Author: arekm Date: Thu Mar 24 19:44:36 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- rel 1; suhosin from cooker
---- Files affected:
packages/php:
php.spec (1.926 -> 1.927) , suhosin.patch (1.8 -> 1.9)
---- Diffs:
================================================================
Index: packages/php/php.spec
diff -u packages/php/php.spec:1.926 packages/php/php.spec:1.927
--- packages/php/php.spec:1.926 Fri Mar 18 10:02:21 2011
+++ packages/php/php.spec Thu Mar 24 20:44:30 2011
@@ -103,7 +103,7 @@
%undefine with_filter
%endif
-%define rel 0.1
+%define rel 1
Summary: PHP: Hypertext Preprocessor
Summary(fr.UTF-8): Le langage de script embarque-HTML PHP
Summary(pl.UTF-8): Język skryptowy PHP
@@ -3166,6 +3166,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.927 2011/03/24 19:44:30 arekm
+- rel 1; suhosin from cooker
+
Revision 1.926 2011/03/18 09:02:21 arekm
- updated to 5.3.6 without suhoshin (fixes CVE-2011-1153, CVE-2011-1092,
CVE-2011-0708, CVE-2011-0421, misc)
================================================================
Index: packages/php/suhosin.patch
diff -u packages/php/suhosin.patch:1.8 packages/php/suhosin.patch:1.9
--- packages/php/suhosin.patch:1.8 Fri Feb 26 18:28:14 2010
+++ packages/php/suhosin.patch Thu Mar 24 20:44:30 2011
@@ -1,913 +1,1071 @@
---- php-5.3.1RC1/Zend/Makefile.am 2009-03-18 11:18:10.000000000 +0100
-+++ suhosin-patch-5.3.1RC1-0.9.8/Zend/Makefile.am 2009-09-27
19:04:06.000000000 +0200
-@@ -17,7 +17,7 @@
- zend_objects_API.c zend_ts_hash.c zend_stream.c \
- zend_default_classes.c \
- zend_iterators.c zend_interfaces.c zend_exceptions.c \
-- zend_strtod.c zend_closures.c zend_float.c
-+ zend_strtod.c zend_closures.c zend_float.c zend_canary.c
zend_alloc_canary.c
+diff -Naurp php-5.3.6RC1/configure php-5.3.6RC1.oden/configure
+--- php-5.3.6RC1/configure 2011-02-16 21:30:40.000000000 +0100
++++ php-5.3.6RC1.oden/configure 2011-02-20 11:50:19.294835319 +0100
+@@ -18979,6 +18979,9 @@ EOF
- libZend_la_LDFLAGS =
- libZend_la_LIBADD = @ZEND_EXTRA_LIBS@
---- php-5.3.1RC1/Zend/Zend.dsp 2009-03-18 11:18:10.000000000 +0100
-+++ suhosin-patch-5.3.1RC1-0.9.8/Zend/Zend.dsp 2009-09-27 19:04:06.000000000
+0200
-@@ -247,6 +247,14 @@
- # End Source File
- # Begin Source File
-
-+SOURCE=.\zend_canary.c
-+# End Source File
-+# Begin Source File
-+
-+SOURCE=.\zend_alloc_canary.c
-+# End Source File
-+# Begin Source File
-+
- SOURCE=.\zend_ts_hash.c
- # End Source File
- # Begin Source File
---- php-5.3.1RC1/Zend/ZendTS.dsp 2008-07-14 11:49:03.000000000 +0200
-+++ suhosin-patch-5.3.1RC1-0.9.8/Zend/ZendTS.dsp 2009-09-27
19:04:06.000000000 +0200
-@@ -277,6 +277,14 @@
- # End Source File
- # Begin Source File
-
-+SOURCE=.\zend_canary.c
-+# End Source File
-+# Begin Source File
-+
-+SOURCE=.\zend_alloc_canary.c
-+# End Source File
-+# Begin Source File
-+
- SOURCE=.\zend_ts_hash.c
- # End Source File
- # Begin Source File
---- php-5.3.1RC1/Zend/zend.c 2009-06-16 18:10:15.000000000 +0200
-+++ suhosin-patch-5.3.1RC1-0.9.8/Zend/zend.c 2009-09-27 19:04:06.000000000
+0200
-@@ -60,6 +60,10 @@
- ZEND_API char *(*zend_getenv)(char *name, size_t name_len TSRMLS_DC);
- ZEND_API char *(*zend_resolve_path)(const char *filename, int filename_len
TSRMLS_DC);
+ fi
+
++cat >> confdefs.h <<\EOF
++#define SUHOSIN_PATCH 1
++EOF
+
+ echo $ac_n "checking for declared timezone""... $ac_c" 1>&6
+ echo "configure:18985: checking for declared timezone" >&5
+@@ -115340,7 +115343,7 @@ EOF
+ php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
+ strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
+ network.c php_open_temporary_file.c php_logos.c \
+- output.c getopt.c; do
++ output.c getopt.c suhosin_patch.c ; do
+
+ IFS=.
+ set $ac_src
+@@ -115544,7 +115547,7 @@ esac
+ zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
+ zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
+ zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c
zend_gc.c \
+- zend_closures.c zend_float.c; do
++ zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c ; do
+
+ IFS=.
+ set $ac_src
+diff -Naurp php-5.3.6RC1/configure.in php-5.3.6RC1.oden/configure.in
+--- php-5.3.6RC1/configure.in 2011-02-20 11:45:04.157489906 +0100
++++ php-5.3.6RC1.oden/configure.in 2011-02-20 11:50:19.295835459 +0100
+@@ -286,6 +286,7 @@ sinclude(Zend/Zend.m4)
+ sinclude(TSRM/threads.m4)
+ sinclude(TSRM/tsrm.m4)
+
++sinclude(main/suhosin_patch.m4)
+
+ divert(2)
+
+@@ -1393,7 +1394,7 @@ PHP_ADD_SOURCES(main, main.c snprintf.c
+ php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
+ strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
+ network.c php_open_temporary_file.c php_logos.c \
+- output.c getopt.c)
++ output.c getopt.c suhosin_patch.c )
+
+ PHP_ADD_SOURCES(main/streams, streams.c cast.c memory.c filter.c \
+ plain_wrapper.c userspace.c transports.c xp_socket.c mmap.c \
+@@ -1421,7 +1422,7 @@ PHP_ADD_SOURCES(Zend, \
+ zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
+ zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
+ zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c
zend_gc.c \
+- zend_closures.c zend_float.c)
++ zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c )
+ if test -r "$abs_srcdir/Zend/zend_objects.c"; then
+ PHP_ADD_SOURCES(Zend, zend_objects.c zend_object_handlers.c
zend_objects_API.c zend_default_classes.c)
+diff -Naurp php-5.3.6RC1/ext/standard/dl.c php-5.3.6RC1.oden/ext/standard/dl.c
+--- php-5.3.6RC1/ext/standard/dl.c 2011-01-01 03:19:59.000000000 +0100
++++ php-5.3.6RC1.oden/ext/standard/dl.c 2011-02-20 11:50:19.296835599
+0100
+@@ -254,6 +254,23 @@ PHPAPI int php_load_extension(char *file
+ return FAILURE;
+ }
+ }
++
+#if SUHOSIN_PATCH
-+ZEND_API void (*zend_suhosin_log)(int loglevel, char *fmt, ...);
-+#endif
++ if (strncmp("suhosin", module_entry->name, sizeof("suhosin")-1) == 0) {
++ void *log_func;
++ /* sucessfully loaded suhosin extension, now check for logging
function replacement */
++ log_func = (void *) DL_FETCH_SYMBOL(handle, "suhosin_log");
++ if (log_func == NULL) {
++ log_func = (void *) DL_FETCH_SYMBOL(handle,
"_suhosin_log");
++ }
++ if (log_func != NULL) {
++ zend_suhosin_log = log_func;
++ } else {
++ zend_suhosin_log(S_MISC, "could not replace logging
function");
++ }
++ }
++#endif
+
- void (*zend_on_timeout)(int seconds TSRMLS_DC);
-
- static void (*zend_message_dispatcher_p)(long message, void *data TSRMLS_DC);
-@@ -88,6 +92,74 @@
+ return SUCCESS;
}
/* }}} */
+diff -Naurp php-5.3.6RC1/ext/standard/info.c
php-5.3.6RC1.oden/ext/standard/info.c
+--- php-5.3.6RC1/ext/standard/info.c 2011-02-20 11:45:04.155489624 +0100
++++ php-5.3.6RC1.oden/ext/standard/info.c 2011-02-20 11:50:19.297835740
+0100
+@@ -885,6 +885,33 @@ PHPAPI void php_print_info(int flag TSRM
+
+ php_info_print_table_end();
-+#if SUHOSIN_PATCH
-+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog)
-+{
-+ if (!new_value) {
-+ SPG(log_syslog) = S_ALL & ~S_SQL | S_MEMORY;
-+ } else {
-+ SPG(log_syslog) = atoi(new_value) | S_MEMORY;
-+ }
-+ return SUCCESS;
-+}
-+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog_facility)
-+{
-+ if (!new_value) {
-+ SPG(log_syslog_facility) = LOG_USER;
-+ } else {
-+ SPG(log_syslog_facility) = atoi(new_value);
-+ }
-+ return SUCCESS;
-+}
-+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog_priority)
-+{
-+ if (!new_value) {
-+ SPG(log_syslog_priority) = LOG_ALERT;
-+ } else {
-+ SPG(log_syslog_priority) = atoi(new_value);
-+ }
-+ return SUCCESS;
-+}
-+static ZEND_INI_MH(OnUpdateSuhosin_log_sapi)
-+{
-+ if (!new_value) {
-+ SPG(log_sapi) = S_ALL & ~S_SQL;
-+ } else {
-+ SPG(log_sapi) = atoi(new_value);
-+ }
-+ return SUCCESS;
-+}
-+static ZEND_INI_MH(OnUpdateSuhosin_log_script)
-+{
-+ if (!new_value) {
-+ SPG(log_script) = S_ALL & ~S_MEMORY;
-+ } else {
-+ SPG(log_script) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);
-+ }
-+ return SUCCESS;
-+}
-+static ZEND_INI_MH(OnUpdateSuhosin_log_scriptname)
-+{
-+ if (SPG(log_scriptname)) {
-+ pefree(SPG(log_scriptname),1);
-+ }
-+ SPG(log_scriptname) = NULL;
-+ if (new_value) {
-+ SPG(log_scriptname) = pestrdup(new_value,1);
-+ }
-+ return SUCCESS;
-+}
-+static ZEND_INI_MH(OnUpdateSuhosin_log_phpscript)
-+{
-+ if (!new_value) {
-+ SPG(log_phpscript) = S_ALL & ~S_MEMORY;
-+ } else {
-+ SPG(log_phpscript) = atoi(new_value) & (~S_MEMORY) &
(~S_INTERNAL);
-+ }
-+ return SUCCESS;
-+}
-+#endif
++ /* Suhosin Patch */
++ php_info_print_box_start(0);
++ if (expose_php && !sapi_module.phpinfo_as_text) {
++ PUTS("<a href=\"http://www.suhosin.org\";><img
border=\"0\" src=\"");
++ if (SG(request_info).request_uri) {
++ char *elem_esc =
php_info_html_esc(SG(request_info).request_uri TSRMLS_CC);
++ PUTS(elem_esc);
++ efree(elem_esc);
++ }
++ PUTS("?="SUHOSIN_LOGO_GUID"\" alt=\"Suhosin logo\"
/></a>\n");
++ }
++ PUTS("This server is protected with the Suhosin Patch ");
++ if (sapi_module.phpinfo_as_text) {
++ PUTS(SUHOSIN_PATCH_VERSION);
++ } else {
++ zend_html_puts(SUHOSIN_PATCH_VERSION,
strlen(SUHOSIN_PATCH_VERSION) TSRMLS_CC);
++ }
++ PUTS(!sapi_module.phpinfo_as_text?"<br />":"\n");
++ if (sapi_module.phpinfo_as_text) {
++ PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
++ PUTS("Copyright (c) 2007-2009 SektionEins GmbH\n");
++ } else {
++ PUTS("Copyright (c) 2006-2007 <a
href=\"http://www.hardened-php.net/\";>Hardened-PHP Project</a>\n");
++ PUTS("Copyright (c) 2007-2009 <a
href=\"http://www.sektioneins.de/\";>SektionEins GmbH</a>\n");
++ }
++ php_info_print_box_end();
+
- ZEND_INI_BEGIN()
- ZEND_INI_ENTRY("error_reporting", NULL,
ZEND_INI_ALL, OnUpdateErrorReporting)
- STD_ZEND_INI_BOOLEAN("zend.enable_gc", "1",
ZEND_INI_ALL, OnUpdateGCEnabled, gc_enabled,
zend_gc_globals, gc_globals)
---- php-5.3.1RC1/Zend/zend.h 2009-08-06 03:33:54.000000000 +0200
-+++ suhosin-patch-5.3.1RC1-0.9.8/Zend/zend.h 2009-09-27 19:04:06.000000000
+0200
-@@ -627,6 +627,9 @@
- extern int (*zend_vspprintf)(char **pbuf, size_t max_len, const char *format,
va_list ap);
- extern ZEND_API char *(*zend_getenv)(char *name, size_t name_len TSRMLS_DC);
- extern ZEND_API char *(*zend_resolve_path)(const char *filename, int
filename_len TSRMLS_DC);
-+#if SUHOSIN_PATCH
-+extern ZEND_API void (*zend_suhosin_log)(int loglevel, char *fmt, ...);
+ /* Zend Engine */
+ php_info_print_box_start(0);
+ if (expose_php && !sapi_module.phpinfo_as_text) {
+diff -Naurp php-5.3.6RC1/ext/standard/syslog.c
php-5.3.6RC1.oden/ext/standard/syslog.c
+--- php-5.3.6RC1/ext/standard/syslog.c 2011-01-01 03:19:59.000000000 +0100
++++ php-5.3.6RC1.oden/ext/standard/syslog.c 2011-02-20 11:50:19.299836022
+0100
+@@ -42,6 +42,7 @@ static void start_syslog(TSRMLS_D);
+ */
+ PHP_MINIT_FUNCTION(syslog)
+ {
++#if !SUHOSIN_PATCH
+ /* error levels */
+ REGISTER_LONG_CONSTANT("LOG_EMERG", LOG_EMERG, CONST_CS |
CONST_PERSISTENT); /* system unusable */
+ REGISTER_LONG_CONSTANT("LOG_ALERT", LOG_ALERT, CONST_CS |
CONST_PERSISTENT); /* immediate action required */
+@@ -97,6 +98,7 @@ PHP_MINIT_FUNCTION(syslog)
+ /* AIX doesn't have LOG_PERROR */
+ REGISTER_LONG_CONSTANT("LOG_PERROR", LOG_PERROR, CONST_CS |
CONST_PERSISTENT); /*log to stderr*/
+ #endif
+#endif
+ BG(syslog_device)=NULL;
- ZEND_API void zend_error(int type, const char *format, ...)
ZEND_ATTRIBUTE_FORMAT(printf, 2, 3);
+ return SUCCESS;
+diff -Naurp php-5.3.6RC1/main/fopen_wrappers.c
php-5.3.6RC1.oden/main/fopen_wrappers.c
+--- php-5.3.6RC1/main/fopen_wrappers.c 2011-01-18 23:20:09.000000000 +0100
++++ php-5.3.6RC1.oden/main/fopen_wrappers.c 2011-02-20 11:50:19.299836022
+0100
+@@ -85,13 +85,8 @@ or a tightening during activation/runtim
+ PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
+ {
+ char **p, *pathbuf, *ptr, *end;
+-#ifndef ZTS
+- char *base = (char *) mh_arg2;
+-#else
+- char *base = (char *) ts_resource(*((int *) mh_arg2));
+-#endif
+
+- p = (char **) (base + (size_t) mh_arg1);
++ p = &PG(open_basedir);
-@@ -766,6 +769,14 @@
- ZEND_API void zend_replace_error_handling(zend_error_handling_t
error_handling, zend_class_entry *exception_class, zend_error_handling *current
TSRMLS_DC);
- ZEND_API void zend_restore_error_handling(zend_error_handling *saved
TSRMLS_DC);
+ if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN
|| stage == PHP_INI_STAGE_ACTIVATE || stage == PHP_INI_STAGE_DEACTIVATE) {
+ /* We're in a PHP_INI_SYSTEM context, no restrictions */
+diff -Naurp php-5.3.6RC1/main/main.c php-5.3.6RC1.oden/main/main.c
+--- php-5.3.6RC1/main/main.c 2011-02-08 22:40:51.000000000 +0100
++++ php-5.3.6RC1.oden/main/main.c 2011-02-20 11:50:19.301836304 +0100
+@@ -90,6 +90,9 @@
+ #include "SAPI.h"
+ #include "rfc1867.h"
+#if SUHOSIN_PATCH
+#include "suhosin_globals.h"
-+#include "suhosin_patch.h"
-+#include "php_syslog.h"
-+
-+ZEND_API size_t zend_canary();
+#endif
-+
- #endif /* ZEND_H */
- /*
---- php-5.3.1RC1/Zend/zend_alloc.c 2009-09-03 16:33:11.000000000 +0200
-+++ suhosin-patch-5.3.1RC1-0.9.8/Zend/zend_alloc.c 2009-09-27
19:08:35.000000000 +0200
-@@ -32,6 +32,10 @@
- # include <unistd.h>
+ #if HAVE_SYS_MMAN_H
+ # include <sys/mman.h>
+@@ -490,7 +493,7 @@ PHP_INI_BEGIN()
+ STD_PHP_INI_ENTRY("extension_dir",
PHP_EXTENSION_DIR, PHP_INI_SYSTEM, OnUpdateStringUnempty,
extension_dir, php_core_globals, core_globals)
+ STD_PHP_INI_ENTRY("include_path",
PHP_INCLUDE_PATH, PHP_INI_ALL, OnUpdateStringUnempty,
include_path, php_core_globals, core_globals)
+ PHP_INI_ENTRY("max_execution_time", "30",
PHP_INI_ALL, OnUpdateTimeout)
+- STD_PHP_INI_ENTRY("open_basedir", NULL,
PHP_INI_ALL, OnUpdateBaseDir, open_basedir,
php_core_globals, core_globals)
++ PHP_INI_ENTRY("open_basedir", NULL,
PHP_INI_ALL, OnUpdateBaseDir)
+ STD_PHP_INI_ENTRY("safe_mode_exec_dir", PHP_SAFE_MODE_EXEC_DIR,
PHP_INI_SYSTEM, OnUpdateString, safe_mode_exec_dir,
php_core_globals, core_globals)
+
+ STD_PHP_INI_BOOLEAN("file_uploads", "1",
PHP_INI_SYSTEM, OnUpdateBool, file_uploads,
php_core_globals, core_globals)
+@@ -1781,6 +1784,10 @@ void dummy_invalid_parameter_handler(
+ }
#endif
+#if SUHOSIN_PATCH
-+#include "suhosin_patch.h"
++PHPAPI void suhosin_startup();
+#endif
+
- #ifdef ZEND_WIN32
- # include <wincrypt.h>
- # include <process.h>
-@@ -59,6 +63,7 @@
- # define PTR_FMT "0x%0.8lx"
+ /* {{{ php_module_startup
+ */
+ int php_module_startup(sapi_module_struct *sf, zend_module_entry
*additional_modules, uint num_additional_modules)
+@@ -1825,6 +1832,10 @@ int php_module_startup(sapi_module_struc
+ tsrm_ls = ts_resource(0);
#endif
-+#ifndef SUHOSIN_MM_CLONE_FILE
- #if ZEND_DEBUG
- void zend_debug_alloc_output(char *format, ...)
- {
-@@ -76,6 +81,7 @@
- #endif
- }
- #endif
-+#endif
-
- #if (defined (__GNUC__) && __GNUC__ > 2 ) && !defined(__INTEL_COMPILER) &&
!defined(DARWIN) && !defined(__hpux) && !defined(_AIX)
- static void zend_mm_panic(const char *message) __attribute__ ((noreturn));
-@@ -324,13 +330,28 @@
- #define MEM_BLOCK_GUARD 0x2A8FCC84
- #define MEM_BLOCK_LEAK 0x6C5E8F2D
-
-+#if SUHOSIN_MM_WITH_CANARY_PROTECTION
-+# define CANARY_SIZE sizeof(size_t)
-+#else
-+# define CANARY_SIZE 0
++#if SUHOSIN_PATCH
++ suhosin_startup();
+#endif
+
- /* mm block type */
- typedef struct _zend_mm_block_info {
- #if ZEND_MM_COOKIES
- size_t _cookie;
- #endif
-- size_t _size;
-- size_t _prev;
-+#if SUHOSIN_MM_WITH_CANARY_PROTECTION
-+ size_t canary_1;
-+#endif
-+ size_t _size;
-+ size_t _prev;
-+#if SUHOSIN_PATCH
-+ size_t size;
-+#if SUHOSIN_MM_WITH_CANARY_PROTECTION
-+ size_t canary_2;
-+#endif
-+#endif
- } zend_mm_block_info;
-
- #if ZEND_DEBUG
-@@ -404,7 +425,7 @@
- # define ZEND_MM_CACHE_STAT 0
- #endif
-
--struct _zend_mm_heap {
-+typedef struct _zend_mm_heap {
- int use_zend_alloc;
- void *(*_malloc)(size_t);
- void (*_free)(void*);
-@@ -439,6 +460,9 @@
- int miss;
- } cache_stat[ZEND_MM_NUM_BUCKETS+1];
- #endif
+ module_shutdown = 0;
+ module_startup = 1;
+ sapi_initialize_empty_request(TSRMLS_C);
+@@ -1944,7 +1955,11 @@ int php_module_startup(sapi_module_struc
+ REGISTER_MAIN_STRINGL_CONSTANT("PHP_CONFIG_FILE_SCAN_DIR",
PHP_CONFIG_FILE_SCAN_DIR, sizeof(PHP_CONFIG_FILE_SCAN_DIR)-1, CONST_PERSISTENT
| CONST_CS);
+ REGISTER_MAIN_STRINGL_CONSTANT("PHP_SHLIB_SUFFIX", PHP_SHLIB_SUFFIX,
sizeof(PHP_SHLIB_SUFFIX)-1, CONST_PERSISTENT | CONST_CS);
+ REGISTER_MAIN_STRINGL_CONSTANT("PHP_EOL", PHP_EOL, sizeof(PHP_EOL)-1,
CONST_PERSISTENT | CONST_CS);
+- REGISTER_MAIN_LONG_CONSTANT("PHP_MAXPATHLEN", MAXPATHLEN,
CONST_PERSISTENT | CONST_CS);
+#if SUHOSIN_PATCH
-+ size_t canary_1,canary_2,canary_3;
-+#endif
- };
-
- #define ZEND_MM_SMALL_FREE_BUCKET(heap, index) \
-@@ -512,18 +536,31 @@
- /* optimized access */
- #define ZEND_MM_FREE_BLOCK_SIZE(b) (b)->info._size
++ REGISTER_MAIN_LONG_CONSTANT("SUHOSIN_PATCH", 1, CONST_PERSISTENT |
CONST_CS);
++ REGISTER_MAIN_STRINGL_CONSTANT("SUHOSIN_PATCH_VERSION",
SUHOSIN_PATCH_VERSION, sizeof(SUHOSIN_PATCH_VERSION)-1, CONST_PERSISTENT |
CONST_CS);
++#endif
++ REGISTER_MAIN_LONG_CONSTANT("PHP_MAXPATHLEN", MAXPATHLEN,
CONST_PERSISTENT | CONST_CS);
+ REGISTER_MAIN_LONG_CONSTANT("PHP_INT_MAX", LONG_MAX, CONST_PERSISTENT |
CONST_CS);
+ REGISTER_MAIN_LONG_CONSTANT("PHP_INT_SIZE", sizeof(long),
CONST_PERSISTENT | CONST_CS);
+ #ifdef ZEND_MULTIBYTE
+diff -Naurp php-5.3.6RC1/main/php_config.h.in
php-5.3.6RC1.oden/main/php_config.h.in
+--- php-5.3.6RC1/main/php_config.h.in 2011-02-16 21:30:44.000000000 +0100
++++ php-5.3.6RC1.oden/main/php_config.h.in 2011-02-20 11:50:19.302836444
+0100
+@@ -851,6 +851,9 @@
+ /* Define if the target system has /dev/urandom device */
+ #undef HAVE_DEV_URANDOM
-+#ifndef ZEND_MM_ALIGNMENT
-+# define ZEND_MM_ALIGNMENT 8
-+# define ZEND_MM_ALIGNMENT_LOG2 3
-+#elif ZEND_MM_ALIGNMENT < 4
-+# undef ZEND_MM_ALIGNMENT
-+# undef ZEND_MM_ALIGNMENT_LOG2
-+# define ZEND_MM_ALIGNMENT 4
-+# define ZEND_MM_ALIGNMENT_LOG2 2
-+#endif
-+
-+#define ZEND_MM_ALIGNMENT_MASK ~(ZEND_MM_ALIGNMENT-1)
++/* Suhosin-Patch for PHP */
++#undef SUHOSIN_PATCH
+
- /* Aligned header size */
-+#define ZEND_MM_ALIGNED_SIZE(size) ((size +
ZEND_MM_ALIGNMENT - 1) & ZEND_MM_ALIGNMENT_MASK)
- #define ZEND_MM_ALIGNED_HEADER_SIZE
ZEND_MM_ALIGNED_SIZE(sizeof(zend_mm_block))
- #define ZEND_MM_ALIGNED_FREE_HEADER_SIZE
ZEND_MM_ALIGNED_SIZE(sizeof(zend_mm_small_free_block))
--#define ZEND_MM_MIN_ALLOC_BLOCK_SIZE
ZEND_MM_ALIGNED_SIZE(ZEND_MM_ALIGNED_HEADER_SIZE + END_MAGIC_SIZE)
-+#define ZEND_MM_MIN_ALLOC_BLOCK_SIZE
ZEND_MM_ALIGNED_SIZE(ZEND_MM_ALIGNED_HEADER_SIZE + END_MAGIC_SIZE + CANARY_SIZE)
- #define ZEND_MM_ALIGNED_MIN_HEADER_SIZE
(ZEND_MM_MIN_ALLOC_BLOCK_SIZE>ZEND_MM_ALIGNED_FREE_HEADER_SIZE?ZEND_MM_MIN_ALLOC_BLOCK_SIZE:ZEND_MM_ALIGNED_FREE_HEADER_SIZE)
- #define ZEND_MM_ALIGNED_SEGMENT_SIZE
ZEND_MM_ALIGNED_SIZE(sizeof(zend_mm_segment))
-
--#define ZEND_MM_MIN_SIZE
((ZEND_MM_ALIGNED_MIN_HEADER_SIZE>(ZEND_MM_ALIGNED_HEADER_SIZE+END_MAGIC_SIZE))?(ZEND_MM_ALIGNED_MIN_HEADER_SIZE-(ZEND_MM_ALIGNED_HEADER_SIZE+END_MAGIC_SIZE)):0)
-+#define ZEND_MM_MIN_SIZE
((ZEND_MM_ALIGNED_MIN_HEADER_SIZE>(ZEND_MM_ALIGNED_HEADER_SIZE+END_MAGIC_SIZE+CANARY_SIZE))?(ZEND_MM_ALIGNED_MIN_HEADER_SIZE-(ZEND_MM_ALIGNED_HEADER_SIZE+END_MAGIC_SIZE+CANARY_SIZE)):0)
-
- #define ZEND_MM_MAX_SMALL_SIZE
((ZEND_MM_NUM_BUCKETS<<ZEND_MM_ALIGNMENT_LOG2)+ZEND_MM_ALIGNED_MIN_HEADER_SIZE)
-
--#define ZEND_MM_TRUE_SIZE(size)
((size<ZEND_MM_MIN_SIZE)?(ZEND_MM_ALIGNED_MIN_HEADER_SIZE):(ZEND_MM_ALIGNED_SIZE(size+ZEND_MM_ALIGNED_HEADER_SIZE+END_MAGIC_SIZE)))
-+#define ZEND_MM_TRUE_SIZE(size)
((size<ZEND_MM_MIN_SIZE)?(ZEND_MM_ALIGNED_MIN_HEADER_SIZE):(ZEND_MM_ALIGNED_SIZE(size+ZEND_MM_ALIGNED_HEADER_SIZE+END_MAGIC_SIZE+CANARY_SIZE)))
-
- #define ZEND_MM_BUCKET_INDEX(true_size)
((true_size>>ZEND_MM_ALIGNMENT_LOG2)-(ZEND_MM_ALIGNED_MIN_HEADER_SIZE>>ZEND_MM_ALIGNMENT_LOG2))
-
-@@ -585,6 +622,44 @@
+ /* Whether you have AOLserver */
+ #undef HAVE_AOLSERVER
+diff -Naurp php-5.3.6RC1/main/php.h php-5.3.6RC1.oden/main/php.h
+--- php-5.3.6RC1/main/php.h 2011-01-01 03:19:59.000000000 +0100
++++ php-5.3.6RC1.oden/main/php.h 2011-02-20 11:50:19.303836584 +0100
+@@ -453,6 +453,10 @@ END_EXTERN_C()
#endif
+ #endif /* !XtOffsetOf */
-+#if SUHOSIN_MM_WITH_CANARY_PROTECTION
-+
-+# define SUHOSIN_MM_CHECK_CANARIES(block, MFUNCTION) do { \
-+ char *p = SUHOSIN_MM_END_CANARY_PTR(block); size_t check; \
-+ if (((block)->info.canary_1 != heap->canary_1) ||
((block)->info.canary_2 != heap->canary_2)) { \
-+ canary_mismatch: \
-+ zend_suhosin_log(S_MEMORY, "canary mismatch on " MFUNCTION " -
heap overflow detected at %p", (block)); \
-+ if (SUHOSIN_CONFIG(SUHOSIN_MM_IGNORE_CANARY_VIOLATION) == 0)
{ _exit(1); } else { (block)->info.canary_1 = heap->canary_1;
(block)->info.canary_2 = heap->canary_2; }\
-+ } \
-+ memcpy(&check, p, CANARY_SIZE); \
-+ if (check != heap->canary_3) { \
-+ zend_suhosin_log(S_MEMORY, "end canary mismatch on "
MFUNCTION " - heap overflow detected at %p", (block)); \
-+ if (SUHOSIN_CONFIG(SUHOSIN_MM_IGNORE_CANARY_VIOLATION) == 0)
{ _exit(1); } else { memcpy(p, heap->canary_3, CANARY_SIZE); } \
-+ } \
-+ } while (0)
-+
-+# define SUHOSIN_MM_SET_CANARIES(block) do { \
-+ (block)->info.canary_1 = heap->canary_1; \
-+ (block)->info.canary_2 = heap->canary_2; \
-+ } while (0)
-+
-+# define SUHOSIN_MM_END_CANARY_PTR(block) \
-+ (char *)(((char*)(ZEND_MM_DATA_OF(block))) +
((zend_mm_block*)(block))->info.size + END_MAGIC_SIZE)
-+
-+# define SUHOSIN_MM_SET_END_CANARY(block) do { \
-+ char *p = SUHOSIN_MM_END_CANARY_PTR(block); \
-+ memcpy(p, &heap->canary_3, CANARY_SIZE); \
-+ } while (0)
-+
-+#else
-+
-+# define SUHOSIN_MM_CHECK_CANARIES(block, MFUNCTION)
-+# define SUHOSIN_MM_SET_CANARIES(block)
-+# define SUHOSIN_MM_END_CANARY_PTR(block)
-+# define SUHOSIN_MM_SET_END_CANARY(block)
-+
++#if SUHOSIN_PATCH
++#include "suhosin_patch.h"
+#endif
+
-
- #if ZEND_MM_HEAP_PROTECTION
-
-@@ -707,7 +782,7 @@
#endif
- }
-
--static inline void zend_mm_add_to_rest_list(zend_mm_heap *heap,
zend_mm_free_block *mm_block)
-+static void zend_mm_add_to_rest_list(zend_mm_heap *heap, zend_mm_free_block
*mm_block)
- {
- zend_mm_free_block *prev, *next;
-
-@@ -724,7 +799,7 @@
- prev->next_free_block = next->prev_free_block = mm_block;
- }
--static inline void zend_mm_add_to_free_list(zend_mm_heap *heap,
zend_mm_free_block *mm_block)
-+static void zend_mm_add_to_free_list(zend_mm_heap *heap, zend_mm_free_block
*mm_block)
- {
- size_t size;
- size_t index;
-@@ -785,7 +860,7 @@
- }
+ /*
+diff -Naurp php-5.3.6RC1/main/php_logos.c php-5.3.6RC1.oden/main/php_logos.c
+--- php-5.3.6RC1/main/php_logos.c 2011-01-01 03:19:59.000000000 +0100
++++ php-5.3.6RC1.oden/main/php_logos.c 2011-02-20 11:50:19.303836584 +0100
+@@ -50,6 +50,10 @@ PHPAPI int php_unregister_info_logo(char
+ return zend_hash_del(&phpinfo_logo_hash, logo_string,
strlen(logo_string));
}
--static inline void zend_mm_remove_from_free_list(zend_mm_heap *heap,
zend_mm_free_block *mm_block)
-+static void zend_mm_remove_from_free_list(zend_mm_heap *heap,
zend_mm_free_block *mm_block)
- {
- zend_mm_free_block *prev = mm_block->prev_free_block;
- zend_mm_free_block *next = mm_block->next_free_block;
-@@ -795,6 +870,12 @@
- if (EXPECTED(prev == mm_block)) {
- zend_mm_free_block **rp, **cp;
-
+#if SUHOSIN_PATCH
-+ if (next != mm_block) {
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/php.spec?r1=1.926&r2=1.927&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/suhosin.patch?r1=1.8&r2=1.9&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
