If we allow odd increments (the code actually increased the limit by 1)
the boundary check is worthless. The last time I commited something I
added a +2 so catch all kinds of off-by-one or off-by-two (this already
catched the filename)
Example: num_vars = 10 and num_var_max = 11
if (num_vars =
sesser Wed Nov 12 17:34:35 2003 EDT
Modified files: (Branch: PHP_4_3)
/php-src/main rfc1867.c
Log:
Fix odd increments to repair the boundary checks.
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.122.2.15
sesser Wed Nov 12 17:34:59 2003 EDT
Modified files:
/php-src/main rfc1867.c
Log:
Fix odd increments to repair the boundary checks.
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.145 php-src/main/rfc1867.c:1.146
---
sesser Mon Nov 3 04:16:25 2003 EDT
Modified files:
/php-src/main rfc1867.c
Log:
It is usually a good idea to write only into allocated bufferspace.
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.142 php-src/main/rfc1867.c:1.143
---
sesser Mon Nov 3 06:46:34 2003 EDT
Modified files:
/php-src/main rfc1867.c
Log:
Fixed possible crashbug.
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.143 php-src/main/rfc1867.c:1.144
--- php-src/main/rfc1867.c:1.143Mon
sesser Wed Mar 12 07:00:27 2003 EDT
Modified files:
/php4/main main.c
Log:
reverting half the patch (it is not that simple)
Index: php4/main/main.c
diff -u php4/main/main.c:1.537 php4/main/main.c:1.538
--- php4/main/main.c:1.537 Sat Mar 8 10:20:12
sesser Wed Mar 12 07:01:04 2003 EDT
Modified files: (Branch: PHP_4_3)
/php4/main main.c
Log:
MFH
Index: php4/main/main.c
diff -u php4/main/main.c:1.512.2.15 php4/main/main.c:1.512.2.16
--- php4/main/main.c:1.512.2.15 Sat Mar 8 10:24:47 2003
+++
sesser Sat Mar 8 09:37:01 2003 EDT
Modified files:
/php4/ext/standard html.c
Log:
fixing memory leak
Index: php4/ext/standard/html.c
diff -u php4/ext/standard/html.c:1.73 php4/ext/standard/html.c:1.74
--- php4/ext/standard/html.c:1.73 Thu Mar 6
sesser Sat Mar 8 09:51:16 2003 EDT
Modified files:
/php4/ext/standard html.c
Log:
wrong place.
Index: php4/ext/standard/html.c
diff -u php4/ext/standard/html.c:1.74 php4/ext/standard/html.c:1.75
--- php4/ext/standard/html.c:1.74 Sat Mar 8 09:37:01
sesser Sat Mar 8 10:20:12 2003 EDT
Modified files:
/php4/main main.c
Log:
fix possible XSS in error messages
Index: php4/main/main.c
diff -u php4/main/main.c:1.536 php4/main/main.c:1.537
--- php4/main/main.c:1.536 Fri Mar 7 00:15:26 2003
+++
sesser Sat Mar 8 10:24:47 2003 EDT
Modified files: (Branch: PHP_4_3)
/php4/main main.c
Log:
MFH
Index: php4/main/main.c
diff -u php4/main/main.c:1.512.2.14 php4/main/main.c:1.512.2.15
--- php4/main/main.c:1.512.2.14 Thu Mar 6 15:58:18 2003
+++
sesser Thu Mar 6 15:58:20 2003 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/cyrus cyrus.c
/php4/ext/dbdb.c
/php4/ext/domxmlphp_domxml.c
/php4/ext/fbsql php_fbsql.c
/php4/ext/ming ming.c
/php4/ext/standard
sesser Thu Mar 6 15:59:28 2003 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/gd/libgd gdtestft.c
Log:
MFH
Index: php4/ext/gd/libgd/gdtestft.c
diff -u php4/ext/gd/libgd/gdtestft.c:1.1 php4/ext/gd/libgd/gdtestft.c:1.1.4.1
---
sesser Tue Feb 11 16:41:33 2003 EDT
Modified files:
/php4/main SAPI.c
Log:
8 + 20 + 1 + 1 = 30
There was no Bufferoverflow on 64bit systems.
And the fix broke the header code on systems with old style snprintf.
Index: php4/main/SAPI.c
diff -u
sesser Tue Feb 11 16:44:02 2003 EDT
Modified files:
/php4/main SAPI.c
Log:
size matters not.
Index: php4/main/SAPI.c
diff -u php4/main/SAPI.c:1.170 php4/main/SAPI.c:1.171
--- php4/main/SAPI.c:1.170 Tue Feb 11 16:41:32 2003
+++ php4/main/SAPI.cTue
sesser Tue Dec 24 18:28:05 2002 EDT
Modified files:
/php4/ext/mime_magicmime_magic.c
Log:
do correct casting
Index: php4/ext/mime_magic/mime_magic.c
diff -u php4/ext/mime_magic/mime_magic.c:1.20 php4/ext/mime_magic/mime_magic.c:1.21
---
sesser Tue Dec 24 18:30:52 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/mime_magicmime_magic.c
Log:
MFH
Index: php4/ext/mime_magic/mime_magic.c
diff -u php4/ext/mime_magic/mime_magic.c:1.13.2.5
php4/ext/mime_magic/mime_magic.c:1.13.2.6
sesser Tue Dec 24 18:46:18 2002 EDT
Modified files:
/php4/sapi/cgi cgi_main.c
Log:
fix compile warning
Index: php4/sapi/cgi/cgi_main.c
diff -u php4/sapi/cgi/cgi_main.c:1.200 php4/sapi/cgi/cgi_main.c:1.201
--- php4/sapi/cgi/cgi_main.c:1.200 Sun Dec
sesser Tue Dec 24 18:50:21 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/sapi/cgi cgi_main.c
Log:
MFH
Index: php4/sapi/cgi/cgi_main.c
diff -u php4/sapi/cgi/cgi_main.c:1.190.2.7 php4/sapi/cgi/cgi_main.c:1.190.2.8
--- php4/sapi/cgi/cgi_main.c:1.190.2.7
sesser Mon Dec 23 03:51:16 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/mime_magicmime_magic.c
Log:
MFH
Index: php4/ext/mime_magic/mime_magic.c
diff -u php4/ext/mime_magic/mime_magic.c:1.13.2.4
php4/ext/mime_magic/mime_magic.c:1.13.2.5
sesser Fri Dec 20 14:37:06 2002 EDT
Modified files:
/php4/ext/sybasephp_sybase_db.c
Log:
need more space
Index: php4/ext/sybase/php_sybase_db.c
diff -u php4/ext/sybase/php_sybase_db.c:1.41 php4/ext/sybase/php_sybase_db.c:1.42
---
sesser Fri Dec 20 14:37:41 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/sybasephp_sybase_db.c
Log:
MFH
Index: php4/ext/sybase/php_sybase_db.c
diff -u php4/ext/sybase/php_sybase_db.c:1.38.2.3
php4/ext/sybase/php_sybase_db.c:1.38.2.4
---
sesser Sat Dec 14 05:45:26 2002 EDT
Modified files:
/php4/main rfc1867.c
Log:
cleanup
Index: php4/main/rfc1867.c
diff -u php4/main/rfc1867.c:1.127 php4/main/rfc1867.c:1.128
--- php4/main/rfc1867.c:1.127 Tue Dec 10 10:58:31 2002
+++ php4/main/rfc1867.c
sesser Thu Dec 12 16:31:57 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/sybasephp_sybase_db.c
Log:
MFH: finally?! correct
Index: php4/ext/sybase/php_sybase_db.c
diff -u php4/ext/sybase/php_sybase_db.c:1.38.2.2
sesser Tue Dec 10 10:18:02 2002 EDT
Modified files:
/php4/ext/sybasephp_sybase_db.c
Log:
fixing crashbug
patch by [EMAIL PROTECTED]
Index: php4/ext/sybase/php_sybase_db.c
diff -u php4/ext/sybase/php_sybase_db.c:1.38
sesser Tue Dec 10 10:41:38 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/sybasephp_sybase_db.c
Log:
MFH
Index: php4/ext/sybase/php_sybase_db.c
diff -u php4/ext/sybase/php_sybase_db.c:1.38 php4/ext/sybase/php_sybase_db.c:1.38.2.1
---
sesser Tue Dec 10 15:18:24 2002 EDT
Modified files:
/php4/ext/sybasephp_sybase_db.c
Log:
fixing cutpaste bug
Index: php4/ext/sybase/php_sybase_db.c
diff -u php4/ext/sybase/php_sybase_db.c:1.39 php4/ext/sybase/php_sybase_db.c:1.40
---
sesser Tue Dec 10 15:19:11 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/sybasephp_sybase_db.c
Log:
MFH
Index: php4/ext/sybase/php_sybase_db.c
diff -u php4/ext/sybase/php_sybase_db.c:1.38.2.1
php4/ext/sybase/php_sybase_db.c:1.38.2.2
---
sesser Mon Nov 25 17:58:26 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/ext/standard ftp_fopen_wrapper.c
Log:
MFH
Index: php4/ext/standard/ftp_fopen_wrapper.c
diff -u php4/ext/standard/ftp_fopen_wrapper.c:1.38.2.1
sesser Fri Nov 22 06:04:10 2002 EDT
Added files: (Branch: PHP_4_3)
/php4/ext/standard/tests/general_functions 009.phpt
Log:
MFH: sha1() test
Index: php4/ext/standard/tests/general_functions/009.phpt
+++
sesser Fri Nov 22 14:34:18 2002 EDT
Modified files:
/php4/main rfc1867.c
Log:
little fix
Index: php4/main/rfc1867.c
diff -u php4/main/rfc1867.c:1.123 php4/main/rfc1867.c:1.124
--- php4/main/rfc1867.c:1.123 Thu Nov 14 11:30:07 2002
+++
sesser Fri Nov 22 14:35:44 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/main rfc1867.c
Log:
MFH
Index: php4/main/rfc1867.c
diff -u php4/main/rfc1867.c:1.122.2.1 php4/main/rfc1867.c:1.122.2.2
--- php4/main/rfc1867.c:1.122.2.1 Thu Nov 14 11:40:27
sesser Tue Nov 19 18:25:57 2002 EDT
Added files:
/php4/ext/standard/tests/general_functions 009.phpt
Log:
Adding SHA1 tests.
Index: php4/ext/standard/tests/general_functions/009.phpt
+++ php4/ext/standard/tests/general_functions/009.phpt
--TEST--
sesser Thu Nov 14 11:40:27 2002 EDT
Modified files: (Branch: PHP_4_3)
/php4/main rfc1867.c
Log:
MFH
Index: php4/main/rfc1867.c
diff -u php4/main/rfc1867.c:1.122 php4/main/rfc1867.c:1.122.2.1
--- php4/main/rfc1867.c:1.122 Wed Oct 23 22:59:01 2002
+++
sesser Mon Oct 7 07:23:25 2002 EDT
Modified files:
/php4/main rfc1867.c
Log:
Closing protected variables hole
Index: php4/main/rfc1867.c
diff -u php4/main/rfc1867.c:1.116 php4/main/rfc1867.c:1.117
--- php4/main/rfc1867.c:1.116 Sat Aug 17 07:48:21
sesser Mon Oct 7 12:11:31 2002 EDT
Modified files:
/php4/ext/mbstring mbfilter.c
Log:
never smash the stack...
Index: php4/ext/mbstring/mbfilter.c
diff -u php4/ext/mbstring/mbfilter.c:1.44 php4/ext/mbstring/mbfilter.c:1.45
---
sesser Tue Oct 1 17:53:25 2002 EDT
Modified files:
/php4/ext/standard filestat.c
Log:
repairing the chaos
utime(filename, NULL) is not only valid but a MUST on linux if you are
not the owner...
Index: php4/ext/standard/filestat.c
diff -u
via SSL. (Stefan Esser)
- Made the User-Agent that php's fopen wrappers send, configurable via
php.ini or via a stream context. (Sterling)
- Added support for fopen(php://output, wb) which returns a stream that
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http
sesser Sun Sep 8 18:26:11 2002 EDT
Modified files:
/php4/ext/standard ftp_fopen_wrapper.c
/php4/main network.c php_network.h
Log:
Added possibility to reuse an old SSL session id.
Ugly but needed for f.e.: debians ftpd-ssl
Index:
101 - 139 of 139 matches
Mail list logo