[PHP-CVS] com php-src: Fixed bug #63447 (max_input_vars doesn't filter variables when mbstring.encoding_translation = On): NEWS ext/mbstring/mb_gpc.c ext/mbstring/tests/bug63447_001.phpt ext/mbstring/
Commit:7fcbe4d5467300a0acee78330a0cdc9d1cbf05ad
Author:Xinchen Hui larue...@php.net Wed, 7 Nov 2012 17:05:24 +0800
Parents: 0ee5d18f91d731636f3ba39c7487e2a8cf04fa36
Branches: PHP-5.3
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=7fcbe4d5467300a0acee78330a0cdc9d1cbf05ad
Log:
Fixed bug #63447 (max_input_vars doesn't filter variables when
mbstring.encoding_translation = On)
Bugs:
https://bugs.php.net/63447
Changed paths:
M NEWS
M ext/mbstring/mb_gpc.c
A ext/mbstring/tests/bug63447_001.phpt
A ext/mbstring/tests/bug63447_002.phpt
A ext/mbstring/tests/bug63447_003.phpt
Diff:
diff --git a/NEWS b/NEWS
index 83274c2..d03a2da 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,10 @@ PHP
NEWS
. Fixed bug #63389 (Missing context check on libxml_set_streams_context()
causes memleak). (Laruence)
+- Mbstring:
+ . Fixed bug #63447 (max_input_vars doesn't filter variables when
+mbstring.encoding_translation = On). (Laruence)
+
- MySQL:
. Fixed compilation failure on mixed 32/64 bit systems. (Andrey)
diff --git a/ext/mbstring/mb_gpc.c b/ext/mbstring/mb_gpc.c
index dd60302..b35ece3 100644
--- a/ext/mbstring/mb_gpc.c
+++ b/ext/mbstring/mb_gpc.c
@@ -262,6 +262,12 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const
php_mb_encoding_handler_
n++;
var = php_strtok_r(NULL, info-separator, strtok_buf);
}
+
+ if (n (PG(max_input_vars) * 2)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Input variables
exceeded %ld. To increase the limit change max_input_vars in php.ini.,
PG(max_input_vars));
+ goto out;
+ }
+
num = n; /* make sure to process initilized vars only */
/* initialize converter */
diff --git a/ext/mbstring/tests/bug63447_001.phpt
b/ext/mbstring/tests/bug63447_001.phpt
new file mode 100644
index 000..5130299
--- /dev/null
+++ b/ext/mbstring/tests/bug63447_001.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Bug #63447 (max_input_vars doesn't filter variables when
mbstring.encoding_translation = On)
+--SKIPIF--
+?php
+extension_loaded('mbstring') or die('skip');
+?
+--INI--
+max_input_nesting_level=10
+max_input_vars=5
+mbstring.encoding_translation=1
+--POST--
+a=1b=2c=3d=4e=5f=6
+--FILE--
+?php
+var_dump($_POST);
+?
+--EXPECT--
+Warning: Unknown: Input variables exceeded 5. To increase the limit change
max_input_vars in php.ini. in Unknown on line 0
+array(0) {
+}
diff --git a/ext/mbstring/tests/bug63447_002.phpt
b/ext/mbstring/tests/bug63447_002.phpt
new file mode 100644
index 000..e51089b
--- /dev/null
+++ b/ext/mbstring/tests/bug63447_002.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Bug #63447 (max_input_vars doesn't filter variables when
mbstring.encoding_translation = On)
+--SKIPIF--
+?php
+extension_loaded('mbstring') or die('skip');
+?
+--INI--
+max_input_nesting_level=10
+max_input_vars=4
+mbstring.encoding_translation=1
+--POST--
+a=1b=2c=3d=4e=5
+--FILE--
+?php
+var_dump($_POST);
+?
+--EXPECT--
+Warning: Unknown: Input variables exceeded 4. To increase the limit change
max_input_vars in php.ini. in Unknown on line 0
+array(0) {
+}
diff --git a/ext/mbstring/tests/bug63447_003.phpt
b/ext/mbstring/tests/bug63447_003.phpt
new file mode 100644
index 000..a4a7e14
--- /dev/null
+++ b/ext/mbstring/tests/bug63447_003.phpt
@@ -0,0 +1,34 @@
+--TEST--
+Bug #63447 (max_input_vars doesn't filter variables when
mbstring.encoding_translation = On)
+--SKIPIF--
+?php
+extension_loaded('mbstring') or die('skip');
+?
+--INI--
+max_input_nesting_level=5
+max_input_vars=100
+mbstring.encoding_translation=1
+--POST--
+a=1b[][][]=2c[][][][][][]=7
+--FILE--
+?php
+print_r($_POST);
+?
+--EXPECT--
+Array
+(
+[a] = 1
+[b] = Array
+(
+[0] = Array
+(
+[0] = Array
+(
+[0] = 2
+)
+
+)
+
+)
+
+)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merge branch 'PHP-5.3' into PHP-5.4: ext/mbstring/mb_gpc.c
Commit:e222837f6eefa757619533266ed149ab5dd91940 Author:Xinchen Hui larue...@php.net Wed, 7 Nov 2012 17:08:34 +0800 Parents: 6ef09012aa2aed339109007c2caa3d0e42cbd4ee 7fcbe4d5467300a0acee78330a0cdc9d1cbf05ad Branches: PHP-5.4 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e222837f6eefa757619533266ed149ab5dd91940 Log: Merge branch 'PHP-5.3' into PHP-5.4 Changed paths: MM ext/mbstring/mb_gpc.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: fix NEWS: NEWS
Commit:3e7fcd9cab1dace82b28a80097cbb3eb7b851c18 Author:Stanislav Malyshev s...@php.net Wed, 7 Nov 2012 01:18:34 -0800 Parents: e222837f6eefa757619533266ed149ab5dd91940 Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=3e7fcd9cab1dace82b28a80097cbb3eb7b851c18 Log: fix NEWS Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index d476cec..ee9a884 100644 --- a/NEWS +++ b/NEWS @@ -23,6 +23,10 @@ PHP NEWS . Fixed bug #63389 (Missing context check on libxml_set_streams_context() causes memleak). (Laruence) +- Mbstring: + . Fixed bug #63447 (max_input_vars doesn't filter variables when +mbstring.encoding_translation = On). (Laruence) + - OCI8: . Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro) (Chris Jones) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: 5.4.9 rc1: NEWS configure.in main/php_version.h
Commit:a235033abb39708096cf8484dce82ad4954ce822 Author:Stanislav Malyshev s...@php.net Wed, 7 Nov 2012 01:23:05 -0800 Parents: 3e7fcd9cab1dace82b28a80097cbb3eb7b851c18 Branches: PHP-5.4.9 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=a235033abb39708096cf8484dce82ad4954ce822 Log: 5.4.9 rc1 Changed paths: M NEWS M configure.in M main/php_version.h Diff: diff --git a/NEWS b/NEWS index ee9a884..0a9e2cc 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,6 @@ PHPNEWS ||| -?? ??? 2012, PHP 5.4.9 +08 Nov 2012, PHP 5.4.9 RC1 - Core: . Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence) diff --git a/configure.in b/configure.in index afe470d..a497435 100644 --- a/configure.in +++ b/configure.in @@ -120,7 +120,7 @@ int zend_sprintf(char *buffer, const char *format, ...); PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=4 PHP_RELEASE_VERSION=9 -PHP_EXTRA_VERSION=-dev +PHP_EXTRA_VERSION=RC1 PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` diff --git a/main/php_version.h b/main/php_version.h index 8dfe4963..c226d78 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 9 -#define PHP_EXTRA_VERSION -dev -#define PHP_VERSION 5.4.9-dev +#define PHP_EXTRA_VERSION RC1 +#define PHP_VERSION 5.4.9RC1 #define PHP_VERSION_ID 50409 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] tag php-src: create tag php-5.4.9RC1
Tag php-5.4.9RC1 in php-src.git was created Tag: 33ff5b2793fd3cf24a8c72981a778c494272e8d0 Tagger: Stanislav Malyshevs...@php.net Wed Nov 7 01:23:46 2012 -0800 Log: 5.4.9rc1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (Darwin) iF4EABEIAAYFAlCaKKgACgkQL3lWvF2gS11MwwD+L4o29K/RMHpgMiYurVfGcSAa Bu7iUW6F+ND9N9MJiP0A/jziysgbnraIi2lZLOMwG7r0Qk/+HswuiEUfOHooSi/9 =ultX -END PGP SIGNATURE- Link: http://git.php.net/?p=php-src.git;a=tag;h=33ff5b2793fd3cf24a8c72981a778c494272e8d0 Target: a235033abb39708096cf8484dce82ad4954ce822 Author: Stanislav Malyshev s...@php.net Wed, 7 Nov 2012 01:23:05 -0800 Parents: 3e7fcd9cab1dace82b28a80097cbb3eb7b851c18 Target link: http://git.php.net/?p=php-src.git;a=commitdiff;h=a235033abb39708096cf8484dce82ad4954ce822 Target log: 5.4.9 rc1 Changed paths: M NEWS M configure.in M main/php_version.h -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: These need to be volatile in order to prevent leaking after the longjmp in the error handler: ext/gd/libgd/gd_png.c
On 11/06/2012 12:06 PM, Nuno Lopes wrote: While I won't oppose this patch since it has no performance impact, I believe this is a bug in the compiler and not in the code below. The compiler should know about setjmp(). glibc, for example, marks that function with __attribute__((returns_twice)). Yeah, I don't disagree, but I also don't see a problem with helping the compiler a bit here and it fixes a leak which bit someone badly. -Rasmus -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] tag php-src: create tag php-5.3.19RC1
Tag php-5.3.19RC1 in php-src.git was created Tag: 98dd54e5cb31d3034ddba91099af75778a6075b3 Tagger: Johannes Schlüterjohan...@php.net Wed Nov 7 23:58:56 2012 +0100 Log: 5.3.19RC1 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (SunOS) iQEcBAABAgAGBQJQmue6AAoJEH3sTmn8nIPXuxAIAOhPh59CvMbYVZu+GTSrxndX 85l/6bOuDg6G8EbL/GSq+YwSx3bROXPlYbZVj3C4oM/9iwpAkghcapxWIGlp0lSB JFXiE/xamNwmTYWiumYvF/eqy0oUGhAx5L/voyci45D96MINiMNuLwNZ0bjmxAQj 5fFAVqadw8I/UQgNAAgpFZ0gtny4axuKmFD3UjZevJA7LUx5Qs6RC+IPz0nf8AgR 4NlHEcT25c5JBWc5uMmbUuMwxNqwEp7YhNLa/rNdGLbHY0H28Md2qb2VpN1WO53t 5HsKeXrAVMrJFmFGMDzglYW+IaeV/4AxjlHkyZq+DCmfFLJas8ODXUX7O4Uh+d4= =Jlez -END PGP SIGNATURE- Link: http://git.php.net/?p=php-src.git;a=tag;h=98dd54e5cb31d3034ddba91099af75778a6075b3 Target: ff65385742c39a739f369baa4d5b5dcc4d31165b Author: Johannes Schlüter johan...@php.net Wed, 7 Nov 2012 23:58:36 +0100 Parents: 7fcbe4d5467300a0acee78330a0cdc9d1cbf05ad Target link: http://git.php.net/?p=php-src.git;a=commitdiff;h=ff65385742c39a739f369baa4d5b5dcc4d31165b Target log: 5.3.19RC1 Changed paths: M NEWS M configure.in M main/php_version.h -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
