Hello community,
here is the log from the commit of package php7.13869 for
openSUSE:Leap:15.1:Update checked in at 2020-09-07 10:25:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.1:Update/php7.13869 (Old)
and /work/SRC/openSUSE:Leap:15.1:Update/.php7.13869.new.3399 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "php7.13869"
Mon Sep 7 10:25:25 2020 rev:1 rq:831623 version:7.2.5
Changes:
--------
New Changes file:
--- /dev/null 2020-08-06 00:20:10.149648038 +0200
+++ /work/SRC/openSUSE:Leap:15.1:Update/.php7.13869.new.3399/php7.changes
2020-09-07 10:26:14.786946337 +0200
@@ -0,0 +1,4241 @@
+-------------------------------------------------------------------
+Thu Aug 13 14:01:46 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ fix CVE-2020-7068 [bsc#1175223], Use of freed hash key in the
phar_parse_zipfile function
+ + php7-CVE-2020-7068.patch
+
+-------------------------------------------------------------------
+Tue Aug 4 16:19:46 UTC 2020 - pgaj...@suse.com
+
+- do not install outdated README.SUSE [bsc#1174010]
+
+-------------------------------------------------------------------
+Thu Jul 9 12:23:52 UTC 2020 - pgaj...@suse.com
+
+- do not install %{_tmpfilesdir}, %{_tmpfilesdir}/php-fpm.conf in
+ test favour
+
+-------------------------------------------------------------------
+Mon Jul 6 21:21:45 UTC 2020 - Daniel Molkentin <daniel.molken...@suse.com>
+
+- added tmpfiles.d for php-fpm to provide a base base for a socket
+ (boo#1173786)
+
+-------------------------------------------------------------------
+Mon May 25 09:03:00 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ fix CVE-2019-11048 [bsc#1171999], supplying overly long filenames or field
names if HTTP file uploads are allowed could lead to exhausting disk space on
the server
+ + php7-CVE-2019-11048.patch
+
+-------------------------------------------------------------------
+Tue Apr 7 11:41:39 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ fix CVE-2020-7064 [bsc#1168326], read one byte of uninitialized memory via
malicious data
+ + php7-CVE-2020-7064.patch
+ fix CVE-2020-7066 [bsc#1168352], URL truncation if the URL contains zero
(\0) character
+ + php7-CVE-2020-7066.patch
+
+-------------------------------------------------------------------
+Mon Mar 2 13:23:06 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ fix CVE-2020-7062 [bsc#1165280], null pointer dereference when using file
upload functionality under specific circumstances
+ + php7-CVE-2020-7062.patch
+ fix CVE-2020-7063 [bsc#1165289], creating PHAR archive using
PharData:buildFromIterator() function will add files with default permissions
+ + php7-CVE-2020-7063.patch
+
+-------------------------------------------------------------------
+Wed Feb 5 13:55:13 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2020-7059 [bsc#1162629]
+ + php7-CVE-2020-7059.patch
+ CVE-2020-7060 [bsc#1162632]
+ + php7-CVE-2020-7060.patch
+
+-------------------------------------------------------------------
+Thu Jan 2 15:49:54 UTC 2020 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2019-11045 [bsc#1159923]
+ + php7-CVE-2019-11045.patch
+ CVE-2019-11046 [bsc#1159924]
+ + php7-CVE-2019-11046.patch
+ CVE-2019-11047 [bsc#1159922]
+ + php7-CVE-2019-11047.patch
+ CVE-2019-11050 [bsc#1159927]
+ + php7-CVE-2019-11050.patch
+
+-------------------------------------------------------------------
+Fri Oct 25 09:47:44 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2019-11043 [bsc#1154999]
+ + php7-CVE-2019-11043.patch
+
+-------------------------------------------------------------------
+Fri Oct 4 08:58:15 UTC 2019 - pgaj...@suse.com
+
+- provide test results via multibuild :test [bsc#1119396]
+- added sources
+ + _multibuild
+
+-------------------------------------------------------------------
+Thu Sep 26 08:31:12 UTC 2019 - Petr Gajdos <pgaj...@suse.com>
+
+- drop -n from php invocation from pecl [bsc#1151793]
+
https://github.com/pear/pear-core/commit/f94454a74785865cec50bf9d64c410efc29b587a
+
+-------------------------------------------------------------------
+Thu Sep 26 06:31:54 UTC 2019 - pgaj...@suse.com
+
+- turn off run of testsuite as we get Kernel panic on s390x
+
+-------------------------------------------------------------------
+Thu Aug 22 14:37:06 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2019-11041 [bsc#1146360]
+ + php7-CVE-2019-11041.patch
+ CVE-2019-11042 [bsc#1145095]
+ + php7-CVE-2019-11042.patch
+
+-------------------------------------------------------------------
+Fri Jun 14 15:21:26 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2019-11039 [bsc#1138173]
+ + php-CVE-2019-11039.patch
+ CVE-2019-11040 [bsc#1138172]
+ + php-CVE-2019-11040.patch
+
+-------------------------------------------------------------------
+Mon May 13 09:28:23 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2019-11036 [bsc#1134322]
+ + php-CVE-2019-11036.patch
+
+-------------------------------------------------------------------
+Mon Apr 29 11:43:01 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2019-11034 [bsc#1132838]
+ + php-CVE-2019-11034.patch
+ CVE-2019-11035 [bsc#1132837]
+ + php-CVE-2019-11035.patch
+
+-------------------------------------------------------------------
+Wed Mar 20 12:39:11 UTC 2019 - pgaj...@suse.com
+
+- security update
+- added patches
+ CVE-2019-9637 [bsc#1128892]
+ + php-CVE-2019-9637.patch
+ CVE-2019-9675 [bsc#1128886]
+ + php-CVE-2019-9675.patch
+ CVE-2019-9638 [bsc#1128889], CVE-2019-9639 [bsc#1128887]
+ + php-CVE-2019-9638,9639.patch
+ CVE-2019-9640 [bsc#1128883]
+ + php-CVE-2019-9640.patch
+
+-------------------------------------------------------------------
+Fri Mar 15 15:01:21 UTC 2019 - pgaj...@suse.com
+
+- upstream bug #41631 is already fixed [bsc#1129032]
+- deleted sources
+ - README.default_socket_timeout (not needed)
+
+-------------------------------------------------------------------
+Mon Mar 11 20:45:18 UTC 2019 - pgaj...@suse.com
+
+- security update
+ * CVE-2019-9024 [bsc#1126821]
+ + php-CVE-2019-9024.patch
+ * CVE-2019-9020 [bsc#1126711]
+ + php-CVE-2019-9020.patch
+ * CVE-2018-20783 [bsc#1127122]
+ + php-CVE-2018-20783.patch
+ * CVE-2019-9021 [bsc#1126713]
+ + php-CVE-2019-9021.patch
+ * CVE-2019-9022 [bsc#1126827]
+ + php-CVE-2019-9022.patch
+ * CVE-2019-9023 [bsc#1126823]
+ + php-CVE-2019-9023.patch
+ * CVE-2019-9641 [bsc#1128722]
+ + php-CVE-2019-9641.patch
+
+-------------------------------------------------------------------
+Tue Mar 5 11:36:22 UTC 2019 - pgaj...@suse.com
+
+- asan_build: build ASAN included
+- debug_build: build more suitable for debugging
+
+-------------------------------------------------------------------
+Wed Dec 19 12:06:42 UTC 2018 - Martin Pluskal <mplus...@suse.com>
+
+- Enable testsuite during build time and save log to subpackage
+ testresults (boo#1119396)
+
+-------------------------------------------------------------------
+Mon Dec 10 16:10:03 UTC 2018 - Petr Gajdos <pgaj...@suse.com>
+
+- add security patch of imap extension, which is currently disabled
++++ 4044 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:Leap:15.1:Update/.php7.13869.new.3399/php7.changes
New:
----
README.SUSE-pear
README.macros
_constraints
_multibuild
build-test.sh
install-pear-nozlib.phar
macros.php
php-7.2.5.tar.xz
php-7.2.5.tar.xz.asc
php-CVE-2017-9120.patch
php-CVE-2018-1000222.patch
php-CVE-2018-12882.patch
php-CVE-2018-14851.patch
php-CVE-2018-17082.patch
php-CVE-2018-19935.patch
php-CVE-2018-20783.patch
php-CVE-2019-11034.patch
php-CVE-2019-11035.patch
php-CVE-2019-11036.patch
php-CVE-2019-11039.patch
php-CVE-2019-11040.patch
php-CVE-2019-9020.patch
php-CVE-2019-9021.patch
php-CVE-2019-9022.patch
php-CVE-2019-9023.patch
php-CVE-2019-9024.patch
php-CVE-2019-9637.patch
php-CVE-2019-9638,9639.patch
php-CVE-2019-9640.patch
php-CVE-2019-9641.patch
php-CVE-2019-9675.patch
php-fpm.tmpfiles.d
php-suse-addons.tar.bz2
php7-CVE-2019-11041.patch
php7-CVE-2019-11042.patch
php7-CVE-2019-11043.patch
php7-CVE-2019-11045.patch
php7-CVE-2019-11046.patch
php7-CVE-2019-11047.patch
php7-CVE-2019-11048.patch
php7-CVE-2019-11050.patch
php7-CVE-2020-7059.patch
php7-CVE-2020-7060.patch
php7-CVE-2020-7062.patch
php7-CVE-2020-7063.patch
php7-CVE-2020-7064.patch
php7-CVE-2020-7066.patch
php7-CVE-2020-7068.patch
php7-crypt-tests.patch
php7-date-regenerate-lexers.patch
php7-depdb-path.patch
php7-embed.patch
php7-fix_net-snmp_disable_MD5.patch
php7-freetype-pkgconfig.patch
php7-honor-re2c-flags.patch
php7-ini.patch
php7-no-build-date.patch
php7-odbc-cmp-int-cast.patch
php7-openssl.patch
php7-php-config.patch
php7-phpize.patch
php7-pts.patch
php7-systemd-unit.patch
php7-systzdata-v16.patch
php7.changes
php7.keyring
php7.rpmlintrc
php7.spec
suhosin-0.9.38.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ php7.spec ++++++
++++ 1937 lines (skipped)
++++++ README.SUSE-pear ++++++
Package php5-pear does not include Pear DB support
==================================================
Php5-pear package comes without Pear DB database
support, which was obsoleted by MDB2.
If you need Pear DB, please install it with:
#pear install --onlyreqdeps DB
This is the case of Squirrelmail which requires
Pear DB support. More information can be found
at bugzilla.novell.com, bug #178982.
++++++ README.macros ++++++
README for php-macros
Author: Christian Wittmer <ch...@computersalat.de>
Author: Johannes Weberhofer <jweberho...@weberhofer.at>
%php_pear_gen_filelist generates an rpmlint happy filelist of your installed
files
In most cases you only need to check the %doc part
sometimes there is a "Changes" or "ChangeLog",....
Requirements for %php_pear_gen_filelist
You have to define following parts inside your spec file
Example:
#
# spec file for package php7-pear-Auth_SASL
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%define php_name php7
%define pear_name Auth_SASL
Name: php7-pear-Auth_SASL
Version: 1.1.0
Release: 0
Summary: Abstraction of various SASL mechanism responses
License: BSD-3-Clause
Group: Productivity/Networking/Web/Servers
Url: http://pear.php.net/package/%{pear_name}
Source: http://pear.php.net/get/%{pear_name}-%{version}.tgz
BuildRequires: %{php_name}-devel
BuildRequires: %{php_name}-pear >= 1.10.1
Requires: %{php_name}-pear >= 1.10.1
Provides: php-pear-%{pear_name} = %{version}
Provides: php-pear(%{pear_name}) = %{version}
Obsoletes: php5-pear-Auth_SASL
BuildArch: noarch
%if 0%{?suse_version} < 1330
BuildRequires: %{php_name}-macros
BuildRequires: %{php_name}-pear-Archive_Tar
Requires: %{php_name}-pear-Archive_Tar
%endif
%description
Provides code to generate responses to common SASL mechanisms, including:
- Digest-MD5
- CramMD5
- Plain
- Anonymous
- Login (Pseudo mechanism)
%prep
%setup -q %setup -q -n %{pear_name}-%{version}
mv ../package.xml .
%build
%install
%{__pear} install --nodeps --offline --packagingroot %{buildroot} package.xml
install -D -m 0644 package.xml %{buildroot}%{pear_xmldir}/%{pear_name}.xml
rm -rf %{buildroot}/{doc,tmp}
rm -rf
%{buildroot}/%{php_peardir}/.{filemap,lock,registry,channels,depdb,depdblock}
%php_pear_gen_filelist
%post
if [ "$1" = "1" ]; then
# on "rpm -ivh"
%{__pear} install --nodeps --soft --force --register-only
%{pear_xmldir}/%{pear_name}.xml
fi
if [ "$1" = "2" ]; then
# on "rpm -Uvh"
%{__pear} upgrade --offline --register-only %{pear_xmldir}/%{pear_name}.xml
fi
%postun
if [ "$1" = "0" ]; then
# on "rpm -e"
%{__pear} uninstall --nodeps --ignore-errors --register-only
pear.php.net/%{pear_name}
fi
%files -f %{name}.files
%changelog
#############################################################################
And here an Example of the generated filelist (does not match above package):
/usr/share/php5/PEAR/Date.php
%dir /usr/share/php5/PEAR/Date
/usr/share/php5/PEAR/Date/Calc.php
/usr/share/php5/PEAR/Date/Human.php
/usr/share/php5/PEAR/Date/Span.php
/usr/share/php5/PEAR/Date/TimeZone.php
%dir /usr/share/php5/PEAR/test
%dir /usr/share/php5/PEAR/test/Date
%dir /usr/share/php5/PEAR/test/Date/tests
/usr/share/php5/PEAR/test/Date/tests/test_date_methods_span.php
/usr/share/php5/PEAR/test/Date/tests/testunit_date_span.php
/usr/share/php5/PEAR/test/Date/tests/test_calc.php
/usr/share/php5/PEAR/test/Date/tests/calc.php
/usr/share/php5/PEAR/test/Date/tests/testunit_date.php
/usr/share/php5/PEAR/test/Date/tests/testunit.php
%dir /usr/share/php5/PEAR/test/Date/tests/bugs
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-1.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-2.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-3.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-727-4.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-674.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-9213.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-9414.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-8912.phpt
/usr/share/php5/PEAR/test/Date/tests/bugs/bug-967.phpt
/var/lib/pear/Date.xml
++++++ _constraints ++++++
<?xml version="1.0" encoding="UTF-8"?>
<constraints>
<hardware>
<memory>
<size unit="G">10</size>
</memory>
</hardware>
</constraints>
++++++ _multibuild ++++++
<multibuild>
<package>test</package>
</multibuild>
++++++ build-test.sh ++++++
#!/bin/bash
TEST_RESULT_FILE_BEFORE='test_results.before'
TEST_RESULT_FILE_AFTER='test_results.after'
function usage
{
echo "usage: $0 buildroot [osc ARGUMENTS]"
echo " 1. Run first time to create ${TEST_RESULT_FILE_BEFORE}."
echo " 2. Make source changes."
echo " 3. Run second time to create ${TEST_RESULT_FILE_AFTER}"
echo " and see changes in test results."
}
if [ -z $1 ]; then
echo 'ERROR: missing a parameter: buildroot'
usage
exit 1
fi
if [ "$1" == "-h" ]; then
usage
exit 0
fi
export OSC_BUILD_ROOT=$1
shift
apiurl=`cat .osc/_apiurl 2>/dev/null`
if [ ! -z "$apiurl" ]; then
apiurl="-A $apiurl"
fi
osc $apiurl build $@ --no-verify --with make_test -x valgrind *.spec
if [ $? -ne 0 ]; then
echo "ERROR: build failed. See $OSC_BUILD_ROOT/.build.log for details."
exit 1
fi
cat $OSC_BUILD_ROOT/.build.log \
| sed 's:^\[[ 0-9]\+s\] ::' \
| egrep 'TEST [0-9]+\/[0-9]+|SKIP.*reason' \
| sed 's:.*\r::' \
| sort \
> ${TEST_RESULT_FILE_AFTER}
if [ ! -e ${TEST_RESULT_FILE_BEFORE} ]; then
echo "Creating ${TEST_RESULT_FILE_BEFORE}"
echo "Run $0 again AFTER source changes, to create ${TEST_RESULT_FILE_AFTER}."
echo "Differences will be checked then."
mv ${TEST_RESULT_FILE_AFTER} ${TEST_RESULT_FILE_BEFORE}
else
echo --- DIFFERENCES -------------------------------------------
diff -up $TEST_RESULT_FILE_BEFORE ${TEST_RESULT_FILE_AFTER}
echo -----------------------------------------------------------
echo "Do not forgot to "
echo "rm ${TEST_RESULT_FILE_BEFORE} ${TEST_RESULT_FILE_AFTER}"
echo
fi
++++++ macros.php ++++++
# macros.php file
# macros for module building. handle with care.
#
# Interface versions exposed by PHP:
#
%php_core_api @PHP_APIVER@
%php_zend_api @PHP_ZENDVER@
# Useful php macros (from Christian Wittmer <ch...@computersalat.de>)
#
%__php /usr/bin/php
%__phpize /usr/bin/phpize
%__php_config /usr/bin/php-config
%php_version %(%{__php_config} --version)
# pear related macros
%__pear /usr/bin/pear
%php_peardir %(%{__pear} config-get php_dir)
# %pear_xmldir should be replaced by %php_pearxmldir
%pear_xmldir /var/lib/pear
%php_pearxmldir /var/lib/pear
%pear_phpdir %(%{__pear} config-get php_dir 2> /dev/null || echo undefined)
%pear_docdir %(%{__pear} config-get doc_dir 2> /dev/null || echo undefined)
%pear_testdir %(%{__pear} config-get test_dir 2> /dev/null || echo undefined)
%pear_datadir %(%{__pear} config-get data_dir 2> /dev/null || echo undefined)
%pear_cfgdir %(%{__pear} config-get cfg_dir 2> /dev/null || echo undefined)
%pear_wwwdir %(%{__pear} config-get www_dir 2> /dev/null || echo undefined)
%pear_metadir %(%{__pear} config-get metadata_dir 2> /dev/null || echo
undefined)
# pecl related macros
%__pecl /usr/bin/pecl
%pecl_phpdir %(%{__pecl} config-get php_dir 2> /dev/null || echo undefined)
%pecl_docdir %(%{__pecl} config-get doc_dir 2> /dev/null || echo undefined)
%pecl_testdir %(%{__pecl} config-get test_dir 2> /dev/null || echo undefined)
%pecl_datadir %(%{__pecl} config-get data_dir 2> /dev/null || echo undefined)
# macro: php_pear_gen_filelist
# do the rpmlint happy filelist generation
# with %dir in front of directories
%php_pear_gen_filelist(n)\
FILES=%{name}.files\
# fgen_dir func\
# IN: dir\
fgen_dir(){\
%{__cat} >> $FILES << EOF\
%dir ${1}\
EOF\
}\
# fgen_file func\
# IN: file\
fgen_file(){\
%{__cat} >> $FILES << EOF\
${1}\
EOF\
}\
# check for files in %{php_peardir}\
RES=`find ${RPM_BUILD_ROOT}%{php_peardir} -maxdepth 1 -type f`\
if [ -n "$RES" ]; then\
for file in $RES; do\
fgen_file "%{php_peardir}/$(basename ${file})"\
done\
fi\
\
# get all dirs into array\
base_dir="${RPM_BUILD_ROOT}%{php_peardir}/"\
for dir in `find ${base_dir} -type d | sort`; do\
if [ "$dir" = "${base_dir}" ]; then\
continue\
else\
el=`echo $dir | %{__awk} -F"${base_dir}" '{print $2}'`\
all_dir=(${all_dir[@]} $el)\
fi\
done\
\
# build filelist\
for i in ${all_dir[@]}; do\
if [ -d ${base_dir}/${i} ]; then\
RES=`find "${base_dir}/${i}" -maxdepth 1 -type f`\
if [ -n "$RES" ]; then\
fgen_dir "%{php_peardir}/${i}"\
for file in $RES; do\
fgen_file "%{php_peardir}/${i}/$(basename ${file})"\
done\
else\
fgen_dir "%{php_peardir}/${i}"\
fi\
fi\
done\
# add xml file\
fgen_file "%php_pearxmldir/%{pear_name}.xml"\
#
++++++ php-CVE-2017-9120.patch ++++++
diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c
index 03a39d7..7b88731 100644
--- a/ext/mysqli/mysqli_api.c
+++ b/ext/mysqli/mysqli_api.c
@@ -1965,7 +1965,7 @@ PHP_FUNCTION(mysqli_real_escape_string) {
}
MYSQLI_FETCH_RESOURCE_CONN(mysql, mysql_link, MYSQLI_STATUS_VALID);
- newstr = zend_string_alloc(2 * escapestr_len, 0);
+ newstr = zend_string_safe_alloc(2, escapestr_len, 0, 0);
ZSTR_LEN(newstr) = mysql_real_escape_string(mysql->mysql,
ZSTR_VAL(newstr), escapestr, escapestr_len);
newstr = zend_string_truncate(newstr, ZSTR_LEN(newstr), 0);
++++++ php-CVE-2018-1000222.patch ++++++
Index: php-7.2.5/ext/gd/libgd/gd_bmp.c
===================================================================
--- php-7.2.5.orig/ext/gd/libgd/gd_bmp.c 2018-04-24 17:09:54.000000000
+0200
+++ php-7.2.5/ext/gd/libgd/gd_bmp.c 2018-08-27 16:21:13.287949435 +0200
@@ -40,6 +40,8 @@ static int bmp_read_4bit(gdImagePtr im,
static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info,
bmp_hdr_t *header);
static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info);
+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression);
+
#define BMP_DEBUG(s)
static int gdBMPPutWord(gdIOCtx *out, int w)
@@ -68,8 +70,10 @@ void * gdImageBmpPtr(gdImagePtr im, int
void *rv;
gdIOCtx *out = gdNewDynamicCtx(2048, NULL);
if (out == NULL) return NULL;
- gdImageBmpCtx(im, out, compression);
- rv = gdDPExtractData(out, size);
+ if (!_gdImageBmpCtx(im, out, compression))
+ rv = gdDPExtractData(out, size);
+ else
+ rv = NULL;
out->gd_free(out);
return rv;
}
@@ -90,12 +94,18 @@ void gdImageBmp(gdImagePtr im, FILE *out
*/
void gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
{
+ _gdImageBmpCtx(im, out, compression);
+}
+
+static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression)
+{
int bitmap_size = 0, info_size, total_size, padding;
int i, row, xpos, pixel;
int error = 0;
unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL;
FILE *tmpfile_for_compression = NULL;
gdIOCtxPtr out_original = NULL;
+ int ret = 1;
/* No compression if its true colour or we don't support seek */
if (im->trueColor) {
@@ -273,6 +283,7 @@ void gdImageBmpCtx(gdImagePtr im, gdIOCt
out_original = NULL;
}
+ ret = 0;
cleanup:
if (tmpfile_for_compression) {
#ifdef _WIN32
@@ -286,7 +297,7 @@ cleanup:
if (out_original) {
out_original->gd_free(out_original);
}
- return;
+ return ret;
}
static int compress_row(unsigned char *row, int length)
++++++ php-CVE-2018-12882.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=67e827b44147ab121d1f7174eab62addd24bc889;hp=f5b0d4009fe18daf931a2a073882dc517a560012;hb=3fdde65617e9f954e2c964768aac8831005497e5;hpb=e0290192752a72b5be35b033b33590e040d60d24
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index f5b0d40..67e827b 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -4324,7 +4324,7 @@ static int exif_read_from_impl(image_info_type
*ImageInfo, php_stream *stream, i
zend_string *base;
if ((st.st_mode & S_IFMT) != S_IFREG) {
exif_error_docref(NULL EXIFERR_CC, ImageInfo,
E_WARNING, "Not a file");
- php_stream_close(ImageInfo->infile);
+ ImageInfo->infile = NULL;
return FALSE;
}
++++++ php-CVE-2018-14851.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=cad29b729548e4206f0697710cc9e177f26fdff3;hp=1147980f7730de0dfd13904a2ea6461bbf4eded8;hb=3462efa386f26d343062094514af604c29e3edce;hpb=1baeae42703f9b2ec21fff787146eeca08d45535
Index: php-7.2.5/ext/exif/exif.c
===================================================================
--- php-7.2.5.orig/ext/exif/exif.c 2018-08-04 09:18:43.566167854 +0200
+++ php-7.2.5/ext/exif/exif.c 2018-08-04 09:25:27.280266346 +0200
@@ -3126,6 +3126,7 @@ static int exif_process_IFD_in_MAKERNOTE
#endif
const maker_note_type *maker_note;
char *dir_start;
+ int data_len;
for (i=0; i<=sizeof(maker_note_array)/sizeof(maker_note_type); i++) {
if (i==sizeof(maker_note_array)/sizeof(maker_note_type)) {
@@ -3180,6 +3181,7 @@ static int exif_process_IFD_in_MAKERNOTE
switch (maker_note->offset_mode) {
case MN_OFFSET_MAKER:
offset_base = value_ptr;
+ data_len = value_len;
break;
#ifdef KALLE_0
case MN_OFFSET_GUESS:
@@ -3197,6 +3199,7 @@ static int exif_process_IFD_in_MAKERNOTE
return FALSE;
}
offset_base = value_ptr + offset_diff;
+ data_len = value_len - offset_diff;
break;
#endif
default:
@@ -3211,7 +3214,7 @@ static int exif_process_IFD_in_MAKERNOTE
for (de=0;de<NumDirEntries;de++) {
if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de,
- offset_base,
IFDlength, displacement, section_index, 0, maker_note->tag_table)) {
+ offset_base,
data_len, displacement, section_index, 0, maker_note->tag_table)) {
return FALSE;
}
}
++++++ php-CVE-2018-17082.patch ++++++
Index: php-7.2.5/sapi/apache2handler/sapi_apache2.c
===================================================================
--- php-7.2.5.orig/sapi/apache2handler/sapi_apache2.c 2018-04-24
17:10:05.000000000 +0200
+++ php-7.2.5/sapi/apache2handler/sapi_apache2.c 2018-09-19
12:59:38.893512800 +0200
@@ -712,6 +712,7 @@ zend_first_try {
if (!parent_req) {
php_apache_request_dtor(r);
ctx->request_processed = 1;
+ apr_brigade_cleanup(brigade);
bucket = apr_bucket_eos_create(r->connection->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(brigade, bucket);
++++++ php-CVE-2018-19935.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fimap%2Fphp_imap.c;h=b30440f000f38f1e040a909a290db754ace49042;hp=a23e84c085216c65d9ebe4a61840f5747dd4626b;hb=7edc639b9ff1c3576773d79d016abbeed1f93846;hpb=aabdb71dc3739f5e06916e2a4e24deb37437b1e8
Index: php-7.0.7/ext/imap/php_imap.c
===================================================================
--- php-7.0.7.orig/ext/imap/php_imap.c 2018-12-10 16:55:40.758312636 +0100
+++ php-7.0.7/ext/imap/php_imap.c 2018-12-10 16:58:21.031127128 +0100
@@ -4126,7 +4126,6 @@ PHP_FUNCTION(imap_mail)
if (!ZSTR_LEN(message)) {
/* this is not really an error, so it is allowed. */
php_error_docref(NULL, E_WARNING, "No message string in mail
command");
- message = NULL;
}
if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message),
headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL,
++++++ php-CVE-2018-20783.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar.c;h=47ff8cd790730dbc3520e47faa86327e2987a238;hp=780be432570e80dd34c1a9c217ef87ade22bf136;hb=48f0f73f75c0059ba5d9b73cb4e5faeeaea49c47;hpb=7edc639b9ff1c3576773d79d016abbeed1f93846
Index: php-7.2.5/ext/phar/phar.c
===================================================================
--- php-7.2.5.orig/ext/phar/phar.c 2018-04-24 17:09:57.000000000 +0200
+++ php-7.2.5/ext/phar/phar.c 2019-03-07 11:41:25.276615493 +0100
@@ -643,6 +643,18 @@ int phar_parse_metadata(char **buffer, z
/* }}}*/
/**
+ * Size of fixed fields in the manifest.
+ * See: http://php.net/manual/en/phar.fileformat.phar.php
+ */
+#define MANIFEST_FIXED_LEN 18
+
+#define SAFE_PHAR_GET_32(buffer, endbuffer, var) \
+ if (UNEXPECTED(buffer + 4 > endbuffer)) { \
+ MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated
manifest header)"); \
+ } \
+ PHAR_GET_32(buffer, var);
+
+/**
* Does not check for a previously opened phar in the cache.
*
* Parse a new one and add it to the cache, returning either SUCCESS or
@@ -725,12 +737,12 @@ static int phar_parse_pharfile(php_strea
savebuf = buffer;
endbuffer = buffer + manifest_len;
- if (manifest_len < 10 || manifest_len != php_stream_read(fp, buffer,
manifest_len)) {
+ if (manifest_len < MANIFEST_FIXED_LEN || manifest_len !=
php_stream_read(fp, buffer, manifest_len)) {
MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated
manifest header)")
}
/* extract the number of entries */
- PHAR_GET_32(buffer, manifest_count);
+ SAFE_PHAR_GET_32(buffer, endbuffer, manifest_count);
if (manifest_count == 0) {
MAPPHAR_FAIL("in phar \"%s\", manifest claims to have zero
entries. Phars must have at least 1 entry");
@@ -750,7 +762,7 @@ static int phar_parse_pharfile(php_strea
return FAILURE;
}
- PHAR_GET_32(buffer, manifest_flags);
+ SAFE_PHAR_GET_32(buffer, endbuffer, manifest_flags);
manifest_flags &= ~PHAR_HDR_COMPRESSION_MASK;
manifest_flags &= ~PHAR_FILE_COMPRESSION_MASK;
@@ -970,13 +982,13 @@ static int phar_parse_pharfile(php_strea
}
/* extract alias */
- PHAR_GET_32(buffer, tmp_len);
+ SAFE_PHAR_GET_32(buffer, endbuffer, tmp_len);
if (buffer + tmp_len > endbuffer) {
MAPPHAR_FAIL("internal corruption of phar \"%s\" (buffer
overrun)");
}
- if (manifest_len < 10 + tmp_len) {
+ if (manifest_len < MANIFEST_FIXED_LEN + tmp_len) {
MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated
manifest header)")
}
@@ -1014,7 +1026,7 @@ static int phar_parse_pharfile(php_strea
}
/* we have 5 32-bit items plus 1 byte at least */
- if (manifest_count > ((manifest_len - 10 - tmp_len) / (5 * 4 + 1))) {
+ if (manifest_count > ((manifest_len - MANIFEST_FIXED_LEN - tmp_len) /
(5 * 4 + 1))) {
/* prevent serious memory issues */
MAPPHAR_FAIL("internal corruption of phar \"%s\" (too many
manifest entries for size of manifest)")
}
@@ -1023,12 +1035,12 @@ static int phar_parse_pharfile(php_strea
mydata->is_persistent = PHAR_G(persist);
/* check whether we have meta data, zero check works regardless of byte
order */
- PHAR_GET_32(buffer, len);
+ SAFE_PHAR_GET_32(buffer, endbuffer, len);
if (mydata->is_persistent) {
mydata->metadata_len = len;
if(!len) {
/* FIXME: not sure why this is needed but removing it
breaks tests */
- PHAR_GET_32(buffer, len);
+ SAFE_PHAR_GET_32(buffer, endbuffer, len);
}
}
if(len > (size_t)(endbuffer - buffer)) {
++++++ php-CVE-2019-11034.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=0b5bb5ae2123989a28b2112ab5506777083ad9d5;hp=fe89b854711879274555bdc762ea6e7fa518fa59;hb=f3aefc6d071b807ddacae0a0bc49f09c38e18490;hpb=0ecac37c40a27ffbd59f34b5920735ee0b7f994c
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index fe89b85..0b5bb5a 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -2802,6 +2802,10 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type
*ImageInfo, char * valu
exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC,
ImageInfo, E_WARNING, "Illegal IFD size: 2 + 0x%04X*12 = 0x%04X > 0x%04X",
NumDirEntries, 2+NumDirEntries*12, value_len);
return FALSE;
}
+ if ((dir_start - value_ptr) > value_len - (2+NumDirEntries*12)) {
+ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC,
ImageInfo, E_WARNING, "Illegal IFD size: 0x%04X > 0x%04X", (dir_start -
value_ptr) + (2+NumDirEntries*12), value_len);
+ return FALSE;
+ }
for (de=0;de<NumDirEntries;de++) {
if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de,
++++++ php-CVE-2019-11035.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=75f59d71c91b2cdfd6c05e471f18edd9715acd3f;hp=407145fffcb36eea0fb98e7e2b83c9f3e4091af5;hb=330f1716df49c0d3474c18b6dcd370a9dcf57422;hpb=1c0d06441aefee18b30520e2b1ae89cbfcf56a59
Index: php-7.2.5/ext/exif/exif.c
===================================================================
--- php-7.2.5.orig/ext/exif/exif.c 2019-04-29 12:08:21.787510186 +0200
+++ php-7.2.5/ext/exif/exif.c 2019-04-29 12:08:21.799510259 +0200
@@ -2062,10 +2062,10 @@ static int exif_file_sections_free(image
/* {{{ exif_iif_add_value
Add a value to image_info
*/
-static void exif_iif_add_value(image_info_type *image_info, int section_index,
char *name, int tag, int format, int length, void* value, int motorola_intel)
+static void exif_iif_add_value(image_info_type *image_info, int section_index,
char *name, int tag, int format, int length, void* value, size_t value_len, int
motorola_intel)
{
size_t idex;
- void *vptr;
+ void *vptr, *vptr_end;
image_info_value *info_value;
image_info_data *info_data;
image_info_data *list;
@@ -2087,8 +2087,12 @@ static void exif_iif_add_value(image_inf
switch (format) {
case TAG_FMT_STRING:
+ if (length > value_len) {
+ exif_error_docref("exif_iif_add_value"
EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length,
value_len);
+ value = NULL;
+ }
if (value) {
- length = php_strnlen(value, length);
+ length = (int)php_strnlen(value, length);
info_value->s = estrndup(value, length);
info_data->length = length;
} else {
@@ -2110,6 +2114,10 @@ static void exif_iif_add_value(image_inf
if (!length)
break;
case TAG_FMT_UNDEFINED:
+ if (length > value_len) {
+ exif_error_docref("exif_iif_add_value"
EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length,
value_len);
+ value = NULL;
+ }
if (value) {
if (tag == TAG_MAKER_NOTE) {
length = (int) php_strnlen(value,
length);
@@ -2140,7 +2148,12 @@ static void exif_iif_add_value(image_inf
} else {
info_value = &info_data->value;
}
+ vptr_end = (char*)value+value_len;
for (idex=0,vptr=value; idex<(size_t)length;
idex++,vptr=(char *) vptr + php_tiff_bytes_per_format[format]) {
+ if ((char*)vptr_end - (char*)vptr <
php_tiff_bytes_per_format[format]) {
+ exif_error_docref("exif_iif_add_value"
EXIFERR_CC, image_info, E_WARNING, "Value too short");
+ break;
+ }
if (length>1) {
info_value =
&info_data->value.list[idex];
}
@@ -2176,7 +2189,7 @@ static void exif_iif_add_value(image_inf
php_error_docref(NULL,
E_WARNING, "Found value of type single");
#endif
info_value->f = *(float *)value;
-
+ break;
case TAG_FMT_DOUBLE:
#ifdef EXIF_DEBUG
php_error_docref(NULL,
E_WARNING, "Found value of type double");
@@ -2194,9 +2207,9 @@ static void exif_iif_add_value(image_inf
/* {{{ exif_iif_add_tag
Add a tag from IFD to image_info
*/
-static void exif_iif_add_tag(image_info_type *image_info, int section_index,
char *name, int tag, int format, size_t length, void* value)
+static void exif_iif_add_tag(image_info_type *image_info, int section_index,
char *name, int tag, int format, size_t length, void* value, size_t value_len)
{
- exif_iif_add_value(image_info, section_index, name, tag, format,
(int)length, value, image_info->motorola_intel);
+ exif_iif_add_value(image_info, section_index, name, tag, format,
(int)length, value, value_len, image_info->motorola_intel);
}
/* }}} */
@@ -2617,7 +2630,7 @@ static void add_assoc_image_info(zval *v
*/
static void exif_process_COM (image_info_type *image_info, char *value, size_t
length)
{
- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment",
TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2);
+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment",
TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2, length-2);
}
/* }}} */
@@ -2632,17 +2645,17 @@ static void exif_process_CME (image_info
if (length>3) {
switch(value[2]) {
case 0:
- exif_iif_add_tag(image_info, SECTION_COMMENT,
"Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value);
+ exif_iif_add_tag(image_info, SECTION_COMMENT,
"Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value, length);
break;
case 1:
- exif_iif_add_tag(image_info, SECTION_COMMENT,
"Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value);
+ exif_iif_add_tag(image_info, SECTION_COMMENT,
"Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value, length);
break;
default:
php_error_docref(NULL, E_NOTICE, "Undefined
JPEG2000 comment encoding");
break;
}
} else {
- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment",
TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL);
+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment",
TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL, 0);
php_error_docref(NULL, E_NOTICE, "JPEG2000 comment section too
small");
}
}
@@ -3237,7 +3250,7 @@ static int exif_process_IFD_in_MAKERNOTE
static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry,
char *offset_base, size_t IFDlength, size_t displacement, int section_index,
int ReadNextIFD, tag_table_type tag_table)
{
size_t length;
- int tag, format, components;
+ unsigned int tag, format, components;
char *value_ptr, tagname[64], cbuf[32], *outside=NULL;
size_t byte_count, offset_val, fpos, fgot;
int64_t byte_count_signed;
@@ -3548,7 +3561,7 @@ static int exif_process_IFD_TAG(image_in
}
}
}
- exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag,
tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr);
+ exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag,
tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr,
byte_count);
EFREE_IF(outside);
return TRUE;
}
@@ -3710,10 +3723,10 @@ static void exif_process_APP12(image_inf
size_t l1, l2=0;
if ((l1 = php_strnlen(buffer+2, length-2)) > 0) {
- exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE,
TAG_FMT_STRING, l1, buffer+2);
+ exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE,
TAG_FMT_STRING, l1, buffer+2, l1);
if (length > 2+l1+1) {
l2 = php_strnlen(buffer+2+l1+1, length-2-l1-1);
- exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info",
TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1);
+ exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info",
TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1, l2);
}
}
#ifdef EXIF_DEBUG
@@ -4583,7 +4596,7 @@ PHP_FUNCTION(exif_read_data)
if (ImageInfo.Thumbnail.size) {
if (read_thumbnail) {
/* not exif_iif_add_str : this is a buffer */
- exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL,
"THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size,
ImageInfo.Thumbnail.data);
+ exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL,
"THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size,
ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size);
}
if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) {
/* try to evaluate if thumbnail data is present */
++++++ php-CVE-2019-11036.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=d174def80c1355fc54d09a0ae754ced64d85768d;hp=a763f6c77b0d1664eadc924e650181850843f72d;hb=f80ad18afae2230c2c1802c7d829100af646874e;hpb=6c631ccfef94f93259d474682f8bfa803e163c87
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index a763f6c..d174def 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -2891,7 +2891,7 @@ static int exif_process_IFD_TAG(image_info_type
*ImageInfo, char *dir_entry, cha
offset_base is ImageInfo->file.list[sn].data-dir_offset
dir_entry - offset_base is dir_offset+2+i*12
*/
- if (byte_count > IFDlength || offset_val > IFDlength-byte_count
|| value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base)) {
+ if (byte_count > IFDlength || offset_val > IFDlength-byte_count
|| value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base) ||
dir_entry <= offset_base) {
/* It is important to check for IMAGE_FILETYPE_TIFF
* JPEG does not use absolute pointers instead its
pointers are
* relative to the start of the TIFF header in APP1
section. */
++++++ php-CVE-2019-11039.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Ficonv%2Ficonv.c;h=b4a2abe08d9a02e9e6c07f51a8f4ebe895f0d003;hp=f86d0ae031987a12d45b9c10efc255f58262966b;hb=7cf7148a8f8f4f55fb04de2a517d740bb6253eac;hpb=ed6dee9a198c904ad5e03113e58a2d2c200f5184
diff --git a/ext/iconv/iconv.c b/ext/iconv/iconv.c
index f86d0ae..b4a2abe 100644
--- a/ext/iconv/iconv.c
+++ b/ext/iconv/iconv.c
@@ -1673,7 +1673,9 @@ static php_iconv_err_t _php_iconv_mime_decode(smart_str
*pretval, const char *st
* we can do at this
point. */
if (*(p1 + 1) == '=') {
++p1;
- --str_left;
+ if (str_left >
1) {
+
--str_left;
+ }
}
err =
_php_iconv_appendl(pretval, encoded_word, (size_t)((p1 + 1) - encoded_word),
cd_pl);
++++++ php-CVE-2019-11040.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=605b37923f888d320a87947a58f19fd2122475e8;hp=d174def80c1355fc54d09a0ae754ced64d85768d;hb=73ff4193be24192c894dc0502d06e2b2db35eefb;hpb=16e037bd46359a31f218ee220ff09f1c3270e489
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index d174def..605b379 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3526,6 +3526,8 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo)
if (c == 0xFF)
return FALSE;
marker = c;
+ if (pos>=ImageInfo->Thumbnail.size)
+ return FALSE;
length = php_jpg_get16(data+pos);
if (length > ImageInfo->Thumbnail.size || pos >=
ImageInfo->Thumbnail.size - length) {
return FALSE;
++++++ php-CVE-2019-9020.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fxmlrpc%2Flibxmlrpc%2Fxml_element.c;h=a30b500f2f80edbda673512b79c821960fb07ed7;hp=6fc6bd397747c7f3f21534065d14745b53a14423;hb=9c62b95e5e6a1ac3922a8819f2d56d8ea998d97a;hpb=e3e3289bd1919bcc9f600d1879d3d85d5d774886
diff --git a/ext/xmlrpc/libxmlrpc/xml_element.c
b/ext/xmlrpc/libxmlrpc/xml_element.c
index 6fc6bd3..a30b500 100644
--- a/ext/xmlrpc/libxmlrpc/xml_element.c
+++ b/ext/xmlrpc/libxmlrpc/xml_element.c
@@ -723,6 +723,9 @@ xml_element* xml_elem_parse_buf(const char* in_buf, int
len, XML_ELEM_INPUT_OPTI
long byte_idx = XML_GetCurrentByteIndex(parser);
/* int byte_total = XML_GetCurrentByteCount(parser); */
const char * error_str = XML_ErrorString(err_code);
+ if(byte_idx > len) {
+ byte_idx = len;
+ }
if(byte_idx >= 0) {
snprintf(buf,
sizeof(buf),
++++++ php-CVE-2019-9021.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar.c;h=6e5cec2462a6ded53d4379ea9a69487a60d5c43c;hp=47ff8cd790730dbc3520e47faa86327e2987a238;hb=428d8164ffcf6f75a6cc9d4056e54bfd450dac03;hpb=4fc0bceb7c39be206c73f69993e3936ef329f656
diff --git a/ext/phar/phar.c b/ext/phar/phar.c
index 47ff8cd..6e5cec2 100644
--- a/ext/phar/phar.c
+++ b/ext/phar/phar.c
@@ -2017,7 +2017,7 @@ next_extension:
}
while (pos != filename && (*(pos - 1) == '/' || *(pos - 1) == '\0')) {
- pos = memchr(pos + 1, '.', filename_len - (pos - filename) + 1);
+ pos = memchr(pos + 1, '.', filename_len - (pos - filename) - 1);
if (!pos) {
return FAILURE;
}
++++++ php-CVE-2019-9022.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Fdns.c;h=b5fbcb96f968c83ecf75c39900cf7d88e19fff3a;hp=8e102f816f6e45a6cdf9c4ff548c9b853a1f1e65;hb=8d3dfabef459fe7815e8ea2fd68753fd17859d7b;hpb=31f59e1f3074ab344b473dde6077a6844ca87264
diff --git a/ext/standard/dns.c b/ext/standard/dns.c
index 8e102f8..b5fbcb9 100644
--- a/ext/standard/dns.c
+++ b/ext/standard/dns.c
@@ -459,6 +459,10 @@ static u_char *php_parserr(u_char *cp, u_char *end,
querybuf *answer, int type_t
GETLONG(ttl, cp);
GETSHORT(dlen, cp);
CHECKCP(dlen);
+ if (dlen == 0) {
+ /* No data in the response - nothing to do */
+ return NULL;
+ }
if (type_to_fetch != T_ANY && type != type_to_fetch) {
cp += dlen;
return cp;
@@ -549,6 +553,9 @@ static u_char *php_parserr(u_char *cp, u_char *end,
querybuf *answer, int type_t
CHECKCP(n);
add_assoc_stringl(subarray, "tag", (char*)cp, n);
cp += n;
+ if ( (size_t) dlen < ((size_t)n) + 2 ) {
+ return NULL;
+ }
n = dlen - n - 2;
CHECKCP(n);
add_assoc_stringl(subarray, "value", (char*)cp, n);
++++++ php-CVE-2019-9023.patch ++++++
Index: php-7.2.5/ext/mbstring/oniguruma/src/regparse.c
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/regparse.c 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/regparse.c 2019-03-11
17:56:58.618984274 +0100
@@ -304,14 +304,17 @@ strdup_with_null(OnigEncoding enc, UChar
c = ONIGENC_MBC_TO_CODE(enc, p, end); \
pfetch_prev = p; \
p += ONIGENC_MBC_ENC_LEN(enc, p); \
+ if(UNEXPECTED(p > end)) p = end; \
} while (0)
#define PINC_S do { \
p += ONIGENC_MBC_ENC_LEN(enc, p); \
+ if(UNEXPECTED(p > end)) p = end; \
} while (0)
#define PFETCH_S(c) do { \
c = ONIGENC_MBC_TO_CODE(enc, p, end); \
p += ONIGENC_MBC_ENC_LEN(enc, p); \
+ if(UNEXPECTED(p > end)) p = end; \
} while (0)
#define PPEEK (p < end ? ONIGENC_MBC_TO_CODE(enc, p, end) : PEND_VALUE)
@@ -3593,7 +3596,9 @@ fetch_token(OnigToken* tok, UChar** src,
tok->u.code = c2;
}
else { /* string */
- p = tok->backp + enclen(enc, tok->backp);
+ int len;
+ SAFE_ENC_LEN(enc, tok->backp, end, len);
+ p = tok->backp + len;
}
}
break;
Index: php-7.2.5/ext/mbstring/oniguruma/src/regcomp.c
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/regcomp.c 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/regcomp.c 2019-03-11
17:56:58.618984274 +0100
@@ -469,13 +469,13 @@ compile_length_string_node(Node* node, r
ambig = NSTRING_IS_AMBIG(node);
p = prev = sn->s;
- prev_len = enclen(enc, p);
+ SAFE_ENC_LEN(enc, p, sn->end, prev_len);
p += prev_len;
slen = 1;
rlen = 0;
for (; p < sn->end; ) {
- len = enclen(enc, p);
+ SAFE_ENC_LEN(enc, p, sn->end, len);
if (len == prev_len) {
slen++;
}
@@ -518,12 +518,12 @@ compile_string_node(Node* node, regex_t*
ambig = NSTRING_IS_AMBIG(node);
p = prev = sn->s;
- prev_len = enclen(enc, p);
+ SAFE_ENC_LEN(enc, p, end, prev_len);
p += prev_len;
slen = 1;
for (; p < end; ) {
- len = enclen(enc, p);
+ SAFE_ENC_LEN(enc, p, end, len);
if (len == prev_len) {
slen++;
}
@@ -3435,7 +3435,7 @@ expand_case_fold_string(Node* node, rege
goto err;
}
- len = enclen(reg->enc, p);
+ SAFE_ENC_LEN(reg->enc, p, end, len);
if (n == 0) {
if (IS_NULL(snode)) {
Index: php-7.2.5/ext/mbstring/oniguruma/src/unicode.c
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/unicode.c 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/unicode.c 2019-03-11
17:56:58.618984274 +0100
@@ -255,6 +255,7 @@ onigenc_unicode_mbc_case_fold(OnigEncodi
code = ONIGENC_MBC_TO_CODE(enc, p, end);
len = enclen(enc, p);
+ if (*pp + len > end) len = end - *pp;
*pp += len;
#ifdef USE_UNICODE_CASE_FOLD_TURKISH_AZERI
Index: php-7.2.5/ext/mbstring/oniguruma/src/regparse.h
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/regparse.h 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/regparse.h 2019-03-11
17:56:58.618984274 +0100
@@ -348,4 +348,16 @@ extern int onig_print_names(FILE*, regex
#endif
#endif
+#if (defined (__GNUC__) && __GNUC__ > 2 ) && !defined(DARWIN) &&
!defined(__hpux) && !defined(_AIX)
+# define UNEXPECTED(condition) __builtin_expect(condition, 0)
+#else
+# define UNEXPECTED(condition) (condition)
+#endif
+
+#define SAFE_ENC_LEN(enc, p, end, res) do { \
+ int __res = enclen(enc, p); \
+ if (UNEXPECTED(p + __res > end)) __res = end - p; \
+ res = __res; \
+} while(0);
+
#endif /* REGPARSE_H */
Index: php-7.2.5/ext/mbstring/oniguruma/src/utf16_be.c
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf16_be.c 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/utf16_be.c 2019-03-11
17:56:58.622984293 +0100
@@ -82,16 +82,18 @@ utf16be_is_mbc_newline(const UChar* p, c
}
static OnigCodePoint
-utf16be_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED)
+utf16be_mbc_to_code(const UChar* p, const UChar* end)
{
OnigCodePoint code;
if (UTF16_IS_SURROGATE_FIRST(*p)) {
+ if (end - p < 4) return 0;
code = ((((p[0] - 0xd8) << 2) + ((p[1] & 0xc0) >> 6) + 1) << 16)
+ ((((p[1] & 0x3f) << 2) + (p[2] - 0xdc)) << 8)
+ p[3];
}
else {
+ if (end - p < 2) return 0;
code = p[0] * 256 + p[1];
}
return code;
Index: php-7.2.5/ext/mbstring/oniguruma/src/utf16_le.c
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf16_le.c 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/utf16_le.c 2019-03-11
17:56:58.622984293 +0100
@@ -97,13 +97,14 @@ utf16le_is_mbc_newline(const UChar* p, c
}
static OnigCodePoint
-utf16le_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED)
+utf16le_mbc_to_code(const UChar* p, const UChar* end)
{
OnigCodePoint code;
UChar c0 = *p;
UChar c1 = *(p+1);
if (UTF16_IS_SURROGATE_FIRST(c1)) {
+ if (end - p < 4) return 0;
code = ((((c1 - 0xd8) << 2) + ((c0 & 0xc0) >> 6) + 1) << 16)
+ ((((c0 & 0x3f) << 2) + (p[3] - 0xdc)) << 8)
+ p[2];
Index: php-7.2.5/ext/mbstring/oniguruma/src/utf32_be.c
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf32_be.c 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/utf32_be.c 2019-03-11
17:56:58.622984293 +0100
@@ -67,6 +67,7 @@ utf32be_is_mbc_newline(const UChar* p, c
static OnigCodePoint
utf32be_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED)
{
+ if (end - p < 4) return 0;
return (OnigCodePoint )(((p[0] * 256 + p[1]) * 256 + p[2]) * 256 + p[3]);
}
Index: php-7.2.5/ext/mbstring/oniguruma/src/utf32_le.c
===================================================================
--- php-7.2.5.orig/ext/mbstring/oniguruma/src/utf32_le.c 2018-04-24
17:09:55.000000000 +0200
+++ php-7.2.5/ext/mbstring/oniguruma/src/utf32_le.c 2019-03-11
17:56:58.622984293 +0100
@@ -67,6 +67,7 @@ utf32le_is_mbc_newline(const UChar* p, c
static OnigCodePoint
utf32le_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED)
{
+ if (end - p < 4) return 0;
return (OnigCodePoint )(((p[3] * 256 + p[2]) * 256 + p[1]) * 256 + p[0]);
}
++++++ php-CVE-2019-9024.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fxmlrpc%2Flibxmlrpc%2Fbase64.c;h=a4fa19327b76dc43880934bfd703500aeae35c52;hp=5ebdf31f7adeb9fd5f9f69b37d86ce22e4d05ce4;hb=4feb9e66ff9636ad44bc23a91b7ebd37d83ddf1d;hpb=c6e34d91b88638966662caac62c4d0e90538e317
diff --git a/ext/xmlrpc/libxmlrpc/base64.c b/ext/xmlrpc/libxmlrpc/base64.c
index 5ebdf31..a4fa193 100644
--- a/ext/xmlrpc/libxmlrpc/base64.c
+++ b/ext/xmlrpc/libxmlrpc/base64.c
@@ -169,7 +169,7 @@ void base64_decode_xmlrpc(struct buffer_st *bfr, const char
*source, int length)
return;
}
- if (dtable[c] & 0x80) {
+ if (dtable[(unsigned char)c] & 0x80) {
/*
fprintf(stderr, "Offset %i length %i\n", offset, length);
fprintf(stderr, "character '%c:%x:%c' in input file.\n", c, c,
dtable[c]);
++++++ php-CVE-2019-9637.patch ++++++
Index: php-7.2.5/main/streams/plain_wrapper.c
===================================================================
--- php-7.2.5.orig/main/streams/plain_wrapper.c 2019-03-20 11:59:59.515315899
+0100
+++ php-7.2.5/main/streams/plain_wrapper.c 2019-03-20 12:00:44.107570303
+0100
@@ -1168,34 +1168,51 @@ static int php_plain_files_rename(php_st
# ifdef EXDEV
if (errno == EXDEV) {
zend_stat_t sb;
+# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE)
+ /* not sure what to do in ZTS case, umask is not
thread-safe */
+ int oldmask = umask(077);
+# endif
+ int success = 0;
if (php_copy_file(url_from, url_to) == SUCCESS) {
if (VCWD_STAT(url_from, &sb) == 0) {
+ success = 1;
# ifndef TSRM_WIN32
- if (VCWD_CHMOD(url_to, sb.st_mode)) {
- if (errno == EPERM) {
- php_error_docref2(NULL,
url_from, url_to, E_WARNING, "%s", strerror(errno));
- VCWD_UNLINK(url_from);
- return 1;
- }
+ /*
+ * Try to set user and permission info
on the target.
+ * If we're not root, then some of
these may fail.
+ * We try chown first, to set proper
group info, relying
+ * on the system environment to have
proper umask to not allow
+ * access to the file in the meantime.
+ */
+ if (VCWD_CHOWN(url_to, sb.st_uid,
sb.st_gid)) {
php_error_docref2(NULL,
url_from, url_to, E_WARNING, "%s", strerror(errno));
- return 0;
+ if (errno != EPERM) {
+ success = 0;
+ }
}
- if (VCWD_CHOWN(url_to, sb.st_uid,
sb.st_gid)) {
- if (errno == EPERM) {
+
+ if (success) {
+ if (VCWD_CHMOD(url_to,
sb.st_mode)) {
php_error_docref2(NULL,
url_from, url_to, E_WARNING, "%s", strerror(errno));
- VCWD_UNLINK(url_from);
- return 1;
+ if (errno != EPERM) {
+ success = 0;
+ }
}
- php_error_docref2(NULL,
url_from, url_to, E_WARNING, "%s", strerror(errno));
- return 0;
}
# endif
- VCWD_UNLINK(url_from);
- return 1;
+ if (success) {
+ VCWD_UNLINK(url_from);
+ }
+ } else {
+ php_error_docref2(NULL, url_from,
url_to, E_WARNING, "%s", strerror(errno));
}
+ } else {
+ php_error_docref2(NULL, url_from, url_to,
E_WARNING, "%s", strerror(errno));
}
- php_error_docref2(NULL, url_from, url_to, E_WARNING,
"%s", strerror(errno));
- return 0;
+# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE)
+ umask(oldmask);
+# endif
+ return success;
}
# endif
#endif
++++++ php-CVE-2019-9638,9639.patch ++++++
Index: php-7.2.5/ext/exif/exif.c
===================================================================
--- php-7.2.5.orig/ext/exif/exif.c 2019-03-19 11:47:31.254886961 +0100
+++ php-7.2.5/ext/exif/exif.c 2019-03-19 11:49:09.123455967 +0100
@@ -3149,7 +3149,7 @@ static int exif_process_IFD_in_MAKERNOTE
break;
}
- if (maker_note->offset >= value_len) {
+ if (value_len < 2 || maker_note->offset >= value_len - 1) {
/* Do not go past the value end */
exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC,
ImageInfo, E_WARNING, "IFD data too short: 0x%04X offset 0x%04X", value_len,
maker_note->offset);
return FALSE;
@@ -3204,6 +3204,7 @@ static int exif_process_IFD_in_MAKERNOTE
#endif
default:
case MN_OFFSET_NORMAL:
+ data_len = value_len;
break;
}
++++++ php-CVE-2019-9640.patch ++++++
Index: php-7.2.5/ext/exif/exif.c
===================================================================
--- php-7.2.5.orig/ext/exif/exif.c 2019-03-19 15:47:49.703923660 +0100
+++ php-7.2.5/ext/exif/exif.c 2019-03-19 15:49:57.408673458 +0100
@@ -3924,7 +3924,7 @@ static int exif_scan_thumbnail(image_inf
return FALSE;
marker = c;
length = php_jpg_get16(data+pos);
- if (pos+length>=ImageInfo->Thumbnail.size) {
+ if (length > ImageInfo->Thumbnail.size || pos >=
ImageInfo->Thumbnail.size - length) {
return FALSE;
}
#ifdef EXIF_DEBUG
@@ -3945,6 +3945,10 @@ static int exif_scan_thumbnail(image_inf
case M_SOF14:
case M_SOF15:
/* handle SOFn block */
+ if (length < 8 || ImageInfo->Thumbnail.size - 8
< pos) {
+ /* exif_process_SOFn needs 8 bytes */
+ return FALSE;
+ }
exif_process_SOFn(data+pos, marker, &sof_info);
ImageInfo->Thumbnail.height = sof_info.height;
ImageInfo->Thumbnail.width = sof_info.width;
@@ -4678,7 +4682,9 @@ PHP_FUNCTION(exif_thumbnail)
ZVAL_STRINGL(return_value, ImageInfo.Thumbnail.data,
ImageInfo.Thumbnail.size);
if (arg_c >= 3) {
if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) {
- exif_scan_thumbnail(&ImageInfo);
+ if (!exif_scan_thumbnail(&ImageInfo)) {
+ ImageInfo.Thumbnail.width =
ImageInfo.Thumbnail.height = 0;
+ }
}
zval_dtor(z_width);
zval_dtor(z_height);
++++++ php-CVE-2019-9641.patch ++++++
commit 25aa5f434dfb3337a6617b46224f1b505053d8e9
Author: Stanislav Malyshev <s...@php.net>
Date: Fri Mar 1 23:25:45 2019 -0800
Fix integer overflows on 32-bits
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index cbde3effed..b4563927a5 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3567,10 +3567,10 @@ static int exif_process_IFD_in_TIFF(image_info_type
*ImageInfo, size_t dir_offse
tag_table_type tag_table = exif_get_tag_table(section_index);
if (ImageInfo->ifd_nesting_level > MAX_IFD_NESTING_LEVEL) {
- return FALSE;
- }
+ return FALSE;
+ }
- if (ImageInfo->FileSize >= dir_offset+2) {
+ if (ImageInfo->FileSize >= 2 && ImageInfo->FileSize - 2 >= dir_offset) {
sn = exif_file_sections_add(ImageInfo, M_PSEUDO, 2, NULL);
#ifdef EXIF_DEBUG
exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read
from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X)", ImageInfo->FileSize,
dir_offset, 2);
@@ -3578,8 +3578,8 @@ static int exif_process_IFD_in_TIFF(image_info_type
*ImageInfo, size_t dir_offse
php_stream_seek(ImageInfo->infile, dir_offset, SEEK_SET); /* we
do not know the order of sections */
php_stream_read(ImageInfo->infile,
(char*)ImageInfo->file.list[sn].data, 2);
num_entries = php_ifd_get16u(ImageInfo->file.list[sn].data,
ImageInfo->motorola_intel);
- dir_size = 2/*num dir entries*/ +12/*length of
entry*/*num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/;
- if (ImageInfo->FileSize >= dir_offset+dir_size) {
+ dir_size = 2/*num dir entries*/ +12/*length of
entry*/*(size_t)num_entries +4/* offset to next ifd (points to thumbnail or
NULL)*/;
+ if (ImageInfo->FileSize >= dir_size && ImageInfo->FileSize -
dir_size >= dir_offset) {
#ifdef EXIF_DEBUG
exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE,
"Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X), IFD entries(%d)",
ImageInfo->FileSize, dir_offset+2, dir_size-2, num_entries);
#endif
@@ -3662,9 +3662,9 @@ static int exif_process_IFD_in_TIFF(image_info_type
*ImageInfo, size_t dir_offse
}
}
}
- if (ImageInfo->FileSize >= dir_offset +
ImageInfo->file.list[sn].size) {
+ if (ImageInfo->FileSize >=
ImageInfo->file.list[sn].size && ImageInfo->FileSize -
ImageInfo->file.list[sn].size >= dir_offset) {
if (ifd_size > dir_size) {
- if (dir_offset + ifd_size >
ImageInfo->FileSize) {
+ if (ImageInfo->FileSize < ifd_size ||
dir_offset > ImageInfo->FileSize - ifd_size) {
exif_error_docref(NULL
EXIFERR_CC, ImageInfo, E_WARNING, "Error in TIFF: filesize(x%04X) less than
size of IFD(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, ifd_size);
return FALSE;
}
++++++ php-CVE-2019-9675.patch ++++++
diff --git a/ext/phar/tar.c b/ext/phar/tar.c
index 9de3047..20f6882 100644
--- a/ext/phar/tar.c
+++ b/ext/phar/tar.c
@@ -762,7 +762,12 @@ static int phar_tar_writeheaders_int(phar_entry_info
*entry, void *argument) /*
header.typeflag = entry->tar_type;
if (entry->link) {
- strncpy(header.linkname, entry->link, strlen(entry->link));
+ if (strlcpy(header.linkname, entry->link,
sizeof(header.linkname)) >= sizeof(header.linkname)) {
+ if (fp->error) {
+ spprintf(fp->error, 4096, "tar-based phar
\"%s\" cannot be created, link \"%s\" is too long for format",
entry->phar->fname, entry->link);
+ }
+ return ZEND_HASH_APPLY_STOP;
+ }
}
strncpy(header.magic, "ustar", sizeof("ustar")-1);
++++++ php-fpm.tmpfiles.d ++++++
# Type Path Mode UID GID Age Argument
d /run/php-fpm 0711 root root - -
++++++ php7-CVE-2019-11041.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=aa272c1d2b2df09593f7d2b98b46f4c64f2f0bfb;hp=e04290376ce57cdcc1c7e1dfad9f323d8cfb98bb;hb=f22101c8308669bb63c03a73a2cac2408d844f38;hpb=d561a998c9313749ad2b488685e5c2bec661bc69
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index e042903..aa272c1 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3892,7 +3892,7 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo)
size_t length=2, pos=0;
jpeg_sof_info sof_info;
- if (!data) {
+ if (!data || ImageInfo->Thumbnail.size < 4) {
return FALSE; /* nothing to do here */
}
if (memcmp(data, "\xFF\xD8\xFF", 3)) {
++++++ php7-CVE-2019-11042.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=3e005b57270afb3fdd4fb52f267b976bbc64c63f;hp=aa272c1d2b2df09593f7d2b98b46f4c64f2f0bfb;hb=e648fa4699e8d072db6db34fcc09826e8127fab8;hpb=f22101c8308669bb63c03a73a2cac2408d844f38
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index aa272c1..3e005b5 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3015,11 +3015,11 @@ static int exif_process_user_comment(image_info_type
*ImageInfo, char **pszInfoP
/* First try to detect BOM: ZERO WIDTH NOBREAK SPACE
(FEFF 16)
* since we have no encoding support for the BOM yet we
skip that.
*/
- if (!memcmp(szValuePtr, "\xFE\xFF", 2)) {
+ if (ByteCount >=2 && !memcmp(szValuePtr, "\xFE\xFF",
2)) {
decode = "UCS-2BE";
szValuePtr = szValuePtr+2;
ByteCount -= 2;
- } else if (!memcmp(szValuePtr, "\xFF\xFE", 2)) {
+ } else if (ByteCount >=2 && !memcmp(szValuePtr,
"\xFF\xFE", 2)) {
decode = "UCS-2LE";
szValuePtr = szValuePtr+2;
ByteCount -= 2;
++++++ php7-CVE-2019-11043.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=sapi%2Ffpm%2Ffpm%2Ffpm_main.c;h=dfc0d8f7413c1224017833d0bbb604721e9d2b8f;hp=483fabe9d8506513e0275694a2148a2d82084a33;hb=19e17d3807e6cc0b1ba9443ec5facbd33a61f8fe;hpb=12cca48ff67587e9aabaa41b80466cb9ff418d57
diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
index 483fabe9d85..dfc0d8f7413 100644
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@@ -1148,8 +1148,8 @@ static void init_request_info(void)
path_info =
script_path_translated + ptlen;
tflag = (slen
!= 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0));
} else {
- path_info =
env_path_info ? env_path_info + pilen - slen : NULL;
- tflag =
(orig_path_info != path_info);
+ path_info =
(env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL;
+ tflag =
path_info && (orig_path_info != path_info);
}
if (tflag) {
++++++ php7-CVE-2019-11045.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fspl%2Fspl_directory.c;h=56e809b1c7a956ade1960584925ec9bc294e8768;hp=91ea2e026532f4d56816a06990ccecf7d74764f3;hb=a5a15965da23c8e97657278fc8dfbf1dfb20c016;hpb=d2cfb63f020a6f39de5d6c7189f65d2191432877
diff --git a/ext/spl/spl_directory.c b/ext/spl/spl_directory.c
index 91ea2e02653..56e809b1c7a 100644
--- a/ext/spl/spl_directory.c
+++ b/ext/spl/spl_directory.c
@@ -708,10 +708,10 @@ void
spl_filesystem_object_construct(INTERNAL_FUNCTION_PARAMETERS, zend_long cto
if (SPL_HAS_FLAG(ctor_flags, DIT_CTOR_FLAGS)) {
flags =
SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_FILEINFO;
- parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s|l", &path,
&len, &flags);
+ parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p|l", &path,
&len, &flags);
} else {
flags =
SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_SELF;
- parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s", &path,
&len);
+ parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p", &path,
&len);
}
if (SPL_HAS_FLAG(ctor_flags, SPL_FILE_DIR_SKIPDOTS)) {
flags |= SPL_FILE_DIR_SKIPDOTS;
++++++ php7-CVE-2019-11046.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fbcmath%2Flibbcmath%2Fsrc%2Fstr2num.c;h=03aec15930ba416f2d8bfaed9863001bc4da33b7;hp=f38d341570f9216b37316061fa260f7547a4add0;hb=eb23c6008753b1cdc5359dead3a096dce46c9018;hpb=b771a18133bdfd95ce36932e5b83a724f17a1427
diff --git a/ext/bcmath/libbcmath/src/str2num.c
b/ext/bcmath/libbcmath/src/str2num.c
index f38d341570f..03aec15930b 100644
--- a/ext/bcmath/libbcmath/src/str2num.c
+++ b/ext/bcmath/libbcmath/src/str2num.c
@@ -57,9 +57,9 @@ bc_str2num (bc_num *num, char *str, int scale)
zero_int = FALSE;
if ( (*ptr == '+') || (*ptr == '-')) ptr++; /* Sign */
while (*ptr == '0') ptr++; /* Skip leading zeros. */
- while (isdigit((int)*ptr)) ptr++, digits++; /* digits */
+ while (*ptr >= '0' && *ptr <= '9') ptr++, digits++; /* digits */
if (*ptr == '.') ptr++; /* decimal point */
- while (isdigit((int)*ptr)) ptr++, strscale++; /* digits */
+ while (*ptr >= '0' && *ptr <= '9') ptr++, strscale++; /* digits */
if ((*ptr != '\0') || (digits+strscale == 0))
{
*num = bc_copy_num (BCG(_zero_));
++++++ php7-CVE-2019-11047.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=c0be05922fbde95cd9cf62e1f44e2f497f8acafc;hp=f961f44a46c61a1918cf57d4575c39080c6d35b1;hb=d348cfb96f2543565691010ade5e0346338be5a7;hpb=eb23c6008753b1cdc5359dead3a096dce46c9018
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index f961f44a46c..c0be05922fb 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3165,7 +3165,8 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type
*ImageInfo, char * valu
continue;
if (maker_note->model && (!ImageInfo->model ||
strcmp(maker_note->model, ImageInfo->model)))
continue;
- if (maker_note->id_string && strncmp(maker_note->id_string,
value_ptr, maker_note->id_string_len))
+ if (maker_note->id_string && value_len >=
maker_note->id_string_len
+ && strncmp(maker_note->id_string, value_ptr,
maker_note->id_string_len))
continue;
break;
}
++++++ php7-CVE-2019-11048.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=main%2Frfc1867.c;h=783eab4175d58301eba03817c9179b0652db9c63;hp=bd01b34cf070fa0d9a41b9d6771280a920a74551;hb=1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87;hpb=bef96b9d2c7330909f43faf4f8ff12c7723bf857
Index: php-7.2.5/main/rfc1867.c
===================================================================
--- php-7.2.5.orig/main/rfc1867.c 2018-04-24 17:10:05.000000000 +0200
+++ php-7.2.5/main/rfc1867.c 2020-05-25 11:13:26.117985003 +0200
@@ -616,7 +616,7 @@ static void *php_ap_memstr(char *haystac
}
/* read until a boundary condition */
-static int multipart_buffer_read(multipart_buffer *self, char *buf, size_t
bytes, int *end)
+static size_t multipart_buffer_read(multipart_buffer *self, char *buf, size_t
bytes, int *end)
{
size_t len, max;
char *bound;
@@ -655,7 +655,7 @@ static int multipart_buffer_read(multipa
self->buf_begin += len;
}
- return (int)len;
+ return len;
}
/*
@@ -665,7 +665,7 @@ static int multipart_buffer_read(multipa
static char *multipart_buffer_read_body(multipart_buffer *self, size_t *len)
{
char buf[FILLUNIT], *out=NULL;
- int total_bytes=0, read_bytes=0;
+ size_t total_bytes=0, read_bytes=0;
while((read_bytes = multipart_buffer_read(self, buf, sizeof(buf),
NULL))) {
out = erealloc(out, total_bytes + read_bytes + 1);
@@ -692,7 +692,8 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_
char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL,
*array_index = NULL;
char *lbuf = NULL, *abuf = NULL;
zend_string *temp_filename = NULL;
- int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0, array_len =
0;
+ int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0;
+ size_t array_len = 0;
int64_t total_bytes = 0, max_file_size = 0;
int skip_upload = 0, anonindex = 0, is_anonymous;
HashTable *uploaded_files = NULL;
@@ -1126,7 +1127,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_
is_arr_upload = (start_arr = strchr(param,'[')) &&
(param[strlen(param)-1] == ']');
if (is_arr_upload) {
- array_len = (int)strlen(start_arr);
+ array_len = strlen(start_arr);
if (array_index) {
efree(array_index);
}
++++++ php7-CVE-2019-11050.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=7fe055f381d792da9c3a6678647800ab58fa834a;hp=c0be05922fbde95cd9cf62e1f44e2f497f8acafc;hb=c14eb8de974fc8a4d74f3515424c293bc7a40fba;hpb=d348cfb96f2543565691010ade5e0346338be5a7
Index: php-7.2.5/ext/exif/exif.c
===================================================================
--- php-7.2.5.orig/ext/exif/exif.c 2020-01-02 13:11:53.941694004 +0100
+++ php-7.2.5/ext/exif/exif.c 2020-01-02 13:11:53.973694182 +0100
@@ -3231,8 +3231,9 @@ static int exif_process_IFD_in_MAKERNOTE
}
for (de=0;de<NumDirEntries;de++) {
- if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de,
- offset_base,
data_len, displacement, section_index, 0, maker_note->tag_table)) {
+ size_t offset = 2 + 12 * de;
+ if (!exif_process_IFD_TAG(ImageInfo, dir_start + offset,
+ offset_base,
data_len - offset, displacement, section_index, 0, maker_note->tag_table)) {
return FALSE;
}
}
++++++ php7-CVE-2020-7059.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Fstring.c;h=fb44cc505d9da857926b2a66d1405a9655aaefbc;hp=da51cd0966fc86db5cdccc8992faf0c86e232360;hb=0f79b1bf301f455967676b5129240140c5c45b09;hpb=f79c7742746907d676989cb7f97fb4f7cd26789f
diff --git a/ext/standard/string.c b/ext/standard/string.c
index da51cd0966f..fb44cc505d9 100644
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -4866,7 +4866,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, size_t len,
uint8_t *stateptr, const
if (state == 4) {
/* Inside <!-- comment --> */
break;
- } else if (state == 2 && *(p-1) != '\\') {
+ } else if (state == 2 && p >= buf + 1 && *(p-1)
!= '\\') {
if (lc == c) {
lc = '\0';
} else if (lc != '\\') {
@@ -4893,7 +4893,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, size_t len,
uint8_t *stateptr, const
case '!':
/* JavaScript & Other HTML scripting languages
*/
- if (state == 1 && *(p-1) == '<') {
+ if (state == 1 && p >= buf + 1 && *(p-1) ==
'<') {
state = 3;
lc = c;
} else {
@@ -4920,7 +4920,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, size_t len,
uint8_t *stateptr, const
case '?':
- if (state == 1 && *(p-1) == '<') {
+ if (state == 1 && p >= buf + 1 && *(p-1) ==
'<') {
br=0;
state=2;
break;
++++++ php7-CVE-2020-7060.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fmbstring%2Flibmbfl%2Ffilters%2Fmbfilter_big5.c;h=5e1ca815da31ed68db2baae2b3d38699b546ca83;hp=f5ab8809ce8a799bd40bda74606f181fcef36c75;hb=2bcbc95f033c31b00595ed39f79c3a99b4ed0501;hpb=0f79b1bf301f455967676b5129240140c5c45b09
diff --git a/ext/mbstring/libmbfl/filters/mbfilter_big5.c
b/ext/mbstring/libmbfl/filters/mbfilter_big5.c
index f5ab8809ce8..5e1ca815da3 100644
--- a/ext/mbstring/libmbfl/filters/mbfilter_big5.c
+++ b/ext/mbstring/libmbfl/filters/mbfilter_big5.c
@@ -138,6 +138,17 @@ static unsigned short cp950_pua_tbl[][4] = {
{0xf70f,0xf848,0xc740,0xc8fe},
};
+static inline int is_in_cp950_pua(int c1, int c) {
+ if ((c1 >= 0xfa && c1 <= 0xfe) || (c1 >= 0x8e && c1 <= 0xa0) ||
+ (c1 >= 0x81 && c1 <= 0x8d) || (c1 >= 0xc7 && c1 <=
0xc8)) {
+ return (c >=0x40 && c <= 0x7e) || (c >= 0xa1 && c <= 0xfe);
+ }
+ if (c1 == 0xc6) {
+ return c >= 0xa1 && c <= 0xfe;
+ }
+ return 0;
+}
+
/*
* Big5 => wchar
*/
@@ -186,11 +197,7 @@ mbfl_filt_conv_big5_wchar(int c, mbfl_convert_filter
*filter)
if (filter->from->no_encoding ==
mbfl_no_encoding_cp950) {
/* PUA for CP950 */
- if (w <= 0 &&
- (((c1 >= 0xfa && c1 <= 0xfe) || (c1 >=
0x8e && c1 <= 0xa0) ||
- (c1 >= 0x81 && c1 <= 0x8d) ||(c1 >=
0xc7 && c1 <= 0xc8))
- && ((c > 0x39 && c < 0x7f) || (c >
0xa0 && c < 0xff))) ||
- ((c1 == 0xc6) && (c > 0xa0 && c <
0xff))) {
+ if (w <= 0 && is_in_cp950_pua(c1, c)) {
c2 = c1 << 8 | c;
for (k = 0; k <
sizeof(cp950_pua_tbl)/(sizeof(unsigned short)*4); k++) {
if (c2 >= cp950_pua_tbl[k][2]
&& c2 <= cp950_pua_tbl[k][3]) {
++++++ php7-CVE-2020-7062.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fsession%2Fsession.c;h=092dea81ce26187a536dd01b09fb0a5571e4dcb4;hp=7c7e4841e4fcd94509e5970f03a039a3a113d2c6;hb=e73d8e2627e6e0aa91441ffa745661c6664906f1;hpb=ead40a66785aedaa393f953a0ed9224adaf040cd
diff --git a/ext/session/session.c b/ext/session/session.c
index 7c7e4841e4..092dea81ce 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -3320,10 +3320,12 @@ static int php_session_rfc1867_callback(unsigned int
event, void *event_data, vo
if (PS(rfc1867_cleanup)) {
php_session_rfc1867_cleanup(progress);
} else {
- SEPARATE_ARRAY(&progress->data);
- add_assoc_bool_ex(&progress->data,
"done", sizeof("done") - 1, 1);
-
Z_LVAL_P(progress->post_bytes_processed) = data->post_bytes_processed;
- php_session_rfc1867_update(progress, 1);
+ if (!Z_ISUNDEF(progress->data)) {
+ SEPARATE_ARRAY(&progress->data);
+
add_assoc_bool_ex(&progress->data, "done", sizeof("done") - 1, 1);
+
Z_LVAL_P(progress->post_bytes_processed) = data->post_bytes_processed;
+
php_session_rfc1867_update(progress, 1);
+ }
}
php_rshutdown_session_globals();
}
++++++ php7-CVE-2020-7063.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar_object.c;h=89b553c2b91ca8d9ea1b30ba186185175a450246;hp=6cf097e36fe46b372ddc86c0a769c394d110fd86;hb=ead40a66785aedaa393f953a0ed9224adaf040cd;hpb=7acaa4020d0eeb2911e70148ac57787f085e03e0
diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index 6cf097e36f..89b553c2b9 100644
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -1419,6 +1419,7 @@ static int phar_build(zend_object_iterator *iter, void
*puser) /* {{{ */
char *str_key;
zend_class_entry *ce = p_obj->c;
phar_archive_object *phar_obj = p_obj->p;
+ php_stream_statbuf ssb;
value = iter->funcs->get_current_data(iter);
@@ -1686,6 +1687,16 @@ after_open_fp:
php_stream_copy_to_stream_ex(fp, p_obj->fp,
PHP_STREAM_COPY_ALL, &contents_len);
data->internal_file->uncompressed_filesize =
data->internal_file->compressed_filesize =
php_stream_tell(p_obj->fp) -
data->internal_file->offset;
+ if (php_stream_stat(fp, &ssb) != -1) {
+ data->internal_file->flags = ssb.sb.st_mode &
PHAR_ENT_PERM_MASK ;
+ } else {
+#ifndef _WIN32
+ mode_t mask;
+ mask = umask(0);
+ umask(mask);
+ data->internal_file->flags &= ~mask;
+#endif
+ }
}
if (close_fp) {
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fphar_object.c;h=bd7cbc9174523066baa407468cf943575d353c7d;hp=905fcece7300a9619d3af977e52d6d72f5771282;hb=80ea25c28d9139e237fd65c0a0f2aa87385e03e4;hpb=2c35e49dd89b5add7420db0a2f5f0b5727eb814e
diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index 905fcece73..bd7cbc9174 100644
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -3637,7 +3637,8 @@ static void phar_add_file(phar_archive_data **pphar, char
*filename, int filenam
char *error;
size_t contents_len;
phar_entry_data *data;
- php_stream *contents_file;
+ php_stream *contents_file = NULL;
+ php_stream_statbuf ssb;
if (filename_len >= (int)sizeof(".phar")-1) {
start_pos = ('/' == filename[0] ? 1 : 0); /* account for any
leading slash: multiple-leads handled elsewhere */
@@ -3674,10 +3675,20 @@ static void phar_add_file(phar_archive_data **pphar,
char *filename, int filenam
}
php_stream_copy_to_stream_ex(contents_file,
data->fp, PHP_STREAM_COPY_ALL, &contents_len);
}
-
data->internal_file->compressed_filesize =
data->internal_file->uncompressed_filesize = contents_len;
}
+ if (contents_file != NULL && php_stream_stat(contents_file,
&ssb TSRMLS_CC) != -1) {
+ data->internal_file->flags = ssb.sb.st_mode &
PHAR_ENT_PERM_MASK ;
+ } else {
+#ifndef _WIN32
+ mode_t mask;
+ mask = umask(0);
+ umask(mask);
+ data->internal_file->flags &= ~mask;
+#endif
+ }
+
/* check for copy-on-write */
if (pphar[0] != data->phar) {
*pphar = data->phar;
++++++ php7-CVE-2020-7064.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fexif%2Fexif.c;h=819708c2d3359dba9ed7004955b450c6ed83b7ff;hp=7fe055f381d792da9c3a6678647800ab58fa834a;hb=41f66e2a2cfd611e35be5ac3bf747f0b56161216;hpb=63f6608f89fda8ad35bc8c5472d1028e6fa6e0c6
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 7fe055f381..819708c2d3 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3692,6 +3692,11 @@ static void exif_process_TIFF_in_JPEG(image_info_type
*ImageInfo, char *CharBuf,
{
unsigned exif_value_2a, offset_of_ifd;
+ if (length < 2) {
+ exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING,
"Missing TIFF alignment marker");
+ return;
+ }
+
/* set the thumbnail stuff to nothing so we can test to see if they get
set up */
if (memcmp(CharBuf, "II", 2) == 0) {
ImageInfo->motorola_intel = 0;
@@ -3844,7 +3849,7 @@ static int exif_scan_JPEG_header(image_info_type
*ImageInfo)
return FALSE;
}
- sn = exif_file_sections_add(ImageInfo, marker, itemlen+1, NULL);
+ sn = exif_file_sections_add(ImageInfo, marker, itemlen, NULL);
Data = ImageInfo->file.list[sn].data;
/* Store first two pre-read bytes. */
++++++ php7-CVE-2020-7066.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Furl.c;h=fe6d7f9de1d69eaafd577518d92d899feb7145b0;hp=57fd80cc1dc0e1a5cb62da8a644b62c9308a8246;hb=0d139c5b94a5f485a66901919e51faddb0371c43;hpb=41f66e2a2cfd611e35be5ac3bf747f0b56161216
diff --git a/ext/standard/url.c b/ext/standard/url.c
index 57fd80cc1d..fe6d7f9de1 100644
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -680,7 +680,7 @@ PHP_FUNCTION(get_headers)
php_stream_context *context;
ZEND_PARSE_PARAMETERS_START(1, 3)
- Z_PARAM_STRING(url, url_len)
+ Z_PARAM_PATH(url, url_len)
Z_PARAM_OPTIONAL
Z_PARAM_LONG(format)
Z_PARAM_RESOURCE_EX(zcontext, 1, 0)
++++++ php7-CVE-2020-7068.patch ++++++
X-Git-Url:
http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fphar%2Fzip.c;h=50c5d69e9bebb6ab9397b4a924181f9e31a6f665;hp=d615e8addaf8cf8415a994e32e8ca3007cc0fc2a;hb=7355ab81763a3d6a04ac11660e6a16d58838d187;hpb=c68d48de9e1b6b6657d11da308f8b4059ad486dd
diff --git a/ext/phar/zip.c b/ext/phar/zip.c
index d615e8addaf..50c5d69e9be 100644
--- a/ext/phar/zip.c
+++ b/ext/phar/zip.c
@@ -703,7 +703,7 @@ foundit:
efree(actual_alias);
}
- zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), actual_alias,
mydata->alias_len, mydata);
+ zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), mydata->alias,
mydata->alias_len, mydata);
} else {
phar_archive_data *fd_ptr;
++++++ php7-crypt-tests.patch ++++++
Index: php-7.1.1/ext/standard/config.m4
===================================================================
--- php-7.1.1.orig/ext/standard/config.m4 2017-01-17 21:44:35.000000000
+0100
+++ php-7.1.1/ext/standard/config.m4 2017-02-14 12:47:25.502587310 +0100
@@ -58,6 +58,14 @@ if test "$ac_cv_func_crypt" = "no"; then
AC_DEFINE(HAVE_CRYPT, 1, [ ])
])
fi
+
+if test "$ac_cv_func_crypt_r" = "no"; then
+ AC_CHECK_LIB(crypt, crypt_r, [
+ LIBS="-lcrypt $LIBS -lcrypt"
+ AC_DEFINE(HAVE_CRYPT_R, 1, [ ])
+ ])
+fi
+
AC_CACHE_CHECK(for standard DES crypt, ac_cv_crypt_des,[
AC_TRY_RUN([
@@ -242,7 +250,7 @@ int main() {
dnl
dnl If one of them is missing, use our own implementation, portable code is
then possible
dnl
-if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" ||
test "$ac_cv_crypt_ext_des" = "no" || test "$ac_cv_crypt_md5" = "no" || test
"$ac_cv_crypt_sha512" = "no" || test "$ac_cv_crypt_sha256" = "no" || test
"x$php_crypt_r" = "x0"; then
+if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" ||
test "$ac_cv_crypt_md5" = "no" || test "$ac_cv_crypt_sha512" = "no" || test
"$ac_cv_crypt_sha256" = "no" || test "x$ac_cv_lib_crypt_crypt_r" = "x0"; then
dnl
dnl Check for __alignof__ support in the compiler
++++++ php7-date-regenerate-lexers.patch ++++++
Index: php-7.1.7/ext/date/config0.m4
===================================================================
--- php-7.1.7.orig/ext/date/config0.m4 2017-07-06 11:30:06.000000000 +0200
+++ php-7.1.7/ext/date/config0.m4 2017-07-21 13:56:15.183675982 +0200
@@ -10,6 +10,8 @@ timelib_sources="lib/astro.c lib/dow.c l
PHP_NEW_EXTENSION(date, php_date.c $timelib_sources, no,, $PHP_DATE_CFLAGS)
+PHP_ADD_MAKEFILE_FRAGMENT()
+
PHP_ADD_BUILD_DIR([$ext_builddir/lib], 1)
PHP_ADD_INCLUDE([$ext_builddir/lib])
PHP_ADD_INCLUDE([$ext_srcdir/lib])
Index: php-7.1.7/ext/date/Makefile.frag
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ php-7.1.7/ext/date/Makefile.frag 2017-07-21 13:58:51.986357906 +0200
@@ -0,0 +1,6 @@
+$(srcdir)/lib/parse_date.c: $(srcdir)/lib/parse_date.re
+ @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) -b --no-generation-date -o
ext/date/lib/parse_date.c ext/date/lib/parse_date.re)
+
+$(srcdir)/lib/parse_iso_intervals.c: $(srcdir)/lib/parse_iso_intervals.re
+ @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) -b --no-generation-date -o
ext/date/lib/parse_iso_intervals.c ext/date/lib/parse_iso_intervals.re)
+
++++++ php7-depdb-path.patch ++++++
# pear installer from 1.10.1 installs .depdb{,lock} files into
# %{buildroot}%{peardir} along with .lock, .registry, etc. when
# metadata_dir is not set but does not install them if
# metadata_dir is set; our Horde packages expect them there though,
# (they rm them without -f) so always install them along
--- PEAR/Registry.php 2015-12-01 13:11:24.965179369 +0000
+++ PEAR/Registry.php 2015-12-01 13:18:42.036075538 +0000
@@ -325,6 +325,7 @@ class PEAR_Registry extends PEAR
$file);
$this->_config->setRegistry($this);
$this->_config->set('php_dir', $this->install_dir);
+ $this->_config->set('metadata_dir',
dirname($this->lockfile));
}
$this->_dependencyDB =
&PEAR_DependencyDB::singleton($this->_config);
++++++ php7-embed.patch ++++++
--- php-7.1.10/sapi/embed/config.m4.embed
+++ php-7.1.10/sapi/embed/config.m4
@@ -12,7 +12,7 @@ if test "$PHP_EMBED" != "no"; then
case "$PHP_EMBED" in
yes|shared)
PHP_EMBED_TYPE=shared
- INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(prefix)/lib;
\$(INSTALL) -m 0755 $SAPI_SHARED \$(INSTALL_ROOT)\$(prefix)/lib"
+ INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(libdir); \$(LIBTOOL)
--mode=install \$(INSTALL) -m 0755 \$(OVERALL_TARGET)
\$(INSTALL_ROOT)\$(libdir)"
;;
static)
PHP_EMBED_TYPE=static
++++++ php7-fix_net-snmp_disable_MD5.patch ++++++
Index: ext/snmp/snmp.c
===================================================================
--- ext/snmp/snmp.c.orig 2015-09-08 12:33:18.057282498 +0200
+++ ext/snmp/snmp.c 2015-09-08 12:35:01.717693824 +0200
@@ -1256,14 +1256,17 @@
Set the authentication protocol in the snmpv3 session */
static int netsnmp_session_set_auth_protocol(struct snmp_session *s, char
*prot)
{
+#ifndef DISABLE_MD5
if (!strcasecmp(prot, "MD5")) {
s->securityAuthProto = usmHMACMD5AuthProtocol;
s->securityAuthProtoLen = USM_AUTH_PROTO_MD5_LEN;
- } else if (!strcasecmp(prot, "SHA")) {
+ } else
+#endif
+ if (!strcasecmp(prot, "SHA")) {
s->securityAuthProto = usmHMACSHA1AuthProtocol;
s->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
} else {
- php_error_docref(NULL, E_WARNING, "Unknown authentication
protocol '%s'", prot);
+ php_error_docref(NULL, E_WARNING, "Unknown or unsupported
authentication protocol '%s'", prot);
return (-1);
}
return (0);
++++++ php7-freetype-pkgconfig.patch ++++++
Index: php-7.2.5/ext/gd/config.m4
===================================================================
--- php-7.2.5.orig/ext/gd/config.m4
+++ php-7.2.5/ext/gd/config.m4
@@ -184,30 +184,17 @@ AC_DEFUN([PHP_GD_XPM],[
])
AC_DEFUN([PHP_GD_FREETYPE2],[
- if test "$PHP_FREETYPE_DIR" != "no"; then
+ FREETYPE2_CFLAGS=`pkg-config --cflags freetype2`
+ FREETYPE2_LIBS=`pkg-config --libs freetype2`
- for i in $PHP_FREETYPE_DIR /usr/local /usr; do
- if test -f "$i/bin/freetype-config"; then
- FREETYPE2_DIR=$i
- FREETYPE2_CONFIG="$i/bin/freetype-config"
- break
- fi
- done
-
- if test -z "$FREETYPE2_DIR"; then
- AC_MSG_ERROR([freetype-config not found.])
+ if test -z "$FREETYPE2_LIBS"; then
+ AC_MSG_ERROR([freetype2 is not available.])
fi
- FREETYPE2_CFLAGS=`$FREETYPE2_CONFIG --cflags`
- FREETYPE2_LIBS=`$FREETYPE2_CONFIG --libs`
-
PHP_EVAL_INCLINE($FREETYPE2_CFLAGS)
PHP_EVAL_LIBLINE($FREETYPE2_LIBS, GD_SHARED_LIBADD)
AC_DEFINE(HAVE_LIBFREETYPE,1,[ ])
AC_DEFINE(ENABLE_GD_TTF,1,[ ])
- else
- AC_MSG_RESULT([If configure fails try --with-freetype-dir=<DIR>])
- fi
])
AC_DEFUN([PHP_GD_JISX0208],[
++++++ php7-honor-re2c-flags.patch ++++++
Index: php-7.2.2/ext/standard/Makefile.frag
===================================================================
--- php-7.2.2.orig/ext/standard/Makefile.frag
+++ php-7.2.2/ext/standard/Makefile.frag
@@ -1,9 +1,9 @@
$(srcdir)/var_unserializer.c: $(srcdir)/var_unserializer.re
- @(cd $(top_srcdir); $(RE2C) --no-generation-date -b -o
ext/standard/var_unserializer.c ext/standard/var_unserializer.re)
+ @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o
ext/standard/var_unserializer.c ext/standard/var_unserializer.re)
$(srcdir)/url_scanner_ex.c: $(srcdir)/url_scanner_ex.re
- @(cd $(top_srcdir); $(RE2C) --no-generation-date -b -o
ext/standard/url_scanner_ex.c ext/standard/url_scanner_ex.re)
+ @(cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o
ext/standard/url_scanner_ex.c ext/standard/url_scanner_ex.re)
$(builddir)/info.lo: $(builddir)/../../main/build-defs.h
Index: php-7.2.2/ext/json/Makefile.frag
===================================================================
--- php-7.2.2.orig/ext/json/Makefile.frag
+++ php-7.2.2/ext/json/Makefile.frag
@@ -1,5 +1,5 @@
$(srcdir)/json_scanner.c: $(srcdir)/json_scanner.re
- $(RE2C) -t $(srcdir)/php_json_scanner_defs.h --no-generation-date -bci
-o $@ $(srcdir)/json_scanner.re
+ $(RE2C) $(RE2C_FLAGS) -t $(srcdir)/php_json_scanner_defs.h
--no-generation-date -bci -o $@ $(srcdir)/json_scanner.re
$(srcdir)/json_parser.tab.c: $(srcdir)/json_parser.y
$(YACC) --defines -l $(srcdir)/json_parser.y -o $@
Index: php-7.2.2/ext/phar/Makefile.frag
===================================================================
--- php-7.2.2.orig/ext/phar/Makefile.frag
+++ php-7.2.2/ext/phar/Makefile.frag
@@ -1,9 +1,9 @@
$(srcdir)/phar_path_check.c: $(srcdir)/phar_path_check.re
@(cd $(top_srcdir); \
if test -f ./php_phar.h; then \
- $(RE2C) --no-generation-date -b -o phar_path_check.c
phar_path_check.re; \
+ $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o
phar_path_check.c phar_path_check.re; \
else \
- $(RE2C) --no-generation-date -b -o ext/phar/phar_path_check.c
ext/phar/phar_path_check.re; \
+ $(RE2C) $(RE2C_FLAGS) --no-generation-date -b -o
ext/phar/phar_path_check.c ext/phar/phar_path_check.re; \
fi)
pharcmd: $(builddir)/phar.php $(builddir)/phar.phar
Index: php-7.2.2/ext/pdo/Makefile.frag
===================================================================
--- php-7.2.2.orig/ext/pdo/Makefile.frag
+++ php-7.2.2/ext/pdo/Makefile.frag
@@ -7,7 +7,7 @@ PDO_HEADER_FILES= \
$(srcdir)/pdo_sql_parser.c: $(srcdir)/pdo_sql_parser.re
- (cd $(top_srcdir); $(RE2C) --no-generation-date -o
ext/pdo/pdo_sql_parser.c ext/pdo/pdo_sql_parser.re)
+ (cd $(top_srcdir); $(RE2C) $(RE2C_FLAGS) --no-generation-date -o
ext/pdo/pdo_sql_parser.c ext/pdo/pdo_sql_parser.re)
install-pdo-headers:
@echo "Installing PDO headers:
$(INSTALL_ROOT)$(phpincludedir)/ext/pdo/"
++++++ php7-ini.patch ++++++
Index: php.ini-production
===================================================================
--- php.ini-production.orig 2015-07-10 14:11:24.167826570 +0200
+++ php.ini-production 2015-07-14 10:45:17.847974988 +0200
@@ -697,7 +697,7 @@
;;;;;;;;;;;;;;;;;;;;;;;;;
; UNIX: "/path1:/path2"
-;include_path = ".:/php/includes"
+include_path = ".:/usr/share/php7:/usr/share/php7/PEAR"
;
; Windows: "\path1;\path2"
;include_path = ".;c:\php\includes"
@@ -911,7 +911,7 @@
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
-;date.timezone =
+date.timezone = 'UTC'
; http://php.net/date.default-latitude
;date.default_latitude = 31.7667
@@ -1125,7 +1125,7 @@
; Allow or prevent persistent links.
; http://php.net/mysqli.allow-persistent
-mysqli.allow_persistent = On
+mysqli.allow_persistent = Off
; Maximum number of links. -1 means no limit.
; http://php.net/mysqli.max-links
@@ -1308,7 +1308,7 @@
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
; http://php.net/session.save-path
-;session.save_path = "/tmp"
+session.save_path = "/var/lib/php7"
; Whether to use strict session mode.
; Strict session mode does not accept uninitialized session ID and regenerate
++++++ php7-no-build-date.patch ++++++
Index: php-7.2.4/ext/standard/info.c
===================================================================
--- php-7.2.4.orig/ext/standard/info.c 2018-03-27 15:10:52.000000000 +0200
+++ php-7.2.4/ext/standard/info.c 2018-04-04 13:05:25.675487878 +0200
@@ -830,7 +830,7 @@ PHPAPI void php_print_info(int flag)
php_info_print_box_end();
php_info_print_table_start();
php_info_print_table_row(2, "System", ZSTR_VAL(php_uname));
- php_info_print_table_row(2, "Build Date", __DATE__ " "
__TIME__);
+ /*php_info_print_table_row(2, "Build Date", __DATE__ " "
__TIME__);*/
#ifdef COMPILER
php_info_print_table_row(2, "Compiler", COMPILER);
#endif
@@ -838,7 +838,7 @@ PHPAPI void php_print_info(int flag)
php_info_print_table_row(2, "Architecture", ARCHITECTURE);
#endif
#ifdef CONFIGURE_COMMAND
- php_info_print_table_row(2, "Configure Command",
CONFIGURE_COMMAND );
+ /* php_info_print_table_row(2, "Configure Command",
CONFIGURE_COMMAND ); */
#endif
if (sapi_module.pretty_name) {
Index: php-7.2.4/sapi/cli/php_cli.c
===================================================================
--- php-7.2.4.orig/sapi/cli/php_cli.c 2018-03-27 15:10:57.000000000 +0200
+++ php-7.2.4/sapi/cli/php_cli.c 2018-04-04 13:05:25.675487878 +0200
@@ -697,8 +697,8 @@ static int do_cli(int argc, char **argv)
goto out;
case 'v': /* show php version & quit */
- php_printf("PHP %s (%s) (built: %s %s) (
%s)\nCopyright (c) 1997-2018 The PHP Group\n%s",
- PHP_VERSION, cli_sapi_module.name,
__DATE__, __TIME__,
+ php_printf("PHP %s (%s) ( %s)\nCopyright (c)
1997-2018 The PHP Group\n%s",
+ PHP_VERSION, cli_sapi_module.name,
#if ZTS
"ZTS "
#else
Index: php-7.2.4/sapi/cgi/cgi_main.c
===================================================================
--- php-7.2.4.orig/sapi/cgi/cgi_main.c 2018-03-27 15:10:57.000000000 +0200
+++ php-7.2.4/sapi/cgi/cgi_main.c 2018-04-04 13:05:25.675487878 +0200
@@ -2427,9 +2427,9 @@ consult the installation file that came
SG(request_info).no_headers = 1;
}
#if ZEND_DEBUG
- php_printf("PHP %s (%s)
(built: %s %s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s",
PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s)
(DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION,
sapi_module.name, get_zend_version());
#else
- php_printf("PHP %s (%s)
(built: %s %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION,
sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s)
\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name,
get_zend_version());
#endif
php_request_shutdown((void *) 0);
fcgi_shutdown();
Index: php-7.2.4/configure.ac
===================================================================
--- php-7.2.4.orig/configure.ac 2018-04-04 13:05:25.675487878 +0200
+++ php-7.2.4/configure.ac 2018-04-04 13:10:53.817149061 +0200
@@ -1269,13 +1269,12 @@ EXTRA_LDFLAGS="$EXTRA_LDFLAGS $PHP_LDFLA
EXTRA_LDFLAGS_PROGRAM="$EXTRA_LDFLAGS_PROGRAM $PHP_LDFLAGS"
# SOURCE_DATE_EPOCH for reproducible builds
https://reproducible-builds.org/specs/source-date-epoch/
-PHP_BUILD_DATE=`date --utc --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}"
+%Y-%m-%d 2>/dev/null`
-if test $? -ne 0 ; then
-PHP_BUILD_DATE=`date -u +%Y-%m-%d`
-fi
+#totally fake, not used anywhere in userspace
+PHP_BUILD_DATE="1970-01-01"
AC_DEFINE_UNQUOTED(PHP_BUILD_DATE,"$PHP_BUILD_DATE",[PHP build date])
-PHP_UNAME=`uname -a | xargs`
+dnl Totally fake, it wasnt and will never be reliable anyway.
+PHP_UNAME="Linux suse 2.6.36 #1 SMP 2011-02-21 10:34:10 +0100 x86_64 x86_64
x86_64 GNU/Linux"
AC_DEFINE_UNQUOTED(PHP_UNAME,"$PHP_UNAME",[uname -a output])
PHP_OS=`uname | xargs`
AC_DEFINE_UNQUOTED(PHP_OS,"$PHP_OS",[uname output])
Index: php-7.2.4/sapi/fpm/fpm/fpm_main.c
===================================================================
--- php-7.2.4.orig/sapi/fpm/fpm/fpm_main.c 2018-03-27 15:10:57.000000000
+0200
+++ php-7.2.4/sapi/fpm/fpm/fpm_main.c 2018-04-04 13:05:25.675487878 +0200
@@ -1755,9 +1755,9 @@ int main(int argc, char *argv[])
SG(request_info).no_headers = 1;
#if ZEND_DEBUG
- php_printf("PHP %s (%s) (built: %s %s)
(DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION,
sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s) (DEBUG)\nCopyright (c)
1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name,
get_zend_version());
#else
- php_printf("PHP %s (%s) (built: %s
%s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name,
__DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s) \nCopyright (c)
1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name,
get_zend_version());
#endif
php_request_shutdown((void *) 0);
fcgi_shutdown();
++++++ php7-odbc-cmp-int-cast.patch ++++++
https://bugs.php.net/bug.php?id=53007
Index: ext/odbc/php_odbc.c
===================================================================
--- ext/odbc/php_odbc.c.orig 2015-09-04 19:50:10.129774538 +0200
+++ ext/odbc/php_odbc.c 2015-09-04 19:52:34.202740738 +0200
@@ -1796,7 +1796,7 @@
if (rc == SQL_SUCCESS_WITH_INFO) {
ZVAL_STRINGL(&tmp, buf,
result->longreadlen);
- } else if (result->values[i].vallen ==
SQL_NULL_DATA) {
+ } else if ((int)result->values[i].vallen ==
(int)SQL_NULL_DATA) {
ZVAL_NULL(&tmp);
break;
} else {
@@ -1805,7 +1805,7 @@
break;
default:
- if (result->values[i].vallen == SQL_NULL_DATA) {
+ if ((int)result->values[i].vallen ==
(int)SQL_NULL_DATA) {
ZVAL_NULL(&tmp);
break;
}
@@ -1948,7 +1948,7 @@
}
if (rc == SQL_SUCCESS_WITH_INFO) {
ZVAL_STRINGL(&tmp, buf,
result->longreadlen);
- } else if (result->values[i].vallen ==
SQL_NULL_DATA) {
+ } else if ((int)result->values[i].vallen ==
(int)SQL_NULL_DATA) {
ZVAL_NULL(&tmp);
break;
} else {
@@ -1957,7 +1957,7 @@
break;
default:
- if (result->values[i].vallen == SQL_NULL_DATA) {
+ if ((int)result->values[i].vallen ==
(int)SQL_NULL_DATA) {
ZVAL_NULL(&tmp);
break;
}
@@ -2185,7 +2185,7 @@
RETURN_FALSE;
}
- if (result->values[field_ind].vallen == SQL_NULL_DATA) {
+ if ((int)result->values[field_ind].vallen ==
(int)SQL_NULL_DATA) {
zend_string_free(field_str);
RETURN_NULL();
} else if (rc == SQL_NO_DATA_FOUND) {
@@ -2211,7 +2211,7 @@
break;
default:
- if (result->values[field_ind].vallen == SQL_NULL_DATA) {
+ if ((int)result->values[field_ind].vallen ==
(int)SQL_NULL_DATA) {
RETURN_NULL();
} else {
RETURN_STRINGL(result->values[field_ind].value,
result->values[field_ind].vallen);
@@ -2235,7 +2235,7 @@
RETURN_FALSE;
}
- if (result->values[field_ind].vallen == SQL_NULL_DATA) {
+ if ((int)result->values[field_ind].vallen ==
(int)SQL_NULL_DATA) {
efree(field);
RETURN_NULL();
}
@@ -2344,7 +2344,7 @@
}
if (rc == SQL_SUCCESS_WITH_INFO) {
PHPWRITE(buf,
result->longreadlen);
- } else if (result->values[i].vallen ==
SQL_NULL_DATA) {
+ } else if
((int)result->values[i].vallen == (int)SQL_NULL_DATA) {
php_printf("<td>NULL</td>");
break;
} else {
@@ -2353,7 +2353,7 @@
php_printf("</td>");
break;
default:
- if (result->values[i].vallen ==
SQL_NULL_DATA) {
+ if ((int)result->values[i].vallen ==
(int)SQL_NULL_DATA) {
php_printf("<td>NULL</td>");
} else {
php_printf("<td>%s</td>",
result->values[i].value);
++++++ php7-openssl.patch ++++++
Index: ext/openssl/openssl.c
===================================================================
--- ext/openssl/openssl.c 2017-01-17 21:44:41.000000000 +0100
+++ ext/openssl/openssl.c 2017-02-13 15:25:42.219789317 +0100
@@ -1388,6 +1388,7 @@ PHP_MINIT_FUNCTION(openssl)
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
OpenSSL_add_all_algorithms();
+ OPENSSL_config(NULL);
#if !defined(OPENSSL_NO_AES) && defined(EVP_CIPH_CCM_MODE) &&
OPENSSL_VERSION_NUMBER < 0x100020000
EVP_add_cipher(EVP_aes_128_ccm());
Index: ext/openssl/xp_ssl.c
===================================================================
--- ext/openssl/xp_ssl.c 2017-02-13 15:25:42.219789317 +0100
+++ ext/openssl/xp_ssl.c 2017-02-13 15:33:47.520365579 +0100
@@ -1518,6 +1518,10 @@ int php_openssl_setup_crypto(php_stream
return FAILURE;
}
+#ifdef SSL_MODE_RELEASE_BUFFERS
+ SSL_CTX_set_mode(sslsock->ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
+
if (GET_VER_OPT("no_ticket") && zend_is_true(val)) {
ssl_ctx_options |= SSL_OP_NO_TICKET;
}
++++++ php7-php-config.patch ++++++
---
scripts/php-config.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: scripts/php-config.in
===================================================================
--- scripts/php-config.in.orig
+++ scripts/php-config.in
@@ -6,7 +6,7 @@ datarootdir="@datarootdir@"
exec_prefix="@exec_prefix@"
version="@PHP_VERSION@"
vernum="@PHP_VERSION_ID@"
-include_dir="@includedir@/php"
+include_dir="@includedir@/php7"
includes="-I$include_dir -I$include_dir/main -I$include_dir/TSRM
-I$include_dir/Zend -I$include_dir/ext -I$include_dir/ext/date/lib"
ldflags="@PHP_LDFLAGS@"
libs="@EXTRA_LIBS@"
++++++ php7-phpize.patch ++++++
---
scripts/Makefile.frag | 4 ++--
scripts/phpize.in | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
Index: scripts/Makefile.frag
===================================================================
--- scripts/Makefile.frag.orig
+++ scripts/Makefile.frag
@@ -3,8 +3,8 @@
# Build environment install
#
-phpincludedir = $(includedir)/php
-phpbuilddir = $(libdir)/build
+phpincludedir = $(includedir)/php7
+phpbuilddir = $(datadir)/build
BUILD_FILES = \
scripts/phpize.m4 \
Index: scripts/phpize.in
===================================================================
--- scripts/phpize.in.orig
+++ scripts/phpize.in
@@ -4,8 +4,8 @@
prefix='@prefix@'
datarootdir='@datarootdir@'
exec_prefix="`eval echo @exec_prefix@`"
-phpdir="`eval echo @libdir@`/build"
-includedir="`eval echo @includedir@`/php"
+phpdir="`eval echo @datadir@`/build"
+includedir="`eval echo @includedir@`/php7"
builddir="`pwd`"
SED="@SED@"
++++++ php7-pts.patch ++++++
Index: ext/standard/proc_open.c
===================================================================
--- ext/standard/proc_open.c.orig
+++ ext/standard/proc_open.c
@@ -61,7 +61,7 @@
* */
#ifdef PHP_CAN_SUPPORT_PROC_OPEN
-#if 0 && HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT && HAVE_SYS_IOCTL_H &&
HAVE_TERMIOS_H
+#if HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT && HAVE_SYS_IOCTL_H &&
HAVE_TERMIOS_H
# include <sys/ioctl.h>
# include <termios.h>
# define PHP_CAN_DO_PTS 1
++++++ php7-systemd-unit.patch ++++++
Index: php-7.1.1/sapi/fpm/php-fpm.service.in
===================================================================
--- php-7.1.1.orig/sapi/fpm/php-fpm.service.in 2017-02-13 16:20:23.157202901
+0100
+++ php-7.1.1/sapi/fpm/php-fpm.service.in 2017-02-13 16:22:31.527501287
+0100
@@ -5,13 +5,15 @@
[Unit]
Description=The PHP FastCGI Process Manager
After=network.target
+Before=apache2.service nginx.service lighttpd.service
[Service]
Type=@php_fpm_systemd@
-PIDFile=@EXPANDED_LOCALSTATEDIR@/run/php-fpm.pid
ExecStart=@EXPANDED_SBINDIR@/php-fpm --nodaemonize --fpm-config
@EXPANDED_SYSCONFDIR@/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID
+ExecStop=/bin/kill -QUIT $MAINPID
PrivateTmp=true
+KillMode=mixed
[Install]
WantedBy=multi-user.target
++++++ php7-systzdata-v16.patch ++++++
++++ 656 lines (skipped)
++++++ php7.rpmlintrc ++++++
# Non-versioned shared library, php-embed requires
# exact version of main package, parallel installation
# not wanted
addFilter("php.-embed.* shlib-policy-name-error")
