[PHP-CVS] cvs: php-src /ext/bcmath package.xml /ext/calendar package.xml /ext/com_dotnet package.xml /ext/ctype package.xml /ext/curl package.xml /ext/dbase package.xml /ext/exif package.xml /e
martin Wed Mar 14 09:49:58 2007 UTC Modified files: /php-src/ext/bcmath package.xml /php-src/ext/calendar package.xml /php-src/ext/com_dotnet package.xml /php-src/ext/ctype package.xml /php-src/ext/curl package.xml /php-src/ext/dbase package.xml /php-src/ext/exif package.xml /php-src/ext/fdfpackage.xml /php-src/ext/ftppackage.xml /php-src/ext/mime_magic package.xml /php-src/ext/mysql package.xml /php-src/ext/mysqli package.xml /php-src/ext/pcntl package.xml /php-src/ext/posix package.xml /php-src/ext/sessionpackage.xml /php-src/ext/shmop package.xml /php-src/ext/socketspackage.xml /php-src/ext/sysvmsgpackage.xml /php-src/ext/sysvsempackage.xml /php-src/ext/sysvshmpackage.xml /php-src/ext/tokenizer package.xml /php-src/ext/wddx package.xml /php-src/ext/xmlpackage.xml /php-src/ext/zlib package.xml Log: Typo http://cvs.php.net/viewvc.cgi/php-src/ext/bcmath/package.xml?r1=1.1r2=1.2diff_format=u Index: php-src/ext/bcmath/package.xml diff -u php-src/ext/bcmath/package.xml:1.1 php-src/ext/bcmath/package.xml:1.2 --- php-src/ext/bcmath/package.xml:1.1 Tue Mar 23 19:46:03 2004 +++ php-src/ext/bcmath/package.xml Wed Mar 14 09:49:57 2007 @@ -21,7 +21,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/calendar/package.xml?r1=1.1r2=1.2diff_format=u Index: php-src/ext/calendar/package.xml diff -u php-src/ext/calendar/package.xml:1.1 php-src/ext/calendar/package.xml:1.2 --- php-src/ext/calendar/package.xml:1.1Tue Mar 23 19:46:04 2004 +++ php-src/ext/calendar/package.xmlWed Mar 14 09:49:57 2007 @@ -44,7 +44,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/com_dotnet/package.xml?r1=1.1r2=1.2diff_format=u Index: php-src/ext/com_dotnet/package.xml diff -u php-src/ext/com_dotnet/package.xml:1.1 php-src/ext/com_dotnet/package.xml:1.2 --- php-src/ext/com_dotnet/package.xml:1.1 Tue Mar 23 19:46:04 2004 +++ php-src/ext/com_dotnet/package.xml Wed Mar 14 09:49:57 2007 @@ -20,7 +20,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/ctype/package.xml?r1=1.1r2=1.2diff_format=u Index: php-src/ext/ctype/package.xml diff -u php-src/ext/ctype/package.xml:1.1 php-src/ext/ctype/package.xml:1.2 --- php-src/ext/ctype/package.xml:1.1 Tue Mar 23 19:46:04 2004 +++ php-src/ext/ctype/package.xml Wed Mar 14 09:49:57 2007 @@ -22,7 +22,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/curl/package.xml?r1=1.1r2=1.2diff_format=u Index: php-src/ext/curl/package.xml diff -u php-src/ext/curl/package.xml:1.1 php-src/ext/curl/package.xml:1.2 --- php-src/ext/curl/package.xml:1.1Tue Mar 23 19:46:04 2004 +++ php-src/ext/curl/package.xmlWed Mar 14 09:49:57 2007 @@ -27,7 +27,7 @@ version5.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes configureoptions configureoption name=with-curl default=autodetect prompt=path to curl installation?/ http://cvs.php.net/viewvc.cgi/php-src/ext/dbase/package.xml?r1=1.1r2=1.2diff_format=u Index: php-src/ext/dbase/package.xml diff -u php-src/ext/dbase/package.xml:1.1 php-src/ext/dbase/package.xml:1.2 --- php-src/ext/dbase/package.xml:1.1 Tue Mar 23 19:46:04 2004 +++ php-src/ext/dbase/package.xml Wed Mar 14 09:49:57 2007 @@ -30,7 +30,7 @@ version5.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/exif/package.xml?r1=1.1r2=1.2diff_format=u Index: php-src/ext/exif/package.xml diff -u php-src/ext/exif/package.xml:1.1 php-src/ext/exif/package.xml:1.2 --- php-src/ext/exif/package.xml:1.1Tue Mar 23 19:46:04 2004 +++ php-src/ext/exif/package.xmlWed Mar
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/bcmath package.xml /ext/calendar package.xml /ext/com_dotnet package.xml /ext/ctype package.xml /ext/curl package.xml /ext/dbase package.xml /ext/exif packag
martin Wed Mar 14 09:58:11 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/bcmath package.xml /php-src/ext/calendar package.xml /php-src/ext/com_dotnet package.xml /php-src/ext/ctype package.xml /php-src/ext/curl package.xml /php-src/ext/dbase package.xml /php-src/ext/exif package.xml /php-src/ext/fdfpackage.xml /php-src/ext/ftppackage.xml /php-src/ext/mime_magic package.xml /php-src/ext/mysqli package.xml /php-src/ext/ncursespackage.xml /php-src/ext/pcntl package.xml /php-src/ext/posix package.xml /php-src/ext/sessionpackage.xml /php-src/ext/shmop package.xml /php-src/ext/socketspackage.xml /php-src/ext/sysvmsgpackage.xml /php-src/ext/sysvsempackage.xml /php-src/ext/sysvshmpackage.xml /php-src/ext/tokenizer package.xml /php-src/ext/wddx package.xml /php-src/ext/xmlpackage.xml /php-src/ext/zlib package.xml Log: Typo http://cvs.php.net/viewvc.cgi/php-src/ext/bcmath/package.xml?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/bcmath/package.xml diff -u php-src/ext/bcmath/package.xml:1.1 php-src/ext/bcmath/package.xml:1.1.6.1 --- php-src/ext/bcmath/package.xml:1.1 Tue Mar 23 19:46:03 2004 +++ php-src/ext/bcmath/package.xml Wed Mar 14 09:58:10 2007 @@ -21,7 +21,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/calendar/package.xml?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/calendar/package.xml diff -u php-src/ext/calendar/package.xml:1.1 php-src/ext/calendar/package.xml:1.1.6.1 --- php-src/ext/calendar/package.xml:1.1Tue Mar 23 19:46:04 2004 +++ php-src/ext/calendar/package.xmlWed Mar 14 09:58:10 2007 @@ -44,7 +44,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/com_dotnet/package.xml?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/com_dotnet/package.xml diff -u php-src/ext/com_dotnet/package.xml:1.1 php-src/ext/com_dotnet/package.xml:1.1.6.1 --- php-src/ext/com_dotnet/package.xml:1.1 Tue Mar 23 19:46:04 2004 +++ php-src/ext/com_dotnet/package.xml Wed Mar 14 09:58:10 2007 @@ -20,7 +20,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/ctype/package.xml?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/ctype/package.xml diff -u php-src/ext/ctype/package.xml:1.1 php-src/ext/ctype/package.xml:1.1.6.1 --- php-src/ext/ctype/package.xml:1.1 Tue Mar 23 19:46:04 2004 +++ php-src/ext/ctype/package.xml Wed Mar 14 09:58:10 2007 @@ -22,7 +22,7 @@ version5.0.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/curl/package.xml?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/curl/package.xml diff -u php-src/ext/curl/package.xml:1.1 php-src/ext/curl/package.xml:1.1.6.1 --- php-src/ext/curl/package.xml:1.1Tue Mar 23 19:46:04 2004 +++ php-src/ext/curl/package.xmlWed Mar 14 09:58:10 2007 @@ -27,7 +27,7 @@ version5.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes configureoptions configureoption name=with-curl default=autodetect prompt=path to curl installation?/ http://cvs.php.net/viewvc.cgi/php-src/ext/dbase/package.xml?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/dbase/package.xml diff -u php-src/ext/dbase/package.xml:1.1 php-src/ext/dbase/package.xml:1.1.6.1 --- php-src/ext/dbase/package.xml:1.1 Tue Mar 23 19:46:04 2004 +++ php-src/ext/dbase/package.xml Wed Mar 14 09:58:10 2007 @@ -30,7 +30,7 @@ version5.0rc1/version date2004-03-19/date notes -package.xml added to support intallation using pear installer +package.xml added to support installation using pear installer /notes filelist file role=doc name=CREDITS/ http://cvs.php.net/viewvc.cgi/php-src/ext/exif/package.xml?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/exif/package.xml diff -u php-src/ext/exif/package.xml:1.1 php-src/ext/exif/package.xml:1.1.6.1 ---
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/zip/tests oo_getcomment.phpt
pajoye Wed Mar 14 11:02:29 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/zip/tests oo_getcomment.phpt Log: - add more cases for getComment http://cvs.php.net/viewvc.cgi/php-src/ext/zip/tests/oo_getcomment.phpt?r1=1.1.2.2r2=1.1.2.3diff_format=u Index: php-src/ext/zip/tests/oo_getcomment.phpt diff -u php-src/ext/zip/tests/oo_getcomment.phpt:1.1.2.2 php-src/ext/zip/tests/oo_getcomment.phpt:1.1.2.3 --- php-src/ext/zip/tests/oo_getcomment.phpt:1.1.2.2Wed Nov 15 23:53:46 2006 +++ php-src/ext/zip/tests/oo_getcomment.phptWed Mar 14 11:02:29 2007 @@ -1,8 +1,8 @@ --TEST-- -Get Comment +getComment --SKIPIF-- ?php -/* $Id: oo_getcomment.phpt,v 1.1.2.2 2006/11/15 23:53:46 pajoye Exp $ */ +/* $Id: oo_getcomment.phpt,v 1.1.2.3 2007/03/14 11:02:29 pajoye Exp $ */ if(!extension_loaded('zip')) die('skip'); ? --FILE-- @@ -14,13 +14,23 @@ if (!$zip-open($file)) { exit('failed'); } +echo $zip-getArchiveComment() . \n; + $idx = $zip-locateName('foo'); echo $zip-getCommentName('foo') . \n; echo $zip-getCommentIndex($idx); +echo $zip-getCommentName('') . \n; +echo $zip-getCommentName() . \n; + $zip-close(); ? --EXPECTF-- +Zip archive comment foo comment foo comment +Notice: ZipArchive::getCommentName(): Empty string as entry name in %s on line %d + + +Warning: ZipArchive::getCommentName() expects at least 1 parameter, 0 given in %s on line %d -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/zip php_zip.c php_zip.h zip_stream.c
pajoye Wed Mar 14 11:08:58 2007 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS /php-src/ext/zipzip_stream.c php_zip.c php_zip.h Log: - rename SAFEMODE_CHECKFILE to OPENBASEDIR_CHECKPATH (can be used without confusing in head without confusion) - Add safemode and open basedir checks in zip:// wrapper (revert Ilia's patch). Bug found by Stefan Esser in his MOPB-20-2007 http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.587r2=1.2027.2.547.2.588diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.587 php-src/NEWS:1.2027.2.547.2.588 --- php-src/NEWS:1.2027.2.547.2.587 Mon Mar 12 16:59:51 2007 +++ php-src/NEWSWed Mar 14 11:08:57 2007 @@ -14,6 +14,7 @@ . Added SplFileInfo::getLinkTarget(), SplFileInfo::getRealPath(). - Added --ri switch to CLI which allows to check extension information. (Marcus) - Added tidyNode::getParent() method (John, Nuno) +- Added openbasedir and safemode checks in zip:// stream wrapper (Pierre) - Fixed zend_llist_remove_tail (Michael Wallner, Dmitry) - Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) http://cvs.php.net/viewvc.cgi/php-src/ext/zip/zip_stream.c?r1=1.1.2.4r2=1.1.2.5diff_format=u Index: php-src/ext/zip/zip_stream.c diff -u php-src/ext/zip/zip_stream.c:1.1.2.4 php-src/ext/zip/zip_stream.c:1.1.2.5 --- php-src/ext/zip/zip_stream.c:1.1.2.4Wed Mar 14 03:50:18 2007 +++ php-src/ext/zip/zip_stream.cWed Mar 14 11:08:57 2007 @@ -1,4 +1,4 @@ -/* $Id: zip_stream.c,v 1.1.2.4 2007/03/14 03:50:18 iliaa Exp $ */ +/* $Id: zip_stream.c,v 1.1.2.5 2007/03/14 11:08:57 pajoye Exp $ */ #ifdef HAVE_CONFIG_H # include config.h #endif @@ -12,6 +12,7 @@ #include ext/standard/file.h #include ext/standard/php_string.h #include fopen_wrappers.h +#include php_zip.h #include ext/standard/url.h @@ -112,7 +113,7 @@ } if (filename) { - if ((PG(safe_mode) (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC)) { + if (OPENBASEDIR_CHECKPATH(filename)) { return NULL; } @@ -193,7 +194,7 @@ php_basename(path, path_len - fragment_len, NULL, 0, file_basename, file_basename_len TSRMLS_CC); fragment++; - if ((PG(safe_mode) (!php_checkuid(file_dirname, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(file_dirname TSRMLS_CC)) { + if (OPENBASEDIR_CHECKPATH(file_dirname)) { efree(file_basename); return NULL; } http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.27r2=1.1.2.28diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.1.2.27 php-src/ext/zip/php_zip.c:1.1.2.28 --- php-src/ext/zip/php_zip.c:1.1.2.27 Mon Jan 29 15:25:06 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 11:08:57 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.1.2.27 2007/01/29 15:25:06 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.1.2.28 2007/03/14 11:08:57 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -49,11 +49,6 @@ #define le_zip_entry_name Zip Entry /* }}} */ -/* {{{ SAFEMODE_CHECKFILE(filename) */ -#define SAFEMODE_CHECKFILE(filename) \ - (PG(safe_mode) (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC) -/* }}} */ - /* {{{ PHP_ZIP_STAT_INDEX(za, index, flags, sb) */ #define PHP_ZIP_STAT_INDEX(za, index, flags, sb) \ if (zip_stat_index(za, index, flags, sb) != 0) { \ @@ -127,7 +122,7 @@ php_basename(file, file_len, NULL, 0, file_basename, (unsigned int *)file_basename_len TSRMLS_CC); - if (SAFEMODE_CHECKFILE(file_dirname_fullpath)) { + if (OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) { efree(file_dirname_fullpath); efree(file_basename); return 0; @@ -164,7 +159,7 @@ * is required, does a file can have a different * safemode status as its parent folder? */ - if (SAFEMODE_CHECKFILE(fullpath)) { + if (OPENBASEDIR_CHECKPATH(fullpath)) { efree(file_dirname_fullpath); efree(file_basename); return 0; @@ -627,7 +622,7 @@ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, filename, filename_len) == FAILURE) { return; } - if (SAFEMODE_CHECKFILE(filename)) { + if (OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE; } @@ -1032,7 +1027,7 @@ entry_name_len = filename_len; } - if (SAFEMODE_CHECKFILE(filename)) { + if (OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE;
[PHP-CVS] cvs: php-src /ext/zip php_zip.c php_zip.h zip_stream.c
pajoye Wed Mar 14 11:22:13 2007 UTC Modified files: /php-src/ext/zipphp_zip.h php_zip.c zip_stream.c Log: - MFB: - rename SAFEMODE_CHECKFILE to OPENBASEDIR_CHECKPATH (can be used without confusing in head without confusion) - Add safemode and open basedir checks in zip:// wrapper (revert Ilia's patch). Bug found by Stefan Esser in his MOPB-20-2007 http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.h?r1=1.14r2=1.15diff_format=u Index: php-src/ext/zip/php_zip.h diff -u php-src/ext/zip/php_zip.h:1.14 php-src/ext/zip/php_zip.h:1.15 --- php-src/ext/zip/php_zip.h:1.14 Mon Jan 1 09:29:34 2007 +++ php-src/ext/zip/php_zip.h Wed Mar 14 11:22:13 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.h,v 1.14 2007/01/01 09:29:34 sebastian Exp $ */ +/* $Id: php_zip.h,v 1.15 2007/03/14 11:22:13 pajoye Exp $ */ #ifndef PHP_ZIP_H #define PHP_ZIP_H @@ -30,6 +30,16 @@ #include lib/zip.h +/* {{{ OPENBASEDIR_CHECKPATH(filename) */ +#if (PHP_MAJOR_VERSION 6) +#define OPENBASEDIR_CHECKPATH(filename) \ + (PG(safe_mode) (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(filename TSRMLS_CC) +#else +#define OPENBASEDIR_CHECKPATH(filename) \ + php_check_open_basedir(filename TSRMLS_CC) +#endif +/* }}} */ + typedef struct _ze_zip_rsrc { struct zip *za; int index_current; http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.38r2=1.39diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.38 php-src/ext/zip/php_zip.c:1.39 --- php-src/ext/zip/php_zip.c:1.38 Mon Jan 29 16:01:55 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 11:22:13 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.38 2007/01/29 16:01:55 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.39 2007/03/14 11:22:13 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -122,6 +122,11 @@ } php_basename(file, file_len, NULL, 0, file_basename, (unsigned int *)file_basename_len TSRMLS_CC); + if (OPENBASEDIR_CHECKPATH(file_dirname_fullpath)) { + efree(file_dirname_fullpath); + efree(file_basename); + return 0; + } } /* let see if the path already exists */ if (php_stream_stat_path(file_dirname_fullpath, ssb) 0) { @@ -149,6 +154,16 @@ return 0; } + /* check again the full path, not sure if it +* is required, does a file can have a different +* safemode status as its parent folder? +*/ + if (OPENBASEDIR_CHECKPATH(fullpath)) { + efree(file_dirname_fullpath); + efree(file_basename); + return 0; + } + zf = zip_fopen(za, file, 0); if (zf == NULL) { efree(fullpath); @@ -609,6 +624,9 @@ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Z, filename_zval) == FAILURE) { return; } + if (OPENBASEDIR_CHECKPATH(filename)) { + RETURN_FALSE; + } if (FAILURE == php_stream_path_param_encode(filename_zval, filename, filename_len, REPORT_ERRORS, FG(default_context))) { RETURN_FALSE; @@ -2083,7 +2101,7 @@ php_info_print_table_start(); php_info_print_table_row(2, Zip, enabled); - php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.38 2007/01/29 16:01:55 pajoye Exp $); + php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.39 2007/03/14 11:22:13 pajoye Exp $); php_info_print_table_row(2, Zip version, 2.0.0); php_info_print_table_row(2, Libzip version, 0.7.1); http://cvs.php.net/viewvc.cgi/php-src/ext/zip/zip_stream.c?r1=1.5r2=1.6diff_format=u Index: php-src/ext/zip/zip_stream.c diff -u php-src/ext/zip/zip_stream.c:1.5 php-src/ext/zip/zip_stream.c:1.6 --- php-src/ext/zip/zip_stream.c:1.5Mon Jan 1 09:29:34 2007 +++ php-src/ext/zip/zip_stream.cWed Mar 14 11:22:13 2007 @@ -1,4 +1,4 @@ -/* $Id: zip_stream.c,v 1.5 2007/01/01 09:29:34 sebastian Exp $ */ +/* $Id: zip_stream.c,v 1.6 2007/03/14 11:22:13 pajoye Exp $ */ #ifdef HAVE_CONFIG_H # include config.h #endif @@ -12,6 +12,7 @@ #include ext/standard/file.h #include ext/standard/php_string.h #include fopen_wrappers.h +#include php_zip.h #include ext/standard/url.h @@ -112,6 +113,10 @@ } if (filename) { + if (OPENBASEDIR_CHECKPATH(filename)) { + return NULL; + } + /* duplicate to make the stream za independent (esp. for MSHUTDOWN) */ stream_za = zip_open(filename, ZIP_CREATE, err); if (!stream_za) { @@ -189,6 +194,11 @@
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS /ext/zip php_zip.c
pajoye Wed Mar 14 11:32:25 2007 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS /php-src/ext/zipphp_zip.c Log: - MFH: Fixed possible relative path issues in zip_open in TS mode (old API) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.588r2=1.2027.2.547.2.589diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.588 php-src/NEWS:1.2027.2.547.2.589 --- php-src/NEWS:1.2027.2.547.2.588 Wed Mar 14 11:08:57 2007 +++ php-src/NEWSWed Mar 14 11:32:25 2007 @@ -15,6 +15,7 @@ - Added --ri switch to CLI which allows to check extension information. (Marcus) - Added tidyNode::getParent() method (John, Nuno) - Added openbasedir and safemode checks in zip:// stream wrapper (Pierre) +- Fixed possible relative path issues in zip_open and TS mode (old API) (Pierre) - Fixed zend_llist_remove_tail (Michael Wallner, Dmitry) - Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.28r2=1.1.2.29diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.1.2.28 php-src/ext/zip/php_zip.c:1.1.2.29 --- php-src/ext/zip/php_zip.c:1.1.2.28 Wed Mar 14 11:08:57 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 11:32:25 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.1.2.28 2007/03/14 11:08:57 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.1.2.29 2007/03/14 11:32:25 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -616,16 +616,27 @@ { char *filename; int filename_len; + char resolved_path[MAXPATHLEN + 1]; zip_rsrc *rsrc_int; int err = 0; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, filename, filename_len) == FAILURE) { return; } + + if (filename_len == 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Empty string as source); + RETURN_FALSE; + } + if (OPENBASEDIR_CHECKPATH(filename)) { RETURN_FALSE; } + if(!expand_filepath(filename, resolved_path TSRMLS_CC)) { + RETURN_FALSE; + } + rsrc_int = (zip_rsrc *)emalloc(sizeof(zip_rsrc)); rsrc_int-za = zip_open(filename, 0, err); @@ -2011,7 +2022,7 @@ php_info_print_table_start(); php_info_print_table_row(2, Zip, enabled); - php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.1.2.28 2007/03/14 11:08:57 pajoye Exp $); + php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.1.2.29 2007/03/14 11:32:25 pajoye Exp $); php_info_print_table_row(2, Zip version, 2.0.0); php_info_print_table_row(2, Libzip version, 0.7.1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/zip php_zip.c
pajoye Wed Mar 14 11:37:35 2007 UTC Modified files: /php-src/ext/zipphp_zip.c Log: - MFB: free rsrc on error in zip_read (old API) http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.40r2=1.41diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.40 php-src/ext/zip/php_zip.c:1.41 --- php-src/ext/zip/php_zip.c:1.40 Wed Mar 14 11:25:20 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 11:37:35 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.40 2007/03/14 11:25:20 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.41 2007/03/14 11:37:35 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -706,6 +706,7 @@ rsrc_int-index_current++; ZEND_REGISTER_RESOURCE(return_value, zr_rsrc, le_zip_entry); } else { + efree(zr_rsrc); RETURN_FALSE; } @@ -2102,7 +2103,7 @@ php_info_print_table_start(); php_info_print_table_row(2, Zip, enabled); - php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.40 2007/03/14 11:25:20 pajoye Exp $); + php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.41 2007/03/14 11:37:35 pajoye Exp $); php_info_print_table_row(2, Zip version, 2.0.0); php_info_print_table_row(2, Libzip version, 0.7.1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/sybase_ct/tests test_fetch_object.phpt test_fields.phpt
thekid Wed Mar 14 11:44:24 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/sybase_ct/teststest_fields.phpt test_fetch_object.phpt Log: - Changed expected output # Due to var_export() __set_state() changes http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/tests/test_fields.phpt?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/sybase_ct/tests/test_fields.phpt diff -u php-src/ext/sybase_ct/tests/test_fields.phpt:1.1 php-src/ext/sybase_ct/tests/test_fields.phpt:1.1.6.1 --- php-src/ext/sybase_ct/tests/test_fields.phpt:1.1Mon Jul 12 20:26:53 2004 +++ php-src/ext/sybase_ct/tests/test_fields.phptWed Mar 14 11:44:24 2007 @@ -6,7 +6,7 @@ ?php /* This file is part of PHP test framework for ext/sybase_ct * - * $Id: test_fields.phpt,v 1.1 2004/07/12 20:26:53 thekid Exp $ + * $Id: test_fields.phpt,v 1.1.6.1 2007/03/14 11:44:24 thekid Exp $ */ require('test.inc'); @@ -38,39 +38,39 @@ --EXPECTF-- resource(%d) of type (sybase-ct result) int(4) -class stdClass { - %s $name = 'id'; - %s $max_length = 11; - %s $column_source = ''; - %s $numeric = 1; - %s $type = 'int'; -} -class stdClass { - %s $name = 'caption'; - %s $max_length = 5; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'string'; -} -class stdClass { - %s $name = 'author'; - %s $max_length = 4; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'string'; -} -class stdClass { - %s $name = 'lastchange'; - %s $max_length = 29; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'datetime'; -} +stdClass::__set_state(array( + 'name' = 'id', + 'max_length' = 11, + 'column_source' = '', + 'numeric' = 1, + 'type' = 'int', +)) +stdClass::__set_state(array( + 'name' = 'caption', + 'max_length' = 5, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'string', +)) +stdClass::__set_state(array( + 'name' = 'author', + 'max_length' = 4, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'string', +)) +stdClass::__set_state(array( + 'name' = 'lastchange', + 'max_length' = 29, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'datetime', +)) bool(true) -class stdClass { - %s $name = 'caption'; - %s $max_length = 5; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'string'; -} +stdClass::__set_state(array( + 'name' = 'caption', + 'max_length' = 5, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'string', +)) http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/tests/test_fetch_object.phpt?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/sybase_ct/tests/test_fetch_object.phpt diff -u php-src/ext/sybase_ct/tests/test_fetch_object.phpt:1.1 php-src/ext/sybase_ct/tests/test_fetch_object.phpt:1.1.6.1 --- php-src/ext/sybase_ct/tests/test_fetch_object.phpt:1.1 Sun Jul 11 16:10:03 2004 +++ php-src/ext/sybase_ct/tests/test_fetch_object.phpt Wed Mar 14 11:44:24 2007 @@ -8,7 +8,7 @@ ?php /* This file is part of PHP test framework for ext/sybase_ct * - * $Id: test_fetch_object.phpt,v 1.1 2004/07/11 16:10:03 thekid Exp $ + * $Id: test_fetch_object.phpt,v 1.1.6.1 2007/03/14 11:44:24 thekid Exp $ */ require('test.inc'); @@ -46,29 +46,29 @@ sybase_close($db); ? --EXPECTF-- -class stdClass { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} -class article { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} -class article { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} +stdClass::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) +article::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) +article::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) Notice: sybase_fetch_object(): Sybase: Class *** has not been declared in %s/test_fetch_object.php on line %d -class stdClass { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} +stdClass::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/sybase_ct/tests bug30312.phpt
thekid Wed Mar 14 11:46:06 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/sybase_ct/testsbug30312.phpt Log: - Changed expected output # select getdate() returns something like Mar 14 2007 12:44PM, we # were checking for one additional (nonexistant) whitespace after Mar # which was wrong. Don`t know when and how this changed http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/tests/bug30312.phpt?r1=1.1r2=1.1.4.1diff_format=u Index: php-src/ext/sybase_ct/tests/bug30312.phpt diff -u php-src/ext/sybase_ct/tests/bug30312.phpt:1.1 php-src/ext/sybase_ct/tests/bug30312.phpt:1.1.4.1 --- php-src/ext/sybase_ct/tests/bug30312.phpt:1.1 Sun Feb 6 11:58:53 2005 +++ php-src/ext/sybase_ct/tests/bug30312.phpt Wed Mar 14 11:46:06 2007 @@ -6,7 +6,7 @@ ?php /* This file is part of PHP test framework for ext/sybase_ct * - * $Id: bug30312.phpt,v 1.1 2005/02/06 11:58:53 thekid Exp $ + * $Id: bug30312.phpt,v 1.1.4.1 2007/03/14 11:46:06 thekid Exp $ */ require('test.inc'); @@ -23,5 +23,5 @@ var_dump($array[0]); ? --EXPECTF-- -string(%d) %s %d %d %d:%d%s -string(%d) %s %d %d %d:%d%s +string(%d) %s %d %d %d:%d%s +string(%d) %s %d %d %d:%d%s -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/sybase_ct php_sybase_ct.c
thekid Wed Mar 14 11:48:49 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/sybase_ct php_sybase_ct.c Log: - Fixed segmentation fault in sybase_connect() # This was introduced by changing sprintf - spprintf and resulted # from passing a char* to spprintf() instead of a char** http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/php_sybase_ct.c?r1=1.103.2.5.2.10r2=1.103.2.5.2.11diff_format=u Index: php-src/ext/sybase_ct/php_sybase_ct.c diff -u php-src/ext/sybase_ct/php_sybase_ct.c:1.103.2.5.2.10 php-src/ext/sybase_ct/php_sybase_ct.c:1.103.2.5.2.11 --- php-src/ext/sybase_ct/php_sybase_ct.c:1.103.2.5.2.10Tue Mar 6 02:07:10 2007 +++ php-src/ext/sybase_ct/php_sybase_ct.c Wed Mar 14 11:48:49 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: php_sybase_ct.c,v 1.103.2.5.2.10 2007/03/06 02:07:10 stas Exp $ */ +/* $Id: php_sybase_ct.c,v 1.103.2.5.2.11 2007/03/14 11:48:49 thekid Exp $ */ #ifdef HAVE_CONFIG_H @@ -599,7 +599,7 @@ convert_to_string_ex(yyhost); host = Z_STRVAL_PP(yyhost); user=passwd=charset=appname=NULL; - hashed_details_length = spprintf(hashed_details, 0, sybase_%s, Z_STRVAL_PP(yyhost)); + hashed_details_length = spprintf(hashed_details, 0, sybase_%s, Z_STRVAL_PP(yyhost)); } break; case 2: { @@ -613,7 +613,7 @@ host = Z_STRVAL_PP(yyhost); user = Z_STRVAL_PP(yyuser); passwd=charset=appname=NULL; - hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s___, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser)); + hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s___, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser)); } break; case 3: { @@ -629,7 +629,7 @@ user = Z_STRVAL_PP(yyuser); passwd = Z_STRVAL_PP(yypasswd); charset=appname=NULL; - hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s_%s__, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd)); + hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s_%s__, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd)); } break; case 4: { @@ -647,7 +647,7 @@ passwd = Z_STRVAL_PP(yypasswd); charset = Z_STRVAL_PP(yycharset); appname=NULL; - hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s_%s_%s_, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd), Z_STRVAL_PP(yycharset)); + hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s_%s_%s_, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd), Z_STRVAL_PP(yycharset)); } break; case 5: { @@ -666,7 +666,7 @@ passwd = Z_STRVAL_PP(yypasswd); charset = Z_STRVAL_PP(yycharset); appname = Z_STRVAL_PP(yyappname); - hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s_%s_%s_%s, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd), Z_STRVAL_PP(yycharset), Z_STRVAL_PP(yyappname)); + hashed_details_length = spprintf(hashed_details, 0, sybase_%s_%s_%s_%s_%s, Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd), Z_STRVAL_PP(yycharset), Z_STRVAL_PP(yyappname)); } break; default: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/sybase_ct/tests test_msghandler_handled.phpt
thekid Wed Mar 14 11:57:45 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/sybase_ct/teststest_msghandler_handled.phpt Log: - Changed message handler also to handle message #11021 - Adjusted expected output # Seems newer Sybase versions yielf different error codes for getdate(NULL) http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/tests/test_msghandler_handled.phpt?r1=1.1r2=1.1.6.1diff_format=u Index: php-src/ext/sybase_ct/tests/test_msghandler_handled.phpt diff -u php-src/ext/sybase_ct/tests/test_msghandler_handled.phpt:1.1 php-src/ext/sybase_ct/tests/test_msghandler_handled.phpt:1.1.6.1 --- php-src/ext/sybase_ct/tests/test_msghandler_handled.phpt:1.1Sun Jul 11 16:07:07 2004 +++ php-src/ext/sybase_ct/tests/test_msghandler_handled.phptWed Mar 14 11:57:45 2007 @@ -6,7 +6,7 @@ ?php /* This file is part of PHP test framework for ext/sybase_ct * - * $Id: test_msghandler_handled.phpt,v 1.1 2004/07/11 16:07:07 thekid Exp $ + * $Id: test_msghandler_handled.phpt,v 1.1.6.1 2007/03/14 11:57:45 thekid Exp $ */ require('test.inc'); @@ -20,6 +20,7 @@ return; case 174: // The function 'GETDATE' requires 0 arguments. + case 11021: // Function GETDATE invoked with wrong number or type of argument(s) printf(*** Caught '%s'\n, trim($text)); return; } @@ -45,7 +46,7 @@ --EXPECTF-- bool(true) Query: select getdate(NULL) -*** Caught 'The function 'GETDATE' requires 0 arguments.' +*** Caught '%s' Return: boolean bool(false) Query: print Hi -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS
tony2001Wed Mar 14 11:58:19 2007 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS Log: BFN http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.589r2=1.2027.2.547.2.590diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.589 php-src/NEWS:1.2027.2.547.2.590 --- php-src/NEWS:1.2027.2.547.2.589 Wed Mar 14 11:32:25 2007 +++ php-src/NEWSWed Mar 14 11:58:18 2007 @@ -19,6 +19,7 @@ - Fixed zend_llist_remove_tail (Michael Wallner, Dmitry) - Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) +- Fixed bug #40800 (cannot disable memory_limit with -1). (Dmitry, Tony) - Fixed bug #40784 (Case sensivity in constructor's fallback). (Tony) - Fixed bug #40770 (Apache child exits when PHP memory limit reached). (Dmitry) - Fixed bug #40764 (line thickness not respected for horizontal and vertical -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/sybase_ct/tests test_fetch_object.phpt test_fields.phpt
thekid Wed Mar 14 12:00:35 2007 UTC Modified files: /php-src/ext/sybase_ct/teststest_fields.phpt test_fetch_object.phpt Log: - Changed expected output # Due to var_export() __set_state() changes http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/tests/test_fields.phpt?r1=1.1r2=1.2diff_format=u Index: php-src/ext/sybase_ct/tests/test_fields.phpt diff -u php-src/ext/sybase_ct/tests/test_fields.phpt:1.1 php-src/ext/sybase_ct/tests/test_fields.phpt:1.2 --- php-src/ext/sybase_ct/tests/test_fields.phpt:1.1Mon Jul 12 20:26:53 2004 +++ php-src/ext/sybase_ct/tests/test_fields.phptWed Mar 14 12:00:35 2007 @@ -6,7 +6,7 @@ ?php /* This file is part of PHP test framework for ext/sybase_ct * - * $Id: test_fields.phpt,v 1.1 2004/07/12 20:26:53 thekid Exp $ + * $Id: test_fields.phpt,v 1.2 2007/03/14 12:00:35 thekid Exp $ */ require('test.inc'); @@ -38,39 +38,39 @@ --EXPECTF-- resource(%d) of type (sybase-ct result) int(4) -class stdClass { - %s $name = 'id'; - %s $max_length = 11; - %s $column_source = ''; - %s $numeric = 1; - %s $type = 'int'; -} -class stdClass { - %s $name = 'caption'; - %s $max_length = 5; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'string'; -} -class stdClass { - %s $name = 'author'; - %s $max_length = 4; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'string'; -} -class stdClass { - %s $name = 'lastchange'; - %s $max_length = 29; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'datetime'; -} +stdClass::__set_state(array( + 'name' = 'id', + 'max_length' = 11, + 'column_source' = '', + 'numeric' = 1, + 'type' = 'int', +)) +stdClass::__set_state(array( + 'name' = 'caption', + 'max_length' = 5, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'string', +)) +stdClass::__set_state(array( + 'name' = 'author', + 'max_length' = 4, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'string', +)) +stdClass::__set_state(array( + 'name' = 'lastchange', + 'max_length' = 29, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'datetime', +)) bool(true) -class stdClass { - %s $name = 'caption'; - %s $max_length = 5; - %s $column_source = ''; - %s $numeric = 0; - %s $type = 'string'; -} +stdClass::__set_state(array( + 'name' = 'caption', + 'max_length' = 5, + 'column_source' = '', + 'numeric' = 0, + 'type' = 'string', +)) http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/tests/test_fetch_object.phpt?r1=1.1r2=1.2diff_format=u Index: php-src/ext/sybase_ct/tests/test_fetch_object.phpt diff -u php-src/ext/sybase_ct/tests/test_fetch_object.phpt:1.1 php-src/ext/sybase_ct/tests/test_fetch_object.phpt:1.2 --- php-src/ext/sybase_ct/tests/test_fetch_object.phpt:1.1 Sun Jul 11 16:10:03 2004 +++ php-src/ext/sybase_ct/tests/test_fetch_object.phpt Wed Mar 14 12:00:35 2007 @@ -8,7 +8,7 @@ ?php /* This file is part of PHP test framework for ext/sybase_ct * - * $Id: test_fetch_object.phpt,v 1.1 2004/07/11 16:10:03 thekid Exp $ + * $Id: test_fetch_object.phpt,v 1.2 2007/03/14 12:00:35 thekid Exp $ */ require('test.inc'); @@ -46,29 +46,29 @@ sybase_close($db); ? --EXPECTF-- -class stdClass { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} -class article { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} -class article { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} +stdClass::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) +article::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) +article::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) Notice: sybase_fetch_object(): Sybase: Class *** has not been declared in %s/test_fetch_object.php on line %d -class stdClass { - %s $id = 1; - %s $caption = 'Hello'; - %s $author = 'timm'; - %s $lastchange = '%s'; -} +stdClass::__set_state(array( + 'id' = 1, + 'caption' = 'Hello', + 'author' = 'timm', + 'lastchange' = '%s', +)) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/sybase_ct/tests bug30312.phpt
thekid Wed Mar 14 12:01:21 2007 UTC Modified files: /php-src/ext/sybase_ct/testsbug30312.phpt Log: - MFB: Changed expected output # select getdate() returns something like Mar 14 2007 12:44PM, we # were checking for one additional (nonexistant) whitespace after Mar # which was wrong. Don`t know when and how this changed http://cvs.php.net/viewvc.cgi/php-src/ext/sybase_ct/tests/bug30312.phpt?r1=1.1r2=1.2diff_format=u Index: php-src/ext/sybase_ct/tests/bug30312.phpt diff -u php-src/ext/sybase_ct/tests/bug30312.phpt:1.1 php-src/ext/sybase_ct/tests/bug30312.phpt:1.2 --- php-src/ext/sybase_ct/tests/bug30312.phpt:1.1 Sun Feb 6 11:58:53 2005 +++ php-src/ext/sybase_ct/tests/bug30312.phpt Wed Mar 14 12:01:21 2007 @@ -6,7 +6,7 @@ ?php /* This file is part of PHP test framework for ext/sybase_ct * - * $Id: bug30312.phpt,v 1.1 2005/02/06 11:58:53 thekid Exp $ + * $Id: bug30312.phpt,v 1.2 2007/03/14 12:01:21 thekid Exp $ */ require('test.inc'); @@ -23,5 +23,5 @@ var_dump($array[0]); ? --EXPECTF-- -string(%d) %s %d %d %d:%d%s -string(%d) %s %d %d %d:%d%s +string(%d) %s %d %d %d:%d%s +string(%d) %s %d %d %d:%d%s -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/zip php_zip.c
pajoye Wed Mar 14 12:02:40 2007 UTC Modified files: /php-src/ext/zipphp_zip.c Log: - add openbase_dir checks in ::open and addFile() http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.41r2=1.42diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.41 php-src/ext/zip/php_zip.c:1.42 --- php-src/ext/zip/php_zip.c:1.41 Wed Mar 14 11:37:35 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 12:02:40 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.41 2007/03/14 11:37:35 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.42 2007/03/14 12:02:40 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -927,6 +927,10 @@ RETURN_FALSE; } + if (OPENBASEDIR_CHECKPATH(filename)) { + RETURN_FALSE; + } + if(!expand_filepath(filename, resolved_path TSRMLS_CC)) { RETURN_FALSE; } @@ -1067,6 +1071,10 @@ } } + if (OPENBASEDIR_CHECKPATH(filename)) { + RETURN_FALSE; + } + if(!expand_filepath(filename, resolved_path TSRMLS_CC)) { if (Z_TYPE_PP(filename_zval) == IS_UNICODE) { efree(entry_name); @@ -2103,7 +2111,7 @@ php_info_print_table_start(); php_info_print_table_row(2, Zip, enabled); - php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.41 2007/03/14 11:37:35 pajoye Exp $); + php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.42 2007/03/14 12:02:40 pajoye Exp $); php_info_print_table_row(2, Zip version, 2.0.0); php_info_print_table_row(2, Libzip version, 0.7.1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/zip php_zip.c
pajoye Wed Mar 14 12:06:20 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/zipphp_zip.c Log: - MFH: openbasedir and safemode check in ::open() http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.29r2=1.1.2.30diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.1.2.29 php-src/ext/zip/php_zip.c:1.1.2.30 --- php-src/ext/zip/php_zip.c:1.1.2.29 Wed Mar 14 11:32:25 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 12:06:20 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.1.2.29 2007/03/14 11:32:25 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.1.2.30 2007/03/14 12:06:20 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -917,6 +917,10 @@ RETURN_FALSE; } + if (OPENBASEDIR_CHECKPATH(filename)) { + RETURN_FALSE; + } + if (!expand_filepath(filename, resolved_path TSRMLS_CC)) { RETURN_FALSE; } @@ -2022,7 +2026,7 @@ php_info_print_table_start(); php_info_print_table_row(2, Zip, enabled); - php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.1.2.29 2007/03/14 11:32:25 pajoye Exp $); + php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.1.2.30 2007/03/14 12:06:20 pajoye Exp $); php_info_print_table_row(2, Zip version, 2.0.0); php_info_print_table_row(2, Libzip version, 0.7.1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/zip php_zip.c php_zip.h zip_stream.c
Revert? You just changed the code into a macro. Ilia -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src /ext/zip php_zip.c php_zip.h zip_stream.c
On 3/14/07, Ilia Alshanetsky [EMAIL PROTECTED] wrote: Revert? You just changed the code into a macro. It was already a macro, you should have used it. So yes, I revert yours, rename the macro to make its goal clearer and use it. --Pierre -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
On Sat, 10 Mar 2007, Pierre-Alain Joye wrote: pajoyeSat Mar 10 13:07:45 2007 UTC Modified files: (Branch: PHP_4_4) /php-src NEWS Log: - NEWS entry for the ft cve http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.204r2=1.1247.2.920.2.205diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.204 php-src/NEWS:1.1247.2.920.2.205 --- php-src/NEWS:1.1247.2.920.2.204 Sat Mar 10 13:06:37 2007 +++ php-src/NEWS Sat Mar 10 13:07:44 2007 @@ -2,6 +2,7 @@ ||| ?? ??? 2007, Version 4.4.7 - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) +- Fixed CVE-2007-0455 (Kees Cook, Pierre) Could you please add a short description of what was actually broken/fixed. Just the CVE name is too annoying for users (as they most likely have no clue what it is, or look up what the problem was). regards, Derick -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) /ext/bz2 bz2.c
On Wed, 14 Mar 2007, Ilia Alshanetsky wrote: iliaa Wed Mar 14 03:52:16 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/bz2 bz2.c Log: MFB: Added missing open_basedir safe_mode checks to bzip:// wrapper. Please add fixes (also security fixes) to the NEWS file. regards, Derick -- Derick Rethans http://derickrethans.nl | http://ez.no | http://xdebug.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
iliaa Wed Mar 14 14:49:29 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: Bug fixing news http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.205r2=1.1247.2.920.2.206diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.205 php-src/NEWS:1.1247.2.920.2.206 --- php-src/NEWS:1.1247.2.920.2.205 Sat Mar 10 13:07:44 2007 +++ php-src/NEWSWed Mar 14 14:49:28 2007 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 +- Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the + compress.bzip2 wraper. (Ilia) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455 (Kees Cook, Pierre) - Fixed bug #40747 (possible crash in session when save_path is out of -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/zip php_zip.c
iliaa Wed Mar 14 15:02:20 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/zipphp_zip.c Log: Fixed a possible memory leak on open_basedir validation http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.30r2=1.1.2.31diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.1.2.30 php-src/ext/zip/php_zip.c:1.1.2.31 --- php-src/ext/zip/php_zip.c:1.1.2.30 Wed Mar 14 12:06:20 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 15:02:20 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.1.2.30 2007/03/14 12:06:20 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.1.2.31 2007/03/14 15:02:20 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -160,6 +160,7 @@ * safemode status as its parent folder? */ if (OPENBASEDIR_CHECKPATH(fullpath)) { + efree(fullpath); efree(file_dirname_fullpath); efree(file_basename); return 0; @@ -2026,7 +2027,7 @@ php_info_print_table_start(); php_info_print_table_row(2, Zip, enabled); - php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.1.2.30 2007/03/14 12:06:20 pajoye Exp $); + php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.1.2.31 2007/03/14 15:02:20 iliaa Exp $); php_info_print_table_row(2, Zip version, 2.0.0); php_info_print_table_row(2, Libzip version, 0.7.1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
pajoye Wed Mar 14 15:06:14 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: - add summary of the CVE http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.206r2=1.1247.2.920.2.207diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.206 php-src/NEWS:1.1247.2.920.2.207 --- php-src/NEWS:1.1247.2.920.2.206 Wed Mar 14 14:49:28 2007 +++ php-src/NEWSWed Mar 14 15:06:13 2007 @@ -4,7 +4,8 @@ - Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the compress.bzip2 wraper. (Ilia) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) -- Fixed CVE-2007-0455 (Kees Cook, Pierre) +- Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf + function) (Kees Cook, Pierre) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_2) /ext/zip php_zip.c
On 3/14/07, Ilia Alshanetsky [EMAIL PROTECTED] wrote: iliaa Wed Mar 14 15:02:20 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/zipphp_zip.c Log: Fixed a possible memory leak on open_basedir validation Thanks! Please don't forget to merge in HEAD :) --Pierre -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS
pajoye Wed Mar 14 15:10:37 2007 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS Log: - add ::open to the safemode check entry http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.590r2=1.2027.2.547.2.591diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.590 php-src/NEWS:1.2027.2.547.2.591 --- php-src/NEWS:1.2027.2.547.2.590 Wed Mar 14 11:58:18 2007 +++ php-src/NEWSWed Mar 14 15:10:37 2007 @@ -14,7 +14,8 @@ . Added SplFileInfo::getLinkTarget(), SplFileInfo::getRealPath(). - Added --ri switch to CLI which allows to check extension information. (Marcus) - Added tidyNode::getParent() method (John, Nuno) -- Added openbasedir and safemode checks in zip:// stream wrapper (Pierre) +- Added openbasedir and safemode checks in zip:// stream wrapper and + ZipArchive::open (Pierre) - Fixed possible relative path issues in zip_open and TS mode (old API) (Pierre) - Fixed zend_llist_remove_tail (Michael Wallner, Dmitry) - Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/zip php_zip.c
pajoye Wed Mar 14 16:34:56 2007 UTC Modified files: /php-src/ext/zipphp_zip.c Log: - MFB: Fixed a possible memory leak on open_basedir validation (Ilia) http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.42r2=1.43diff_format=u Index: php-src/ext/zip/php_zip.c diff -u php-src/ext/zip/php_zip.c:1.42 php-src/ext/zip/php_zip.c:1.43 --- php-src/ext/zip/php_zip.c:1.42 Wed Mar 14 12:02:40 2007 +++ php-src/ext/zip/php_zip.c Wed Mar 14 16:34:56 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_zip.c,v 1.42 2007/03/14 12:02:40 pajoye Exp $ */ +/* $Id: php_zip.c,v 1.43 2007/03/14 16:34:56 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -155,10 +155,11 @@ } /* check again the full path, not sure if it -* is required, does a file can have a different +* is required, can a file have a different * safemode status as its parent folder? */ if (OPENBASEDIR_CHECKPATH(fullpath)) { + efree(fullpath); efree(file_dirname_fullpath); efree(file_basename); return 0; @@ -2111,7 +2112,7 @@ php_info_print_table_start(); php_info_print_table_row(2, Zip, enabled); - php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.42 2007/03/14 12:02:40 pajoye Exp $); + php_info_print_table_row(2, Extension Version,$Id: php_zip.c,v 1.43 2007/03/14 16:34:56 pajoye Exp $); php_info_print_table_row(2, Zip version, 2.0.0); php_info_print_table_row(2, Libzip version, 0.7.1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) / NEWS
pajoye Wed Mar 14 16:36:16 2007 UTC Modified files: (Branch: PHP_5_2) /php-srcNEWS Log: - leak in extract http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.591r2=1.2027.2.547.2.592diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.591 php-src/NEWS:1.2027.2.547.2.592 --- php-src/NEWS:1.2027.2.547.2.591 Wed Mar 14 15:10:37 2007 +++ php-src/NEWSWed Mar 14 16:36:16 2007 @@ -16,6 +16,7 @@ - Added tidyNode::getParent() method (John, Nuno) - Added openbasedir and safemode checks in zip:// stream wrapper and ZipArchive::open (Pierre) +- Fixed possible leak in ZipArchive::extractTo when safemode checks fails (Ilia) - Fixed possible relative path issues in zip_open and TS mode (old API) (Pierre) - Fixed zend_llist_remove_tail (Michael Wallner, Dmitry) - Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/session session.c
iliaa Wed Mar 14 19:37:07 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/sessionsession.c Log: Fixed MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability # Discovered by Stefan Esser http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.31r2=1.417.2.8.2.32diff_format=u Index: php-src/ext/session/session.c diff -u php-src/ext/session/session.c:1.417.2.8.2.31 php-src/ext/session/session.c:1.417.2.8.2.32 --- php-src/ext/session/session.c:1.417.2.8.2.31Sat Mar 3 15:07:31 2007 +++ php-src/ext/session/session.c Wed Mar 14 19:37:07 2007 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: session.c,v 1.417.2.8.2.31 2007/03/03 15:07:31 iliaa Exp $ */ +/* $Id: session.c,v 1.417.2.8.2.32 2007/03/14 19:37:07 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -846,6 +846,7 @@ } else if (PS(invalid_session_id)) { /* address instances where the session read fails due to an invalid id */ PS(invalid_session_id) = 0; efree(PS(id)); + PS(id) = NULL; goto new_session; } } @@ -1575,6 +1576,7 @@ RETURN_FALSE; } efree(PS(id)); + PS(id) = NULL; } PS(id) = PS(mod)-s_create_sid(PS(mod_data), NULL TSRMLS_CC); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/session session.c
iliaa Wed Mar 14 19:42:59 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/sessionsession.c /php-srcNEWS Log: MFB: Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.336.2.53.2.14r2=1.336.2.53.2.15diff_format=u Index: php-src/ext/session/session.c diff -u php-src/ext/session/session.c:1.336.2.53.2.14 php-src/ext/session/session.c:1.336.2.53.2.15 --- php-src/ext/session/session.c:1.336.2.53.2.14 Thu Feb 15 09:41:30 2007 +++ php-src/ext/session/session.c Wed Mar 14 19:42:59 2007 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: session.c,v 1.336.2.53.2.14 2007/02/15 09:41:30 tony2001 Exp $ */ +/* $Id: session.c,v 1.336.2.53.2.15 2007/03/14 19:42:59 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -1396,7 +1396,10 @@ RETURN_FALSE; } if (PS(session_status) == php_session_active) { - if (PS(id)) efree(PS(id)); + if (PS(id)) { + efree(PS(id)); + PS(id) = NULL; + } PS(id) = PS(mod)-s_create_sid(PS(mod_data), NULL TSRMLS_CC); @@ -1688,6 +1691,7 @@ } if (PS(id)) { efree(PS(id)); + PS(id) = NULL; } PS(session_status)=php_session_none; } http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.208r2=1.1247.2.920.2.209diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.208 php-src/NEWS:1.1247.2.920.2.209 --- php-src/NEWS:1.1247.2.920.2.208 Wed Mar 14 16:20:11 2007 +++ php-src/NEWSWed Mar 14 19:42:59 2007 @@ -3,6 +3,8 @@ ?? ??? 2007, Version 4.4.7 - Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the compress.bzip2 wraper. (Ilia) +- Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. + (Ilia) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf function) (Kees Cook, Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/openssl xp_ssl.c
tony2001Wed Mar 14 19:21:24 2007 UTC Modified files: /php-src/ext/opensslxp_ssl.c Log: fix #40750 (openssl stream wrapper ignores default_stream_timeout) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/xp_ssl.c?r1=1.30r2=1.31diff_format=u Index: php-src/ext/openssl/xp_ssl.c diff -u php-src/ext/openssl/xp_ssl.c:1.30 php-src/ext/openssl/xp_ssl.c:1.31 --- php-src/ext/openssl/xp_ssl.c:1.30 Mon Jan 1 09:29:26 2007 +++ php-src/ext/openssl/xp_ssl.cWed Mar 14 19:21:23 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: xp_ssl.c,v 1.30 2007/01/01 09:29:26 sebastian Exp $ */ +/* $Id: xp_ssl.c,v 1.31 2007/03/14 19:21:23 tony2001 Exp $ */ #include php.h #include ext/standard/file.h @@ -47,6 +47,7 @@ typedef struct _php_openssl_netstream_data_t { php_netstream_data_t s; SSL *ssl_handle; + struct timeval connect_timeout; int enable_on_connect; int is_client; int ssl_active; @@ -390,7 +391,7 @@ int n, retry = 1; if (cparam-inputs.activate !sslsock-ssl_active) { - float timeout = sslsock-s.timeout.tv_sec + sslsock-s.timeout.tv_usec / 100; + float timeout = sslsock-connect_timeout.tv_sec + sslsock-connect_timeout.tv_usec / 100; int blocked = sslsock-s.is_blocked; if (!sslsock-state_set) { @@ -607,7 +608,7 @@ tv.tv_sec = FG(default_socket_timeout); tv.tv_usec = 0; } else { - tv = sslsock-s.timeout; + tv = sslsock-connect_timeout; } } else { tv.tv_sec = value; @@ -765,8 +766,13 @@ memset(sslsock, 0, sizeof(*sslsock)); sslsock-s.is_blocked = 1; - sslsock-s.timeout.tv_sec = timeout-tv_sec; - sslsock-s.timeout.tv_usec = timeout-tv_usec; + /* this timeout is used by standard stream funcs, therefor it should use the default value */ + sslsock-s.timeout.tv_sec = FG(default_socket_timeout); + sslsock-s.timeout.tv_usec = 0; + + /* use separate timeout for our private funcs */ + sslsock-connect_timeout.tv_sec = timeout-tv_sec; + sslsock-connect_timeout.tv_usec = timeout-tv_usec; /* we don't know the socket until we have determined if we are binding or * connecting */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src /ext/pcre php_pcre.c /ext/pcre/tests preg_replace_callback2.phpt
tony2001Wed Mar 14 23:47:19 2007 UTC Modified files: /php-src/ext/pcre php_pcre.c /php-src/ext/pcre/tests preg_replace_callback2.phpt Log: don't emit any warnings in addition to an exception http://cvs.php.net/viewvc.cgi/php-src/ext/pcre/php_pcre.c?r1=1.210r2=1.211diff_format=u Index: php-src/ext/pcre/php_pcre.c diff -u php-src/ext/pcre/php_pcre.c:1.210 php-src/ext/pcre/php_pcre.c:1.211 --- php-src/ext/pcre/php_pcre.c:1.210 Mon Jan 1 09:29:27 2007 +++ php-src/ext/pcre/php_pcre.c Wed Mar 14 23:47:19 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_pcre.c,v 1.210 2007/01/01 09:29:27 sebastian Exp $ */ +/* $Id: php_pcre.c,v 1.211 2007/03/14 23:47:19 tony2001 Exp $ */ /* TODO * php_pcre_replace_impl(): @@ -912,7 +912,9 @@ result_len = Z_STRLEN_P(retval_ptr); zval_ptr_dtor(retval_ptr); } else { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unable to call custom replacement function); + if (!EG(exception)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unable to call custom replacement function); + } result_len = offsets[1] - offsets[0]; *result = estrndup(subject[offsets[0]], result_len); } http://cvs.php.net/viewvc.cgi/php-src/ext/pcre/tests/preg_replace_callback2.phpt?r1=1.5r2=1.6diff_format=u Index: php-src/ext/pcre/tests/preg_replace_callback2.phpt diff -u php-src/ext/pcre/tests/preg_replace_callback2.phpt:1.5 php-src/ext/pcre/tests/preg_replace_callback2.phpt:1.6 --- php-src/ext/pcre/tests/preg_replace_callback2.phpt:1.5 Tue Sep 19 11:49:21 2006 +++ php-src/ext/pcre/tests/preg_replace_callback2.phpt Wed Mar 14 23:47:19 2007 @@ -22,7 +22,6 @@ var_dump(preg_replace_callback('~\A.~', create_function('$m', 'return strtolower($m[0]);'), 'ABC')); ? --EXPECTF-- -Warning: preg_replace_callback(): Unable to call custom replacement function in %spreg_replace_callback2.php on line %d array(3) { [0]= string(12) 'a' 'b3' bcd @@ -39,7 +38,6 @@ } string(3) aBC --UEXPECTF-- -Warning: preg_replace_callback(): Unable to call custom replacement function in %s on line %d array(3) { [0]= unicode(12) 'a' 'b3' bcd -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_2) /ext/pcre php_pcre.c /ext/pcre/tests preg_replace_callback2.phpt
tony2001Wed Mar 14 23:47:44 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/pcre php_pcre.c /php-src/ext/pcre/tests preg_replace_callback2.phpt Log: MFH: remove unnecessary warning in case of exception http://cvs.php.net/viewvc.cgi/php-src/ext/pcre/php_pcre.c?r1=1.168.2.9.2.15r2=1.168.2.9.2.16diff_format=u Index: php-src/ext/pcre/php_pcre.c diff -u php-src/ext/pcre/php_pcre.c:1.168.2.9.2.15 php-src/ext/pcre/php_pcre.c:1.168.2.9.2.16 --- php-src/ext/pcre/php_pcre.c:1.168.2.9.2.15 Wed Jan 10 14:37:31 2007 +++ php-src/ext/pcre/php_pcre.c Wed Mar 14 23:47:44 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_pcre.c,v 1.168.2.9.2.15 2007/01/10 14:37:31 bjori Exp $ */ +/* $Id: php_pcre.c,v 1.168.2.9.2.16 2007/03/14 23:47:44 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include config.h @@ -811,7 +811,9 @@ result_len = Z_STRLEN_P(retval_ptr); zval_ptr_dtor(retval_ptr); } else { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unable to call custom replacement function); + if (!EG(exception)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unable to call custom replacement function); + } result_len = offsets[1] - offsets[0]; *result = estrndup(subject[offsets[0]], result_len); } http://cvs.php.net/viewvc.cgi/php-src/ext/pcre/tests/preg_replace_callback2.phpt?r1=1.1.2.2r2=1.1.2.3diff_format=u Index: php-src/ext/pcre/tests/preg_replace_callback2.phpt diff -u php-src/ext/pcre/tests/preg_replace_callback2.phpt:1.1.2.2 php-src/ext/pcre/tests/preg_replace_callback2.phpt:1.1.2.3 --- php-src/ext/pcre/tests/preg_replace_callback2.phpt:1.1.2.2 Mon Jul 3 16:03:51 2006 +++ php-src/ext/pcre/tests/preg_replace_callback2.phpt Wed Mar 14 23:47:44 2007 @@ -22,7 +22,6 @@ var_dump(preg_replace_callback('~\A.~', create_function('$m', 'return strtolower($m[0]);'), 'ABC')); ? --EXPECTF-- -Warning: preg_replace_callback(): Unable to call custom replacement function in %spreg_replace_callback2.php on line %d array(3) { [0]= string(12) 'a' 'b3' bcd -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php