Malyshev [Sun, 2 Dec 2018 05:04:56 +0000 (21:04 -0800)]
Fix bug #77022 - use file mode or umask for new files
Stanislav Malyshev [Wed, 28 Nov 2018 23:46:53 +0000 (15:46 -0800)]
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Add DISPLAY_INI_ENTRIES for imap
Disable rsh/ssh functionality in imap by default (bug #77153)
Disable rsh/ssh functionality in imap by default (bug #77153)
Stanislav Malyshev [Wed, 28 Nov 2018 23:46:39 +0000 (15:46 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Add DISPLAY_INI_ENTRIES for imap
Stanislav Malyshev [Wed, 28 Nov 2018 23:45:51 +0000 (15:45 -0800)]
Add DISPLAY_INI_ENTRIES for imap
Sara Golemon [Wed, 21 Nov 2018 19:37:37 +0000 (14:37 -0500)]
Prep for 7.1.26
Valentin V. Bartenev [Tue, 20 Nov 2018 15:48:06 +0000 (18:48 +0300)]
Fix bug #71041 dynamic embed SAPI load error
If the library is built with ZEND_SIGNALS defined, it's unusable with an
external SAPI module because the zend_signal_startup() call is mandatory
in this case.
This bug is similar to #74149, but related to dynamic loading of PHP library.
Stanislav Malyshev [Mon, 19 Nov 2018 01:10:43 +0000 (17:10 -0800)]
Disable rsh/ssh functionality in imap by default (bug #77153)
Stanislav Malyshev [Tue, 20 Nov 2018 19:14:18 +0000 (11:14 -0800)]
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Disable rsh/ssh functionality in imap by default (bug #77153)
Stanislav Malyshev [Mon, 19 Nov 2018 01:10:43 +0000 (17:10 -0800)]
Disable rsh/ssh functionality in imap by default (bug #77153)
Remi Collet [Tue, 20 Nov 2018 10:19:29 +0000 (11:19 +0100)]
NEWS
Remi Collet [Thu, 15 Nov 2018 07:58:08 +0000 (08:58 +0100)]
Fix #77151 ftp_close(): SSL_read on shutdown
Regression introduced in fix for #76972
only display the error message when sslerror
or if errno is set (for SSL_ERROR_SYSCALL case)
Stanislav Malyshev [Mon, 19 Nov 2018 01:10:43 +0000 (17:10 -0800)]
Disable rsh/ssh functionality in imap by default (bug #77153)
Anatol Belski [Sun, 18 Nov 2018 13:37:04 +0000 (14:37 +0100)]
[ci skip] Update NEWS
Anatol Belski [Sun, 18 Nov 2018 11:29:34 +0000 (12:29 +0100)]
Fixed bug #77047 pg_convert has a broken regex for the 'TIME WITHOUT TIMEZONE' data type
Backport
369c991d and
282a63da to 7.1, closes #3634
Christoph M. Becker [Wed, 14 Nov 2018 13:55:38 +0000 (14:55 +0100)]
Fix #77147: Fix for 60494 ignores ICONV_MIME_DECODE_CONTINUE_ON_ERROR
If the `ICONV_MIME_DECODE_CONTINUE_ON_ERROR` flag is set, parsing
should not fail, if there are illegal characters in the headers;
instead we silently ignore these like before.
Thiago Carvalho [Sun, 21 Oct 2018 19:42:29 +0000 (21:42 +0200)]
Validate length on socket_write
Christoph M. Becker [Mon, 12 Nov 2018 22:00:25 +0000 (23:00 +0100)]
Fix #77141: Signedness issue in SOAP when precision=-1
According to php_gcvt(), we assume at most 17 fractional digits for
negative precision.
Christoph M. Becker [Sun, 4 Nov 2018 15:40:27 +0000 (16:40 +0100)]
Fix #76348: WSDL_CACHE_MEMORY causes Segmentation fault
“Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end.”
Derick Rethans [Tue, 30 Oct 2018 11:25:45 +0000 (11:25 +0000)]
Updated to version 2018.7 (2018g)
Peter Kokot [Mon, 29 Oct 2018 23:22:03 +0000 (00:22 +0100)]
[ci skip] Update NEWS
Jon Allen [Mon, 29 Oct 2018 13:44:37 +0000 (14:44 +0100)]
fix bug #77079
Nikita Popov [Thu, 25 Oct 2018 14:25:54 +0000 (16:25 +0200)]
Fixed bug #77058
Account for the fact that undef must be interpreted as null for
the purposes of INC/DEC inference.
Nikita Popov [Thu, 25 Oct 2018 14:18:10 +0000 (16:18 +0200)]
Improve "narrowing" error message
By including the opcode name.
Joe Watkins [Wed, 24 Oct 2018 06:43:27 +0000 (08:43 +0200)]
bump versions
Derick Rethans [Mon, 22 Oct 2018 11:05:39 +0000 (12:05 +0100)]
Updated to version 2018.6 (2018f)
Anatol Belski [Sat, 20 Oct 2018 21:02:06 +0000 (23:02 +0200)]
Fix tests for ICU 63.1
The most of change is U+00A0 vs. new U+202F used in some outputs.
Peter Kokot [Sat, 20 Oct 2018 07:48:50 +0000 (09:48 +0200)]
[ci skip] Update NEWS
Mizunashi Mana [Sat, 20 Oct 2018 07:42:56 +0000 (09:42 +0200)]
Fix #77041: buildconf should output error messages to stderr
Peter Kokot [Thu, 18 Oct 2018 22:06:11 +0000 (00:06 +0200)]
[ci skip] Update NEWS