Hello community, here is the log from the commit of package php7.13869 for openSUSE:Leap:15.1:Update checked in at 2020-09-07 10:25:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.1:Update/php7.13869 (Old) and /work/SRC/openSUSE:Leap:15.1:Update/.php7.13869.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "php7.13869" Mon Sep 7 10:25:25 2020 rev:1 rq:831623 version:7.2.5 Changes: -------- New Changes file: --- /dev/null 2020-08-06 00:20:10.149648038 +0200 +++ /work/SRC/openSUSE:Leap:15.1:Update/.php7.13869.new.3399/php7.changes 2020-09-07 10:26:14.786946337 +0200 @@ -0,0 +1,4241 @@ +------------------------------------------------------------------- +Thu Aug 13 14:01:46 UTC 2020 - pgaj...@suse.com + +- security update +- added patches + fix CVE-2020-7068 [bsc#1175223], Use of freed hash key in the phar_parse_zipfile function + + php7-CVE-2020-7068.patch + +------------------------------------------------------------------- +Tue Aug 4 16:19:46 UTC 2020 - pgaj...@suse.com + +- do not install outdated README.SUSE [bsc#1174010] + +------------------------------------------------------------------- +Thu Jul 9 12:23:52 UTC 2020 - pgaj...@suse.com + +- do not install %{_tmpfilesdir}, %{_tmpfilesdir}/php-fpm.conf in + test favour + +------------------------------------------------------------------- +Mon Jul 6 21:21:45 UTC 2020 - Daniel Molkentin <daniel.molken...@suse.com> + +- added tmpfiles.d for php-fpm to provide a base base for a socket + (boo#1173786) + +------------------------------------------------------------------- +Mon May 25 09:03:00 UTC 2020 - pgaj...@suse.com + +- security update +- added patches + fix CVE-2019-11048 [bsc#1171999], supplying overly long filenames or field names if HTTP file uploads are allowed could lead to exhausting disk space on the server + + php7-CVE-2019-11048.patch + +------------------------------------------------------------------- +Tue Apr 7 11:41:39 UTC 2020 - pgaj...@suse.com + +- security update +- added patches + fix CVE-2020-7064 [bsc#1168326], read one byte of uninitialized memory via malicious data + + php7-CVE-2020-7064.patch + fix CVE-2020-7066 [bsc#1168352], URL truncation if the URL contains zero (\0) character + + php7-CVE-2020-7066.patch + +------------------------------------------------------------------- +Mon Mar 2 13:23:06 UTC 2020 - pgaj...@suse.com + +- security update +- added patches + fix CVE-2020-7062 [bsc#1165280], null pointer dereference when using file upload functionality under specific circumstances + + php7-CVE-2020-7062.patch + fix CVE-2020-7063 [bsc#1165289], creating PHAR archive using PharData:buildFromIterator() function will add files with default permissions + + php7-CVE-2020-7063.patch + +------------------------------------------------------------------- +Wed Feb 5 13:55:13 UTC 2020 - pgaj...@suse.com + +- security update +- added patches + CVE-2020-7059 [bsc#1162629] + + php7-CVE-2020-7059.patch + CVE-2020-7060 [bsc#1162632] + + php7-CVE-2020-7060.patch + +------------------------------------------------------------------- +Thu Jan 2 15:49:54 UTC 2020 - pgaj...@suse.com + +- security update +- added patches + CVE-2019-11045 [bsc#1159923] + + php7-CVE-2019-11045.patch + CVE-2019-11046 [bsc#1159924] + + php7-CVE-2019-11046.patch + CVE-2019-11047 [bsc#1159922] + + php7-CVE-2019-11047.patch + CVE-2019-11050 [bsc#1159927] + + php7-CVE-2019-11050.patch + +------------------------------------------------------------------- +Fri Oct 25 09:47:44 UTC 2019 - pgaj...@suse.com + +- security update +- added patches + CVE-2019-11043 [bsc#1154999] + + php7-CVE-2019-11043.patch + +------------------------------------------------------------------- +Fri Oct 4 08:58:15 UTC 2019 - pgaj...@suse.com + +- provide test results via multibuild :test [bsc#1119396] +- added sources + + _multibuild + +------------------------------------------------------------------- +Thu Sep 26 08:31:12 UTC 2019 - Petr Gajdos <pgaj...@suse.com> + +- drop -n from php invocation from pecl [bsc#1151793] + https://github.com/pear/pear-core/commit/f94454a74785865cec50bf9d64c410efc29b587a + +------------------------------------------------------------------- +Thu Sep 26 06:31:54 UTC 2019 - pgaj...@suse.com + +- turn off run of testsuite as we get Kernel panic on s390x + +------------------------------------------------------------------- +Thu Aug 22 14:37:06 UTC 2019 - pgaj...@suse.com + +- security update +- added patches + CVE-2019-11041 [bsc#1146360] + + php7-CVE-2019-11041.patch + CVE-2019-11042 [bsc#1145095] + + php7-CVE-2019-11042.patch + +------------------------------------------------------------------- +Fri Jun 14 15:21:26 UTC 2019 - pgaj...@suse.com + +- security update +- added patches + CVE-2019-11039 [bsc#1138173] + + php-CVE-2019-11039.patch + CVE-2019-11040 [bsc#1138172] + + php-CVE-2019-11040.patch + +------------------------------------------------------------------- +Mon May 13 09:28:23 UTC 2019 - pgaj...@suse.com + +- security update +- added patches + CVE-2019-11036 [bsc#1134322] + + php-CVE-2019-11036.patch + +------------------------------------------------------------------- +Mon Apr 29 11:43:01 UTC 2019 - pgaj...@suse.com + +- security update +- added patches + CVE-2019-11034 [bsc#1132838] + + php-CVE-2019-11034.patch + CVE-2019-11035 [bsc#1132837] + + php-CVE-2019-11035.patch + +------------------------------------------------------------------- +Wed Mar 20 12:39:11 UTC 2019 - pgaj...@suse.com + +- security update +- added patches + CVE-2019-9637 [bsc#1128892] + + php-CVE-2019-9637.patch + CVE-2019-9675 [bsc#1128886] + + php-CVE-2019-9675.patch + CVE-2019-9638 [bsc#1128889], CVE-2019-9639 [bsc#1128887] + + php-CVE-2019-9638,9639.patch + CVE-2019-9640 [bsc#1128883] + + php-CVE-2019-9640.patch + +------------------------------------------------------------------- +Fri Mar 15 15:01:21 UTC 2019 - pgaj...@suse.com + +- upstream bug #41631 is already fixed [bsc#1129032] +- deleted sources + - README.default_socket_timeout (not needed) + +------------------------------------------------------------------- +Mon Mar 11 20:45:18 UTC 2019 - pgaj...@suse.com + +- security update + * CVE-2019-9024 [bsc#1126821] + + php-CVE-2019-9024.patch + * CVE-2019-9020 [bsc#1126711] + + php-CVE-2019-9020.patch + * CVE-2018-20783 [bsc#1127122] + + php-CVE-2018-20783.patch + * CVE-2019-9021 [bsc#1126713] + + php-CVE-2019-9021.patch + * CVE-2019-9022 [bsc#1126827] + + php-CVE-2019-9022.patch + * CVE-2019-9023 [bsc#1126823] + + php-CVE-2019-9023.patch + * CVE-2019-9641 [bsc#1128722] + + php-CVE-2019-9641.patch + +------------------------------------------------------------------- +Tue Mar 5 11:36:22 UTC 2019 - pgaj...@suse.com + +- asan_build: build ASAN included +- debug_build: build more suitable for debugging + +------------------------------------------------------------------- +Wed Dec 19 12:06:42 UTC 2018 - Martin Pluskal <mplus...@suse.com> + +- Enable testsuite during build time and save log to subpackage + testresults (boo#1119396) + +------------------------------------------------------------------- +Mon Dec 10 16:10:03 UTC 2018 - Petr Gajdos <pgaj...@suse.com> + +- add security patch of imap extension, which is currently disabled ++++ 4044 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.1:Update/.php7.13869.new.3399/php7.changes New: ---- README.SUSE-pear README.macros _constraints _multibuild build-test.sh install-pear-nozlib.phar macros.php php-7.2.5.tar.xz php-7.2.5.tar.xz.asc php-CVE-2017-9120.patch php-CVE-2018-1000222.patch php-CVE-2018-12882.patch php-CVE-2018-14851.patch php-CVE-2018-17082.patch php-CVE-2018-19935.patch php-CVE-2018-20783.patch php-CVE-2019-11034.patch php-CVE-2019-11035.patch php-CVE-2019-11036.patch php-CVE-2019-11039.patch php-CVE-2019-11040.patch php-CVE-2019-9020.patch php-CVE-2019-9021.patch php-CVE-2019-9022.patch php-CVE-2019-9023.patch php-CVE-2019-9024.patch php-CVE-2019-9637.patch php-CVE-2019-9638,9639.patch php-CVE-2019-9640.patch php-CVE-2019-9641.patch php-CVE-2019-9675.patch php-fpm.tmpfiles.d php-suse-addons.tar.bz2 php7-CVE-2019-11041.patch php7-CVE-2019-11042.patch php7-CVE-2019-11043.patch php7-CVE-2019-11045.patch php7-CVE-2019-11046.patch php7-CVE-2019-11047.patch php7-CVE-2019-11048.patch php7-CVE-2019-11050.patch php7-CVE-2020-7059.patch php7-CVE-2020-7060.patch php7-CVE-2020-7062.patch php7-CVE-2020-7063.patch php7-CVE-2020-7064.patch php7-CVE-2020-7066.patch php7-CVE-2020-7068.patch php7-crypt-tests.patch php7-date-regenerate-lexers.patch php7-depdb-path.patch php7-embed.patch php7-fix_net-snmp_disable_MD5.patch php7-freetype-pkgconfig.patch php7-honor-re2c-flags.patch php7-ini.patch php7-no-build-date.patch php7-odbc-cmp-int-cast.patch php7-openssl.patch php7-php-config.patch php7-phpize.patch php7-pts.patch php7-systemd-unit.patch php7-systzdata-v16.patch php7.changes php7.keyring php7.rpmlintrc php7.spec suhosin-0.9.38.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ php7.spec ++++++ ++++ 1937 lines (skipped) ++++++ README.SUSE-pear ++++++ Package php5-pear does not include Pear DB support ================================================== Php5-pear package comes without Pear DB database support, which was obsoleted by MDB2. If you need Pear DB, please install it with: #pear install --onlyreqdeps DB This is the case of Squirrelmail which requires Pear DB support. More information can be found at bugzilla.novell.com, bug #178982. ++++++ README.macros ++++++ README for php-macros Author: Christian Wittmer <ch...@computersalat.de> Author: Johannes Weberhofer <jweberho...@weberhofer.at> %php_pear_gen_filelist generates an rpmlint happy filelist of your installed files In most cases you only need to check the %doc part sometimes there is a "Changes" or "ChangeLog",.... Requirements for %php_pear_gen_filelist You have to define following parts inside your spec file Example: # # spec file for package php7-pear-Auth_SASL # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define php_name php7 %define pear_name Auth_SASL Name: php7-pear-Auth_SASL Version: 1.1.0 Release: 0 Summary: Abstraction of various SASL mechanism responses License: BSD-3-Clause Group: Productivity/Networking/Web/Servers Url: http://pear.php.net/package/%{pear_name} Source: http://pear.php.net/get/%{pear_name}-%{version}.tgz BuildRequires: %{php_name}-devel BuildRequires: %{php_name}-pear >= 1.10.1 Requires: %{php_name}-pear >= 1.10.1 Provides: php-pear-%{pear_name} = %{version} Provides: php-pear(%{pear_name}) = %{version} Obsoletes: php5-pear-Auth_SASL BuildArch: noarch %if 0%{?suse_version} < 1330 BuildRequires: %{php_name}-macros BuildRequires: %{php_name}-pear-Archive_Tar Requires: %{php_name}-pear-Archive_Tar %endif %description Provides code to generate responses to common SASL mechanisms, including: - Digest-MD5 - CramMD5 - Plain - Anonymous - Login (Pseudo mechanism) %prep %setup -q %setup -q -n %{pear_name}-%{version} mv ../package.xml . %build %install %{__pear} install --nodeps --offline --packagingroot %{buildroot} package.xml install -D -m 0644 package.xml %{buildroot}%{pear_xmldir}/%{pear_name}.xml rm -rf %{buildroot}/{doc,tmp} rm -rf %{buildroot}/%{php_peardir}/.{filemap,lock,registry,channels,depdb,depdblock} %php_pear_gen_filelist %post if [ "$1" = "1" ]; then # on "rpm -ivh" %{__pear} install --nodeps --soft --force --register-only %{pear_xmldir}/%{pear_name}.xml fi if [ "$1" = "2" ]; then # on "rpm -Uvh" %{__pear} upgrade --offline --register-only %{pear_xmldir}/%{pear_name}.xml fi %postun if [ "$1" = "0" ]; then # on "rpm -e" %{__pear} uninstall --nodeps --ignore-errors --register-only pear.php.net/%{pear_name} fi %files -f %{name}.files %changelog ############################################################################# And here an Example of the generated filelist (does not match above package): /usr/share/php5/PEAR/Date.php %dir /usr/share/php5/PEAR/Date /usr/share/php5/PEAR/Date/Calc.php /usr/share/php5/PEAR/Date/Human.php /usr/share/php5/PEAR/Date/Span.php /usr/share/php5/PEAR/Date/TimeZone.php %dir /usr/share/php5/PEAR/test %dir /usr/share/php5/PEAR/test/Date %dir /usr/share/php5/PEAR/test/Date/tests /usr/share/php5/PEAR/test/Date/tests/test_date_methods_span.php /usr/share/php5/PEAR/test/Date/tests/testunit_date_span.php /usr/share/php5/PEAR/test/Date/tests/test_calc.php /usr/share/php5/PEAR/test/Date/tests/calc.php /usr/share/php5/PEAR/test/Date/tests/testunit_date.php /usr/share/php5/PEAR/test/Date/tests/testunit.php %dir /usr/share/php5/PEAR/test/Date/tests/bugs /usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-1.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-2.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-3.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-4.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-674.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-9213.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-9414.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-8912.phpt /usr/share/php5/PEAR/test/Date/tests/bugs/bug-967.phpt /var/lib/pear/Date.xml ++++++ _constraints ++++++ <?xml version="1.0" encoding="UTF-8"?> <constraints> <hardware> <memory> <size unit="G">10</size> </memory> </hardware> </constraints> ++++++ _multibuild ++++++ <multibuild> <package>test</package> </multibuild> ++++++ build-test.sh ++++++ #!/bin/bash TEST_RESULT_FILE_BEFORE='test_results.before' TEST_RESULT_FILE_AFTER='test_results.after' function usage { echo "usage: $0 buildroot [osc ARGUMENTS]" echo " 1. Run first time to create ${TEST_RESULT_FILE_BEFORE}." echo " 2. Make source changes." echo " 3. Run second time to create ${TEST_RESULT_FILE_AFTER}" echo " and see changes in test results." } if [ -z $1 ]; then echo 'ERROR: missing a parameter: buildroot' usage exit 1 fi if [ "$1" == "-h" ]; then usage exit 0 fi export OSC_BUILD_ROOT=$1 shift apiurl=`cat .osc/_apiurl 2>/dev/null` if [ ! -z "$apiurl" ]; then apiurl="-A $apiurl" fi osc $apiurl build $@ --no-verify --with make_test -x valgrind *.spec if [ $? -ne 0 ]; then echo "ERROR: build failed. See $OSC_BUILD_ROOT/.build.log for details." exit 1 fi cat $OSC_BUILD_ROOT/.build.log \ | sed 's:^\[[ 0-9]\+s\] ::' \ | egrep 'TEST [0-9]+\/[0-9]+|SKIP.*reason' \ | sed 's:.*\r::' \ | sort \ > ${TEST_RESULT_FILE_AFTER} if [ ! -e ${TEST_RESULT_FILE_BEFORE} ]; then echo "Creating ${TEST_RESULT_FILE_BEFORE}" echo "Run $0 again AFTER source changes, to create ${TEST_RESULT_FILE_AFTER}." echo "Differences will be checked then." mv ${TEST_RESULT_FILE_AFTER} ${TEST_RESULT_FILE_BEFORE} else echo --- DIFFERENCES ------------------------------------------- diff -up $TEST_RESULT_FILE_BEFORE ${TEST_RESULT_FILE_AFTER} echo ----------------------------------------------------------- echo "Do not forgot to " echo "rm ${TEST_RESULT_FILE_BEFORE} ${TEST_RESULT_FILE_AFTER}" echo fi ++++++ macros.php ++++++ # macros.php file # macros for module building. handle with care. # # Interface versions exposed by PHP: # %php_core_api @PHP_APIVER@ %php_zend_api @PHP_ZENDVER@ # Useful php macros (from Christian Wittmer <ch...@computersalat.de>) # %__php /usr/bin/php %__phpize /usr/bin/phpize %__php_config /usr/bin/php-config %php_version %(%{__php_config} --version) # pear related macros %__pear /usr/bin/pear %php_peardir %(%{__pear} config-get php_dir) # %pear_xmldir should be replaced by %php_pearxmldir %pear_xmldir /var/lib/pear %php_pearxmldir /var/lib/pear %pear_phpdir %(%{__pear} config-get php_dir 2> /dev/null || echo undefined) %pear_docdir %(%{__pear} config-get doc_dir 2> /dev/null || echo undefined) %pear_testdir %(%{__pear} config-get test_dir 2> /dev/null || echo undefined) %pear_datadir %(%{__pear} config-get data_dir 2> /dev/null || echo undefined) %pear_cfgdir %(%{__pear} config-get cfg_dir 2> /dev/null || echo undefined) %pear_wwwdir %(%{__pear} config-get www_dir 2> /dev/null || echo undefined) %pear_metadir %(%{__pear} config-get metadata_dir 2> /dev/null || echo undefined) # pecl related macros %__pecl /usr/bin/pecl %pecl_phpdir %(%{__pecl} config-get php_dir 2> /dev/null || echo undefined) %pecl_docdir %(%{__pecl} config-get doc_dir 2> /dev/null || echo undefined) %pecl_testdir %(%{__pecl} config-get test_dir 2> /dev/null || echo undefined) %pecl_datadir %(%{__pecl} config-get data_dir 2> /dev/null || echo undefined) # macro: php_pear_gen_filelist # do the rpmlint happy filelist generation # with %dir in front of directories %php_pear_gen_filelist(n)\ FILES=%{name}.files\ # fgen_dir func\ # IN: dir\ fgen_dir(){\ %{__cat} >> $FILES << EOF\ %dir ${1}\ EOF\ }\ # fgen_file func\ # IN: file\ fgen_file(){\ %{__cat} >> $FILES << EOF\ ${1}\ EOF\ }\ # check for files in %{php_peardir}\ RES=`find ${RPM_BUILD_ROOT}%{php_peardir} -maxdepth 1 -type f`\ if [ -n "$RES" ]; then\ for file in $RES; do\ fgen_file "%{php_peardir}/$(basename ${file})"\ done\ fi\ \ # get all dirs into array\ base_dir="${RPM_BUILD_ROOT}%{php_peardir}/"\ for dir in `find ${base_dir} -type d | sort`; do\ if [ "$dir" = "${base_dir}" ]; then\ continue\ else\ el=`echo $dir | %{__awk} -F"${base_dir}" '{print $2}'`\ all_dir=(${all_dir[@]} $el)\ fi\ done\ \ # build filelist\ for i in ${all_dir[@]}; do\ if [ -d ${base_dir}/${i} ]; then\ RES=`find "${base_dir}/${i}" -maxdepth 1 -type f`\ if [ -n "$RES" ]; then\ fgen_dir "%{php_peardir}/${i}"\ for file in $RES; do\ fgen_file "%{php_peardir}/${i}/$(basename ${file})"\ done\ else\ fgen_dir "%{php_peardir}/${i}"\ fi\ fi\ done\ # add xml file\ fgen_file "%php_pearxmldir/%{pear_name}.xml"\ # ++++++ php-CVE-2017-9120.patch ++++++ diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c index 03a39d7..7b88731 100644 --- a/ext/mysqli/mysqli_api.c +++ b/ext/mysqli/mysqli_api.c @@ -1965,7 +1965,7 @@ PHP_FUNCTION(mysqli_real_escape_string) { } MYSQLI_FETCH_RESOURCE_CONN(mysql, mysql_link, MYSQLI_STATUS_VALID); - newstr = zend_string_alloc(2 * escapestr_len, 0); + newstr = zend_string_safe_alloc(2, escapestr_len, 0, 0); ZSTR_LEN(newstr) = mysql_real_escape_string(mysql->mysql, ZSTR_VAL(newstr), escapestr, escapestr_len); newstr = zend_string_truncate(newstr, ZSTR_LEN(newstr), 0); ++++++ php-CVE-2018-1000222.patch ++++++ Index: php-7.2.5/ext/gd/libgd/gd_bmp.c =================================================================== --- php-7.2.5.orig/ext/gd/libgd/gd_bmp.c 2018-04-24 17:09:54.000000000 +0200 +++ php-7.2.5/ext/gd/libgd/gd_bmp.c 2018-08-27 16:21:13.287949435 +0200 @@ -40,6 +40,8 @@ static int bmp_read_4bit(gdImagePtr im, static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp_hdr_t *header); static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info); +static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression); + #define BMP_DEBUG(s) static int gdBMPPutWord(gdIOCtx *out, int w) @@ -68,8 +70,10 @@ void * gdImageBmpPtr(gdImagePtr im, int void *rv; gdIOCtx *out = gdNewDynamicCtx(2048, NULL); if (out == NULL) return NULL; - gdImageBmpCtx(im, out, compression); - rv = gdDPExtractData(out, size); + if (!_gdImageBmpCtx(im, out, compression)) + rv = gdDPExtractData(out, size); + else + rv = NULL; out->gd_free(out); return rv; } @@ -90,12 +94,18 @@ void gdImageBmp(gdImagePtr im, FILE *out */ void gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) { + _gdImageBmpCtx(im, out, compression); +} + +static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) +{ int bitmap_size = 0, info_size, total_size, padding; int i, row, xpos, pixel; int error = 0; unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL; FILE *tmpfile_for_compression = NULL; gdIOCtxPtr out_original = NULL; + int ret = 1; /* No compression if its true colour or we don't support seek */ if (im->trueColor) { @@ -273,6 +283,7 @@ void gdImageBmpCtx(gdImagePtr im, gdIOCt out_original = NULL; } + ret = 0; cleanup: if (tmpfile_for_compression) { #ifdef _WIN32 @@ -286,7 +297,7 @@ cleanup: if (out_original) { out_original->gd_free(out_original); } - return; + return ret; } static int compress_row(unsigned char *row, int length) ++++++ php-CVE-2018-12882.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=67e827b44147ab121d1f7174eab62addd24bc889;hp=f5b0d4009fe18daf931a2a073882dc517a560012;hb=3fdde65617e9f954e2c964768aac8831005497e5;hpb=e0290192752a72b5be35b033b33590e040d60d24 diff --git a/ext/exif/exif.c b/ext/exif/exif.c index f5b0d40..67e827b 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -4324,7 +4324,7 @@ static int exif_read_from_impl(image_info_type *ImageInfo, php_stream *stream, i zend_string *base; if ((st.st_mode & S_IFMT) != S_IFREG) { exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Not a file"); - php_stream_close(ImageInfo->infile); + ImageInfo->infile = NULL; return FALSE; } ++++++ php-CVE-2018-14851.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=cad29b729548e4206f0697710cc9e177f26fdff3;hp=1147980f7730de0dfd13904a2ea6461bbf4eded8;hb=3462efa386f26d343062094514af604c29e3edce;hpb=1baeae42703f9b2ec21fff787146eeca08d45535 Index: php-7.2.5/ext/exif/exif.c =================================================================== --- php-7.2.5.orig/ext/exif/exif.c 2018-08-04 09:18:43.566167854 +0200 +++ php-7.2.5/ext/exif/exif.c 2018-08-04 09:25:27.280266346 +0200 @@ -3126,6 +3126,7 @@ static int exif_process_IFD_in_MAKERNOTE #endif const maker_note_type *maker_note; char *dir_start; + int data_len; for (i=0; i<=sizeof(maker_note_array)/sizeof(maker_note_type); i++) { if (i==sizeof(maker_note_array)/sizeof(maker_note_type)) { @@ -3180,6 +3181,7 @@ static int exif_process_IFD_in_MAKERNOTE switch (maker_note->offset_mode) { case MN_OFFSET_MAKER: offset_base = value_ptr; + data_len = value_len; break; #ifdef KALLE_0 case MN_OFFSET_GUESS: @@ -3197,6 +3199,7 @@ static int exif_process_IFD_in_MAKERNOTE return FALSE; } offset_base = value_ptr + offset_diff; + data_len = value_len - offset_diff; break; #endif default: @@ -3211,7 +3214,7 @@ static int exif_process_IFD_in_MAKERNOTE for (de=0;de<NumDirEntries;de++) { if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de, - offset_base, IFDlength, displacement, section_index, 0, maker_note->tag_table)) { + offset_base, data_len, displacement, section_index, 0, maker_note->tag_table)) { return FALSE; } } ++++++ php-CVE-2018-17082.patch ++++++ Index: php-7.2.5/sapi/apache2handler/sapi_apache2.c =================================================================== --- php-7.2.5.orig/sapi/apache2handler/sapi_apache2.c 2018-04-24 17:10:05.000000000 +0200 +++ php-7.2.5/sapi/apache2handler/sapi_apache2.c 2018-09-19 12:59:38.893512800 +0200 @@ -712,6 +712,7 @@ zend_first_try { if (!parent_req) { php_apache_request_dtor(r); ctx->request_processed = 1; + apr_brigade_cleanup(brigade); bucket = apr_bucket_eos_create(r->connection->bucket_alloc); APR_BRIGADE_INSERT_TAIL(brigade, bucket); ++++++ php-CVE-2018-19935.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fimap%2Fphp_imap.c;h=b30440f000f38f1e040a909a290db754ace49042;hp=a23e84c085216c65d9ebe4a61840f5747dd4626b;hb=7edc639b9ff1c3576773d79d016abbeed1f93846;hpb=aabdb71dc3739f5e06916e2a4e24deb37437b1e8 Index: php-7.0.7/ext/imap/php_imap.c =================================================================== --- php-7.0.7.orig/ext/imap/php_imap.c 2018-12-10 16:55:40.758312636 +0100 +++ php-7.0.7/ext/imap/php_imap.c 2018-12-10 16:58:21.031127128 +0100 @@ -4126,7 +4126,6 @@ PHP_FUNCTION(imap_mail) if (!ZSTR_LEN(message)) { /* this is not really an error, so it is allowed. */ php_error_docref(NULL, E_WARNING, "No message string in mail command"); - message = NULL; } if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message), headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL, ++++++ php-CVE-2018-20783.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar.c;h=47ff8cd790730dbc3520e47faa86327e2987a238;hp=780be432570e80dd34c1a9c217ef87ade22bf136;hb=48f0f73f75c0059ba5d9b73cb4e5faeeaea49c47;hpb=7edc639b9ff1c3576773d79d016abbeed1f93846 Index: php-7.2.5/ext/phar/phar.c =================================================================== --- php-7.2.5.orig/ext/phar/phar.c 2018-04-24 17:09:57.000000000 +0200 +++ php-7.2.5/ext/phar/phar.c 2019-03-07 11:41:25.276615493 +0100 @@ -643,6 +643,18 @@ int phar_parse_metadata(char **buffer, z /* }}}*/ /** + * Size of fixed fields in the manifest. + * See: http://php.net/manual/en/phar.fileformat.phar.php + */ +#define MANIFEST_FIXED_LEN 18 + +#define SAFE_PHAR_GET_32(buffer, endbuffer, var) \ + if (UNEXPECTED(buffer + 4 > endbuffer)) { \ + MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)"); \ + } \ + PHAR_GET_32(buffer, var); + +/** * Does not check for a previously opened phar in the cache. * * Parse a new one and add it to the cache, returning either SUCCESS or @@ -725,12 +737,12 @@ static int phar_parse_pharfile(php_strea savebuf = buffer; endbuffer = buffer + manifest_len; - if (manifest_len < 10 || manifest_len != php_stream_read(fp, buffer, manifest_len)) { + if (manifest_len < MANIFEST_FIXED_LEN || manifest_len != php_stream_read(fp, buffer, manifest_len)) { MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)") } /* extract the number of entries */ - PHAR_GET_32(buffer, manifest_count); + SAFE_PHAR_GET_32(buffer, endbuffer, manifest_count); if (manifest_count == 0) { MAPPHAR_FAIL("in phar \"%s\", manifest claims to have zero entries. Phars must have at least 1 entry"); @@ -750,7 +762,7 @@ static int phar_parse_pharfile(php_strea return FAILURE; } - PHAR_GET_32(buffer, manifest_flags); + SAFE_PHAR_GET_32(buffer, endbuffer, manifest_flags); manifest_flags &= ~PHAR_HDR_COMPRESSION_MASK; manifest_flags &= ~PHAR_FILE_COMPRESSION_MASK; @@ -970,13 +982,13 @@ static int phar_parse_pharfile(php_strea } /* extract alias */ - PHAR_GET_32(buffer, tmp_len); + SAFE_PHAR_GET_32(buffer, endbuffer, tmp_len); if (buffer + tmp_len > endbuffer) { MAPPHAR_FAIL("internal corruption of phar \"%s\" (buffer overrun)"); } - if (manifest_len < 10 + tmp_len) { + if (manifest_len < MANIFEST_FIXED_LEN + tmp_len) { MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)") } @@ -1014,7 +1026,7 @@ static int phar_parse_pharfile(php_strea } /* we have 5 32-bit items plus 1 byte at least */ - if (manifest_count > ((manifest_len - 10 - tmp_len) / (5 * 4 + 1))) { + if (manifest_count > ((manifest_len - MANIFEST_FIXED_LEN - tmp_len) / (5 * 4 + 1))) { /* prevent serious memory issues */ MAPPHAR_FAIL("internal corruption of phar \"%s\" (too many manifest entries for size of manifest)") } @@ -1023,12 +1035,12 @@ static int phar_parse_pharfile(php_strea mydata->is_persistent = PHAR_G(persist); /* check whether we have meta data, zero check works regardless of byte order */ - PHAR_GET_32(buffer, len); + SAFE_PHAR_GET_32(buffer, endbuffer, len); if (mydata->is_persistent) { mydata->metadata_len = len; if(!len) { /* FIXME: not sure why this is needed but removing it breaks tests */ - PHAR_GET_32(buffer, len); + SAFE_PHAR_GET_32(buffer, endbuffer, len); } } if(len > (size_t)(endbuffer - buffer)) { ++++++ php-CVE-2019-11034.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=0b5bb5ae2123989a28b2112ab5506777083ad9d5;hp=fe89b854711879274555bdc762ea6e7fa518fa59;hb=f3aefc6d071b807ddacae0a0bc49f09c38e18490;hpb=0ecac37c40a27ffbd59f34b5920735ee0b7f994c diff --git a/ext/exif/exif.c b/ext/exif/exif.c index fe89b85..0b5bb5a 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -2802,6 +2802,10 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 2 + 0x%04X*12 = 0x%04X > 0x%04X", NumDirEntries, 2+NumDirEntries*12, value_len); return FALSE; } + if ((dir_start - value_ptr) > value_len - (2+NumDirEntries*12)) { + exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 0x%04X > 0x%04X", (dir_start - value_ptr) + (2+NumDirEntries*12), value_len); + return FALSE; + } for (de=0;de<NumDirEntries;de++) { if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de, ++++++ php-CVE-2019-11035.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=75f59d71c91b2cdfd6c05e471f18edd9715acd3f;hp=407145fffcb36eea0fb98e7e2b83c9f3e4091af5;hb=330f1716df49c0d3474c18b6dcd370a9dcf57422;hpb=1c0d06441aefee18b30520e2b1ae89cbfcf56a59 Index: php-7.2.5/ext/exif/exif.c =================================================================== --- php-7.2.5.orig/ext/exif/exif.c 2019-04-29 12:08:21.787510186 +0200 +++ php-7.2.5/ext/exif/exif.c 2019-04-29 12:08:21.799510259 +0200 @@ -2062,10 +2062,10 @@ static int exif_file_sections_free(image /* {{{ exif_iif_add_value Add a value to image_info */ -static void exif_iif_add_value(image_info_type *image_info, int section_index, char *name, int tag, int format, int length, void* value, int motorola_intel) +static void exif_iif_add_value(image_info_type *image_info, int section_index, char *name, int tag, int format, int length, void* value, size_t value_len, int motorola_intel) { size_t idex; - void *vptr; + void *vptr, *vptr_end; image_info_value *info_value; image_info_data *info_data; image_info_data *list; @@ -2087,8 +2087,12 @@ static void exif_iif_add_value(image_inf switch (format) { case TAG_FMT_STRING: + if (length > value_len) { + exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length, value_len); + value = NULL; + } if (value) { - length = php_strnlen(value, length); + length = (int)php_strnlen(value, length); info_value->s = estrndup(value, length); info_data->length = length; } else { @@ -2110,6 +2114,10 @@ static void exif_iif_add_value(image_inf if (!length) break; case TAG_FMT_UNDEFINED: + if (length > value_len) { + exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length, value_len); + value = NULL; + } if (value) { if (tag == TAG_MAKER_NOTE) { length = (int) php_strnlen(value, length); @@ -2140,7 +2148,12 @@ static void exif_iif_add_value(image_inf } else { info_value = &info_data->value; } + vptr_end = (char*)value+value_len; for (idex=0,vptr=value; idex<(size_t)length; idex++,vptr=(char *) vptr + php_tiff_bytes_per_format[format]) { + if ((char*)vptr_end - (char*)vptr < php_tiff_bytes_per_format[format]) { + exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "Value too short"); + break; + } if (length>1) { info_value = &info_data->value.list[idex]; } @@ -2176,7 +2189,7 @@ static void exif_iif_add_value(image_inf php_error_docref(NULL, E_WARNING, "Found value of type single"); #endif info_value->f = *(float *)value; - + break; case TAG_FMT_DOUBLE: #ifdef EXIF_DEBUG php_error_docref(NULL, E_WARNING, "Found value of type double"); @@ -2194,9 +2207,9 @@ static void exif_iif_add_value(image_inf /* {{{ exif_iif_add_tag Add a tag from IFD to image_info */ -static void exif_iif_add_tag(image_info_type *image_info, int section_index, char *name, int tag, int format, size_t length, void* value) +static void exif_iif_add_tag(image_info_type *image_info, int section_index, char *name, int tag, int format, size_t length, void* value, size_t value_len) { - exif_iif_add_value(image_info, section_index, name, tag, format, (int)length, value, image_info->motorola_intel); + exif_iif_add_value(image_info, section_index, name, tag, format, (int)length, value, value_len, image_info->motorola_intel); } /* }}} */ @@ -2617,7 +2630,7 @@ static void add_assoc_image_info(zval *v */ static void exif_process_COM (image_info_type *image_info, char *value, size_t length) { - exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2); + exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2, length-2); } /* }}} */ @@ -2632,17 +2645,17 @@ static void exif_process_CME (image_info if (length>3) { switch(value[2]) { case 0: - exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value); + exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value, length); break; case 1: - exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value); + exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value, length); break; default: php_error_docref(NULL, E_NOTICE, "Undefined JPEG2000 comment encoding"); break; } } else { - exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL); + exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL, 0); php_error_docref(NULL, E_NOTICE, "JPEG2000 comment section too small"); } } @@ -3237,7 +3250,7 @@ static int exif_process_IFD_in_MAKERNOTE static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, char *offset_base, size_t IFDlength, size_t displacement, int section_index, int ReadNextIFD, tag_table_type tag_table) { size_t length; - int tag, format, components; + unsigned int tag, format, components; char *value_ptr, tagname[64], cbuf[32], *outside=NULL; size_t byte_count, offset_val, fpos, fgot; int64_t byte_count_signed; @@ -3548,7 +3561,7 @@ static int exif_process_IFD_TAG(image_in } } } - exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag, tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr); + exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag, tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr, byte_count); EFREE_IF(outside); return TRUE; } @@ -3710,10 +3723,10 @@ static void exif_process_APP12(image_inf size_t l1, l2=0; if ((l1 = php_strnlen(buffer+2, length-2)) > 0) { - exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE, TAG_FMT_STRING, l1, buffer+2); + exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE, TAG_FMT_STRING, l1, buffer+2, l1); if (length > 2+l1+1) { l2 = php_strnlen(buffer+2+l1+1, length-2-l1-1); - exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info", TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1); + exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info", TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1, l2); } } #ifdef EXIF_DEBUG @@ -4583,7 +4596,7 @@ PHP_FUNCTION(exif_read_data) if (ImageInfo.Thumbnail.size) { if (read_thumbnail) { /* not exif_iif_add_str : this is a buffer */ - exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL, "THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size, ImageInfo.Thumbnail.data); + exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL, "THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size, ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size); } if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) { /* try to evaluate if thumbnail data is present */ ++++++ php-CVE-2019-11036.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=d174def80c1355fc54d09a0ae754ced64d85768d;hp=a763f6c77b0d1664eadc924e650181850843f72d;hb=f80ad18afae2230c2c1802c7d829100af646874e;hpb=6c631ccfef94f93259d474682f8bfa803e163c87 diff --git a/ext/exif/exif.c b/ext/exif/exif.c index a763f6c..d174def 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -2891,7 +2891,7 @@ static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, cha offset_base is ImageInfo->file.list[sn].data-dir_offset dir_entry - offset_base is dir_offset+2+i*12 */ - if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base)) { + if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base) || dir_entry <= offset_base) { /* It is important to check for IMAGE_FILETYPE_TIFF * JPEG does not use absolute pointers instead its pointers are * relative to the start of the TIFF header in APP1 section. */ ++++++ php-CVE-2019-11039.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Ficonv%2Ficonv.c;h=b4a2abe08d9a02e9e6c07f51a8f4ebe895f0d003;hp=f86d0ae031987a12d45b9c10efc255f58262966b;hb=7cf7148a8f8f4f55fb04de2a517d740bb6253eac;hpb=ed6dee9a198c904ad5e03113e58a2d2c200f5184 diff --git a/ext/iconv/iconv.c b/ext/iconv/iconv.c index f86d0ae..b4a2abe 100644 --- a/ext/iconv/iconv.c +++ b/ext/iconv/iconv.c @@ -1673,7 +1673,9 @@ static php_iconv_err_t _php_iconv_mime_decode(smart_str *pretval, const char *st * we can do at this point. */ if (*(p1 + 1) == '=') { ++p1; - --str_left; + if (str_left > 1) { + --str_left; + } } err = _php_iconv_appendl(pretval, encoded_word, (size_t)((p1 + 1) - encoded_word), cd_pl); ++++++ php-CVE-2019-11040.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=605b37923f888d320a87947a58f19fd2122475e8;hp=d174def80c1355fc54d09a0ae754ced64d85768d;hb=73ff4193be24192c894dc0502d06e2b2db35eefb;hpb=16e037bd46359a31f218ee220ff09f1c3270e489 diff --git a/ext/exif/exif.c b/ext/exif/exif.c index d174def..605b379 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -3526,6 +3526,8 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo) if (c == 0xFF) return FALSE; marker = c; + if (pos>=ImageInfo->Thumbnail.size) + return FALSE; length = php_jpg_get16(data+pos); if (length > ImageInfo->Thumbnail.size || pos >= ImageInfo->Thumbnail.size - length) { return FALSE; ++++++ php-CVE-2019-9020.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fxmlrpc%2Flibxmlrpc%2Fxml_element.c;h=a30b500f2f80edbda673512b79c821960fb07ed7;hp=6fc6bd397747c7f3f21534065d14745b53a14423;hb=9c62b95e5e6a1ac3922a8819f2d56d8ea998d97a;hpb=e3e3289bd1919bcc9f600d1879d3d85d5d774886 diff --git a/ext/xmlrpc/libxmlrpc/xml_element.c b/ext/xmlrpc/libxmlrpc/xml_element.c index 6fc6bd3..a30b500 100644 --- a/ext/xmlrpc/libxmlrpc/xml_element.c +++ b/ext/xmlrpc/libxmlrpc/xml_element.c @@ -723,6 +723,9 @@ xml_element* xml_elem_parse_buf(const char* in_buf, int len, XML_ELEM_INPUT_OPTI long byte_idx = XML_GetCurrentByteIndex(parser); /* int byte_total = XML_GetCurrentByteCount(parser); */ const char * error_str = XML_ErrorString(err_code); + if(byte_idx > len) { + byte_idx = len; + } if(byte_idx >= 0) { snprintf(buf, sizeof(buf), ++++++ php-CVE-2019-9021.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar.c;h=6e5cec2462a6ded53d4379ea9a69487a60d5c43c;hp=47ff8cd790730dbc3520e47faa86327e2987a238;hb=428d8164ffcf6f75a6cc9d4056e54bfd450dac03;hpb=4fc0bceb7c39be206c73f69993e3936ef329f656 diff --git a/ext/phar/phar.c b/ext/phar/phar.c index 47ff8cd..6e5cec2 100644 --- a/ext/phar/phar.c +++ b/ext/phar/phar.c @@ -2017,7 +2017,7 @@ next_extension: } while (pos != filename && (*(pos - 1) == '/' || *(pos - 1) == '\0')) { - pos = memchr(pos + 1, '.', filename_len - (pos - filename) + 1); + pos = memchr(pos + 1, '.', filename_len - (pos - filename) - 1); if (!pos) { return FAILURE; } ++++++ php-CVE-2019-9022.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Fdns.c;h=b5fbcb96f968c83ecf75c39900cf7d88e19fff3a;hp=8e102f816f6e45a6cdf9c4ff548c9b853a1f1e65;hb=8d3dfabef459fe7815e8ea2fd68753fd17859d7b;hpb=31f59e1f3074ab344b473dde6077a6844ca87264 diff --git a/ext/standard/dns.c b/ext/standard/dns.c index 8e102f8..b5fbcb9 100644 --- a/ext/standard/dns.c +++ b/ext/standard/dns.c @@ -459,6 +459,10 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t GETLONG(ttl, cp); GETSHORT(dlen, cp); CHECKCP(dlen); + if (dlen == 0) { + /* No data in the response - nothing to do */ + return NULL; + } if (type_to_fetch != T_ANY && type != type_to_fetch) { cp += dlen; return cp; @@ -549,6 +553,9 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t CHECKCP(n); add_assoc_stringl(subarray, "tag", (char*)cp, n); cp += n; + if ( (size_t) dlen < ((size_t)n) + 2 ) { + return NULL; + } n = dlen - n - 2; CHECKCP(n); add_assoc_stringl(subarray, "value", (char*)cp, n); ++++++ php-CVE-2019-9023.patch ++++++ Index: php-7.2.5/ext/mbstring/oniguruma/src/regparse.c =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/regparse.c 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/regparse.c 2019-03-11 17:56:58.618984274 +0100 @@ -304,14 +304,17 @@ strdup_with_null(OnigEncoding enc, UChar c = ONIGENC_MBC_TO_CODE(enc, p, end); \ pfetch_prev = p; \ p += ONIGENC_MBC_ENC_LEN(enc, p); \ + if(UNEXPECTED(p > end)) p = end; \ } while (0) #define PINC_S do { \ p += ONIGENC_MBC_ENC_LEN(enc, p); \ + if(UNEXPECTED(p > end)) p = end; \ } while (0) #define PFETCH_S(c) do { \ c = ONIGENC_MBC_TO_CODE(enc, p, end); \ p += ONIGENC_MBC_ENC_LEN(enc, p); \ + if(UNEXPECTED(p > end)) p = end; \ } while (0) #define PPEEK (p < end ? ONIGENC_MBC_TO_CODE(enc, p, end) : PEND_VALUE) @@ -3593,7 +3596,9 @@ fetch_token(OnigToken* tok, UChar** src, tok->u.code = c2; } else { /* string */ - p = tok->backp + enclen(enc, tok->backp); + int len; + SAFE_ENC_LEN(enc, tok->backp, end, len); + p = tok->backp + len; } } break; Index: php-7.2.5/ext/mbstring/oniguruma/src/regcomp.c =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/regcomp.c 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/regcomp.c 2019-03-11 17:56:58.618984274 +0100 @@ -469,13 +469,13 @@ compile_length_string_node(Node* node, r ambig = NSTRING_IS_AMBIG(node); p = prev = sn->s; - prev_len = enclen(enc, p); + SAFE_ENC_LEN(enc, p, sn->end, prev_len); p += prev_len; slen = 1; rlen = 0; for (; p < sn->end; ) { - len = enclen(enc, p); + SAFE_ENC_LEN(enc, p, sn->end, len); if (len == prev_len) { slen++; } @@ -518,12 +518,12 @@ compile_string_node(Node* node, regex_t* ambig = NSTRING_IS_AMBIG(node); p = prev = sn->s; - prev_len = enclen(enc, p); + SAFE_ENC_LEN(enc, p, end, prev_len); p += prev_len; slen = 1; for (; p < end; ) { - len = enclen(enc, p); + SAFE_ENC_LEN(enc, p, end, len); if (len == prev_len) { slen++; } @@ -3435,7 +3435,7 @@ expand_case_fold_string(Node* node, rege goto err; } - len = enclen(reg->enc, p); + SAFE_ENC_LEN(reg->enc, p, end, len); if (n == 0) { if (IS_NULL(snode)) { Index: php-7.2.5/ext/mbstring/oniguruma/src/unicode.c =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/unicode.c 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/unicode.c 2019-03-11 17:56:58.618984274 +0100 @@ -255,6 +255,7 @@ onigenc_unicode_mbc_case_fold(OnigEncodi code = ONIGENC_MBC_TO_CODE(enc, p, end); len = enclen(enc, p); + if (*pp + len > end) len = end - *pp; *pp += len; #ifdef USE_UNICODE_CASE_FOLD_TURKISH_AZERI Index: php-7.2.5/ext/mbstring/oniguruma/src/regparse.h =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/regparse.h 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/regparse.h 2019-03-11 17:56:58.618984274 +0100 @@ -348,4 +348,16 @@ extern int onig_print_names(FILE*, regex #endif #endif +#if (defined (__GNUC__) && __GNUC__ > 2 ) && !defined(DARWIN) && !defined(__hpux) && !defined(_AIX) +# define UNEXPECTED(condition) __builtin_expect(condition, 0) +#else +# define UNEXPECTED(condition) (condition) +#endif + +#define SAFE_ENC_LEN(enc, p, end, res) do { \ + int __res = enclen(enc, p); \ + if (UNEXPECTED(p + __res > end)) __res = end - p; \ + res = __res; \ +} while(0); + #endif /* REGPARSE_H */ Index: php-7.2.5/ext/mbstring/oniguruma/src/utf16_be.c =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf16_be.c 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/utf16_be.c 2019-03-11 17:56:58.622984293 +0100 @@ -82,16 +82,18 @@ utf16be_is_mbc_newline(const UChar* p, c } static OnigCodePoint -utf16be_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED) +utf16be_mbc_to_code(const UChar* p, const UChar* end) { OnigCodePoint code; if (UTF16_IS_SURROGATE_FIRST(*p)) { + if (end - p < 4) return 0; code = ((((p[0] - 0xd8) << 2) + ((p[1] & 0xc0) >> 6) + 1) << 16) + ((((p[1] & 0x3f) << 2) + (p[2] - 0xdc)) << 8) + p[3]; } else { + if (end - p < 2) return 0; code = p[0] * 256 + p[1]; } return code; Index: php-7.2.5/ext/mbstring/oniguruma/src/utf16_le.c =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf16_le.c 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/utf16_le.c 2019-03-11 17:56:58.622984293 +0100 @@ -97,13 +97,14 @@ utf16le_is_mbc_newline(const UChar* p, c } static OnigCodePoint -utf16le_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED) +utf16le_mbc_to_code(const UChar* p, const UChar* end) { OnigCodePoint code; UChar c0 = *p; UChar c1 = *(p+1); if (UTF16_IS_SURROGATE_FIRST(c1)) { + if (end - p < 4) return 0; code = ((((c1 - 0xd8) << 2) + ((c0 & 0xc0) >> 6) + 1) << 16) + ((((c0 & 0x3f) << 2) + (p[3] - 0xdc)) << 8) + p[2]; Index: php-7.2.5/ext/mbstring/oniguruma/src/utf32_be.c =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf32_be.c 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/utf32_be.c 2019-03-11 17:56:58.622984293 +0100 @@ -67,6 +67,7 @@ utf32be_is_mbc_newline(const UChar* p, c static OnigCodePoint utf32be_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED) { + if (end - p < 4) return 0; return (OnigCodePoint )(((p[0] * 256 + p[1]) * 256 + p[2]) * 256 + p[3]); } Index: php-7.2.5/ext/mbstring/oniguruma/src/utf32_le.c =================================================================== --- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf32_le.c 2018-04-24 17:09:55.000000000 +0200 +++ php-7.2.5/ext/mbstring/oniguruma/src/utf32_le.c 2019-03-11 17:56:58.622984293 +0100 @@ -67,6 +67,7 @@ utf32le_is_mbc_newline(const UChar* p, c static OnigCodePoint utf32le_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED) { + if (end - p < 4) return 0; return (OnigCodePoint )(((p[3] * 256 + p[2]) * 256 + p[1]) * 256 + p[0]); } ++++++ php-CVE-2019-9024.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fxmlrpc%2Flibxmlrpc%2Fbase64.c;h=a4fa19327b76dc43880934bfd703500aeae35c52;hp=5ebdf31f7adeb9fd5f9f69b37d86ce22e4d05ce4;hb=4feb9e66ff9636ad44bc23a91b7ebd37d83ddf1d;hpb=c6e34d91b88638966662caac62c4d0e90538e317 diff --git a/ext/xmlrpc/libxmlrpc/base64.c b/ext/xmlrpc/libxmlrpc/base64.c index 5ebdf31..a4fa193 100644 --- a/ext/xmlrpc/libxmlrpc/base64.c +++ b/ext/xmlrpc/libxmlrpc/base64.c @@ -169,7 +169,7 @@ void base64_decode_xmlrpc(struct buffer_st *bfr, const char *source, int length) return; } - if (dtable[c] & 0x80) { + if (dtable[(unsigned char)c] & 0x80) { /* fprintf(stderr, "Offset %i length %i\n", offset, length); fprintf(stderr, "character '%c:%x:%c' in input file.\n", c, c, dtable[c]); ++++++ php-CVE-2019-9637.patch ++++++ Index: php-7.2.5/main/streams/plain_wrapper.c =================================================================== --- php-7.2.5.orig/main/streams/plain_wrapper.c 2019-03-20 11:59:59.515315899 +0100 +++ php-7.2.5/main/streams/plain_wrapper.c 2019-03-20 12:00:44.107570303 +0100 @@ -1168,34 +1168,51 @@ static int php_plain_files_rename(php_st # ifdef EXDEV if (errno == EXDEV) { zend_stat_t sb; +# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE) + /* not sure what to do in ZTS case, umask is not thread-safe */ + int oldmask = umask(077); +# endif + int success = 0; if (php_copy_file(url_from, url_to) == SUCCESS) { if (VCWD_STAT(url_from, &sb) == 0) { + success = 1; # ifndef TSRM_WIN32 - if (VCWD_CHMOD(url_to, sb.st_mode)) { - if (errno == EPERM) { - php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); - VCWD_UNLINK(url_from); - return 1; - } + /* + * Try to set user and permission info on the target. + * If we're not root, then some of these may fail. + * We try chown first, to set proper group info, relying + * on the system environment to have proper umask to not allow + * access to the file in the meantime. + */ + if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) { php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); - return 0; + if (errno != EPERM) { + success = 0; + } } - if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) { - if (errno == EPERM) { + + if (success) { + if (VCWD_CHMOD(url_to, sb.st_mode)) { php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); - VCWD_UNLINK(url_from); - return 1; + if (errno != EPERM) { + success = 0; + } } - php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); - return 0; } # endif - VCWD_UNLINK(url_from); - return 1; + if (success) { + VCWD_UNLINK(url_from); + } + } else { + php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); } + } else { + php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); } - php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); - return 0; +# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE) + umask(oldmask); +# endif + return success; } # endif #endif ++++++ php-CVE-2019-9638,9639.patch ++++++ Index: php-7.2.5/ext/exif/exif.c =================================================================== --- php-7.2.5.orig/ext/exif/exif.c 2019-03-19 11:47:31.254886961 +0100 +++ php-7.2.5/ext/exif/exif.c 2019-03-19 11:49:09.123455967 +0100 @@ -3149,7 +3149,7 @@ static int exif_process_IFD_in_MAKERNOTE break; } - if (maker_note->offset >= value_len) { + if (value_len < 2 || maker_note->offset >= value_len - 1) { /* Do not go past the value end */ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "IFD data too short: 0x%04X offset 0x%04X", value_len, maker_note->offset); return FALSE; @@ -3204,6 +3204,7 @@ static int exif_process_IFD_in_MAKERNOTE #endif default: case MN_OFFSET_NORMAL: + data_len = value_len; break; } ++++++ php-CVE-2019-9640.patch ++++++ Index: php-7.2.5/ext/exif/exif.c =================================================================== --- php-7.2.5.orig/ext/exif/exif.c 2019-03-19 15:47:49.703923660 +0100 +++ php-7.2.5/ext/exif/exif.c 2019-03-19 15:49:57.408673458 +0100 @@ -3924,7 +3924,7 @@ static int exif_scan_thumbnail(image_inf return FALSE; marker = c; length = php_jpg_get16(data+pos); - if (pos+length>=ImageInfo->Thumbnail.size) { + if (length > ImageInfo->Thumbnail.size || pos >= ImageInfo->Thumbnail.size - length) { return FALSE; } #ifdef EXIF_DEBUG @@ -3945,6 +3945,10 @@ static int exif_scan_thumbnail(image_inf case M_SOF14: case M_SOF15: /* handle SOFn block */ + if (length < 8 || ImageInfo->Thumbnail.size - 8 < pos) { + /* exif_process_SOFn needs 8 bytes */ + return FALSE; + } exif_process_SOFn(data+pos, marker, &sof_info); ImageInfo->Thumbnail.height = sof_info.height; ImageInfo->Thumbnail.width = sof_info.width; @@ -4678,7 +4682,9 @@ PHP_FUNCTION(exif_thumbnail) ZVAL_STRINGL(return_value, ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size); if (arg_c >= 3) { if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) { - exif_scan_thumbnail(&ImageInfo); + if (!exif_scan_thumbnail(&ImageInfo)) { + ImageInfo.Thumbnail.width = ImageInfo.Thumbnail.height = 0; + } } zval_dtor(z_width); zval_dtor(z_height); ++++++ php-CVE-2019-9641.patch ++++++ commit 25aa5f434dfb3337a6617b46224f1b505053d8e9 Author: Stanislav Malyshev <s...@php.net> Date: Fri Mar 1 23:25:45 2019 -0800 Fix integer overflows on 32-bits diff --git a/ext/exif/exif.c b/ext/exif/exif.c index cbde3effed..b4563927a5 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -3567,10 +3567,10 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse tag_table_type tag_table = exif_get_tag_table(section_index); if (ImageInfo->ifd_nesting_level > MAX_IFD_NESTING_LEVEL) { - return FALSE; - } + return FALSE; + } - if (ImageInfo->FileSize >= dir_offset+2) { + if (ImageInfo->FileSize >= 2 && ImageInfo->FileSize - 2 >= dir_offset) { sn = exif_file_sections_add(ImageInfo, M_PSEUDO, 2, NULL); #ifdef EXIF_DEBUG exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, 2); @@ -3578,8 +3578,8 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse php_stream_seek(ImageInfo->infile, dir_offset, SEEK_SET); /* we do not know the order of sections */ php_stream_read(ImageInfo->infile, (char*)ImageInfo->file.list[sn].data, 2); num_entries = php_ifd_get16u(ImageInfo->file.list[sn].data, ImageInfo->motorola_intel); - dir_size = 2/*num dir entries*/ +12/*length of entry*/*num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/; - if (ImageInfo->FileSize >= dir_offset+dir_size) { + dir_size = 2/*num dir entries*/ +12/*length of entry*/*(size_t)num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/; + if (ImageInfo->FileSize >= dir_size && ImageInfo->FileSize - dir_size >= dir_offset) { #ifdef EXIF_DEBUG exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X), IFD entries(%d)", ImageInfo->FileSize, dir_offset+2, dir_size-2, num_entries); #endif @@ -3662,9 +3662,9 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse } } } - if (ImageInfo->FileSize >= dir_offset + ImageInfo->file.list[sn].size) { + if (ImageInfo->FileSize >= ImageInfo->file.list[sn].size && ImageInfo->FileSize - ImageInfo->file.list[sn].size >= dir_offset) { if (ifd_size > dir_size) { - if (dir_offset + ifd_size > ImageInfo->FileSize) { + if (ImageInfo->FileSize < ifd_size || dir_offset > ImageInfo->FileSize - ifd_size) { exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Error in TIFF: filesize(x%04X) less than size of IFD(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, ifd_size); return FALSE; } ++++++ php-CVE-2019-9675.patch ++++++ diff --git a/ext/phar/tar.c b/ext/phar/tar.c index 9de3047..20f6882 100644 --- a/ext/phar/tar.c +++ b/ext/phar/tar.c @@ -762,7 +762,12 @@ static int phar_tar_writeheaders_int(phar_entry_info *entry, void *argument) /* header.typeflag = entry->tar_type; if (entry->link) { - strncpy(header.linkname, entry->link, strlen(entry->link)); + if (strlcpy(header.linkname, entry->link, sizeof(header.linkname)) >= sizeof(header.linkname)) { + if (fp->error) { + spprintf(fp->error, 4096, "tar-based phar \"%s\" cannot be created, link \"%s\" is too long for format", entry->phar->fname, entry->link); + } + return ZEND_HASH_APPLY_STOP; + } } strncpy(header.magic, "ustar", sizeof("ustar")-1); ++++++ php-fpm.tmpfiles.d ++++++ # Type Path Mode UID GID Age Argument d /run/php-fpm 0711 root root - - ++++++ php7-CVE-2019-11041.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=aa272c1d2b2df09593f7d2b98b46f4c64f2f0bfb;hp=e04290376ce57cdcc1c7e1dfad9f323d8cfb98bb;hb=f22101c8308669bb63c03a73a2cac2408d844f38;hpb=d561a998c9313749ad2b488685e5c2bec661bc69 diff --git a/ext/exif/exif.c b/ext/exif/exif.c index e042903..aa272c1 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -3892,7 +3892,7 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo) size_t length=2, pos=0; jpeg_sof_info sof_info; - if (!data) { + if (!data || ImageInfo->Thumbnail.size < 4) { return FALSE; /* nothing to do here */ } if (memcmp(data, "\xFF\xD8\xFF", 3)) { ++++++ php7-CVE-2019-11042.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=3e005b57270afb3fdd4fb52f267b976bbc64c63f;hp=aa272c1d2b2df09593f7d2b98b46f4c64f2f0bfb;hb=e648fa4699e8d072db6db34fcc09826e8127fab8;hpb=f22101c8308669bb63c03a73a2cac2408d844f38 diff --git a/ext/exif/exif.c b/ext/exif/exif.c index aa272c1..3e005b5 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -3015,11 +3015,11 @@ static int exif_process_user_comment(image_info_type *ImageInfo, char **pszInfoP /* First try to detect BOM: ZERO WIDTH NOBREAK SPACE (FEFF 16) * since we have no encoding support for the BOM yet we skip that. */ - if (!memcmp(szValuePtr, "\xFE\xFF", 2)) { + if (ByteCount >=2 && !memcmp(szValuePtr, "\xFE\xFF", 2)) { decode = "UCS-2BE"; szValuePtr = szValuePtr+2; ByteCount -= 2; - } else if (!memcmp(szValuePtr, "\xFF\xFE", 2)) { + } else if (ByteCount >=2 && !memcmp(szValuePtr, "\xFF\xFE", 2)) { decode = "UCS-2LE"; szValuePtr = szValuePtr+2; ByteCount -= 2; ++++++ php7-CVE-2019-11043.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=sapi%2Ffpm%2Ffpm%2Ffpm_main.c;h=dfc0d8f7413c1224017833d0bbb604721e9d2b8f;hp=483fabe9d8506513e0275694a2148a2d82084a33;hb=19e17d3807e6cc0b1ba9443ec5facbd33a61f8fe;hpb=12cca48ff67587e9aabaa41b80466cb9ff418d57 diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c index 483fabe9d85..dfc0d8f7413 100644 --- a/sapi/fpm/fpm/fpm_main.c +++ b/sapi/fpm/fpm/fpm_main.c @@ -1148,8 +1148,8 @@ static void init_request_info(void) path_info = script_path_translated + ptlen; tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0)); } else { - path_info = env_path_info ? env_path_info + pilen - slen : NULL; - tflag = (orig_path_info != path_info); + path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL; + tflag = path_info && (orig_path_info != path_info); } if (tflag) { ++++++ php7-CVE-2019-11045.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fspl%2Fspl_directory.c;h=56e809b1c7a956ade1960584925ec9bc294e8768;hp=91ea2e026532f4d56816a06990ccecf7d74764f3;hb=a5a15965da23c8e97657278fc8dfbf1dfb20c016;hpb=d2cfb63f020a6f39de5d6c7189f65d2191432877 diff --git a/ext/spl/spl_directory.c b/ext/spl/spl_directory.c index 91ea2e02653..56e809b1c7a 100644 --- a/ext/spl/spl_directory.c +++ b/ext/spl/spl_directory.c @@ -708,10 +708,10 @@ void spl_filesystem_object_construct(INTERNAL_FUNCTION_PARAMETERS, zend_long cto if (SPL_HAS_FLAG(ctor_flags, DIT_CTOR_FLAGS)) { flags = SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_FILEINFO; - parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s|l", &path, &len, &flags); + parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p|l", &path, &len, &flags); } else { flags = SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_SELF; - parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s", &path, &len); + parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p", &path, &len); } if (SPL_HAS_FLAG(ctor_flags, SPL_FILE_DIR_SKIPDOTS)) { flags |= SPL_FILE_DIR_SKIPDOTS; ++++++ php7-CVE-2019-11046.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fbcmath%2Flibbcmath%2Fsrc%2Fstr2num.c;h=03aec15930ba416f2d8bfaed9863001bc4da33b7;hp=f38d341570f9216b37316061fa260f7547a4add0;hb=eb23c6008753b1cdc5359dead3a096dce46c9018;hpb=b771a18133bdfd95ce36932e5b83a724f17a1427 diff --git a/ext/bcmath/libbcmath/src/str2num.c b/ext/bcmath/libbcmath/src/str2num.c index f38d341570f..03aec15930b 100644 --- a/ext/bcmath/libbcmath/src/str2num.c +++ b/ext/bcmath/libbcmath/src/str2num.c @@ -57,9 +57,9 @@ bc_str2num (bc_num *num, char *str, int scale) zero_int = FALSE; if ( (*ptr == '+') || (*ptr == '-')) ptr++; /* Sign */ while (*ptr == '0') ptr++; /* Skip leading zeros. */ - while (isdigit((int)*ptr)) ptr++, digits++; /* digits */ + while (*ptr >= '0' && *ptr <= '9') ptr++, digits++; /* digits */ if (*ptr == '.') ptr++; /* decimal point */ - while (isdigit((int)*ptr)) ptr++, strscale++; /* digits */ + while (*ptr >= '0' && *ptr <= '9') ptr++, strscale++; /* digits */ if ((*ptr != '\0') || (digits+strscale == 0)) { *num = bc_copy_num (BCG(_zero_)); ++++++ php7-CVE-2019-11047.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=c0be05922fbde95cd9cf62e1f44e2f497f8acafc;hp=f961f44a46c61a1918cf57d4575c39080c6d35b1;hb=d348cfb96f2543565691010ade5e0346338be5a7;hpb=eb23c6008753b1cdc5359dead3a096dce46c9018 diff --git a/ext/exif/exif.c b/ext/exif/exif.c index f961f44a46c..c0be05922fb 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -3165,7 +3165,8 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu continue; if (maker_note->model && (!ImageInfo->model || strcmp(maker_note->model, ImageInfo->model))) continue; - if (maker_note->id_string && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len)) + if (maker_note->id_string && value_len >= maker_note->id_string_len + && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len)) continue; break; } ++++++ php7-CVE-2019-11048.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=main%2Frfc1867.c;h=783eab4175d58301eba03817c9179b0652db9c63;hp=bd01b34cf070fa0d9a41b9d6771280a920a74551;hb=1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87;hpb=bef96b9d2c7330909f43faf4f8ff12c7723bf857 Index: php-7.2.5/main/rfc1867.c =================================================================== --- php-7.2.5.orig/main/rfc1867.c 2018-04-24 17:10:05.000000000 +0200 +++ php-7.2.5/main/rfc1867.c 2020-05-25 11:13:26.117985003 +0200 @@ -616,7 +616,7 @@ static void *php_ap_memstr(char *haystac } /* read until a boundary condition */ -static int multipart_buffer_read(multipart_buffer *self, char *buf, size_t bytes, int *end) +static size_t multipart_buffer_read(multipart_buffer *self, char *buf, size_t bytes, int *end) { size_t len, max; char *bound; @@ -655,7 +655,7 @@ static int multipart_buffer_read(multipa self->buf_begin += len; } - return (int)len; + return len; } /* @@ -665,7 +665,7 @@ static int multipart_buffer_read(multipa static char *multipart_buffer_read_body(multipart_buffer *self, size_t *len) { char buf[FILLUNIT], *out=NULL; - int total_bytes=0, read_bytes=0; + size_t total_bytes=0, read_bytes=0; while((read_bytes = multipart_buffer_read(self, buf, sizeof(buf), NULL))) { out = erealloc(out, total_bytes + read_bytes + 1); @@ -692,7 +692,8 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_ char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL; char *lbuf = NULL, *abuf = NULL; zend_string *temp_filename = NULL; - int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0, array_len = 0; + int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0; + size_t array_len = 0; int64_t total_bytes = 0, max_file_size = 0; int skip_upload = 0, anonindex = 0, is_anonymous; HashTable *uploaded_files = NULL; @@ -1126,7 +1127,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_ is_arr_upload = (start_arr = strchr(param,'[')) && (param[strlen(param)-1] == ']'); if (is_arr_upload) { - array_len = (int)strlen(start_arr); + array_len = strlen(start_arr); if (array_index) { efree(array_index); } ++++++ php7-CVE-2019-11050.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=7fe055f381d792da9c3a6678647800ab58fa834a;hp=c0be05922fbde95cd9cf62e1f44e2f497f8acafc;hb=c14eb8de974fc8a4d74f3515424c293bc7a40fba;hpb=d348cfb96f2543565691010ade5e0346338be5a7 Index: php-7.2.5/ext/exif/exif.c =================================================================== --- php-7.2.5.orig/ext/exif/exif.c 2020-01-02 13:11:53.941694004 +0100 +++ php-7.2.5/ext/exif/exif.c 2020-01-02 13:11:53.973694182 +0100 @@ -3231,8 +3231,9 @@ static int exif_process_IFD_in_MAKERNOTE } for (de=0;de<NumDirEntries;de++) { - if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de, - offset_base, data_len, displacement, section_index, 0, maker_note->tag_table)) { + size_t offset = 2 + 12 * de; + if (!exif_process_IFD_TAG(ImageInfo, dir_start + offset, + offset_base, data_len - offset, displacement, section_index, 0, maker_note->tag_table)) { return FALSE; } } ++++++ php7-CVE-2020-7059.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Fstring.c;h=fb44cc505d9da857926b2a66d1405a9655aaefbc;hp=da51cd0966fc86db5cdccc8992faf0c86e232360;hb=0f79b1bf301f455967676b5129240140c5c45b09;hpb=f79c7742746907d676989cb7f97fb4f7cd26789f diff --git a/ext/standard/string.c b/ext/standard/string.c index da51cd0966f..fb44cc505d9 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -4866,7 +4866,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, size_t len, uint8_t *stateptr, const if (state == 4) { /* Inside <!-- comment --> */ break; - } else if (state == 2 && *(p-1) != '\\') { + } else if (state == 2 && p >= buf + 1 && *(p-1) != '\\') { if (lc == c) { lc = '\0'; } else if (lc != '\\') { @@ -4893,7 +4893,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, size_t len, uint8_t *stateptr, const case '!': /* JavaScript & Other HTML scripting languages */ - if (state == 1 && *(p-1) == '<') { + if (state == 1 && p >= buf + 1 && *(p-1) == '<') { state = 3; lc = c; } else { @@ -4920,7 +4920,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, size_t len, uint8_t *stateptr, const case '?': - if (state == 1 && *(p-1) == '<') { + if (state == 1 && p >= buf + 1 && *(p-1) == '<') { br=0; state=2; break; ++++++ php7-CVE-2020-7060.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fmbstring%2Flibmbfl%2Ffilters%2Fmbfilter_big5.c;h=5e1ca815da31ed68db2baae2b3d38699b546ca83;hp=f5ab8809ce8a799bd40bda74606f181fcef36c75;hb=2bcbc95f033c31b00595ed39f79c3a99b4ed0501;hpb=0f79b1bf301f455967676b5129240140c5c45b09 diff --git a/ext/mbstring/libmbfl/filters/mbfilter_big5.c b/ext/mbstring/libmbfl/filters/mbfilter_big5.c index f5ab8809ce8..5e1ca815da3 100644 --- a/ext/mbstring/libmbfl/filters/mbfilter_big5.c +++ b/ext/mbstring/libmbfl/filters/mbfilter_big5.c @@ -138,6 +138,17 @@ static unsigned short cp950_pua_tbl[][4] = { {0xf70f,0xf848,0xc740,0xc8fe}, }; +static inline int is_in_cp950_pua(int c1, int c) { + if ((c1 >= 0xfa && c1 <= 0xfe) || (c1 >= 0x8e && c1 <= 0xa0) || + (c1 >= 0x81 && c1 <= 0x8d) || (c1 >= 0xc7 && c1 <= 0xc8)) { + return (c >=0x40 && c <= 0x7e) || (c >= 0xa1 && c <= 0xfe); + } + if (c1 == 0xc6) { + return c >= 0xa1 && c <= 0xfe; + } + return 0; +} + /* * Big5 => wchar */ @@ -186,11 +197,7 @@ mbfl_filt_conv_big5_wchar(int c, mbfl_convert_filter *filter) if (filter->from->no_encoding == mbfl_no_encoding_cp950) { /* PUA for CP950 */ - if (w <= 0 && - (((c1 >= 0xfa && c1 <= 0xfe) || (c1 >= 0x8e && c1 <= 0xa0) || - (c1 >= 0x81 && c1 <= 0x8d) ||(c1 >= 0xc7 && c1 <= 0xc8)) - && ((c > 0x39 && c < 0x7f) || (c > 0xa0 && c < 0xff))) || - ((c1 == 0xc6) && (c > 0xa0 && c < 0xff))) { + if (w <= 0 && is_in_cp950_pua(c1, c)) { c2 = c1 << 8 | c; for (k = 0; k < sizeof(cp950_pua_tbl)/(sizeof(unsigned short)*4); k++) { if (c2 >= cp950_pua_tbl[k][2] && c2 <= cp950_pua_tbl[k][3]) { ++++++ php7-CVE-2020-7062.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fsession%2Fsession.c;h=092dea81ce26187a536dd01b09fb0a5571e4dcb4;hp=7c7e4841e4fcd94509e5970f03a039a3a113d2c6;hb=e73d8e2627e6e0aa91441ffa745661c6664906f1;hpb=ead40a66785aedaa393f953a0ed9224adaf040cd diff --git a/ext/session/session.c b/ext/session/session.c index 7c7e4841e4..092dea81ce 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -3320,10 +3320,12 @@ static int php_session_rfc1867_callback(unsigned int event, void *event_data, vo if (PS(rfc1867_cleanup)) { php_session_rfc1867_cleanup(progress); } else { - SEPARATE_ARRAY(&progress->data); - add_assoc_bool_ex(&progress->data, "done", sizeof("done") - 1, 1); - Z_LVAL_P(progress->post_bytes_processed) = data->post_bytes_processed; - php_session_rfc1867_update(progress, 1); + if (!Z_ISUNDEF(progress->data)) { + SEPARATE_ARRAY(&progress->data); + add_assoc_bool_ex(&progress->data, "done", sizeof("done") - 1, 1); + Z_LVAL_P(progress->post_bytes_processed) = data->post_bytes_processed; + php_session_rfc1867_update(progress, 1); + } } php_rshutdown_session_globals(); } ++++++ php7-CVE-2020-7063.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar_object.c;h=89b553c2b91ca8d9ea1b30ba186185175a450246;hp=6cf097e36fe46b372ddc86c0a769c394d110fd86;hb=ead40a66785aedaa393f953a0ed9224adaf040cd;hpb=7acaa4020d0eeb2911e70148ac57787f085e03e0 diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c index 6cf097e36f..89b553c2b9 100644 --- a/ext/phar/phar_object.c +++ b/ext/phar/phar_object.c @@ -1419,6 +1419,7 @@ static int phar_build(zend_object_iterator *iter, void *puser) /* {{{ */ char *str_key; zend_class_entry *ce = p_obj->c; phar_archive_object *phar_obj = p_obj->p; + php_stream_statbuf ssb; value = iter->funcs->get_current_data(iter); @@ -1686,6 +1687,16 @@ after_open_fp: php_stream_copy_to_stream_ex(fp, p_obj->fp, PHP_STREAM_COPY_ALL, &contents_len); data->internal_file->uncompressed_filesize = data->internal_file->compressed_filesize = php_stream_tell(p_obj->fp) - data->internal_file->offset; + if (php_stream_stat(fp, &ssb) != -1) { + data->internal_file->flags = ssb.sb.st_mode & PHAR_ENT_PERM_MASK ; + } else { +#ifndef _WIN32 + mode_t mask; + mask = umask(0); + umask(mask); + data->internal_file->flags &= ~mask; +#endif + } } if (close_fp) { X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar_object.c;h=bd7cbc9174523066baa407468cf943575d353c7d;hp=905fcece7300a9619d3af977e52d6d72f5771282;hb=80ea25c28d9139e237fd65c0a0f2aa87385e03e4;hpb=2c35e49dd89b5add7420db0a2f5f0b5727eb814e diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c index 905fcece73..bd7cbc9174 100644 --- a/ext/phar/phar_object.c +++ b/ext/phar/phar_object.c @@ -3637,7 +3637,8 @@ static void phar_add_file(phar_archive_data **pphar, char *filename, int filenam char *error; size_t contents_len; phar_entry_data *data; - php_stream *contents_file; + php_stream *contents_file = NULL; + php_stream_statbuf ssb; if (filename_len >= (int)sizeof(".phar")-1) { start_pos = ('/' == filename[0] ? 1 : 0); /* account for any leading slash: multiple-leads handled elsewhere */ @@ -3674,10 +3675,20 @@ static void phar_add_file(phar_archive_data **pphar, char *filename, int filenam } php_stream_copy_to_stream_ex(contents_file, data->fp, PHP_STREAM_COPY_ALL, &contents_len); } - data->internal_file->compressed_filesize = data->internal_file->uncompressed_filesize = contents_len; } + if (contents_file != NULL && php_stream_stat(contents_file, &ssb TSRMLS_CC) != -1) { + data->internal_file->flags = ssb.sb.st_mode & PHAR_ENT_PERM_MASK ; + } else { +#ifndef _WIN32 + mode_t mask; + mask = umask(0); + umask(mask); + data->internal_file->flags &= ~mask; +#endif + } + /* check for copy-on-write */ if (pphar[0] != data->phar) { *pphar = data->phar; ++++++ php7-CVE-2020-7064.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=819708c2d3359dba9ed7004955b450c6ed83b7ff;hp=7fe055f381d792da9c3a6678647800ab58fa834a;hb=41f66e2a2cfd611e35be5ac3bf747f0b56161216;hpb=63f6608f89fda8ad35bc8c5472d1028e6fa6e0c6 diff --git a/ext/exif/exif.c b/ext/exif/exif.c index 7fe055f381..819708c2d3 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -3692,6 +3692,11 @@ static void exif_process_TIFF_in_JPEG(image_info_type *ImageInfo, char *CharBuf, { unsigned exif_value_2a, offset_of_ifd; + if (length < 2) { + exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Missing TIFF alignment marker"); + return; + } + /* set the thumbnail stuff to nothing so we can test to see if they get set up */ if (memcmp(CharBuf, "II", 2) == 0) { ImageInfo->motorola_intel = 0; @@ -3844,7 +3849,7 @@ static int exif_scan_JPEG_header(image_info_type *ImageInfo) return FALSE; } - sn = exif_file_sections_add(ImageInfo, marker, itemlen+1, NULL); + sn = exif_file_sections_add(ImageInfo, marker, itemlen, NULL); Data = ImageInfo->file.list[sn].data; /* Store first two pre-read bytes. */ ++++++ php7-CVE-2020-7066.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Furl.c;h=fe6d7f9de1d69eaafd577518d92d899feb7145b0;hp=57fd80cc1dc0e1a5cb62da8a644b62c9308a8246;hb=0d139c5b94a5f485a66901919e51faddb0371c43;hpb=41f66e2a2cfd611e35be5ac3bf747f0b56161216 diff --git a/ext/standard/url.c b/ext/standard/url.c index 57fd80cc1d..fe6d7f9de1 100644 --- a/ext/standard/url.c +++ b/ext/standard/url.c @@ -680,7 +680,7 @@ PHP_FUNCTION(get_headers) php_stream_context *context; ZEND_PARSE_PARAMETERS_START(1, 3) - Z_PARAM_STRING(url, url_len) + Z_PARAM_PATH(url, url_len) Z_PARAM_OPTIONAL Z_PARAM_LONG(format) Z_PARAM_RESOURCE_EX(zcontext, 1, 0) ++++++ php7-CVE-2020-7068.patch ++++++ X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fzip.c;h=50c5d69e9bebb6ab9397b4a924181f9e31a6f665;hp=d615e8addaf8cf8415a994e32e8ca3007cc0fc2a;hb=7355ab81763a3d6a04ac11660e6a16d58838d187;hpb=c68d48de9e1b6b6657d11da308f8b4059ad486dd diff --git a/ext/phar/zip.c b/ext/phar/zip.c index d615e8addaf..50c5d69e9be 100644 --- a/ext/phar/zip.c +++ b/ext/phar/zip.c @@ -703,7 +703,7 @@ foundit: efree(actual_alias); } - zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), actual_alias, mydata->alias_len, mydata); + zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), mydata->alias, mydata->alias_len, mydata); } else { phar_archive_data *fd_ptr; ++++++ php7-crypt-tests.patch ++++++ Index: php-7.1.1/ext/standard/config.m4 =================================================================== --- php-7.1.1.orig/ext/standard/config.m4 2017-01-17 21:44:35.000000000 +0100 +++ php-7.1.1/ext/standard/config.m4 2017-02-14 12:47:25.502587310 +0100 @@ -58,6 +58,14 @@ if test "$ac_cv_func_crypt" = "no"; then AC_DEFINE(HAVE_CRYPT, 1, [ ]) ]) fi + +if test "$ac_cv_func_crypt_r" = "no"; then + AC_CHECK_LIB(crypt, crypt_r, [ + LIBS="-lcrypt $LIBS -lcrypt" + AC_DEFINE(HAVE_CRYPT_R, 1, [ ]) + ]) +fi + AC_CACHE_CHECK(for standard DES crypt, ac_cv_crypt_des,[ AC_TRY_RUN([ @@ -242,7 +250,7 @@ int main() { dnl dnl If one of them is missing, use our own implementation, portable code is then possible dnl -if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" || test "$ac_cv_crypt_ext_des" = "no" || test "$ac_cv_crypt_md5" = "no" || test "$ac_cv_crypt_sha512" = "no" || test "$ac_cv_crypt_sha256" = "no" || test "x$php_crypt_r" = "x0"; then +if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" || test "$ac_cv_crypt_md5" = "no" || test "$ac_cv_crypt_sha512" = "no" || test "$ac_cv_crypt_sha256" = "no" || test "x$ac_cv_lib_crypt_crypt_r" = "x0"; then dnl dnl Check for __alignof__ support in the compiler ++++++ php7-date-regenerate-lexers.patch ++++++ Index: php-7.1.7/ext/date/config0.m4 =================================================================== --- php-7.1.7.orig/ext/date/config0.m4 2017-07-06 11:30:06.000000000 +0200 +++ php-7.1.7/ext/date/config0.m4 2017-07-21 13:56:15.183675982 +0200 @@ -10,6 +10,8 @@ timelib_sources="lib/astro.c lib/dow.c l PHP_NEW_EXTENSION(date, php_date.c $timelib_sources, no,, $PHP_DATE_CFLAGS) +PHP_ADD_MAKEFILE_FRAGMENT() + PHP_ADD_BUILD_DIR([$ext_builddir/lib], 1) PHP_ADD_INCLUDE([$ext_builddir/lib]) PHP_ADD_INCLUDE([$ext_srcdir/lib]) Index: php-7.1.7/ext/date/Makefile.frag =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ php-7.1.7/ext/date/Makefile.frag 2017-07-21 13:58:51.986357906 +0200 @@ -0,0 +1,6 @@ +$(srcdir)/lib/parse_date.c: $(srcdir)/lib/parse_date.re + @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) -b --no-generation-date -o ext/date/lib/parse_date.c ext/date/lib/parse_date.re) + +$(srcdir)/lib/parse_iso_intervals.c: $(srcdir)/lib/parse_iso_intervals.re + @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) -b --no-generation-date -o ext/date/lib/parse_iso_intervals.c ext/date/lib/parse_iso_intervals.re) + ++++++ php7-depdb-path.patch ++++++ # pear installer from 1.10.1 installs .depdb{,lock} files into # %{buildroot}%{peardir} along with .lock, .registry, etc. when # metadata_dir is not set but does not install them if # metadata_dir is set; our Horde packages expect them there though, # (they rm them without -f) so always install them along --- PEAR/Registry.php 2015-12-01 13:11:24.965179369 +0000 +++ PEAR/Registry.php 2015-12-01 13:18:42.036075538 +0000 @@ -325,6 +325,7 @@ class PEAR_Registry extends PEAR $file); $this->_config->setRegistry($this); $this->_config->set('php_dir', $this->install_dir); + $this->_config->set('metadata_dir', dirname($this->lockfile)); } $this->_dependencyDB = &PEAR_DependencyDB::singleton($this->_config); ++++++ php7-embed.patch ++++++ --- php-7.1.10/sapi/embed/config.m4.embed +++ php-7.1.10/sapi/embed/config.m4 @@ -12,7 +12,7 @@ if test "$PHP_EMBED" != "no"; then case "$PHP_EMBED" in yes|shared) PHP_EMBED_TYPE=shared - INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(prefix)/lib; \$(INSTALL) -m 0755 $SAPI_SHARED \$(INSTALL_ROOT)\$(prefix)/lib" + INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(libdir); \$(LIBTOOL) --mode=install \$(INSTALL) -m 0755 \$(OVERALL_TARGET) \$(INSTALL_ROOT)\$(libdir)" ;; static) PHP_EMBED_TYPE=static ++++++ php7-fix_net-snmp_disable_MD5.patch ++++++ Index: ext/snmp/snmp.c =================================================================== --- ext/snmp/snmp.c.orig 2015-09-08 12:33:18.057282498 +0200 +++ ext/snmp/snmp.c 2015-09-08 12:35:01.717693824 +0200 @@ -1256,14 +1256,17 @@ Set the authentication protocol in the snmpv3 session */ static int netsnmp_session_set_auth_protocol(struct snmp_session *s, char *prot) { +#ifndef DISABLE_MD5 if (!strcasecmp(prot, "MD5")) { s->securityAuthProto = usmHMACMD5AuthProtocol; s->securityAuthProtoLen = USM_AUTH_PROTO_MD5_LEN; - } else if (!strcasecmp(prot, "SHA")) { + } else +#endif + if (!strcasecmp(prot, "SHA")) { s->securityAuthProto = usmHMACSHA1AuthProtocol; s->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN; } else { - php_error_docref(NULL, E_WARNING, "Unknown authentication protocol '%s'", prot); + php_error_docref(NULL, E_WARNING, "Unknown or unsupported authentication protocol '%s'", prot); return (-1); } return (0); ++++++ php7-freetype-pkgconfig.patch ++++++ Index: php-7.2.5/ext/gd/config.m4 =================================================================== --- php-7.2.5.orig/ext/gd/config.m4 +++ php-7.2.5/ext/gd/config.m4 @@ -184,30 +184,17 @@ AC_DEFUN([PHP_GD_XPM],[ ]) AC_DEFUN([PHP_GD_FREETYPE2],[ - if test "$PHP_FREETYPE_DIR" != "no"; then + FREETYPE2_CFLAGS=`pkg-config --cflags freetype2` + FREETYPE2_LIBS=`pkg-config --libs freetype2` - for i in $PHP_FREETYPE_DIR /usr/local /usr; do - if test -f "$i/bin/freetype-config"; then - FREETYPE2_DIR=$i - FREETYPE2_CONFIG="$i/bin/freetype-config" - break - fi - done - - if test -z "$FREETYPE2_DIR"; then - AC_MSG_ERROR([freetype-config not found.]) + if test -z "$FREETYPE2_LIBS"; then + AC_MSG_ERROR([freetype2 is not available.]) fi - FREETYPE2_CFLAGS=`$FREETYPE2_CONFIG --cflags` - FREETYPE2_LIBS=`$FREETYPE2_CONFIG --libs` - PHP_EVAL_INCLINE($FREETYPE2_CFLAGS) PHP_EVAL_LIBLINE($FREETYPE2_LIBS, GD_SHARED_LIBADD) AC_DEFINE(HAVE_LIBFREETYPE,1,[ ]) AC_DEFINE(ENABLE_GD_TTF,1,[ ]) - else - AC_MSG_RESULT([If configure fails try --with-freetype-dir=<DIR>]) - fi ]) AC_DEFUN([PHP_GD_JISX0208],[ ++++++ php7-honor-re2c-flags.patch ++++++ Index: php-7.2.2/ext/standard/Makefile.frag =================================================================== --- php-7.2.2.orig/ext/standard/Makefile.frag +++ php-7.2.2/ext/standard/Makefile.frag @@ -1,9 +1,9 @@ $(srcdir)/var_unserializer.c: $(srcdir)/var_unserializer.re - @(cd $(top_srcdir); $(RE2C) --no-generation-date -b -o ext/standard/var_unserializer.c ext/standard/var_unserializer.re) + @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o ext/standard/var_unserializer.c ext/standard/var_unserializer.re) $(srcdir)/url_scanner_ex.c: $(srcdir)/url_scanner_ex.re - @(cd $(top_srcdir); $(RE2C) --no-generation-date -b -o ext/standard/url_scanner_ex.c ext/standard/url_scanner_ex.re) + @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o ext/standard/url_scanner_ex.c ext/standard/url_scanner_ex.re) $(builddir)/info.lo: $(builddir)/../../main/build-defs.h Index: php-7.2.2/ext/json/Makefile.frag =================================================================== --- php-7.2.2.orig/ext/json/Makefile.frag +++ php-7.2.2/ext/json/Makefile.frag @@ -1,5 +1,5 @@ $(srcdir)/json_scanner.c: $(srcdir)/json_scanner.re - $(RE2C) -t $(srcdir)/php_json_scanner_defs.h --no-generation-date -bci -o $@ $(srcdir)/json_scanner.re + $(RE2C) $(RE2C_FLAGS) -t $(srcdir)/php_json_scanner_defs.h --no-generation-date -bci -o $@ $(srcdir)/json_scanner.re $(srcdir)/json_parser.tab.c: $(srcdir)/json_parser.y $(YACC) --defines -l $(srcdir)/json_parser.y -o $@ Index: php-7.2.2/ext/phar/Makefile.frag =================================================================== --- php-7.2.2.orig/ext/phar/Makefile.frag +++ php-7.2.2/ext/phar/Makefile.frag @@ -1,9 +1,9 @@ $(srcdir)/phar_path_check.c: $(srcdir)/phar_path_check.re @(cd $(top_srcdir); \ if test -f ./php_phar.h; then \ - $(RE2C) --no-generation-date -b -o phar_path_check.c phar_path_check.re; \ + $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o phar_path_check.c phar_path_check.re; \ else \ - $(RE2C) --no-generation-date -b -o ext/phar/phar_path_check.c ext/phar/phar_path_check.re; \ + $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o ext/phar/phar_path_check.c ext/phar/phar_path_check.re; \ fi) pharcmd: $(builddir)/phar.php $(builddir)/phar.phar Index: php-7.2.2/ext/pdo/Makefile.frag =================================================================== --- php-7.2.2.orig/ext/pdo/Makefile.frag +++ php-7.2.2/ext/pdo/Makefile.frag @@ -7,7 +7,7 @@ PDO_HEADER_FILES= \ $(srcdir)/pdo_sql_parser.c: $(srcdir)/pdo_sql_parser.re - (cd $(top_srcdir); $(RE2C) --no-generation-date -o ext/pdo/pdo_sql_parser.c ext/pdo/pdo_sql_parser.re) + (cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) --no-generation-date -o ext/pdo/pdo_sql_parser.c ext/pdo/pdo_sql_parser.re) install-pdo-headers: @echo "Installing PDO headers: $(INSTALL_ROOT)$(phpincludedir)/ext/pdo/" ++++++ php7-ini.patch ++++++ Index: php.ini-production =================================================================== --- php.ini-production.orig 2015-07-10 14:11:24.167826570 +0200 +++ php.ini-production 2015-07-14 10:45:17.847974988 +0200 @@ -697,7 +697,7 @@ ;;;;;;;;;;;;;;;;;;;;;;;;; ; UNIX: "/path1:/path2" -;include_path = ".:/php/includes" +include_path = ".:/usr/share/php7:/usr/share/php7/PEAR" ; ; Windows: "\path1;\path2" ;include_path = ".;c:\php\includes" @@ -911,7 +911,7 @@ [Date] ; Defines the default timezone used by the date functions ; http://php.net/date.timezone -;date.timezone = +date.timezone = 'UTC' ; http://php.net/date.default-latitude ;date.default_latitude = 31.7667 @@ -1125,7 +1125,7 @@ ; Allow or prevent persistent links. ; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On +mysqli.allow_persistent = Off ; Maximum number of links. -1 means no limit. ; http://php.net/mysqli.max-links @@ -1308,7 +1308,7 @@ ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. ; http://php.net/session.save-path -;session.save_path = "/tmp" +session.save_path = "/var/lib/php7" ; Whether to use strict session mode. ; Strict session mode does not accept uninitialized session ID and regenerate ++++++ php7-no-build-date.patch ++++++ Index: php-7.2.4/ext/standard/info.c =================================================================== --- php-7.2.4.orig/ext/standard/info.c 2018-03-27 15:10:52.000000000 +0200 +++ php-7.2.4/ext/standard/info.c 2018-04-04 13:05:25.675487878 +0200 @@ -830,7 +830,7 @@ PHPAPI void php_print_info(int flag) php_info_print_box_end(); php_info_print_table_start(); php_info_print_table_row(2, "System", ZSTR_VAL(php_uname)); - php_info_print_table_row(2, "Build Date", __DATE__ " " __TIME__); + /*php_info_print_table_row(2, "Build Date", __DATE__ " " __TIME__);*/ #ifdef COMPILER php_info_print_table_row(2, "Compiler", COMPILER); #endif @@ -838,7 +838,7 @@ PHPAPI void php_print_info(int flag) php_info_print_table_row(2, "Architecture", ARCHITECTURE); #endif #ifdef CONFIGURE_COMMAND - php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND ); + /* php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND ); */ #endif if (sapi_module.pretty_name) { Index: php-7.2.4/sapi/cli/php_cli.c =================================================================== --- php-7.2.4.orig/sapi/cli/php_cli.c 2018-03-27 15:10:57.000000000 +0200 +++ php-7.2.4/sapi/cli/php_cli.c 2018-04-04 13:05:25.675487878 +0200 @@ -697,8 +697,8 @@ static int do_cli(int argc, char **argv) goto out; case 'v': /* show php version & quit */ - php_printf("PHP %s (%s) (built: %s %s) ( %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", - PHP_VERSION, cli_sapi_module.name, __DATE__, __TIME__, + php_printf("PHP %s (%s) ( %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", + PHP_VERSION, cli_sapi_module.name, #if ZTS "ZTS " #else Index: php-7.2.4/sapi/cgi/cgi_main.c =================================================================== --- php-7.2.4.orig/sapi/cgi/cgi_main.c 2018-03-27 15:10:57.000000000 +0200 +++ php-7.2.4/sapi/cgi/cgi_main.c 2018-04-04 13:05:25.675487878 +0200 @@ -2427,9 +2427,9 @@ consult the installation file that came SG(request_info).no_headers = 1; } #if ZEND_DEBUG - php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); + php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version()); #else - php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); + php_printf("PHP %s (%s) \nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version()); #endif php_request_shutdown((void *) 0); fcgi_shutdown(); Index: php-7.2.4/configure.ac =================================================================== --- php-7.2.4.orig/configure.ac 2018-04-04 13:05:25.675487878 +0200 +++ php-7.2.4/configure.ac 2018-04-04 13:10:53.817149061 +0200 @@ -1269,13 +1269,12 @@ EXTRA_LDFLAGS="$EXTRA_LDFLAGS $PHP_LDFLA EXTRA_LDFLAGS_PROGRAM="$EXTRA_LDFLAGS_PROGRAM $PHP_LDFLAGS" # SOURCE_DATE_EPOCH for reproducible builds https://reproducible-builds.org/specs/source-date-epoch/ -PHP_BUILD_DATE=`date --utc --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y-%m-%d 2>/dev/null` -if test $? -ne 0 ; then -PHP_BUILD_DATE=`date -u +%Y-%m-%d` -fi +#totally fake, not used anywhere in userspace +PHP_BUILD_DATE="1970-01-01" AC_DEFINE_UNQUOTED(PHP_BUILD_DATE,"$PHP_BUILD_DATE",[PHP build date]) -PHP_UNAME=`uname -a | xargs` +dnl Totally fake, it wasnt and will never be reliable anyway. +PHP_UNAME="Linux suse 2.6.36 #1 SMP 2011-02-21 10:34:10 +0100 x86_64 x86_64 x86_64 GNU/Linux" AC_DEFINE_UNQUOTED(PHP_UNAME,"$PHP_UNAME",[uname -a output]) PHP_OS=`uname | xargs` AC_DEFINE_UNQUOTED(PHP_OS,"$PHP_OS",[uname output]) Index: php-7.2.4/sapi/fpm/fpm/fpm_main.c =================================================================== --- php-7.2.4.orig/sapi/fpm/fpm/fpm_main.c 2018-03-27 15:10:57.000000000 +0200 +++ php-7.2.4/sapi/fpm/fpm/fpm_main.c 2018-04-04 13:05:25.675487878 +0200 @@ -1755,9 +1755,9 @@ int main(int argc, char *argv[]) SG(request_info).no_headers = 1; #if ZEND_DEBUG - php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); + php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version()); #else - php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); + php_printf("PHP %s (%s) \nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version()); #endif php_request_shutdown((void *) 0); fcgi_shutdown(); ++++++ php7-odbc-cmp-int-cast.patch ++++++ https://bugs.php.net/bug.php?id=53007 Index: ext/odbc/php_odbc.c =================================================================== --- ext/odbc/php_odbc.c.orig 2015-09-04 19:50:10.129774538 +0200 +++ ext/odbc/php_odbc.c 2015-09-04 19:52:34.202740738 +0200 @@ -1796,7 +1796,7 @@ if (rc == SQL_SUCCESS_WITH_INFO) { ZVAL_STRINGL(&tmp, buf, result->longreadlen); - } else if (result->values[i].vallen == SQL_NULL_DATA) { + } else if ((int)result->values[i].vallen == (int)SQL_NULL_DATA) { ZVAL_NULL(&tmp); break; } else { @@ -1805,7 +1805,7 @@ break; default: - if (result->values[i].vallen == SQL_NULL_DATA) { + if ((int)result->values[i].vallen == (int)SQL_NULL_DATA) { ZVAL_NULL(&tmp); break; } @@ -1948,7 +1948,7 @@ } if (rc == SQL_SUCCESS_WITH_INFO) { ZVAL_STRINGL(&tmp, buf, result->longreadlen); - } else if (result->values[i].vallen == SQL_NULL_DATA) { + } else if ((int)result->values[i].vallen == (int)SQL_NULL_DATA) { ZVAL_NULL(&tmp); break; } else { @@ -1957,7 +1957,7 @@ break; default: - if (result->values[i].vallen == SQL_NULL_DATA) { + if ((int)result->values[i].vallen == (int)SQL_NULL_DATA) { ZVAL_NULL(&tmp); break; } @@ -2185,7 +2185,7 @@ RETURN_FALSE; } - if (result->values[field_ind].vallen == SQL_NULL_DATA) { + if ((int)result->values[field_ind].vallen == (int)SQL_NULL_DATA) { zend_string_free(field_str); RETURN_NULL(); } else if (rc == SQL_NO_DATA_FOUND) { @@ -2211,7 +2211,7 @@ break; default: - if (result->values[field_ind].vallen == SQL_NULL_DATA) { + if ((int)result->values[field_ind].vallen == (int)SQL_NULL_DATA) { RETURN_NULL(); } else { RETURN_STRINGL(result->values[field_ind].value, result->values[field_ind].vallen); @@ -2235,7 +2235,7 @@ RETURN_FALSE; } - if (result->values[field_ind].vallen == SQL_NULL_DATA) { + if ((int)result->values[field_ind].vallen == (int)SQL_NULL_DATA) { efree(field); RETURN_NULL(); } @@ -2344,7 +2344,7 @@ } if (rc == SQL_SUCCESS_WITH_INFO) { PHPWRITE(buf, result->longreadlen); - } else if (result->values[i].vallen == SQL_NULL_DATA) { + } else if ((int)result->values[i].vallen == (int)SQL_NULL_DATA) { php_printf("<td>NULL</td>"); break; } else { @@ -2353,7 +2353,7 @@ php_printf("</td>"); break; default: - if (result->values[i].vallen == SQL_NULL_DATA) { + if ((int)result->values[i].vallen == (int)SQL_NULL_DATA) { php_printf("<td>NULL</td>"); } else { php_printf("<td>%s</td>", result->values[i].value); ++++++ php7-openssl.patch ++++++ Index: ext/openssl/openssl.c =================================================================== --- ext/openssl/openssl.c 2017-01-17 21:44:41.000000000 +0100 +++ ext/openssl/openssl.c 2017-02-13 15:25:42.219789317 +0100 @@ -1388,6 +1388,7 @@ PHP_MINIT_FUNCTION(openssl) OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); OpenSSL_add_all_algorithms(); + OPENSSL_config(NULL); #if !defined(OPENSSL_NO_AES) && defined(EVP_CIPH_CCM_MODE) && OPENSSL_VERSION_NUMBER < 0x100020000 EVP_add_cipher(EVP_aes_128_ccm()); Index: ext/openssl/xp_ssl.c =================================================================== --- ext/openssl/xp_ssl.c 2017-02-13 15:25:42.219789317 +0100 +++ ext/openssl/xp_ssl.c 2017-02-13 15:33:47.520365579 +0100 @@ -1518,6 +1518,10 @@ int php_openssl_setup_crypto(php_stream return FAILURE; } +#ifdef SSL_MODE_RELEASE_BUFFERS + SSL_CTX_set_mode(sslsock->ctx, SSL_MODE_RELEASE_BUFFERS); +#endif + if (GET_VER_OPT("no_ticket") && zend_is_true(val)) { ssl_ctx_options |= SSL_OP_NO_TICKET; } ++++++ php7-php-config.patch ++++++ --- scripts/php-config.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: scripts/php-config.in =================================================================== --- scripts/php-config.in.orig +++ scripts/php-config.in @@ -6,7 +6,7 @@ datarootdir="@datarootdir@" exec_prefix="@exec_prefix@" version="@PHP_VERSION@" vernum="@PHP_VERSION_ID@" -include_dir="@includedir@/php" +include_dir="@includedir@/php7" includes="-I$include_dir -I$include_dir/main -I$include_dir/TSRM -I$include_dir/Zend -I$include_dir/ext -I$include_dir/ext/date/lib" ldflags="@PHP_LDFLAGS@" libs="@EXTRA_LIBS@" ++++++ php7-phpize.patch ++++++ --- scripts/Makefile.frag | 4 ++-- scripts/phpize.in | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) Index: scripts/Makefile.frag =================================================================== --- scripts/Makefile.frag.orig +++ scripts/Makefile.frag @@ -3,8 +3,8 @@ # Build environment install # -phpincludedir = $(includedir)/php -phpbuilddir = $(libdir)/build +phpincludedir = $(includedir)/php7 +phpbuilddir = $(datadir)/build BUILD_FILES = \ scripts/phpize.m4 \ Index: scripts/phpize.in =================================================================== --- scripts/phpize.in.orig +++ scripts/phpize.in @@ -4,8 +4,8 @@ prefix='@prefix@' datarootdir='@datarootdir@' exec_prefix="`eval echo @exec_prefix@`" -phpdir="`eval echo @libdir@`/build" -includedir="`eval echo @includedir@`/php" +phpdir="`eval echo @datadir@`/build" +includedir="`eval echo @includedir@`/php7" builddir="`pwd`" SED="@SED@" ++++++ php7-pts.patch ++++++ Index: ext/standard/proc_open.c =================================================================== --- ext/standard/proc_open.c.orig +++ ext/standard/proc_open.c @@ -61,7 +61,7 @@ * */ #ifdef PHP_CAN_SUPPORT_PROC_OPEN -#if 0 && HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT && HAVE_SYS_IOCTL_H && HAVE_TERMIOS_H +#if HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT && HAVE_SYS_IOCTL_H && HAVE_TERMIOS_H # include <sys/ioctl.h> # include <termios.h> # define PHP_CAN_DO_PTS 1 ++++++ php7-systemd-unit.patch ++++++ Index: php-7.1.1/sapi/fpm/php-fpm.service.in =================================================================== --- php-7.1.1.orig/sapi/fpm/php-fpm.service.in 2017-02-13 16:20:23.157202901 +0100 +++ php-7.1.1/sapi/fpm/php-fpm.service.in 2017-02-13 16:22:31.527501287 +0100 @@ -5,13 +5,15 @@ [Unit] Description=The PHP FastCGI Process Manager After=network.target +Before=apache2.service nginx.service lighttpd.service [Service] Type=@php_fpm_systemd@ -PIDFile=@EXPANDED_LOCALSTATEDIR@/run/php-fpm.pid ExecStart=@EXPANDED_SBINDIR@/php-fpm --nodaemonize --fpm-config @EXPANDED_SYSCONFDIR@/php-fpm.conf ExecReload=/bin/kill -USR2 $MAINPID +ExecStop=/bin/kill -QUIT $MAINPID PrivateTmp=true +KillMode=mixed [Install] WantedBy=multi-user.target ++++++ php7-systzdata-v16.patch ++++++ ++++ 656 lines (skipped) ++++++ php7.rpmlintrc ++++++ # Non-versioned shared library, php-embed requires # exact version of main package, parallel installation # not wanted addFilter("php.-embed.* shlib-policy-name-error")