Permalink
Commits on Jul 20, 2016
  1. @jpauli
  2. @smalyshev

    Update NEWS

    smalyshev committed Jul 20, 2016
  3. @smalyshev

    Improve fix for #72520

    smalyshev committed Jul 20, 2016
Commits on Jul 19, 2016
  1. @pierrejoye @smalyshev
  2. @smalyshev

    Fix memory leak

    smalyshev committed Jul 19, 2016
  3. @smalyshev

    Merge branch 'PHP-5.5' of git.php.net:php-src into PHP-5.5

    * 'PHP-5.5' of git.php.net:php-src:
      fix #72519, possible OOB using imagegif
    smalyshev committed Jul 19, 2016
  4. @pierrejoye @smalyshev
  5. @pierrejoye @smalyshev

    fix #72512, invalid read or write for palette image when invalid tran…

    …sparent index is used
    
    Conflicts:
    	ext/gd/libgd/gd.c
    pierrejoye committed with smalyshev Jul 19, 2016
  6. @pierrejoye @weltling

    fix #72519, possible OOB using imagegif

    fix #72519, possible OOB using imagegif
    pierrejoye committed with weltling Jul 19, 2016
  7. @smalyshev
  8. @smalyshev

    Merge branch 'PHP-5.5.38' into PHP-5.5

    * PHP-5.5.38:
      Fix tests
      Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
      Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
      Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
      Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
      Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
      Fix bug #72562 - destroy var_hash properly
      Fix bug #72533 (locale_accept_from_http out-of-bounds access)
      Fix fir bug #72520
      Fix for bug #72513
      CS fix and comments with bug ID
      Fix for HTTP_PROXY issue.
      add tests for bug #72512
      Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
      Fixed bug #72479 - same as #72434
    smalyshev committed Jul 19, 2016
  9. @smalyshev

    Fix tests

    smalyshev committed Jul 19, 2016
  10. @smalyshev
  11. @smalyshev
  12. @smalyshev
Commits on Jul 18, 2016
  1. @smalyshev
Commits on Jul 17, 2016
  1. @smalyshev
Commits on Jul 14, 2016
  1. @weltling

    Extend libxml exports

    These are needed to support libxslt 1.1.29 on Windows. This libxslt version
    fixes CVE-2015-7995 and for this reason needs to be used.
    weltling committed Jul 14, 2016
Commits on Jul 13, 2016
  1. @smalyshev
  2. @smalyshev
  3. @smalyshev

    Fix fir bug #72520

    smalyshev committed Jul 13, 2016
  4. @smalyshev

    Fix for bug #72513

    smalyshev committed Jul 13, 2016
  5. @smalyshev
Commits on Jul 10, 2016
  1. @smalyshev

    Fix for HTTP_PROXY issue.

    The following changes are made:
    - _SERVER/_ENV only has HTTP_PROXY if the local environment has it,
      and only one from the environment.
    - getenv('HTTP_PROXY') only returns one from the local environment
    - getenv has optional second parameter, telling it to only consider
      local environment
    smalyshev committed Jul 10, 2016
Commits on Jul 8, 2016
  1. @jpauli

    Updated NEWS

    jpauli committed Jul 8, 2016
  2. @jpauli

    Fix #69975: PHP segfaults when accessing nvarchar(max) defined columns

    The SQL Server Native Client 11.0 and maybe other ODBC drivers report
    NVARCHAR(MAX) columns as SQL_WVARCHAR with size 0. This causes too small a
    buffer to be emalloc'd, likely causing a segfault in the following. As we don't
    know the real size of the column data, we treat such colums as
    SQL_WLONGVARCHAR.
    
    The related bug #67437 suggests that some drivers report a size of ~4GB. It is
    not certain that this is really the case (there might be some integer overflow
    involved, and anyway, there has been no feedback), so we do not cater for this
    now. However, it would not be hard to treat all sizes above a certain threshold
    in a similar way, i.e. as SQL_WLONGVARCHAR.
    
    (cherry picked from commit 16db4d1)
    (cherry picked from commit 344ff5d)
    Christoph M. Becker committed with jpauli Jul 2, 2015
  3. @jpauli

    Updated NEWS

    jpauli committed Jul 8, 2016
  4. @jpauli

    Merge branch 'pull-request/1982' into PHP-5.5

    * pull-request/1982:
      Update PHP 5.5 NEWS entries with CVE info
    jpauli committed Jul 8, 2016
Commits on Jul 6, 2016
  1. @weltling

    add tests for bug #72512

    weltling committed Jul 6, 2016
Commits on Jul 5, 2016
  1. @smalyshev @kaplanlior

    Fix bug #70480 (php_url_parse_ex() buffer overflow read)

    (cherry picked from commit 629e4da)
    smalyshev committed with kaplanlior Sep 28, 2015
Commits on Jul 4, 2016
  1. @kaplanlior
  2. @pierrejoye @weltling
Commits on Jun 27, 2016
  1. @smalyshev
  2. @smalyshev
Commits on Jun 21, 2016
  1. @jpauli

    5.5.38 now

    jpauli committed Jun 21, 2016