[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/ext/spl/spl_directory.c trunk/ext/spl/spl_directory.c
felipe Tue, 08 Mar 2011 19:56:29 + Revision: http://svn.php.net/viewvc?view=revision&revision=309035 Log: - Fixed bug #49608 (Using CachingIterator on DirectoryIterator instance segfaults) Bug: http://bugs.php.net/49608 (Assigned) Using CachingIterator on DirectoryIterator instance segfaults Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/spl/spl_directory.c U php/php-src/trunk/ext/spl/spl_directory.c Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2011-03-08 19:33:52 UTC (rev 309034) +++ php/php-src/branches/PHP_5_3/NEWS 2011-03-08 19:56:29 UTC (rev 309035) @@ -5,6 +5,10 @@ . Fixed bug #54193 (Integer overflow in shmop_read()). (Felipe) Reported by Jose Carlos Norte (CVE-2011-1092) +- SPL extension: + . Fixed bug #49608 (Using CachingIterator on DirectoryIterator instance +segfaults). (Felipe) + 03 Mar 2011, PHP 5.3.6RC2 - Zend Engine: . Fixed bug #43512 (same parameter name can be used multiple times in Modified: php/php-src/branches/PHP_5_3/ext/spl/spl_directory.c === --- php/php-src/branches/PHP_5_3/ext/spl/spl_directory.c2011-03-08 19:33:52 UTC (rev 309034) +++ php/php-src/branches/PHP_5_3/ext/spl/spl_directory.c2011-03-08 19:56:29 UTC (rev 309035) @@ -1596,7 +1596,9 @@ iterator->intern.data = NULL; /* mark as unused */ zval_ptr_dtor(&iterator->current); - zval_ptr_dtor(&zfree); + if (zfree) { + zval_ptr_dtor(&zfree); + } } /* }}} */ Modified: php/php-src/trunk/ext/spl/spl_directory.c === --- php/php-src/trunk/ext/spl/spl_directory.c 2011-03-08 19:33:52 UTC (rev 309034) +++ php/php-src/trunk/ext/spl/spl_directory.c 2011-03-08 19:56:29 UTC (rev 309035) @@ -1598,7 +1598,9 @@ iterator->intern.data = NULL; /* mark as unused */ zval_ptr_dtor(&iterator->current); - zval_ptr_dtor(&zfree); + if (zfree) { + zval_ptr_dtor(&zfree); + } } /* }}} */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/ext/shmop/shmop.c trunk/ext/shmop/shmop.c
felipe Tue, 08 Mar 2011 18:24:04 + Revision: http://svn.php.net/viewvc?view=revision&revision=309032 Log: - Version++ Changed paths: U php/php-src/branches/PHP_5_3/ext/shmop/shmop.c U php/php-src/trunk/ext/shmop/shmop.c Modified: php/php-src/branches/PHP_5_3/ext/shmop/shmop.c === --- php/php-src/branches/PHP_5_3/ext/shmop/shmop.c 2011-03-08 17:49:53 UTC (rev 309031) +++ php/php-src/branches/PHP_5_3/ext/shmop/shmop.c 2011-03-08 18:24:04 UTC (rev 309032) @@ -1,6 +1,6 @@ /* +--+ - | PHP version 4| + | PHP version 5| +--+ | Copyright (c) 1997-2011 The PHP Group| +--+ Modified: php/php-src/trunk/ext/shmop/shmop.c === --- php/php-src/trunk/ext/shmop/shmop.c 2011-03-08 17:49:53 UTC (rev 309031) +++ php/php-src/trunk/ext/shmop/shmop.c 2011-03-08 18:24:04 UTC (rev 309032) @@ -1,6 +1,6 @@ /* +--+ - | PHP version 4| + | PHP version 5| +--+ | Copyright (c) 1997-2011 The PHP Group| +--+ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/trunk/ NEWS
tony2001 Tue, 08 Mar 2011 14:53:38 + Revision: http://svn.php.net/viewvc?view=revision&revision=309022 Log: fix typppo Changed paths: U php/php-src/trunk/NEWS Modified: php/php-src/trunk/NEWS === --- php/php-src/trunk/NEWS 2011-03-08 14:07:25 UTC (rev 309021) +++ php/php-src/trunk/NEWS 2011-03-08 14:53:38 UTC (rev 309022) @@ -31,8 +31,8 @@ a property into a warning. (Scott) - General improvements: - . Added multibyte suppport by default. Previously php had to be compiled -with --enable-zend-multibyte. Now it can be enabled or disabled throug + . Added multibyte support by default. Previously php had to be compiled +with --enable-zend-multibyte. Now it can be enabled or disabled through zend.multibyte directive in php.ini (Dmitry) . Removed compile time dependency from ext/mbstring (Dmitry) . Added scalar typehints to the parser and the reflection API. (Ilia, Derick) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ NEWS
felipe Tue, 08 Mar 2011 14:07:25 + Revision: http://svn.php.net/viewvc?view=revision&revision=309021 Log: - assign CVE Changed paths: U php/php-src/branches/PHP_5_3/NEWS Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2011-03-08 13:23:27 UTC (rev 309020) +++ php/php-src/branches/PHP_5_3/NEWS 2011-03-08 14:07:25 UTC (rev 309021) @@ -3,7 +3,7 @@ ?? ??? 2011, PHP 5.3.6 - Shmop extension: . Fixed bug #54193 (Integer overflow in shmop_read()). (Felipe) -Reported by Jose Carlos Norte +Reported by Jose Carlos Norte (CVE-2011-1092) 03 Mar 2011, PHP 5.3.6RC2 - Zend Engine: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ NEWS
felipe Tue, 08 Mar 2011 13:12:52 + Revision: http://svn.php.net/viewvc?view=revision&revision=309019 Log: - Missing "reported by" info Changed paths: U php/php-src/branches/PHP_5_3/NEWS Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2011-03-08 13:11:14 UTC (rev 309018) +++ php/php-src/branches/PHP_5_3/NEWS 2011-03-08 13:12:52 UTC (rev 309019) @@ -3,6 +3,7 @@ ?? ??? 2011, PHP 5.3.6 - Shmop extension: . Fixed bug #54193 (Integer overflow in shmop_read()). (Felipe) +Reported by Jose Carlos Norte 03 Mar 2011, PHP 5.3.6RC2 - Zend Engine: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/ext/shmop/shmop.c trunk/ext/shmop/shmop.c
felipe Tue, 08 Mar 2011 13:11:14 + Revision: http://svn.php.net/viewvc?view=revision&revision=309018 Log: - Fixed bug #54193 (Integer overflow in shmop_read()) Bug: http://bugs.php.net/54193 (error getting bug information) Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/shmop/shmop.c U php/php-src/trunk/ext/shmop/shmop.c Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2011-03-08 12:58:22 UTC (rev 309017) +++ php/php-src/branches/PHP_5_3/NEWS 2011-03-08 13:11:14 UTC (rev 309018) @@ -1,6 +1,8 @@ PHP NEWS ||| ?? ??? 2011, PHP 5.3.6 +- Shmop extension: + . Fixed bug #54193 (Integer overflow in shmop_read()). (Felipe) 03 Mar 2011, PHP 5.3.6RC2 - Zend Engine: Modified: php/php-src/branches/PHP_5_3/ext/shmop/shmop.c === --- php/php-src/branches/PHP_5_3/ext/shmop/shmop.c 2011-03-08 12:58:22 UTC (rev 309017) +++ php/php-src/branches/PHP_5_3/ext/shmop/shmop.c 2011-03-08 13:11:14 UTC (rev 309018) @@ -256,7 +256,7 @@ RETURN_FALSE; } - if (start + count > shmop->size || count < 0) { + if (count < 0 || start > (INT_MAX - count) || start + count > shmop->size) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "count is out of range"); RETURN_FALSE; } Modified: php/php-src/trunk/ext/shmop/shmop.c === --- php/php-src/trunk/ext/shmop/shmop.c 2011-03-08 12:58:22 UTC (rev 309017) +++ php/php-src/trunk/ext/shmop/shmop.c 2011-03-08 13:11:14 UTC (rev 309018) @@ -256,7 +256,7 @@ RETURN_FALSE; } - if (start + count > shmop->size || count < 0) { + if (count < 0 || start > (INT_MAX - count) || start + count > shmop->size) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "count is out of range"); RETURN_FALSE; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-CVS] svn: /php/php-src/trunk/ NEWS
While you're about it, how about being a little less ppositive about the pposition of multibyte suppport? Cheers! Mike -- Mike Ford, Electronic Information Developer, Libraries and Learning Innovation, Leeds Metropolitan University, C507 City Campus, Woodhouse Lane, LEEDS, LS1 3HE, United Kingdom Email: m.f...@leedsmet.ac.uk Tel: +44 113 812 4730 > -Original Message- > From: Sebastian Bergmann [mailto:sebast...@php.net] > Sent: 06 March 2011 21:48 > To: php-cvs@lists.php.net > Subject: [PHP-CVS] svn: /php/php-src/trunk/ NEWS > > sebastianSun, 06 Mar 2011 21:47:46 > + > > Revision: http://svn.php.net/viewvc?view=revision&revision=308980 > > Log: > Fix speling. > > Changed paths: > U php/php-src/trunk/NEWS > > Modified: php/php-src/trunk/NEWS > === > --- php/php-src/trunk/NEWS2011-03-06 19:31:23 UTC (rev 308979) > +++ php/php-src/trunk/NEWS2011-03-06 21:47:46 UTC (rev 308980) > @@ -31,7 +31,7 @@ >a property into a warning. (Scott) > > - General improvements: > - . Added multibyte suppport by default. Previosly php had to be > compiled > + . Added multibyte suppport by default. Previously php had to be > compiled > with --enable-zend-multibyte. Now it can be enabled or disabled > throug > zend.multibyte directive in php.ini (Dmitry) >. Removed compile time dependency from ext/mbstring (Dmitry) To view the terms under which this email is distributed, please go to http://disclaimer.leedsmet.ac.uk/email.htm