iliaa Mon May 28 23:00:25 2007 UTC
Modified files:
/php-src/main/streams plain_wrapper.c
/php-src/ext/wddx wddx.c
/php-src/ext/sysvshm sysvshm.c
/php-src/ext/standard proc_open.c browscap.c array.c
/php-src/ext/shmop shmop.c
/php-src/ext/mcrypt mcrypt.c
/php-src/ext/bz2 bz2.c
/php-src server-tests.php
Log:
MFB
http://cvs.php.net/viewvc.cgi/php-src/main/streams/plain_wrapper.c?r1=1.87&r2=1.88&diff_format=u
Index: php-src/main/streams/plain_wrapper.c
diff -u php-src/main/streams/plain_wrapper.c:1.87
php-src/main/streams/plain_wrapper.c:1.88
--- php-src/main/streams/plain_wrapper.c:1.87 Wed Apr 18 14:23:35 2007
+++ php-src/main/streams/plain_wrapper.c Mon May 28 23:00:24 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: plain_wrapper.c,v 1.87 2007/04/18 14:23:35 dmitry Exp $ */
+/* $Id: plain_wrapper.c,v 1.88 2007/05/28 23:00:24 iliaa Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -904,12 +904,12 @@
*opened_path = realpath;
realpath = NULL;
}
- if (realpath) {
- efree(realpath);
- }
/* fall through */
case PHP_STREAM_PERSISTENT_FAILURE:
+ if (realpath) {
+ efree(realpath);
+ }
efree(persistent_id);;
return ret;
}
@@ -948,6 +948,10 @@
r = do_fstat(self, 0);
if ((r == 0 && !S_ISREG(self->sb.st_mode))) {
+ if (opened_path) {
+ efree(*opened_path);
+ *opened_path = NULL;
+ }
php_stream_close(ret);
return NULL;
}
http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.144&r2=1.145&diff_format=u
Index: php-src/ext/wddx/wddx.c
diff -u php-src/ext/wddx/wddx.c:1.144 php-src/ext/wddx/wddx.c:1.145
--- php-src/ext/wddx/wddx.c:1.144 Sat Feb 24 16:25:55 2007
+++ php-src/ext/wddx/wddx.c Mon May 28 23:00:24 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: wddx.c,v 1.144 2007/02/24 16:25:55 helly Exp $ */
+/* $Id: wddx.c,v 1.145 2007/05/28 23:00:24 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -984,6 +984,9 @@
goto
bigint;
}
l = (long) d;
+ if (l != d) {
+ goto
bigint;
+ }
case IS_LONG:
zend_hash_index_update(target_hash, l, &ent1->data, sizeof(zval *), NULL);
break;
@@ -1034,10 +1037,9 @@
Z_STRVAL_P(ent->data) =
estrndup(decoded, decoded_len);
Z_STRLEN_P(ent->data) = decoded_len;
} else {
- Z_STRVAL_P(ent->data) =
erealloc(Z_STRVAL_P(ent->data),
- Z_STRLEN_P(ent->data) +
decoded_len + 1);
-
strncpy(Z_STRVAL_P(ent->data)+Z_STRLEN_P(ent->data), decoded, decoded_len);
Z_STRLEN_P(ent->data) += decoded_len;
+ Z_STRVAL_P(ent->data) =
erealloc(Z_STRVAL_P(ent->data), Z_STRLEN_P(ent->data) + 1);
+ strlcpy(Z_STRVAL_P(ent->data) +
Z_STRLEN_P(ent->data), decoded, Z_STRLEN_P(ent->data) + 1);
Z_STRVAL_P(ent->data)[Z_STRLEN_P(ent->data)] = '\0';
}
http://cvs.php.net/viewvc.cgi/php-src/ext/sysvshm/sysvshm.c?r1=1.75&r2=1.76&diff_format=u
Index: php-src/ext/sysvshm/sysvshm.c
diff -u php-src/ext/sysvshm/sysvshm.c:1.75 php-src/ext/sysvshm/sysvshm.c:1.76
--- php-src/ext/sysvshm/sysvshm.c:1.75 Mon Jan 1 09:29:33 2007
+++ php-src/ext/sysvshm/sysvshm.c Mon May 28 23:00:24 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: sysvshm.c,v 1.75 2007/01/01 09:29:33 sebastian Exp $ */
+/* $Id: sysvshm.c,v 1.76 2007/05/28 23:00:24 iliaa Exp $ */
/* This has been built and tested on Linux 2.2.14
*
@@ -118,6 +118,11 @@
RETURN_FALSE;
}
+ if (shm_size < 1) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Segment size must
be greater then zero.");
+ RETURN_FALSE;
+ }
+
shm_list_ptr = (sysvshm_shm *) emalloc(sizeof(sysvshm_shm));
/* get the id from a specified key or create new shared memory */
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/proc_open.c?r1=1.56&r2=1.57&diff_format=u
Index: php-src/ext/standard/proc_open.c
diff -u php-src/ext/standard/proc_open.c:1.56
php-src/ext/standard/proc_open.c:1.57
--- php-src/ext/standard/proc_open.c:1.56 Mon Apr 16 09:43:52 2007
+++ php-src/ext/standard/proc_open.c Mon May 28 23:00:25 2007
@@ -15,7 +15,7 @@
| Author: Wez Furlong <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: proc_open.c,v 1.56 2007/04/16 09:43:52 dmitry Exp $ */
+/* $Id: proc_open.c,v 1.57 2007/05/28 23:00:25 iliaa Exp $ */
#if 0 && (defined(__linux__) || defined(sun) || defined(__IRIX__))
# define _BSD_SOURCE /* linux wants this when XOPEN mode is on */
@@ -777,6 +777,9 @@
channel.errfd = -1;
/* Duplicate the command as processing downwards will modify it*/
command_dup = strdup(command);
+ if (!command_dup) {
+ goto exit_fail;
+ }
/* get a number of args */
construct_argc_argv(command_dup, NULL, &command_num_args, NULL);
child_argv = (char**) malloc((command_num_args + 1) * sizeof(char*));
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/browscap.c?r1=1.91&r2=1.92&diff_format=u
Index: php-src/ext/standard/browscap.c
diff -u php-src/ext/standard/browscap.c:1.91
php-src/ext/standard/browscap.c:1.92
--- php-src/ext/standard/browscap.c:1.91 Mon Jan 1 09:29:30 2007
+++ php-src/ext/standard/browscap.c Mon May 28 23:00:25 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: browscap.c,v 1.91 2007/01/01 09:29:30 sebastian Exp $ */
+/* $Id: browscap.c,v 1.92 2007/05/28 23:00:25 iliaa Exp $ */
#include "php.h"
#include "php_regex.h"
@@ -55,7 +55,7 @@
php_strtolower(Z_STRVAL_P(pattern), Z_STRLEN_P(pattern));
- t = (char *) malloc(Z_STRLEN_P(pattern)*2 + 3);
+ t = (char *) safe_pemalloc(Z_STRLEN_P(pattern), 2, 3, 1);
t[0] = '^';
@@ -100,7 +100,7 @@
zval *new_property;
char *new_key;
- new_property = (zval *) malloc(sizeof(zval));
+ new_property = (zval *) pemalloc(sizeof(zval),
1);
INIT_PZVAL(new_property);
Z_STRVAL_P(new_property) =
zend_strndup(Z_STRVAL_P(arg2), Z_STRLEN_P(arg2));
Z_STRLEN_P(new_property) = Z_STRLEN_P(arg2);
@@ -118,14 +118,14 @@
HashTable *section_properties;
/*printf("'%s'
(%d)\n",$1.value.str.val,$1.value.str.len+1);*/
- current_section = (zval *) malloc(sizeof(zval));
+ current_section = (zval *)
pemalloc(sizeof(zval), 1);
INIT_PZVAL(current_section);
- processed = (zval *) malloc(sizeof(zval));
+ processed = (zval *) pemalloc(sizeof(zval), 1);
INIT_PZVAL(processed);
- unprocessed = (zval *) malloc(sizeof(zval));
+ unprocessed = (zval *) pemalloc(sizeof(zval),
1);
INIT_PZVAL(unprocessed);
- section_properties = (HashTable *)
malloc(sizeof(HashTable));
+ section_properties = (HashTable *)
pemalloc(sizeof(HashTable), 1);
zend_hash_init(section_properties, 0, NULL,
(dtor_func_t) browscap_entry_dtor, 1);
current_section->value.ht = section_properties;
current_section->type = IS_ARRAY;
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/array.c?r1=1.407&r2=1.408&diff_format=u
Index: php-src/ext/standard/array.c
diff -u php-src/ext/standard/array.c:1.407 php-src/ext/standard/array.c:1.408
--- php-src/ext/standard/array.c:1.407 Fri May 18 14:11:12 2007
+++ php-src/ext/standard/array.c Mon May 28 23:00:25 2007
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: array.c,v 1.407 2007/05/18 14:11:12 tony2001 Exp $ */
+/* $Id: array.c,v 1.408 2007/05/28 23:00:25 iliaa Exp $ */
#include "php.h"
#include "php_ini.h"
@@ -1842,13 +1842,13 @@
add_next_index_double(return_value, low);
}
} else {
- int low, high;
+ double low, high;
long lstep;
long_str:
- convert_to_long(zlow);
- convert_to_long(zhigh);
- low = Z_LVAL_P(zlow);
- high = Z_LVAL_P(zhigh);
+ convert_to_double(zlow);
+ convert_to_double(zhigh);
+ low = Z_DVAL_P(zlow);
+ high = Z_DVAL_P(zhigh);
lstep = (long) step;
if (low > high) { /* Negative steps */
@@ -1857,18 +1857,18 @@
goto err;
}
for (; low >= high; low -= lstep) {
- add_next_index_long(return_value, low);
+ add_next_index_long(return_value, (long)low);
}
- } else if (high > low) { /* Positive steps */
+ } else if (high > low) { /* Positive steps */
if (high - low < lstep || lstep <= 0) {
err = 1;
goto err;
}
for (; low <= high; low += lstep) {
- add_next_index_long(return_value, low);
+ add_next_index_long(return_value, (long)low);
}
} else {
- add_next_index_long(return_value, low);
+ add_next_index_long(return_value, (long)low);
}
}
err:
@@ -4104,7 +4104,7 @@
zend_hash_move_forward_ex(htbl, &pos);
}
- RETVAL_ZVAL(result, 0, 1);
+ RETVAL_ZVAL(result, 1, 1);
}
/* }}} */
http://cvs.php.net/viewvc.cgi/php-src/ext/shmop/shmop.c?r1=1.39&r2=1.40&diff_format=u
Index: php-src/ext/shmop/shmop.c
diff -u php-src/ext/shmop/shmop.c:1.39 php-src/ext/shmop/shmop.c:1.40
--- php-src/ext/shmop/shmop.c:1.39 Wed Jan 31 00:15:06 2007
+++ php-src/ext/shmop/shmop.c Mon May 28 23:00:25 2007
@@ -16,7 +16,7 @@
| Ilia Alshanetsky <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: shmop.c,v 1.39 2007/01/31 00:15:06 iliaa Exp $ */
+/* $Id: shmop.c,v 1.40 2007/05/28 23:00:25 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -181,6 +181,11 @@
goto err;
}
+ if (shmop->shmflg & IPC_CREAT && shmop->size < 1) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Shared memory
segment size must be greater then zero.");
+ goto err;
+ }
+
shmop->shmid = shmget(shmop->key, shmop->size, shmop->shmflg);
if (shmop->shmid == -1) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to attach
or create shared memory segment");
http://cvs.php.net/viewvc.cgi/php-src/ext/mcrypt/mcrypt.c?r1=1.104&r2=1.105&diff_format=u
Index: php-src/ext/mcrypt/mcrypt.c
diff -u php-src/ext/mcrypt/mcrypt.c:1.104 php-src/ext/mcrypt/mcrypt.c:1.105
--- php-src/ext/mcrypt/mcrypt.c:1.104 Sun Apr 8 08:04:30 2007
+++ php-src/ext/mcrypt/mcrypt.c Mon May 28 23:00:25 2007
@@ -16,7 +16,7 @@
| Derick Rethans <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: mcrypt.c,v 1.104 2007/04/08 08:04:30 tony2001 Exp $ */
+/* $Id: mcrypt.c,v 1.105 2007/05/28 23:00:25 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -1002,8 +1002,8 @@
int fd, n;
size_t read_bytes;
- if (size <= 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Can not create an
IV with size 0 or smaller");
+ if (size <= 0 || size >= INT_MAX) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Can not create an
IV with a size of less then 1 or greater then %d", INT_MAX);
return FAILURE;
}
http://cvs.php.net/viewvc.cgi/php-src/ext/bz2/bz2.c?r1=1.32&r2=1.33&diff_format=u
Index: php-src/ext/bz2/bz2.c
diff -u php-src/ext/bz2/bz2.c:1.32 php-src/ext/bz2/bz2.c:1.33
--- php-src/ext/bz2/bz2.c:1.32 Mon Jan 1 09:29:21 2007
+++ php-src/ext/bz2/bz2.c Mon May 28 23:00:25 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: bz2.c,v 1.32 2007/01/01 09:29:21 sebastian Exp $ */
+/* $Id: bz2.c,v 1.33 2007/05/28 23:00:25 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -225,6 +225,10 @@
#else
path_copy = path;
#endif
+
+ if (php_check_open_basedir(path_copy TSRMLS_CC)) {
+ return NULL;
+ }
/* try and open it directly first */
bz_file = BZ2_bzopen(path_copy, mode);
@@ -236,7 +240,7 @@
if (bz_file == NULL) {
/* that didn't work, so try and get something from the
network/wrapper */
- stream = php_stream_open_wrapper(path, mode, options |
STREAM_WILL_CAST, opened_path);
+ stream = php_stream_open_wrapper(path, mode, options |
STREAM_WILL_CAST | ENFORCE_SAFE_MODE, opened_path);
if (stream) {
int fd;
http://cvs.php.net/viewvc.cgi/php-src/server-tests.php?r1=1.6&r2=1.7&diff_format=u
Index: php-src/server-tests.php
diff -u php-src/server-tests.php:1.6 php-src/server-tests.php:1.7
--- php-src/server-tests.php:1.6 Wed Mar 8 14:41:45 2006
+++ php-src/server-tests.php Mon May 28 23:00:25 2007
@@ -3,7 +3,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
