[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Wed Aug 6 08:32:30 2008 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - 4.4.9, rock and roll. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.48&r2=1.66.2.81.2.49&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.48 php-src/main/php_version.h:1.66.2.81.2.49 --- php-src/main/php_version.h:1.66.2.81.2.48 Tue Jul 22 07:38:38 2008 +++ php-src/main/php_version.h Wed Aug 6 08:32:30 2008 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 9 -#define PHP_EXTRA_VERSION "RC2-dev" -#define PHP_VERSION "4.4.9RC2-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "4.4.9" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.52&r2=1.396.2.164.2.53&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.52 php-src/configure.in:1.396.2.164.2.53 --- php-src/configure.in:1.396.2.164.2.52 Tue Jul 22 07:38:38 2008 +++ php-src/configure.inWed Aug 6 08:32:30 2008 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.52 2008/07/22 07:38:38 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.53 2008/08/06 08:32:30 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=9 -EXTRA_VERSION="RC2-dev" +EXTRA_VERSION="" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.254&r2=1.1247.2.920.2.255&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.254 php-src/NEWS:1.1247.2.920.2.255 --- php-src/NEWS:1.1247.2.920.2.254 Wed Aug 6 08:09:06 2008 +++ php-src/NEWSWed Aug 6 08:32:30 2008 @@ -1,10 +1,8 @@ PHP 4 NEWS ||| -?? Aug 2008, Version 4.4.9 -- Fixed overflow in memnstr(). (Reported by Laurent Gaffie, Derick) - -22 Jul 2008, Version 4.4.9RC1 +07 Aug 2008, Version 4.4.9 - Updated PCRE to version 7.7. (Nuno) +- Fixed overflow in memnstr(). (Reported by Laurent Gaffie, Derick) - Fixed crash in imageloadfont when an invalid font is given. (discovered by CzechSec, fixed by Pierre) - Fixed open_basedir handling issue in the curl extension. (Stas) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard php_string.h /ext/standard/tests/strings explode_bug.phpt Zend zend_multibyte.c
derick Wed Aug 6 08:09:07 2008 UTC Added files: (Branch: PHP_4_4) /php-src/ext/standard/tests/strings explode_bug.phpt Modified files: /php-srcNEWS /Zend zend_multibyte.c /php-src/ext/standard php_string.h Log: - MFH (manually): Fixed overflow in memnstr(). http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.253&r2=1.1247.2.920.2.254&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.253 php-src/NEWS:1.1247.2.920.2.254 --- php-src/NEWS:1.1247.2.920.2.253 Tue Jul 22 07:38:38 2008 +++ php-src/NEWSWed Aug 6 08:09:06 2008 @@ -1,6 +1,7 @@ PHP 4 NEWS ||| ?? Aug 2008, Version 4.4.9 +- Fixed overflow in memnstr(). (Reported by Laurent Gaffie, Derick) 22 Jul 2008, Version 4.4.9RC1 - Updated PCRE to version 7.7. (Nuno) http://cvs.php.net/viewvc.cgi/Zend/zend_multibyte.c?r1=1.4.2.1.8.2&r2=1.4.2.1.8.3&diff_format=u Index: Zend/zend_multibyte.c diff -u Zend/zend_multibyte.c:1.4.2.1.8.2 Zend/zend_multibyte.c:1.4.2.1.8.3 --- Zend/zend_multibyte.c:1.4.2.1.8.2 Sun Jan 1 13:46:49 2006 +++ Zend/zend_multibyte.c Wed Aug 6 08:09:07 2008 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: zend_multibyte.c,v 1.4.2.1.8.2 2006/01/01 13:46:49 sniper Exp $ */ +/* $Id: zend_multibyte.c,v 1.4.2.1.8.3 2008/08/06 08:09:07 derick Exp $ */ #include "zend.h" #include "zend_compile.h" @@ -654,6 +654,9 @@ char first = *needle; /* let end point to the last character where needle may start */ + if (needle_len > end - haystack) { + return NULL; + } end -= needle_len; while (p <= end) { http://cvs.php.net/viewvc.cgi/php-src/ext/standard/php_string.h?r1=1.65.2.5.2.3&r2=1.65.2.5.2.4&diff_format=u Index: php-src/ext/standard/php_string.h diff -u php-src/ext/standard/php_string.h:1.65.2.5.2.3 php-src/ext/standard/php_string.h:1.65.2.5.2.4 --- php-src/ext/standard/php_string.h:1.65.2.5.2.3 Mon Dec 31 07:22:52 2007 +++ php-src/ext/standard/php_string.h Wed Aug 6 08:09:07 2008 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: php_string.h,v 1.65.2.5.2.3 2007/12/31 07:22:52 sebastian Exp $ */ +/* $Id: php_string.h,v 1.65.2.5.2.4 2008/08/06 08:09:07 derick Exp $ */ /* Synced with php 3.0 revision 1.43 1999-06-16 [ssb] */ @@ -137,6 +137,10 @@ char *p = haystack; char ne = needle[needle_len-1]; + + if (needle_len > end - haystack) { + return NULL; + } end -= needle_len; while (p <= end) { http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/strings/explode_bug.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/strings/explode_bug.phpt +++ php-src/ext/standard/tests/strings/explode_bug.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Tue Jul 22 07:38:39 2008 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Back to dev. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.47&r2=1.66.2.81.2.48&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.47 php-src/main/php_version.h:1.66.2.81.2.48 --- php-src/main/php_version.h:1.66.2.81.2.47 Tue Jul 22 07:37:32 2008 +++ php-src/main/php_version.h Tue Jul 22 07:38:38 2008 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 9 -#define PHP_EXTRA_VERSION "RC1" -#define PHP_VERSION "4.4.9RC1" +#define PHP_EXTRA_VERSION "RC2-dev" +#define PHP_VERSION "4.4.9RC2-dev" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.51&r2=1.396.2.164.2.52&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.51 php-src/configure.in:1.396.2.164.2.52 --- php-src/configure.in:1.396.2.164.2.51 Tue Jul 22 07:37:33 2008 +++ php-src/configure.inTue Jul 22 07:38:38 2008 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.51 2008/07/22 07:37:33 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.52 2008/07/22 07:38:38 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=9 -EXTRA_VERSION="RC1" +EXTRA_VERSION="RC2-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.252&r2=1.1247.2.920.2.253&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.252 php-src/NEWS:1.1247.2.920.2.253 --- php-src/NEWS:1.1247.2.920.2.252 Tue Jul 22 07:37:33 2008 +++ php-src/NEWSTue Jul 22 07:38:38 2008 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? Aug 2008, Version 4.4.9 + 22 Jul 2008, Version 4.4.9RC1 - Updated PCRE to version 7.7. (Nuno) - Fixed crash in imageloadfont when an invalid font is given. -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Tue Jul 22 07:37:33 2008 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - RC1. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.46&r2=1.66.2.81.2.47&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.46 php-src/main/php_version.h:1.66.2.81.2.47 --- php-src/main/php_version.h:1.66.2.81.2.46 Thu Jan 3 08:24:25 2008 +++ php-src/main/php_version.h Tue Jul 22 07:37:32 2008 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 9 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "4.4.9-dev" +#define PHP_EXTRA_VERSION "RC1" +#define PHP_VERSION "4.4.9RC1" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.50&r2=1.396.2.164.2.51&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.50 php-src/configure.in:1.396.2.164.2.51 --- php-src/configure.in:1.396.2.164.2.50 Thu Jan 3 08:24:25 2008 +++ php-src/configure.inTue Jul 22 07:37:33 2008 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.50 2008/01/03 08:24:25 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.51 2008/07/22 07:37:33 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=9 -EXTRA_VERSION="-dev" +EXTRA_VERSION="RC1" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.251&r2=1.1247.2.920.2.252&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.251 php-src/NEWS:1.1247.2.920.2.252 --- php-src/NEWS:1.1247.2.920.2.251 Tue Jul 22 07:33:21 2008 +++ php-src/NEWSTue Jul 22 07:37:33 2008 @@ -1,6 +1,6 @@ PHP 4 NEWS ||| -?? ?? 2008, Version 4.4.9 +22 Jul 2008, Version 4.4.9RC1 - Updated PCRE to version 7.7. (Nuno) - Fixed crash in imageloadfont when an invalid font is given. (discovered by CzechSec, fixed by Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
derick Tue Jul 22 07:33:22 2008 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: - Added missing NEWS items. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.250&r2=1.1247.2.920.2.251&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.250 php-src/NEWS:1.1247.2.920.2.251 --- php-src/NEWS:1.1247.2.920.2.250 Thu Jul 17 22:42:06 2008 +++ php-src/NEWSTue Jul 22 07:33:21 2008 @@ -4,6 +4,9 @@ - Updated PCRE to version 7.7. (Nuno) - Fixed crash in imageloadfont when an invalid font is given. (discovered by CzechSec, fixed by Pierre) +- Fixed open_basedir handling issue in the curl extension. (Stas) +- Fixed bug #37421 (mbstring.func_overload set in .htaccess becomes global). + (Rui) 03 Jan 2008, Version 4.4.8 - Improved fix for MOPB-02-2007. (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
pajoye Thu Jul 17 22:42:07 2008 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: - a dot :) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.249&r2=1.1247.2.920.2.250&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.249 php-src/NEWS:1.1247.2.920.2.250 --- php-src/NEWS:1.1247.2.920.2.249 Thu Jul 17 18:08:04 2008 +++ php-src/NEWSThu Jul 17 22:42:06 2008 @@ -2,7 +2,7 @@ ||| ?? ?? 2008, Version 4.4.9 - Updated PCRE to version 7.7. (Nuno) -- Fixed crash in imageloadfont when an invalid font is given +- Fixed crash in imageloadfont when an invalid font is given. (discovered by CzechSec, fixed by Pierre) 03 Jan 2008, Version 4.4.8 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/gd gd.c /ext/gd/tests imageloadfont_invalid.phpt
pajoye Thu Jul 17 18:08:05 2008 UTC Added files: (Branch: PHP_4_4) /php-src/ext/gd/tests imageloadfont_invalid.phpt Modified files: /php-srcNEWS /php-src/ext/gd gd.c Log: - fix crash when some crafted font are given http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.248&r2=1.1247.2.920.2.249&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.248 php-src/NEWS:1.1247.2.920.2.249 --- php-src/NEWS:1.1247.2.920.2.248 Thu Jul 17 14:27:52 2008 +++ php-src/NEWSThu Jul 17 18:08:04 2008 @@ -2,6 +2,8 @@ ||| ?? ?? 2008, Version 4.4.9 - Updated PCRE to version 7.7. (Nuno) +- Fixed crash in imageloadfont when an invalid font is given + (discovered by CzechSec, fixed by Pierre) 03 Jan 2008, Version 4.4.8 - Improved fix for MOPB-02-2007. (Ilia) http://cvs.php.net/viewvc.cgi/php-src/ext/gd/gd.c?r1=1.221.2.56.2.6&r2=1.221.2.56.2.7&diff_format=u Index: php-src/ext/gd/gd.c diff -u php-src/ext/gd/gd.c:1.221.2.56.2.6 php-src/ext/gd/gd.c:1.221.2.56.2.7 --- php-src/ext/gd/gd.c:1.221.2.56.2.6 Mon Dec 31 07:22:47 2007 +++ php-src/ext/gd/gd.c Thu Jul 17 18:08:04 2008 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: gd.c,v 1.221.2.56.2.6 2007/12/31 07:22:47 sebastian Exp $ */ +/* $Id: gd.c,v 1.221.2.56.2.7 2008/07/17 18:08:04 pajoye Exp $ */ /* gd 1.2 is copyright 1994, 1995, Quest Protein Database Center, Cold Spring Harbor Labs. */ @@ -669,6 +669,19 @@ body_size = font->w * font->h * font->nchars; } + if (overflow2(font->nchars, font->h)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Error reading font, invalid font header"); + efree(font); + php_stream_close(stream); + RETURN_FALSE; + } + if (overflow2(font->nchars * font->h, font->w )) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Error reading font, invalid font header"); + efree(font); + php_stream_close(stream); + RETURN_FALSE; + } + if (body_size != body_size_check) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Error reading font"); efree(font); http://cvs.php.net/viewvc.cgi/php-src/ext/gd/tests/imageloadfont_invalid.phpt?view=markup&rev=1.1 Index: php-src/ext/gd/tests/imageloadfont_invalid.phpt +++ php-src/ext/gd/tests/imageloadfont_invalid.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Thu Jan 3 08:21:23 2008 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Go with PHP 4.4.8. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.44&r2=1.66.2.81.2.45&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.44 php-src/main/php_version.h:1.66.2.81.2.45 --- php-src/main/php_version.h:1.66.2.81.2.44 Wed Dec 19 12:52:05 2007 +++ php-src/main/php_version.h Thu Jan 3 08:21:22 2008 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 8 -#define PHP_EXTRA_VERSION "RC2-dev" -#define PHP_VERSION "4.4.8RC2-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "4.4.8" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.48&r2=1.396.2.164.2.49&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.48 php-src/configure.in:1.396.2.164.2.49 --- php-src/configure.in:1.396.2.164.2.48 Wed Dec 19 12:52:05 2007 +++ php-src/configure.inThu Jan 3 08:21:22 2008 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.48 2007/12/19 12:52:05 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.49 2008/01/03 08:21:22 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=8 -EXTRA_VERSION="RC2-dev" +EXTRA_VERSION="" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.246&r2=1.1247.2.920.2.247&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.246 php-src/NEWS:1.1247.2.920.2.247 --- php-src/NEWS:1.1247.2.920.2.246 Wed Dec 19 12:52:05 2007 +++ php-src/NEWSThu Jan 3 08:21:22 2008 @@ -1,8 +1,6 @@ PHP 4 NEWS ||| 03 Jan 2008, Version 4.4.8 - -20 Dec 2007, Version 4.4.8RC1 - Improved fix for MOPB-02-2007. (Ilia) - Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Wed Dec 19 12:52:05 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Back to dev. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.43&r2=1.66.2.81.2.44&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.43 php-src/main/php_version.h:1.66.2.81.2.44 --- php-src/main/php_version.h:1.66.2.81.2.43 Wed Dec 19 12:50:41 2007 +++ php-src/main/php_version.h Wed Dec 19 12:52:05 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 8 -#define PHP_EXTRA_VERSION "RC1" -#define PHP_VERSION "4.4.8RC1" +#define PHP_EXTRA_VERSION "RC2-dev" +#define PHP_VERSION "4.4.8RC2-dev" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.47&r2=1.396.2.164.2.48&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.47 php-src/configure.in:1.396.2.164.2.48 --- php-src/configure.in:1.396.2.164.2.47 Wed Dec 19 12:50:42 2007 +++ php-src/configure.inWed Dec 19 12:52:05 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.47 2007/12/19 12:50:42 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.48 2007/12/19 12:52:05 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=8 -EXTRA_VERSION="RC1" +EXTRA_VERSION="RC2-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.245&r2=1.1247.2.920.2.246&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.245 php-src/NEWS:1.1247.2.920.2.246 --- php-src/NEWS:1.1247.2.920.2.245 Wed Dec 19 12:50:42 2007 +++ php-src/NEWSWed Dec 19 12:52:05 2007 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +03 Jan 2008, Version 4.4.8 + 20 Dec 2007, Version 4.4.8RC1 - Improved fix for MOPB-02-2007. (Ilia) - Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Wed Dec 19 12:50:43 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: 4.4.8RC1 http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.42&r2=1.66.2.81.2.43&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.42 php-src/main/php_version.h:1.66.2.81.2.43 --- php-src/main/php_version.h:1.66.2.81.2.42 Thu May 3 13:50:20 2007 +++ php-src/main/php_version.h Wed Dec 19 12:50:41 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 8 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "4.4.8-dev" +#define PHP_EXTRA_VERSION "RC1" +#define PHP_VERSION "4.4.8RC1" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.46&r2=1.396.2.164.2.47&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.46 php-src/configure.in:1.396.2.164.2.47 --- php-src/configure.in:1.396.2.164.2.46 Thu May 3 13:50:20 2007 +++ php-src/configure.inWed Dec 19 12:50:42 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.46 2007/05/03 13:50:20 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.47 2007/12/19 12:50:42 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=8 -EXTRA_VERSION="-dev" +EXTRA_VERSION="RC1" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.244&r2=1.1247.2.920.2.245&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.244 php-src/NEWS:1.1247.2.920.2.245 --- php-src/NEWS:1.1247.2.920.2.244 Sat Oct 20 15:29:03 2007 +++ php-src/NEWSWed Dec 19 12:50:42 2007 @@ -1,6 +1,6 @@ PHP 4 NEWS ||| -?? ??? 2007, Version 4.4.8 +20 Dec 2007, Version 4.4.8RC1 - Improved fix for MOPB-02-2007. (Ilia) - Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/gd/libgd gd.c
pajoye Sat Oct 20 15:29:04 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/gd/libgd gd.c Log: - #43010, Fixed regression in imagearc with two equivelent angles http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.243&r2=1.1247.2.920.2.244&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.243 php-src/NEWS:1.1247.2.920.2.244 --- php-src/NEWS:1.1247.2.920.2.243 Tue Jul 10 20:26:50 2007 +++ php-src/NEWSSat Oct 20 15:29:03 2007 @@ -14,6 +14,8 @@ open_basedir or safe_mode is active (Stas) - Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Stas, Maksymilian Arciemowicz) +- Fixed bug #43010 (Fixed regression in imagearc with two equivelent angles) + (Pierre) - Fixed bug #41765 (Recode crashes/does not work on amd64) (nexus at smoula dot net, Stas) - Fixed bug #41630 (segfault when an invalid color index is present in http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd.c?r1=1.24.2.36.2.2&r2=1.24.2.36.2.3&diff_format=u Index: php-src/ext/gd/libgd/gd.c diff -u php-src/ext/gd/libgd/gd.c:1.24.2.36.2.2 php-src/ext/gd/libgd/gd.c:1.24.2.36.2.3 --- php-src/ext/gd/libgd/gd.c:1.24.2.36.2.2 Sat Apr 14 17:38:38 2007 +++ php-src/ext/gd/libgd/gd.c Sat Oct 20 15:29:04 2007 @@ -1607,20 +1607,28 @@ int lx = 0, ly = 0; int fx = 0, fy = 0; - if (s > 360) { - s = s % 360; - } + if ((s % 360) == (e % 360)) { + s = 0; e = 360; + } else { + if (s > 360) { + s = s % 360; + } - if (e > 360) { - e = e % 360; - } + if (e > 360) { + e = e % 360; + } - while (s<0) { - s += 360; - } + while (s < 0) { + s += 360; + } - while (e < s) { - e += 360; + while (e < s) { + e += 360; + } + + if (s == e) { + s = 0; e = 360; + } } for (i = s; i <= e; i++) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasTue Jul 10 20:26:50 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: add CVE ref http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.242&r2=1.1247.2.920.2.243&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.242 php-src/NEWS:1.1247.2.920.2.243 --- php-src/NEWS:1.1247.2.920.2.242 Tue Jul 10 20:16:32 2007 +++ php-src/NEWSTue Jul 10 20:26:50 2007 @@ -13,7 +13,7 @@ - Fixed INFILE LOCAL option handling with MySQL - now not allowed when open_basedir or safe_mode is active (Stas) - Fixed session.save_path and error_log values to be checked against - open_basedir and safe_mode (Stas, Maksymilian Arciemowicz) + open_basedir and safe_mode (CVE-2007-3378) (Stas, Maksymilian Arciemowicz) - Fixed bug #41765 (Recode crashes/does not work on amd64) (nexus at smoula dot net, Stas) - Fixed bug #41630 (segfault when an invalid color index is present in -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasTue Jul 10 20:16:33 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: report fix http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.241&r2=1.1247.2.920.2.242&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.241 php-src/NEWS:1.1247.2.920.2.242 --- php-src/NEWS:1.1247.2.920.2.241 Fri Jun 22 12:28:05 2007 +++ php-src/NEWSTue Jul 10 20:16:32 2007 @@ -12,6 +12,8 @@ input variables. Fix for MOPB-03-2007. (Stas) - Fixed INFILE LOCAL option handling with MySQL - now not allowed when open_basedir or safe_mode is active (Stas) +- Fixed session.save_path and error_log values to be checked against + open_basedir and safe_mode (Stas, Maksymilian Arciemowicz) - Fixed bug #41765 (Recode crashes/does not work on amd64) (nexus at smoula dot net, Stas) - Fixed bug #41630 (segfault when an invalid color index is present in -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard dir.c /ext/standard/tests/file bug41655_1.phpt bug41655_2.phpt
pajoye Fri Jun 22 12:28:06 2007 UTC Added files: (Branch: PHP_4_4) /php-src/ext/standard/tests/filebug41655_1.phpt bug41655_2.phpt Modified files: /php-srcNEWS /php-src/ext/standard dir.c Log: - fix build - fix regression in glob introduced by #41655 fix and add test cases http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.240&r2=1.1247.2.920.2.241&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.240 php-src/NEWS:1.1247.2.920.2.241 --- php-src/NEWS:1.1247.2.920.2.240 Fri Jun 22 00:10:27 2007 +++ php-src/NEWSFri Jun 22 12:28:05 2007 @@ -5,6 +5,8 @@ - Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. (Ilia) - Fixed integer overlow in str[c]spn(). (Stas) +- Fixed regression in glob when open_basedir is on introduced by #41655 fix + (Pierre) - Fixed money_format() not to accept multiple %i or %n tokens. (Stas, Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.109.2.18.2.6&r2=1.109.2.18.2.7&diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.109.2.18.2.6 php-src/ext/standard/dir.c:1.109.2.18.2.7 --- php-src/ext/standard/dir.c:1.109.2.18.2.6 Tue Jun 12 13:48:02 2007 +++ php-src/ext/standard/dir.c Fri Jun 22 12:28:06 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: dir.c,v 1.109.2.18.2.6 2007/06/12 13:48:02 scottmac Exp $ */ +/* $Id: dir.c,v 1.109.2.18.2.7 2007/06/22 12:28:06 pajoye Exp $ */ /* {{{ includes/startup/misc */ @@ -384,19 +384,18 @@ #endif if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { - size_t base_len = php_dirname(pattern, strlen(pattern)); - char pos = pattern[base_len]; + char *dirname = estrdup(pattern); + php_dirname(dirname, strlen(dirname)); - pattern[base_len] = '\0'; - - if (PG(safe_mode) && (!php_checkuid(pattern, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + if (PG(safe_mode) && (!php_checkuid(dirname, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + efree(dirname); RETURN_FALSE; } - if (php_check_open_basedir(pattern TSRMLS_CC)) { + if (php_check_open_basedir(dirname TSRMLS_CC)) { + efree(dirname); RETURN_FALSE; } - - pattern[base_len] = pos; + efree(dirname); } globbuf.gl_offs = 0; http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug41655_1.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/file/bug41655_1.phpt +++ php-src/ext/standard/tests/file/bug41655_1.phpt http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug41655_2.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/file/bug41655_2.phpt +++ php-src/ext/standard/tests/file/bug41655_2.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard dir.c
Hi Ilia, Derick, On 6/22/07, Derick Rethans <[EMAIL PROTECTED]> wrote: On Tue, 12 Jun 2007, Ilia Alshanetsky wrote: > iliaa Tue Jun 12 12:56:17 2007 UTC > > Modified files: (Branch: PHP_4_4) > /php-src NEWS > /php-src/ext/standard dir.c > Log: > > MFB: Fixed bug #41655 (open_basedir bypass via glob()) This commit breaks the compile on: gcc (GCC) 4.1.2 (Ubuntu 4.1.2-0ubuntu4) gcc (GCC) 4.1.3 20070601 (prerelease) (Debian 4.1.2-12) with the following error: /home/derick/dev/php/php-4.4dev/ext/standard/dir.c: In function 'zif_glob': /home/derick/dev/php/php-4.4dev/ext/standard/dir.c:387: error: void value not ignored as it ought to be make: *** [ext/standard/dir.lo] Error 1 php 5+'s php_dirname works in place without altering the path. That's not the case in 4.x. Only choice is to duplicate it before calling dirname. http://pecl.php.net/~pierre/41655.4_4.patch.txt is a possible fix. I did not test it directly (make test passes :). I only fixed my build :D hth, --Pierre -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard dir.c
On Tue, 12 Jun 2007, Ilia Alshanetsky wrote: > iliaa Tue Jun 12 12:56:17 2007 UTC > > Modified files: (Branch: PHP_4_4) > /php-src NEWS > /php-src/ext/standard dir.c > Log: > > MFB: Fixed bug #41655 (open_basedir bypass via glob()) This commit breaks the compile on: gcc (GCC) 4.1.2 (Ubuntu 4.1.2-0ubuntu4) gcc (GCC) 4.1.3 20070601 (prerelease) (Debian 4.1.2-12) with the following error: /home/derick/dev/php/php-4.4dev/ext/standard/dir.c: In function ‘zif_glob’: /home/derick/dev/php/php-4.4dev/ext/standard/dir.c:387: error: void value not ignored as it ought to be make: *** [ext/standard/dir.lo] Error 1 > > http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.236&r2=1.1247.2.920.2.237&diff_format=u > Index: php-src/NEWS > diff -u php-src/NEWS:1.1247.2.920.2.236 php-src/NEWS:1.1247.2.920.2.237 > --- php-src/NEWS:1.1247.2.920.2.236 Mon Jun 11 20:19:53 2007 > +++ php-src/NEWS Tue Jun 12 12:56:17 2007 > @@ -29,8 +29,8 @@ > - Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre) > - Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf >function). (Kees Cook, Pierre) > -- Fixed bug #41527 (WDDX deserialize numeric string array key). (php_lists > - at realplain dot com, Ilia) > +- Fixed bug #41655 (open_basedir bypass via glob()). (Ilia) > +- Fixed bug #41527 (WDDX deserialize numeric string array key). (Matt, Ilia) > - Fixed bug #41252 (Calling mcrypt_generic without first calling >mcrypt_generic_init crashes). (Derick) > - Fixed bug #40998 (long session array keys are truncated). (Tony) > http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.109.2.18.2.4&r2=1.109.2.18.2.5&diff_format=u > Index: php-src/ext/standard/dir.c > diff -u php-src/ext/standard/dir.c:1.109.2.18.2.4 > php-src/ext/standard/dir.c:1.109.2.18.2.5 > --- php-src/ext/standard/dir.c:1.109.2.18.2.4 Mon Jan 1 09:46:47 2007 > +++ php-src/ext/standard/dir.cTue Jun 12 12:56:17 2007 > @@ -16,7 +16,7 @@ > +--+ > */ > > -/* $Id: dir.c,v 1.109.2.18.2.4 2007/01/01 09:46:47 sebastian Exp $ */ > +/* $Id: dir.c,v 1.109.2.18.2.5 2007/06/12 12:56:17 iliaa Exp $ */ > > /* {{{ includes/startup/misc */ > > @@ -24,6 +24,7 @@ > #include "fopen_wrappers.h" > #include "file.h" > #include "php_dir.h" > +#include "php_string.h" > > #ifdef HAVE_DIRENT_H > # include > @@ -349,7 +350,6 @@ > Find pathnames matching a pattern */ > PHP_FUNCTION(glob) > { > - char cwd[MAXPATHLEN]; > int cwd_skip = 0; > #ifdef ZTS > char work_pattern[MAXPATHLEN]; > @@ -382,6 +382,22 @@ > } > #endif > > + if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { > + size_t base_len = php_dirname(pattern, strlen(pattern)); > + char pos = pattern[base_len]; > + > + pattern[base_len] = '\0'; > + > + if (PG(safe_mode) && (!php_checkuid(pattern, NULL, > CHECKUID_CHECK_FILE_AND_DIR))) { > + RETURN_FALSE; > + } > + if (php_check_open_basedir(pattern TSRMLS_CC)) { > + RETURN_FALSE; > + } > + > + pattern[base_len] = pos; > + } > + > globbuf.gl_offs = 0; > if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) { > #ifdef GLOB_NOMATCH > @@ -403,16 +419,6 @@ > return; > } > > - /* we assume that any glob pattern will match files from one directory > only > -so checking the dirname of the first match should be sufficient */ > - strncpy(cwd, globbuf.gl_pathv[0], MAXPATHLEN); > - if (PG(safe_mode) && (!php_checkuid(cwd, NULL, > CHECKUID_CHECK_FILE_AND_DIR))) { > - RETURN_FALSE; > - } > - if (php_check_open_basedir(cwd TSRMLS_CC)) { > - RETURN_FALSE; > - } > - > array_init(return_value); > for (n = 0; n < globbuf.gl_pathc; n++) { > /* we need to this everytime since GLOB_ONLYDIR does not > guarantee that > > -- Derick Rethans http://derickrethans.nl | http://ez.no | http://xdebug.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasFri Jun 22 00:10:27 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: Fixed bug #41765 (Recode crashes/does not work on amd64) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.239&r2=1.1247.2.920.2.240&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.239 php-src/NEWS:1.1247.2.920.2.240 --- php-src/NEWS:1.1247.2.920.2.239 Mon Jun 18 22:03:32 2007 +++ php-src/NEWSFri Jun 22 00:10:27 2007 @@ -10,6 +10,8 @@ input variables. Fix for MOPB-03-2007. (Stas) - Fixed INFILE LOCAL option handling with MySQL - now not allowed when open_basedir or safe_mode is active (Stas) +- Fixed bug #41765 (Recode crashes/does not work on amd64) + (nexus at smoula dot net, Stas) - Fixed bug #41630 (segfault when an invalid color index is present in the image data). (Reported by Elliot <[EMAIL PROTECTED] dot com>) (Pierre) - Fixed bug #41628 (PHP settings leak between Virtual Hosts in -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasMon Jun 18 22:03:32 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: mysql fix http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.238&r2=1.1247.2.920.2.239&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.238 php-src/NEWS:1.1247.2.920.2.239 --- php-src/NEWS:1.1247.2.920.2.238 Mon Jun 18 15:53:15 2007 +++ php-src/NEWSMon Jun 18 22:03:32 2007 @@ -8,6 +8,8 @@ - Fixed money_format() not to accept multiple %i or %n tokens. (Stas, Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) +- Fixed INFILE LOCAL option handling with MySQL - now not allowed when + open_basedir or safe_mode is active (Stas) - Fixed bug #41630 (segfault when an invalid color index is present in the image data). (Reported by Elliot <[EMAIL PROTECTED] dot com>) (Pierre) - Fixed bug #41628 (PHP settings leak between Virtual Hosts in -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /sapi/apache mod_php4.c
scottmacMon Jun 18 15:53:15 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/sapi/apachemod_php4.c Log: MFB: Fixed bug #41628 (PHP settings leak between Virtual Hosts in Apache 1.3). http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.237&r2=1.1247.2.920.2.238&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.237 php-src/NEWS:1.1247.2.920.2.238 --- php-src/NEWS:1.1247.2.920.2.237 Tue Jun 12 12:56:17 2007 +++ php-src/NEWSMon Jun 18 15:53:15 2007 @@ -10,6 +10,8 @@ input variables. Fix for MOPB-03-2007. (Stas) - Fixed bug #41630 (segfault when an invalid color index is present in the image data). (Reported by Elliot <[EMAIL PROTECTED] dot com>) (Pierre) +- Fixed bug #41628 (PHP settings leak between Virtual Hosts in + Apache 1.3). (Scott, manuel at mausz dot at) - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) 04 May 2007, Version 4.4.7 http://cvs.php.net/viewvc.cgi/php-src/sapi/apache/mod_php4.c?r1=1.146.2.15.2.4&r2=1.146.2.15.2.5&diff_format=u Index: php-src/sapi/apache/mod_php4.c diff -u php-src/sapi/apache/mod_php4.c:1.146.2.15.2.4 php-src/sapi/apache/mod_php4.c:1.146.2.15.2.5 --- php-src/sapi/apache/mod_php4.c:1.146.2.15.2.4 Mon Jan 1 09:46:51 2007 +++ php-src/sapi/apache/mod_php4.c Mon Jun 18 15:53:15 2007 @@ -17,7 +17,7 @@ | PHP 4.0 patches by Zeev Suraski <[EMAIL PROTECTED]> | +--+ */ -/* $Id: mod_php4.c,v 1.146.2.15.2.4 2007/01/01 09:46:51 sebastian Exp $ */ +/* $Id: mod_php4.c,v 1.146.2.15.2.5 2007/06/18 15:53:15 scottmac Exp $ */ #include "php_apache_http.h" #include "http_conf_globals.h" @@ -728,9 +728,15 @@ */ static void *php_merge_dir(pool *p, void *basev, void *addv) { - /* This function *must* return addv, and not modify basev */ - zend_hash_merge_ex((HashTable *) addv, (HashTable *) basev, (copy_ctor_func_t) copy_per_dir_entry, sizeof(php_per_dir_entry), (zend_bool (*)(void *, void *)) should_overwrite_per_dir_entry); - return addv; + /* This function *must* not modify addv or basev */ + HashTable *new; + + /* need a copy of addv to merge */ + new = php_create_dir(p, "php_merge_dir"); + zend_hash_copy(new, (HashTable *) addv, (copy_ctor_func_t) copy_per_dir_entry, NULL, sizeof(php_per_dir_entry)); + + zend_hash_merge_ex(new, (HashTable *) basev, (copy_ctor_func_t) copy_per_dir_entry, sizeof(php_per_dir_entry), (zend_bool (*)(void *, void *)) should_overwrite_per_dir_entry); + return new; } /* }}} */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard dir.c
iliaa Tue Jun 12 12:56:17 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/standard dir.c Log: MFB: Fixed bug #41655 (open_basedir bypass via glob()) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.236&r2=1.1247.2.920.2.237&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.236 php-src/NEWS:1.1247.2.920.2.237 --- php-src/NEWS:1.1247.2.920.2.236 Mon Jun 11 20:19:53 2007 +++ php-src/NEWSTue Jun 12 12:56:17 2007 @@ -29,8 +29,8 @@ - Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre) - Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf function). (Kees Cook, Pierre) -- Fixed bug #41527 (WDDX deserialize numeric string array key). (php_lists - at realplain dot com, Ilia) +- Fixed bug #41655 (open_basedir bypass via glob()). (Ilia) +- Fixed bug #41527 (WDDX deserialize numeric string array key). (Matt, Ilia) - Fixed bug #41252 (Calling mcrypt_generic without first calling mcrypt_generic_init crashes). (Derick) - Fixed bug #40998 (long session array keys are truncated). (Tony) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.109.2.18.2.4&r2=1.109.2.18.2.5&diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.109.2.18.2.4 php-src/ext/standard/dir.c:1.109.2.18.2.5 --- php-src/ext/standard/dir.c:1.109.2.18.2.4 Mon Jan 1 09:46:47 2007 +++ php-src/ext/standard/dir.c Tue Jun 12 12:56:17 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: dir.c,v 1.109.2.18.2.4 2007/01/01 09:46:47 sebastian Exp $ */ +/* $Id: dir.c,v 1.109.2.18.2.5 2007/06/12 12:56:17 iliaa Exp $ */ /* {{{ includes/startup/misc */ @@ -24,6 +24,7 @@ #include "fopen_wrappers.h" #include "file.h" #include "php_dir.h" +#include "php_string.h" #ifdef HAVE_DIRENT_H # include @@ -349,7 +350,6 @@ Find pathnames matching a pattern */ PHP_FUNCTION(glob) { - char cwd[MAXPATHLEN]; int cwd_skip = 0; #ifdef ZTS char work_pattern[MAXPATHLEN]; @@ -382,6 +382,22 @@ } #endif + if (PG(safe_mode) || (PG(open_basedir) && *PG(open_basedir))) { + size_t base_len = php_dirname(pattern, strlen(pattern)); + char pos = pattern[base_len]; + + pattern[base_len] = '\0'; + + if (PG(safe_mode) && (!php_checkuid(pattern, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { + RETURN_FALSE; + } + if (php_check_open_basedir(pattern TSRMLS_CC)) { + RETURN_FALSE; + } + + pattern[base_len] = pos; + } + globbuf.gl_offs = 0; if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) { #ifdef GLOB_NOMATCH @@ -403,16 +419,6 @@ return; } - /* we assume that any glob pattern will match files from one directory only - so checking the dirname of the first match should be sufficient */ - strncpy(cwd, globbuf.gl_pathv[0], MAXPATHLEN); - if (PG(safe_mode) && (!php_checkuid(cwd, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { - RETURN_FALSE; - } - if (php_check_open_basedir(cwd TSRMLS_CC)) { - RETURN_FALSE; - } - array_init(return_value); for (n = 0; n < globbuf.gl_pathc; n++) { /* we need to this everytime since GLOB_ONLYDIR does not guarantee that -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
sniper Mon Jun 11 20:19:54 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: Human readable.. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.235&r2=1.1247.2.920.2.236&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.235 php-src/NEWS:1.1247.2.920.2.236 --- php-src/NEWS:1.1247.2.920.2.235 Mon Jun 11 18:40:43 2007 +++ php-src/NEWSMon Jun 11 20:19:53 2007 @@ -1,16 +1,17 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.8 -- Improved fix for MOPB-02-2007 (Ilia) -- Fixed an interger overflow inside chunk_split(), identified by Gerhard - Wagner (Ilia) -- Fixed integer overlow in str[c]spn() (Stas) -- Fixed UMR in money_format() (Stas, Ilia) +- Improved fix for MOPB-02-2007. (Ilia) +- Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. + (Ilia) +- Fixed integer overlow in str[c]spn(). (Stas) +- Fixed money_format() not to accept multiple %i or %n tokens. (Stas, Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) - Fixed bug #41630 (segfault when an invalid color index is present in the image data). (Reported by Elliot <[EMAIL PROTECTED] dot com>) (Pierre) - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) + 04 May 2007, Version 4.4.7 - Fixed libgd #86 (Fixed possible infinite loop in imagecreatefrompng) (Reported by Xavier Roche) (Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasMon Jun 11 18:40:43 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: record fixes http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.234&r2=1.1247.2.920.2.235&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.234 php-src/NEWS:1.1247.2.920.2.235 --- php-src/NEWS:1.1247.2.920.2.234 Mon Jun 11 15:20:56 2007 +++ php-src/NEWSMon Jun 11 18:40:43 2007 @@ -4,6 +4,8 @@ - Improved fix for MOPB-02-2007 (Ilia) - Fixed an interger overflow inside chunk_split(), identified by Gerhard Wagner (Ilia) +- Fixed integer overlow in str[c]spn() (Stas) +- Fixed UMR in money_format() (Stas, Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) - Fixed bug #41630 (segfault when an invalid color index is present in -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/wddx wddx.c /ext/wddx/tests bug41527.phpt
iliaa Mon Jun 11 15:20:56 2007 UTC Added files: (Branch: PHP_4_4) /php-src/ext/wddx/tests bug41527.phpt Modified files: /php-srcNEWS /php-src/ext/wddx wddx.c Log: MFB: WDDX deserialize numeric string array key http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.233&r2=1.1247.2.920.2.234&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.233 php-src/NEWS:1.1247.2.920.2.234 --- php-src/NEWS:1.1247.2.920.2.233 Fri Jun 8 05:31:01 2007 +++ php-src/NEWSMon Jun 11 15:20:56 2007 @@ -26,6 +26,8 @@ - Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre) - Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf function). (Kees Cook, Pierre) +- Fixed bug #41527 (WDDX deserialize numeric string array key). (php_lists + at realplain dot com, Ilia) - Fixed bug #41252 (Calling mcrypt_generic without first calling mcrypt_generic_init crashes). (Derick) - Fixed bug #40998 (long session array keys are truncated). (Tony) http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.96.2.6.2.10&r2=1.96.2.6.2.11&diff_format=u Index: php-src/ext/wddx/wddx.c diff -u php-src/ext/wddx/wddx.c:1.96.2.6.2.10 php-src/ext/wddx/wddx.c:1.96.2.6.2.11 --- php-src/ext/wddx/wddx.c:1.96.2.6.2.10 Tue Jan 9 15:21:08 2007 +++ php-src/ext/wddx/wddx.c Mon Jun 11 15:20:56 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: wddx.c,v 1.96.2.6.2.10 2007/01/09 15:21:08 iliaa Exp $ */ +/* $Id: wddx.c,v 1.96.2.6.2.11 2007/06/11 15:20:56 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -986,22 +986,7 @@ /* Clean up class name var entry */ zval_ptr_dtor(&ent1->data); } else { - long l; - double d; - - switch (is_numeric_string(ent1->varname, strlen(ent1->varname), &l, &d, 0)) { - case IS_DOUBLE: - if (d > INT_MAX) { - goto bigint; - } - l = (long) d; - case IS_LONG: - zend_hash_index_update(target_hash, l, &ent1->data, sizeof(zval *), NULL); - break; - default: -bigint: - zend_hash_update(target_hash,ent1->varname, strlen(ent1->varname)+1, &ent1->data, sizeof(zval *), NULL); - } + zend_hash_update(target_hash, ent1->varname, strlen(ent1->varname)+1, &ent1->data, sizeof(zval *), NULL); } efree(ent1->varname); } else { http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/tests/bug41527.phpt?view=markup&rev=1.1 Index: php-src/ext/wddx/tests/bug41527.phpt +++ php-src/ext/wddx/tests/bug41527.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/gd/libgd gd_gif_in.c
pajoye Fri Jun 8 05:31:02 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/gd/libgd gd_gif_in.c Log: - MFH:#41630, segfault when an invalid color index is present in the image data http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.232&r2=1.1247.2.920.2.233&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.232 php-src/NEWS:1.1247.2.920.2.233 --- php-src/NEWS:1.1247.2.920.2.232 Sun Jun 3 16:29:24 2007 +++ php-src/NEWSFri Jun 8 05:31:01 2007 @@ -6,8 +6,9 @@ Wagner (Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) +- Fixed bug #41630 (segfault when an invalid color index is present in + the image data). (Reported by Elliot <[EMAIL PROTECTED] dot com>) (Pierre) - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) - 04 May 2007, Version 4.4.7 - Fixed libgd #86 (Fixed possible infinite loop in imagecreatefrompng) (Reported by Xavier Roche) (Pierre) http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?r1=1.2.2.2.6.3&r2=1.2.2.2.6.4&diff_format=u Index: php-src/ext/gd/libgd/gd_gif_in.c diff -u php-src/ext/gd/libgd/gd_gif_in.c:1.2.2.2.6.3 php-src/ext/gd/libgd/gd_gif_in.c:1.2.2.2.6.4 --- php-src/ext/gd/libgd/gd_gif_in.c:1.2.2.2.6.3Mon Jul 17 15:19:16 2006 +++ php-src/ext/gd/libgd/gd_gif_in.cFri Jun 8 05:31:02 2007 @@ -550,6 +550,9 @@ /*} */ while ((v = LWZReadByte(fd,FALSE,c)) >= 0 ) { + if (v >= gdMaxColors) { + v = 0; + } /* This how we recognize which colors are actually used. */ if (im->open[v]) { im->open[v] = 0; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /main php_variables.c /tests/basic 027.phpt
iliaa Sun Jun 3 16:29:24 2007 UTC Added files: (Branch: PHP_4_4) /php-src/tests/basic027.phpt Modified files: /php-srcNEWS /php-src/main php_variables.c Log: MFB: Improved fix for MOPB-02-2007 http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.231&r2=1.1247.2.920.2.232&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.231 php-src/NEWS:1.1247.2.920.2.232 --- php-src/NEWS:1.1247.2.920.2.231 Wed May 30 00:35:41 2007 +++ php-src/NEWSSun Jun 3 16:29:24 2007 @@ -1,6 +1,7 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.8 +- Improved fix for MOPB-02-2007 (Ilia) - Fixed an interger overflow inside chunk_split(), identified by Gerhard Wagner (Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.45.2.13.2.11&r2=1.45.2.13.2.12&diff_format=u Index: php-src/main/php_variables.c diff -u php-src/main/php_variables.c:1.45.2.13.2.11 php-src/main/php_variables.c:1.45.2.13.2.12 --- php-src/main/php_variables.c:1.45.2.13.2.11 Tue May 22 18:16:38 2007 +++ php-src/main/php_variables.cSun Jun 3 16:29:24 2007 @@ -16,7 +16,7 @@ | Zeev Suraski <[EMAIL PROTECTED]>| +--+ */ -/* $Id: php_variables.c,v 1.45.2.13.2.11 2007/05/22 18:16:38 stas Exp $ */ +/* $Id: php_variables.c,v 1.45.2.13.2.12 2007/06/03 16:29:24 iliaa Exp $ */ #include #include "php.h" @@ -130,8 +130,22 @@ int new_idx_len = 0; if(++nest_level > PG(max_input_nesting_level)) { - /* too many levels of nesting */ - php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variable nesting level more than allowed %d (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level)); + HashTable *ht; + /* too many levels of nesting */ + + if (track_vars_array) { + ht = Z_ARRVAL_P(track_vars_array); + } else if (PG(register_globals)) { + ht = EG(active_symbol_table); + } + + zend_hash_del(ht, var, var_len + 1); + zval_dtor(val); + + if (!PG(display_errors)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variable nesting level more than allowed %ld (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level)); + } + return; } ip++; index_s = ip; @@ -146,9 +160,9 @@ /* PHP variables cannot contain '[' in their names, so we replace the character with a '_' */ *(index_s - 1) = '_'; - index_len = var_len = 0; + index_len = 0; if (index) { - index_len = var_len = strlen(index); + index_len = strlen(index); } goto plain_var; return; http://cvs.php.net/viewvc.cgi/php-src/tests/basic/027.phpt?view=markup&rev=1.1 Index: php-src/tests/basic/027.phpt +++ php-src/tests/basic/027.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard string.c /ext/standard/tests/strings chunk_split.phpt
iliaa Wed May 30 00:35:41 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/standard/tests/strings chunk_split.phpt /php-src/ext/standard string.c Log: MFH: Fixed an interger overflow inside chunk_split(), identified by Gerhard Wagner http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.230&r2=1.1247.2.920.2.231&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.230 php-src/NEWS:1.1247.2.920.2.231 --- php-src/NEWS:1.1247.2.920.2.230 Sun May 27 14:53:37 2007 +++ php-src/NEWSWed May 30 00:35:41 2007 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.8 +- Fixed an interger overflow inside chunk_split(), identified by Gerhard + Wagner (Ilia) - Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. (Stas) - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/strings/chunk_split.phpt?r1=1.1.2.1&r2=1.1.2.1.2.1&diff_format=u Index: php-src/ext/standard/tests/strings/chunk_split.phpt diff -u php-src/ext/standard/tests/strings/chunk_split.phpt:1.1.2.1 php-src/ext/standard/tests/strings/chunk_split.phpt:1.1.2.1.2.1 --- php-src/ext/standard/tests/strings/chunk_split.phpt:1.1.2.1 Sun Apr 3 18:09:55 2005 +++ php-src/ext/standard/tests/strings/chunk_split.phpt Wed May 30 00:35:41 2007 @@ -8,6 +8,12 @@ echo chunk_split('f', 5)."\n"; echo chunk_split(str_repeat('X', 2*76))."\n"; echo chunk_split("test", 10, "|end") . "\n"; + +$a=str_repeat("B", 65535); +$b=1; +$c=str_repeat("B", 65535); +var_dump(chunk_split($a,$b,$c)); + ?> --EXPECT-- a-b-c- @@ -20,3 +26,4 @@ test|end +bool(false) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.333.2.52.2.13&r2=1.333.2.52.2.14&diff_format=u Index: php-src/ext/standard/string.c diff -u php-src/ext/standard/string.c:1.333.2.52.2.13 php-src/ext/standard/string.c:1.333.2.52.2.14 --- php-src/ext/standard/string.c:1.333.2.52.2.13 Thu May 24 21:31:05 2007 +++ php-src/ext/standard/string.c Wed May 30 00:35:41 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: string.c,v 1.333.2.52.2.13 2007/05/24 21:31:05 rasmus Exp $ */ +/* $Id: string.c,v 1.333.2.52.2.14 2007/05/30 00:35:41 iliaa Exp $ */ /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */ @@ -1511,11 +1511,18 @@ char *p, *q; int chunks; /* complete chunks! */ int restlen; + int out_len; chunks = srclen / chunklen; restlen = srclen - chunks * chunklen; /* srclen % chunklen */ - dest = safe_emalloc(sizeof(char), (srclen + (chunks + 1) * endlen + 1), 0); + out_len = (srclen + (chunks + 1) * endlen + 1); + + if (out_len > INT_MAX || out_len <= 0) { + return NULL; + } + + dest = safe_emalloc(out_len, sizeof(char), 0); for (p = src, q = dest; p < (src + srclen - chunklen + 1); ) { memcpy(q, p, chunklen); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
sniper Sun May 27 14:53:37 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: fix news http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.229&r2=1.1247.2.920.2.230&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.229 php-src/NEWS:1.1247.2.920.2.230 --- php-src/NEWS:1.1247.2.920.2.229 Wed May 23 11:32:59 2007 +++ php-src/NEWSSun May 27 14:53:37 2007 @@ -1,8 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.8 -- Limit nesting level of input variables with max_input_nesting_level - as fix for MOPB-03-2007. (Stas) +- Addded "max_input_nesting_level" php.ini option to limit nesting level of + input variables. Fix for MOPB-03-2007. (Stas) - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) 04 May 2007, Version 4.4.7 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS php.ini-dist php.ini-recommended
bjori Wed May 23 11:32:59 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS php.ini-recommended php.ini-dist Log: note on max_input_nesting_level http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.228&r2=1.1247.2.920.2.229&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.228 php-src/NEWS:1.1247.2.920.2.229 --- php-src/NEWS:1.1247.2.920.2.228 Wed May 16 22:54:11 2007 +++ php-src/NEWSWed May 23 11:32:59 2007 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.8 +- Limit nesting level of input variables with max_input_nesting_level + as fix for MOPB-03-2007. (Stas) - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) 04 May 2007, Version 4.4.7 http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?r1=1.119.2.25.2.3&r2=1.119.2.25.2.4&diff_format=u Index: php-src/php.ini-recommended diff -u php-src/php.ini-recommended:1.119.2.25.2.3 php-src/php.ini-recommended:1.119.2.25.2.4 --- php-src/php.ini-recommended:1.119.2.25.2.3 Fri Dec 30 17:19:43 2005 +++ php-src/php.ini-recommended Wed May 23 11:32:59 2007 @@ -243,6 +243,7 @@ max_execution_time = 30 ; Maximum execution time of each script, in seconds max_input_time = 60; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 500 ; Maximum input variable nesting level memory_limit = 8M ; Maximum amount of memory a script may consume (8MB) http://cvs.php.net/viewvc.cgi/php-src/php.ini-dist?r1=1.171.2.28.2.3&r2=1.171.2.28.2.4&diff_format=u Index: php-src/php.ini-dist diff -u php-src/php.ini-dist:1.171.2.28.2.3 php-src/php.ini-dist:1.171.2.28.2.4 --- php-src/php.ini-dist:1.171.2.28.2.3 Fri Dec 30 17:19:43 2005 +++ php-src/php.ini-distWed May 23 11:32:59 2007 @@ -229,6 +229,7 @@ max_execution_time = 30 ; Maximum execution time of each script, in seconds max_input_time = 60; Maximum amount of time each script may spend parsing request data +;max_input_nesting_level = 500 ; Maximum input variable nesting level memory_limit = 8M ; Maximum amount of memory a script may consume (8MB) ;; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/gd/libgd gd_png.c
pajoye Wed May 16 22:54:11 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/gd/libgd gd_png.c Log: - MFH: libgd #86: Fixed possible infinite loop in libgd/gd_png.c, fix test (Reported by Xavier Roche) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.227&r2=1.1247.2.920.2.228&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.227 php-src/NEWS:1.1247.2.920.2.228 --- php-src/NEWS:1.1247.2.920.2.227 Tue May 8 18:00:37 2007 +++ php-src/NEWSWed May 16 22:54:11 2007 @@ -4,6 +4,8 @@ - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) 04 May 2007, Version 4.4.7 +- Fixed libgd #86 (Fixed possible infinite loop in imagecreatefrompng) + (Reported by Xavier Roche) (Pierre) - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) - Fixed MOPB-26-2007 (mb_parse_str() can be used to activate http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_png.c?r1=1.4.2.7&r2=1.4.2.7.4.1&diff_format=u Index: php-src/ext/gd/libgd/gd_png.c diff -u php-src/ext/gd/libgd/gd_png.c:1.4.2.7 php-src/ext/gd/libgd/gd_png.c:1.4.2.7.4.1 --- php-src/ext/gd/libgd/gd_png.c:1.4.2.7 Mon Mar 29 18:21:00 2004 +++ php-src/ext/gd/libgd/gd_png.c Wed May 16 22:54:11 2007 @@ -71,7 +71,11 @@ static void gdPngReadData (png_structp png_ptr, png_bytep data, png_size_t length) { - gdGetBuf(data, length, (gdIOCtx *) png_get_io_ptr(png_ptr)); + int check; + check = gdGetBuf(data, length, (gdIOCtx *) png_get_io_ptr(png_ptr)); + if (check != length) { + png_error(png_ptr, "Read Error: truncated data"); + } } static void gdPngWriteData (png_structp png_ptr, png_bytep data, png_size_t length) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/openssl openssl.c
tony2001Tue May 8 18:00:37 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/opensslopenssl.c Log: fix #38798 (OpenSSL init corrected in php5 but not in php4) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.226&r2=1.1247.2.920.2.227&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.226 php-src/NEWS:1.1247.2.920.2.227 --- php-src/NEWS:1.1247.2.920.2.226 Thu May 3 13:50:20 2007 +++ php-src/NEWSTue May 8 18:00:37 2007 @@ -1,6 +1,7 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.8 +- Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony) 04 May 2007, Version 4.4.7 - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.52.2.23.2.2&r2=1.52.2.23.2.3&diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.52.2.23.2.2 php-src/ext/openssl/openssl.c:1.52.2.23.2.3 --- php-src/ext/openssl/openssl.c:1.52.2.23.2.2 Mon Jan 1 09:46:45 2007 +++ php-src/ext/openssl/openssl.c Tue May 8 18:00:37 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: openssl.c,v 1.52.2.23.2.2 2007/01/01 09:46:45 sebastian Exp $ */ +/* $Id: openssl.c,v 1.52.2.23.2.3 2007/05/08 18:00:37 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -560,6 +560,7 @@ le_x509 = zend_register_list_destructors_ex(php_x509_free, NULL, "OpenSSL X.509", module_number); le_csr = zend_register_list_destructors_ex(php_csr_free, NULL, "OpenSSL X.509 CSR", module_number); + SSL_library_init(); OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); OpenSSL_add_all_algorithms(); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Thu May 3 13:50:21 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Back to dev. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.41&r2=1.66.2.81.2.42&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.41 php-src/main/php_version.h:1.66.2.81.2.42 --- php-src/main/php_version.h:1.66.2.81.2.41 Thu May 3 13:49:17 2007 +++ php-src/main/php_version.h Thu May 3 13:50:20 2007 @@ -2,6 +2,6 @@ /* edit configure.in to change version number */ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 -#define PHP_RELEASE_VERSION 7 -#define PHP_EXTRA_VERSION "" -#define PHP_VERSION "4.4.7" +#define PHP_RELEASE_VERSION 8 +#define PHP_EXTRA_VERSION "-dev" +#define PHP_VERSION "4.4.8-dev" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.45&r2=1.396.2.164.2.46&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.45 php-src/configure.in:1.396.2.164.2.46 --- php-src/configure.in:1.396.2.164.2.45 Thu May 3 13:49:17 2007 +++ php-src/configure.inThu May 3 13:50:20 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.45 2007/05/03 13:49:17 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.46 2007/05/03 13:50:20 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -37,8 +37,8 @@ MAJOR_VERSION=4 MINOR_VERSION=4 -RELEASE_VERSION=7 -EXTRA_VERSION="" +RELEASE_VERSION=8 +EXTRA_VERSION="-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.225&r2=1.1247.2.920.2.226&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.225 php-src/NEWS:1.1247.2.920.2.226 --- php-src/NEWS:1.1247.2.920.2.225 Thu May 3 13:49:17 2007 +++ php-src/NEWSThu May 3 13:50:20 2007 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? ??? 2007, Version 4.4.8 + 04 May 2007, Version 4.4.7 - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Thu May 3 13:49:18 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - 4.4.7 preparations. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.40&r2=1.66.2.81.2.41&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.40 php-src/main/php_version.h:1.66.2.81.2.41 --- php-src/main/php_version.h:1.66.2.81.2.40 Wed Apr 11 06:13:02 2007 +++ php-src/main/php_version.h Thu May 3 13:49:17 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 7 -#define PHP_EXTRA_VERSION "RC2-dev" -#define PHP_VERSION "4.4.7RC2-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "4.4.7" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.44&r2=1.396.2.164.2.45&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.44 php-src/configure.in:1.396.2.164.2.45 --- php-src/configure.in:1.396.2.164.2.44 Wed Apr 11 06:13:02 2007 +++ php-src/configure.inThu May 3 13:49:17 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.44 2007/04/11 06:13:02 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.45 2007/05/03 13:49:17 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=7 -EXTRA_VERSION="RC2-dev" +EXTRA_VERSION="" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.224&r2=1.1247.2.920.2.225&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.224 php-src/NEWS:1.1247.2.920.2.225 --- php-src/NEWS:1.1247.2.920.2.224 Tue May 1 16:07:37 2007 +++ php-src/NEWSThu May 3 13:49:17 2007 @@ -1,14 +1,6 @@ PHP 4 NEWS ||| -?? ??? 2007, Version 4.4.7 -- Fixed bug #41252 (Calling mcrypt_generic without first calling - mcrypt_generic_init crashes). (Derick) -- Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST) - (patch by [EMAIL PROTECTED]) -- Fixed huge CPU usage in imagearc when used with large angles (libgd bug #74). - (Pierre) - -11 Apr 2007, Version 4.4.7RC1 +04 May 2007, Version 4.4.7 - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) - Fixed MOPB-26-2007 (mb_parse_str() can be used to activate @@ -23,12 +15,18 @@ - Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre) - Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf function). (Kees Cook, Pierre) +- Fixed bug #41252 (Calling mcrypt_generic without first calling + mcrypt_generic_init crashes). (Derick) - Fixed bug #40998 (long session array keys are truncated). (Tony) - Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony) - Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused handle). (Tony) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) +- Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST) + (patch by [EMAIL PROTECTED]) +- Fixed huge CPU usage in imagearc when used with large angles (libgd bug #74). + (Pierre) - Fixed CRLF injection inside ftp_putcmd(). (Ilia) 28 Feb 2007, Version 4.4.6 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/mcrypt mcrypt.c /ext/mcrypt/tests bug41252.phpt
derick Tue May 1 16:07:37 2007 UTC Added files: (Branch: PHP_4_4) /php-src/ext/mcrypt/tests bug41252.phpt Modified files: /php-srcNEWS /php-src/ext/mcrypt mcrypt.c Log: - Fixed bug #41252 (Calling mcrypt_generic without first calling mcrypt_generic_init crashes). http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.223&r2=1.1247.2.920.2.224&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.223 php-src/NEWS:1.1247.2.920.2.224 --- php-src/NEWS:1.1247.2.920.2.223 Sat Apr 14 17:38:38 2007 +++ php-src/NEWSTue May 1 16:07:37 2007 @@ -1,10 +1,12 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 -- Fixed bug #38236 (binary data gets corrupted on multipart/formdata POST) +- Fixed bug #41252 (Calling mcrypt_generic without first calling + mcrypt_generic_init crashes). (Derick) +- Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST) (patch by [EMAIL PROTECTED]) -- Fixed huge CPU usage in imagearc when used with large angles (Pierre) - (libgd bug #74) +- Fixed huge CPU usage in imagearc when used with large angles (libgd bug #74). + (Pierre) 11 Apr 2007, Version 4.4.7RC1 - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) @@ -30,7 +32,6 @@ - Fixed CRLF injection inside ftp_putcmd(). (Ilia) 28 Feb 2007, Version 4.4.6 - - Updated PCRE to version 7.0. (Nuno) - Fixed segfault in ext/session when register_globals=On. (Tony) - Fixed bug #40635 (segfault in cURL extension). (Tony) http://cvs.php.net/viewvc.cgi/php-src/ext/mcrypt/mcrypt.c?r1=1.77.4.7.4.2&r2=1.77.4.7.4.3&diff_format=u Index: php-src/ext/mcrypt/mcrypt.c diff -u php-src/ext/mcrypt/mcrypt.c:1.77.4.7.4.2 php-src/ext/mcrypt/mcrypt.c:1.77.4.7.4.3 --- php-src/ext/mcrypt/mcrypt.c:1.77.4.7.4.2Mon Jan 1 09:46:44 2007 +++ php-src/ext/mcrypt/mcrypt.c Tue May 1 16:07:37 2007 @@ -16,7 +16,7 @@ | Derick Rethans <[EMAIL PROTECTED]>| +--+ */ -/* $Id: mcrypt.c,v 1.77.4.7.4.2 2007/01/01 09:46:44 sebastian Exp $ */ +/* $Id: mcrypt.c,v 1.77.4.7.4.3 2007/05/01 16:07:37 derick Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -38,6 +38,10 @@ static int le_mcrypt; +typedef struct _php_mcrypt { + MCRYPT td; + zend_bool init; +} php_mcrypt; function_entry mcrypt_functions[] = { PHP_FE(mcrypt_ecb, NULL) @@ -208,10 +212,12 @@ } #define MCRYPT_GET_TD_ARG \ + zval **mcryptind; \ + php_mcrypt *pm; \ if (ZEND_NUM_ARGS() != 1 || zend_get_parameters_ex(1, &mcryptind) == FAILURE) { \ WRONG_PARAM_COUNT \ } \ - ZEND_FETCH_RESOURCE (td, MCRYPT, mcryptind, -1, "MCrypt", le_mcrypt); + ZEND_FETCH_RESOURCE (pm, php_mcrypt *, mcryptind, -1, "MCrypt", le_mcrypt); #define MCRYPT_GET_MODE_DIR_ARGS(DIRECTORY) \ char *dir = NULL; \ @@ -240,6 +246,12 @@ #define MCRYPT_ENTRY2_4(a) MCRYPT_ENTRY_NAMED(a, a) #endif +#define PHP_MCRYPT_INIT_CHECK \ + if (!pm->init) {\ + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Operation disallowed prior to mcrypt_generic_init().");\ + RETURN_FALSE; \ + } \ + #if HAVE_LIBMCRYPT24 PHP_INI_BEGIN() STD_PHP_INI_ENTRY("mcrypt.algorithms_dir", NULL, PHP_INI_ALL, OnUpdateString, algorithms_dir, zend_mcrypt_globals, mcrypt_globals) @@ -250,9 +262,13 @@ static void php_mcrypt_module_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC) { #if HAVE_LIBMCRYPT24 - MCRYPT td = (MCRYPT) rsrc->ptr; - mcrypt_generic_deinit(td); - mcrypt_module_close (td); + php_mcrypt *pm = (php_mcrypt *) rsrc->ptr; + if (pm) { + mcrypt_generic_deinit(pm->td); + mcrypt_module_close(pm->td); + efree(pm); + pm = NULL; + } #endif } @@ -427,6 +443,7 @@ int cipher_len, cipher_dir_len; int mode_len, mode_dir_len; MCRYPT td; +
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/gd/libgd gd.c
pajoye Sat Apr 14 17:38:38 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/gd/libgd gd.c Log: - MFH: libgd #74, gdImageFilledArc, huge CPU usage with large angles http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.222&r2=1.1247.2.920.2.223&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.222 php-src/NEWS:1.1247.2.920.2.223 --- php-src/NEWS:1.1247.2.920.2.222 Fri Apr 13 00:55:48 2007 +++ php-src/NEWSSat Apr 14 17:38:38 2007 @@ -3,7 +3,9 @@ ?? ??? 2007, Version 4.4.7 - Fixed bug #38236 (binary data gets corrupted on multipart/formdata POST) (patch by [EMAIL PROTECTED]) - +- Fixed huge CPU usage in imagearc when used with large angles (Pierre) + (libgd bug #74) + 11 Apr 2007, Version 4.4.7RC1 - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd.c?r1=1.24.2.36.2.1&r2=1.24.2.36.2.2&diff_format=u Index: php-src/ext/gd/libgd/gd.c diff -u php-src/ext/gd/libgd/gd.c:1.24.2.36.2.1 php-src/ext/gd/libgd/gd.c:1.24.2.36.2.2 --- php-src/ext/gd/libgd/gd.c:1.24.2.36.2.1 Fri Sep 30 21:05:04 2005 +++ php-src/ext/gd/libgd/gd.c Sat Apr 14 17:38:38 2007 @@ -1607,6 +1607,14 @@ int lx = 0, ly = 0; int fx = 0, fy = 0; + if (s > 360) { + s = s % 360; + } + + if (e > 360) { + e = e % 360; + } + while (s<0) { s += 360; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasFri Apr 13 00:55:48 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: fix for #38236 http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.221&r2=1.1247.2.920.2.222&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.221 php-src/NEWS:1.1247.2.920.2.222 --- php-src/NEWS:1.1247.2.920.2.221 Wed Apr 11 06:13:02 2007 +++ php-src/NEWSFri Apr 13 00:55:48 2007 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 +- Fixed bug #38236 (binary data gets corrupted on multipart/formdata POST) + (patch by [EMAIL PROTECTED]) 11 Apr 2007, Version 4.4.7RC1 - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Wed Apr 11 06:13:02 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Back to -dev. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.39&r2=1.66.2.81.2.40&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.39 php-src/main/php_version.h:1.66.2.81.2.40 --- php-src/main/php_version.h:1.66.2.81.2.39 Wed Apr 11 06:11:50 2007 +++ php-src/main/php_version.h Wed Apr 11 06:13:02 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 7 -#define PHP_EXTRA_VERSION "RC1" -#define PHP_VERSION "4.4.7RC1" +#define PHP_EXTRA_VERSION "RC2-dev" +#define PHP_VERSION "4.4.7RC2-dev" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.43&r2=1.396.2.164.2.44&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.43 php-src/configure.in:1.396.2.164.2.44 --- php-src/configure.in:1.396.2.164.2.43 Wed Apr 11 06:11:51 2007 +++ php-src/configure.inWed Apr 11 06:13:02 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.43 2007/04/11 06:11:51 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.44 2007/04/11 06:13:02 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=7 -EXTRA_VERSION="RC1" +EXTRA_VERSION="RC2-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.220&r2=1.1247.2.920.2.221&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.220 php-src/NEWS:1.1247.2.920.2.221 --- php-src/NEWS:1.1247.2.920.2.220 Wed Apr 11 06:11:51 2007 +++ php-src/NEWSWed Apr 11 06:13:02 2007 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? ??? 2007, Version 4.4.7 + 11 Apr 2007, Version 4.4.7RC1 - Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Wed Apr 11 06:11:51 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - 4.4.7RC1. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.38&r2=1.66.2.81.2.39&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.38 php-src/main/php_version.h:1.66.2.81.2.39 --- php-src/main/php_version.h:1.66.2.81.2.38 Wed Feb 28 18:26:31 2007 +++ php-src/main/php_version.h Wed Apr 11 06:11:50 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 7 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "4.4.7-dev" +#define PHP_EXTRA_VERSION "RC1" +#define PHP_VERSION "4.4.7RC1" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.42&r2=1.396.2.164.2.43&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.42 php-src/configure.in:1.396.2.164.2.43 --- php-src/configure.in:1.396.2.164.2.42 Wed Feb 28 18:26:31 2007 +++ php-src/configure.inWed Apr 11 06:11:51 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.42 2007/02/28 18:26:31 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.43 2007/04/11 06:11:51 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=7 -EXTRA_VERSION="-dev" +EXTRA_VERSION="RC1" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.219&r2=1.1247.2.920.2.220&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.219 php-src/NEWS:1.1247.2.920.2.220 --- php-src/NEWS:1.1247.2.920.2.219 Wed Apr 4 19:52:25 2007 +++ php-src/NEWSWed Apr 11 06:11:51 2007 @@ -1,27 +1,27 @@ PHP 4 NEWS ||| -?? ??? 2007, Version 4.4.7 -- Fixed MOPB-33-2007 PHP mail() Message ASCIIZ Byte Truncation. (Ilia) -- Fixed CRLF injection inside ftp_putcmd(). (Ilia) +11 Apr 2007, Version 4.4.7RC1 +- Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) -- Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the - compress.bzip2 wraper. (Ilia) -- Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. - (Ilia) -- Fixed MOPB-26-2007 mb_parse_str() can be used to activate - register_globals. (Ilia) -- Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) -- Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf - function) (Kees Cook, Pierre) +- Fixed MOPB-26-2007 (mb_parse_str() can be used to activate + register_globals). (Ilia) +- Fixed MOPB-24-2007 (Fixed unallocated memory access/double free in in + array_user_key_compare()). (Stas) +- Fixed MOPB-22-2007 (PHP session_regenerate_id() Double Free Vulnerability). + (Ilia) +- Fixed MOPB-21-2007 (An open_basedir/safe_mode bypass inside the + compress.bzip2 wraper). (Ilia) +- Fixed MOPB-8-2007 (XSS in phpinfo()). (Joe Orton, Stas) +- Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre) +- Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf + function). (Kees Cook, Pierre) - Fixed bug #40998 (long session array keys are truncated). (Tony) - Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony) -- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused +- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused handle). (Tony) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) -- Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) -- Fixed unallocated memory access/double free in in array_user_key_compare() - (MOPB-24 by Stefan Esser) (Stas) +- Fixed CRLF injection inside ftp_putcmd(). (Ilia) 28 Feb 2007, Version 4.4.6 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/session session.c
tony2001Wed Apr 4 19:52:26 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/sessionsession.c Log: MFH: fix #40998 (long session array keys are truncated) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.218&r2=1.1247.2.920.2.219&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.218 php-src/NEWS:1.1247.2.920.2.219 --- php-src/NEWS:1.1247.2.920.2.218 Tue Mar 27 00:14:16 2007 +++ php-src/NEWSWed Apr 4 19:52:25 2007 @@ -13,6 +13,7 @@ - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf function) (Kees Cook, Pierre) +- Fixed bug #40998 (long session array keys are truncated). (Tony) - Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony) - Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused handle). (Tony) http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.336.2.53.2.16&r2=1.336.2.53.2.17&diff_format=u Index: php-src/ext/session/session.c diff -u php-src/ext/session/session.c:1.336.2.53.2.16 php-src/ext/session/session.c:1.336.2.53.2.17 --- php-src/ext/session/session.c:1.336.2.53.2.16 Sun Mar 25 14:33:53 2007 +++ php-src/ext/session/session.c Wed Apr 4 19:52:26 2007 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: session.c,v 1.336.2.53.2.16 2007/03/25 14:33:53 iliaa Exp $ */ +/* $Id: session.c,v 1.336.2.53.2.17 2007/04/04 19:52:26 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -480,7 +480,7 @@ PHP_VAR_SERIALIZE_INIT(var_hash); PS_ENCODE_LOOP( - smart_str_appendl(&buf, key, (unsigned char) key_length); + smart_str_appendl(&buf, key, key_length); if (memchr(key, PS_DELIMITER, key_length)) { PHP_VAR_SERIALIZE_DESTROY(var_hash); smart_str_free(&buf); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard mail.c
iliaa Tue Mar 27 00:14:17 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/standard mail.c /php-srcNEWS Log: MFB: MOPB-33-2007:PHP mail() Message ASCIIZ Byte Truncation http://cvs.php.net/viewvc.cgi/php-src/ext/standard/mail.c?r1=1.66.2.12.4.3&r2=1.66.2.12.4.4&diff_format=u Index: php-src/ext/standard/mail.c diff -u php-src/ext/standard/mail.c:1.66.2.12.4.3 php-src/ext/standard/mail.c:1.66.2.12.4.4 --- php-src/ext/standard/mail.c:1.66.2.12.4.3 Mon Jan 1 09:46:48 2007 +++ php-src/ext/standard/mail.c Tue Mar 27 00:14:16 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: mail.c,v 1.66.2.12.4.3 2007/01/01 09:46:48 sebastian Exp $ */ +/* $Id: mail.c,v 1.66.2.12.4.4 2007/03/27 00:14:16 iliaa Exp $ */ #include #include @@ -55,6 +55,14 @@ continue; \ } \ +#define MAIL_ASCIIZ_CHECK(str, len)\ + p = str;\ + e = p + len;\ + while (p = memchr(p, '\0', (e - p))) { \ + *p = ' '; \ + } \ + + /* {{{ proto int ezmlm_hash(string addr) Calculate EZMLM list hash value. */ PHP_FUNCTION(ezmlm_hash) @@ -87,6 +95,7 @@ int to_len, message_len, headers_len; int subject_len, extra_cmd_len, i; char *to_r, *subject_r; + char *p, *e; if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The fifth parameter is disabled in SAFE MODE."); @@ -103,6 +112,17 @@ return; } + /* ASCIIZ check */ + MAIL_ASCIIZ_CHECK(to, to_len); + MAIL_ASCIIZ_CHECK(subject, subject_len); + MAIL_ASCIIZ_CHECK(message, message_len); + if (headers) { + MAIL_ASCIIZ_CHECK(headers, headers_len); + } + if (extra_cmd) { + MAIL_ASCIIZ_CHECK(extra_cmd, extra_cmd_len); + } + if (to_len > 0) { to_r = estrndup(to, to_len); for (; to_len; to_len--) { @@ -147,7 +167,7 @@ if (extra_cmd) { extra_cmd = php_escape_shell_cmd(extra_cmd); } - + if (php_mail(to_r, subject_r, message, headers, extra_cmd TSRMLS_CC)) { RETVAL_TRUE; } else { http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.217&r2=1.1247.2.920.2.218&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.217 php-src/NEWS:1.1247.2.920.2.218 --- php-src/NEWS:1.1247.2.920.2.217 Mon Mar 26 11:19:37 2007 +++ php-src/NEWSTue Mar 27 00:14:16 2007 @@ -1,6 +1,7 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 +- Fixed MOPB-33-2007 PHP mail() Message ASCIIZ Byte Truncation. (Ilia) - Fixed CRLF injection inside ftp_putcmd(). (Ilia) - Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) - Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /main php_variables.c
tony2001Mon Mar 26 11:19:37 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/main php_variables.c Log: revert by request of Derick http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.216&r2=1.1247.2.920.2.217&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.216 php-src/NEWS:1.1247.2.920.2.217 --- php-src/NEWS:1.1247.2.920.2.216 Mon Mar 26 10:33:02 2007 +++ php-src/NEWSMon Mar 26 11:19:37 2007 @@ -17,7 +17,6 @@ handle). (Tony) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) -- Fixed bug #40586 (_ENV vars get escaped when magic_quotes_gpc is on). (Tony) - Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) - Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.45.2.13.2.8&r2=1.45.2.13.2.9&diff_format=u Index: php-src/main/php_variables.c diff -u php-src/main/php_variables.c:1.45.2.13.2.8 php-src/main/php_variables.c:1.45.2.13.2.9 --- php-src/main/php_variables.c:1.45.2.13.2.8 Mon Mar 26 10:33:03 2007 +++ php-src/main/php_variables.cMon Mar 26 11:19:37 2007 @@ -16,7 +16,7 @@ | Zeev Suraski <[EMAIL PROTECTED]>| +--+ */ -/* $Id: php_variables.c,v 1.45.2.13.2.8 2007/03/26 10:33:03 tony2001 Exp $ */ +/* $Id: php_variables.c,v 1.45.2.13.2.9 2007/03/26 11:19:37 tony2001 Exp $ */ #include #include "php.h" @@ -351,8 +351,6 @@ void _php_import_environment_variables(zval *array_ptr TSRMLS_DC) { char **env, *p, *t; - int magic_quotes_gpc = PG(magic_quotes_gpc); - PG(magic_quotes_gpc) = 0; for (env = environ; env != NULL && *env != NULL; env++) { p = strchr(*env, '='); @@ -363,7 +361,6 @@ php_register_variable(t, p+1, array_ptr TSRMLS_CC); efree(t); } - PG(magic_quotes_gpc) = magic_quotes_gpc; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /main php_variables.c
tony2001Mon Mar 26 10:33:03 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/main php_variables.c Log: fix #40586 (_ENV vars get escaped when magic_quotes_gpc is on) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.215&r2=1.1247.2.920.2.216&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.215 php-src/NEWS:1.1247.2.920.2.216 --- php-src/NEWS:1.1247.2.920.2.215 Mon Mar 26 10:28:28 2007 +++ php-src/NEWSMon Mar 26 10:33:02 2007 @@ -17,6 +17,7 @@ handle). (Tony) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) +- Fixed bug #40586 (_ENV vars get escaped when magic_quotes_gpc is on). (Tony) - Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) - Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.45.2.13.2.7&r2=1.45.2.13.2.8&diff_format=u Index: php-src/main/php_variables.c diff -u php-src/main/php_variables.c:1.45.2.13.2.7 php-src/main/php_variables.c:1.45.2.13.2.8 --- php-src/main/php_variables.c:1.45.2.13.2.7 Mon Jan 1 09:46:50 2007 +++ php-src/main/php_variables.cMon Mar 26 10:33:03 2007 @@ -16,7 +16,7 @@ | Zeev Suraski <[EMAIL PROTECTED]>| +--+ */ -/* $Id: php_variables.c,v 1.45.2.13.2.7 2007/01/01 09:46:50 sebastian Exp $ */ +/* $Id: php_variables.c,v 1.45.2.13.2.8 2007/03/26 10:33:03 tony2001 Exp $ */ #include #include "php.h" @@ -351,6 +351,8 @@ void _php_import_environment_variables(zval *array_ptr TSRMLS_DC) { char **env, *p, *t; + int magic_quotes_gpc = PG(magic_quotes_gpc); + PG(magic_quotes_gpc) = 0; for (env = environ; env != NULL && *env != NULL; env++) { p = strchr(*env, '='); @@ -361,6 +363,7 @@ php_register_variable(t, p+1, array_ptr TSRMLS_CC); efree(t); } + PG(magic_quotes_gpc) = magic_quotes_gpc; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard string.c
tony2001Mon Mar 26 10:28:29 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/standard string.c Log: MFH: fix #40915 (addcslashes unexpected behavior with binary input) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.214&r2=1.1247.2.920.2.215&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.214 php-src/NEWS:1.1247.2.920.2.215 --- php-src/NEWS:1.1247.2.920.2.214 Sun Mar 25 15:27:51 2007 +++ php-src/NEWSMon Mar 26 10:28:28 2007 @@ -12,6 +12,7 @@ - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf function) (Kees Cook, Pierre) +- Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony) - Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused handle). (Tony) - Fixed bug #40747 (possible crash in session when save_path is out of http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.333.2.52.2.10&r2=1.333.2.52.2.11&diff_format=u Index: php-src/ext/standard/string.c diff -u php-src/ext/standard/string.c:1.333.2.52.2.10 php-src/ext/standard/string.c:1.333.2.52.2.11 --- php-src/ext/standard/string.c:1.333.2.52.2.10 Thu Feb 15 09:31:01 2007 +++ php-src/ext/standard/string.c Mon Mar 26 10:28:28 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: string.c,v 1.333.2.52.2.10 2007/02/15 09:31:01 tony2001 Exp $ */ +/* $Id: string.c,v 1.333.2.52.2.11 2007/03/26 10:28:28 tony2001 Exp $ */ /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */ @@ -2220,11 +2220,8 @@ RETURN_STRINGL(Z_STRVAL_PP(str), Z_STRLEN_PP(str), 1); } - RETURN_STRING(php_addcslashes(Z_STRVAL_PP(str), - Z_STRLEN_PP(str), - &Z_STRLEN_P(return_value), 0, - Z_STRVAL_PP(what), - Z_STRLEN_PP(what) TSRMLS_CC), 0); + Z_STRVAL_P(return_value) = php_addcslashes(Z_STRVAL_PP(str), Z_STRLEN_PP(str), &Z_STRLEN_P(return_value), 0, Z_STRVAL_PP(what), Z_STRLEN_PP(what) TSRMLS_CC); + RETURN_STRINGL(Z_STRVAL_P(return_value), Z_STRLEN_P(return_value), 0); } /* }}} */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
iliaa Sun Mar 25 15:27:51 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: Bug fixes http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.213&r2=1.1247.2.920.2.214&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.213 php-src/NEWS:1.1247.2.920.2.214 --- php-src/NEWS:1.1247.2.920.2.213 Sun Mar 18 17:19:30 2007 +++ php-src/NEWSSun Mar 25 15:27:51 2007 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 +- Fixed CRLF injection inside ftp_putcmd(). (Ilia) +- Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia) - Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the compress.bzip2 wraper. (Ilia) - Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/mbstring mbstring.c
iliaa Sun Mar 18 17:19:30 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/mbstring mbstring.c /php-srcNEWS Log: MFB: Fixed MOPB-26-2007 mb_parse_str() can be used to activate register_globals http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/mbstring.c?r1=1.142.2.47.2.19&r2=1.142.2.47.2.20&diff_format=u Index: php-src/ext/mbstring/mbstring.c diff -u php-src/ext/mbstring/mbstring.c:1.142.2.47.2.19 php-src/ext/mbstring/mbstring.c:1.142.2.47.2.20 --- php-src/ext/mbstring/mbstring.c:1.142.2.47.2.19 Thu Dec 21 17:28:57 2006 +++ php-src/ext/mbstring/mbstring.c Sun Mar 18 17:19:30 2007 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: mbstring.c,v 1.142.2.47.2.19 2006/12/21 17:28:57 masugata Exp $ */ +/* $Id: mbstring.c,v 1.142.2.47.2.20 2007/03/18 17:19:30 iliaa Exp $ */ /* * PHP4 Multibyte String module "mbstring" @@ -1954,9 +1954,9 @@ string.no_encoding = from_encoding; old_rg = PG(register_globals); if (argc == 1) { - PG(register_globals) = 1; + zend_alter_ini_entry("register_globals", sizeof("register_globals"), "1", sizeof("1")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME); } else { - PG(register_globals) = 0; + zend_alter_ini_entry("register_globals", sizeof("register_globals"), "0", sizeof("0")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME); } n = 0; while (n < num) { @@ -1985,7 +1985,11 @@ mbfl_string_clear(&resvar); mbfl_string_clear(&resval); } - PG(register_globals) = old_rg; + if (old_rg) { + zend_alter_ini_entry("register_globals", sizeof("register_globals"), "1", sizeof("1")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME); + } else { + zend_alter_ini_entry("register_globals", sizeof("register_globals"), "0", sizeof("0")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME); + } if (convd != NULL) { MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd); http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.212&r2=1.1247.2.920.2.213&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.212 php-src/NEWS:1.1247.2.920.2.213 --- php-src/NEWS:1.1247.2.920.2.212 Fri Mar 16 21:48:08 2007 +++ php-src/NEWSSun Mar 18 17:19:30 2007 @@ -5,6 +5,8 @@ compress.bzip2 wraper. (Ilia) - Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. (Ilia) +- Fixed MOPB-26-2007 mb_parse_str() can be used to activate + register_globals. (Ilia) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf function) (Kees Cook, Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasFri Mar 16 21:48:08 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: clarify http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.211&r2=1.1247.2.920.2.212&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.211 php-src/NEWS:1.1247.2.920.2.212 --- php-src/NEWS:1.1247.2.920.2.211 Fri Mar 16 20:09:26 2007 +++ php-src/NEWSFri Mar 16 21:48:08 2007 @@ -13,7 +13,8 @@ - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) - Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) -- Fixed UMR in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) +- Fixed unallocated memory access/double free in in array_user_key_compare() + (MOPB-24 by Stefan Esser) (Stas) 28 Feb 2007, Version 4.4.6 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
On Fri, 16 Mar 2007, Stanislav Malyshev wrote: > stas Fri Mar 16 20:09:27 2007 UTC > > Modified files: (Branch: PHP_4_4) > /php-src NEWS > Log: > fix for mopb-24 > > > http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.210&r2=1.1247.2.920.2.211&diff_format=u > Index: php-src/NEWS > diff -u php-src/NEWS:1.1247.2.920.2.210 php-src/NEWS:1.1247.2.920.2.211 > --- php-src/NEWS:1.1247.2.920.2.210 Thu Mar 15 23:19:21 2007 > +++ php-src/NEWS Fri Mar 16 20:09:26 2007 > @@ -13,6 +13,7 @@ > - Fixed bug #40747 (possible crash in session when save_path is out of >open_basedir). (Tony) > - Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) > +- Fixed UMR in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) Could you please clarify what UMR is in the NEWS file? regards, Derick -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasFri Mar 16 20:09:27 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: fix for mopb-24 http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.210&r2=1.1247.2.920.2.211&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.210 php-src/NEWS:1.1247.2.920.2.211 --- php-src/NEWS:1.1247.2.920.2.210 Thu Mar 15 23:19:21 2007 +++ php-src/NEWSFri Mar 16 20:09:26 2007 @@ -13,6 +13,7 @@ - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) - Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) +- Fixed UMR in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) 28 Feb 2007, Version 4.4.6 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/curl curl.c
tony2001Thu Mar 15 23:19:22 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/curl curl.c Log: fix #40831 (cURL extension doesn't clean up the buffer of reused handle) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.209&r2=1.1247.2.920.2.210&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.209 php-src/NEWS:1.1247.2.920.2.210 --- php-src/NEWS:1.1247.2.920.2.209 Wed Mar 14 19:42:59 2007 +++ php-src/NEWSThu Mar 15 23:19:21 2007 @@ -8,6 +8,8 @@ - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf function) (Kees Cook, Pierre) +- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused + handle). (Tony) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) - Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) http://cvs.php.net/viewvc.cgi/php-src/ext/curl/curl.c?r1=1.124.2.30.2.18&r2=1.124.2.30.2.19&diff_format=u Index: php-src/ext/curl/curl.c diff -u php-src/ext/curl/curl.c:1.124.2.30.2.18 php-src/ext/curl/curl.c:1.124.2.30.2.19 --- php-src/ext/curl/curl.c:1.124.2.30.2.18 Mon Feb 26 09:14:41 2007 +++ php-src/ext/curl/curl.c Thu Mar 15 23:19:21 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: curl.c,v 1.124.2.30.2.18 2007/02/26 09:14:41 tony2001 Exp $ */ +/* $Id: curl.c,v 1.124.2.30.2.19 2007/03/15 23:19:21 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1262,10 +1262,6 @@ static void cleanup_handle(php_curl *ch) { - if (ch->uses < 1) { - return; - } - if (ch->handlers->write->buf.len > 0) { smart_str_free(&ch->handlers->write->buf); ch->handlers->write->buf.len = 0; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/session session.c
iliaa Wed Mar 14 19:42:59 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/sessionsession.c /php-srcNEWS Log: MFB: Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.336.2.53.2.14&r2=1.336.2.53.2.15&diff_format=u Index: php-src/ext/session/session.c diff -u php-src/ext/session/session.c:1.336.2.53.2.14 php-src/ext/session/session.c:1.336.2.53.2.15 --- php-src/ext/session/session.c:1.336.2.53.2.14 Thu Feb 15 09:41:30 2007 +++ php-src/ext/session/session.c Wed Mar 14 19:42:59 2007 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: session.c,v 1.336.2.53.2.14 2007/02/15 09:41:30 tony2001 Exp $ */ +/* $Id: session.c,v 1.336.2.53.2.15 2007/03/14 19:42:59 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1396,7 +1396,10 @@ RETURN_FALSE; } if (PS(session_status) == php_session_active) { - if (PS(id)) efree(PS(id)); + if (PS(id)) { + efree(PS(id)); + PS(id) = NULL; + } PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC); @@ -1688,6 +1691,7 @@ } if (PS(id)) { efree(PS(id)); + PS(id) = NULL; } PS(session_status)=php_session_none; } http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.208&r2=1.1247.2.920.2.209&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.208 php-src/NEWS:1.1247.2.920.2.209 --- php-src/NEWS:1.1247.2.920.2.208 Wed Mar 14 16:20:11 2007 +++ php-src/NEWSWed Mar 14 19:42:59 2007 @@ -3,6 +3,8 @@ ?? ??? 2007, Version 4.4.7 - Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the compress.bzip2 wraper. (Ilia) +- Fixed MOPB-22-2007 PHP session_regenerate_id() Double Free Vulnerability. + (Ilia) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf function) (Kees Cook, Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
stasWed Mar 14 16:20:11 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: mopb 8 fix http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.207&r2=1.1247.2.920.2.208&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.207 php-src/NEWS:1.1247.2.920.2.208 --- php-src/NEWS:1.1247.2.920.2.207 Wed Mar 14 15:06:13 2007 +++ php-src/NEWSWed Mar 14 16:20:11 2007 @@ -8,6 +8,7 @@ function) (Kees Cook, Pierre) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) +- Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas) 28 Feb 2007, Version 4.4.6 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
pajoye Wed Mar 14 15:06:14 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: - add summary of the CVE http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.206&r2=1.1247.2.920.2.207&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.206 php-src/NEWS:1.1247.2.920.2.207 --- php-src/NEWS:1.1247.2.920.2.206 Wed Mar 14 14:49:28 2007 +++ php-src/NEWSWed Mar 14 15:06:13 2007 @@ -4,7 +4,8 @@ - Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the compress.bzip2 wraper. (Ilia) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) -- Fixed CVE-2007-0455 (Kees Cook, Pierre) +- Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf + function) (Kees Cook, Pierre) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
iliaa Wed Mar 14 14:49:29 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: Bug fixing news http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.205&r2=1.1247.2.920.2.206&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.205 php-src/NEWS:1.1247.2.920.2.206 --- php-src/NEWS:1.1247.2.920.2.205 Sat Mar 10 13:07:44 2007 +++ php-src/NEWSWed Mar 14 14:49:28 2007 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 +- Fixed MOPB-21-2007 An open_basedir/safe_mode bypass inside the + compress.bzip2 wraper. (Ilia) - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed CVE-2007-0455 (Kees Cook, Pierre) - Fixed bug #40747 (possible crash in session when save_path is out of -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
On Sat, 10 Mar 2007, Pierre-Alain Joye wrote: > pajoyeSat Mar 10 13:07:45 2007 UTC > > Modified files: (Branch: PHP_4_4) > /php-src NEWS > Log: > - NEWS entry for the ft cve > > > http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.204&r2=1.1247.2.920.2.205&diff_format=u > Index: php-src/NEWS > diff -u php-src/NEWS:1.1247.2.920.2.204 php-src/NEWS:1.1247.2.920.2.205 > --- php-src/NEWS:1.1247.2.920.2.204 Sat Mar 10 13:06:37 2007 > +++ php-src/NEWS Sat Mar 10 13:07:44 2007 > @@ -2,6 +2,7 @@ > > ||| > ?? ??? 2007, Version 4.4.7 > - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) > +- Fixed CVE-2007-0455 (Kees Cook, Pierre) Could you please add a short description of what was actually broken/fixed. Just the CVE name is too annoying for users (as they most likely have no clue what it is, or look up what the problem was). regards, Derick -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
pajoye Sat Mar 10 13:07:45 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: - NEWS entry for the ft cve http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.204&r2=1.1247.2.920.2.205&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.204 php-src/NEWS:1.1247.2.920.2.205 --- php-src/NEWS:1.1247.2.920.2.204 Sat Mar 10 13:06:37 2007 +++ php-src/NEWSSat Mar 10 13:07:44 2007 @@ -2,6 +2,7 @@ ||| ?? ??? 2007, Version 4.4.7 - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) +- Fixed CVE-2007-0455 (Kees Cook, Pierre) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/gd config.m4 gd.dsp /ext/gd/libgd gd_security.c gdhelpers.h wbmp.c /ext/gd/tests createfromwbmp2.phpt
pajoye Sat Mar 10 13:06:38 2007 UTC Added files: (Branch: PHP_4_4) /php-src/ext/gd/libgd gd_security.c /php-src/ext/gd/tests createfromwbmp2.phpt Modified files: /php-srcNEWS /php-src/ext/gd/libgd gdhelpers.h wbmp.c /php-src/ext/gd config.m4 gd.dsp Log: - MFH: CVE-2007-1001, integer overflow with invalid wbmp images http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.203&r2=1.1247.2.920.2.204&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.203 php-src/NEWS:1.1247.2.920.2.204 --- php-src/NEWS:1.1247.2.920.2.203 Fri Mar 9 10:29:33 2007 +++ php-src/NEWSSat Mar 10 13:06:37 2007 @@ -1,6 +1,7 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 +- Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) - Fixed bug #40747 (possible crash in session when save_path is out of open_basedir). (Tony) http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gdhelpers.h?r1=1.2.2.3&r2=1.2.2.3.4.1&diff_format=u Index: php-src/ext/gd/libgd/gdhelpers.h diff -u php-src/ext/gd/libgd/gdhelpers.h:1.2.2.3 php-src/ext/gd/libgd/gdhelpers.h:1.2.2.3.4.1 --- php-src/ext/gd/libgd/gdhelpers.h:1.2.2.3Thu Dec 25 22:33:03 2003 +++ php-src/ext/gd/libgd/gdhelpers.hSat Mar 10 13:06:37 2007 @@ -21,6 +21,13 @@ #define gdPFree(ptr) pefree(ptr, 1) #define gdPEstrdup(ptr)pestrdup(ptr, 1) +/* Returns nonzero if multiplying the two quantities will + result in integer overflow. Also returns nonzero if + either quantity is negative. By Phil Knirsch based on + netpbm fixes by Alan Cox. */ + +int overflow2(int a, int b); + #ifdef ZTS #define gdMutexDeclare(x) MUTEX_T x #define gdMutexSetup(x) x = tsrm_mutex_alloc() http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1&diff_format=u Index: php-src/ext/gd/libgd/wbmp.c diff -u php-src/ext/gd/libgd/wbmp.c:1.2.4.1 php-src/ext/gd/libgd/wbmp.c:1.2.4.1.8.1 --- php-src/ext/gd/libgd/wbmp.c:1.2.4.1 Fri Apr 25 00:59:03 2003 +++ php-src/ext/gd/libgd/wbmp.c Sat Mar 10 13:06:37 2007 @@ -116,6 +116,15 @@ if ((wbmp = (Wbmp *) gdMalloc (sizeof (Wbmp))) == NULL) return (NULL); + if (overflow2(sizeof (int), width)) { +gdFree(wbmp); +return NULL; + } + if (overflow2(sizeof (int) * width, height)) { +gdFree(wbmp); +return NULL; + } + if ((wbmp->bitmap = (int *) safe_emalloc(sizeof(int), (width * height), 0)) == NULL) { gdFree (wbmp); @@ -176,6 +185,13 @@ printf ("W: %d, H: %d\n", wbmp->width, wbmp->height); #endif + if (overflow2(sizeof (int), wbmp->width) || +overflow2(sizeof (int) * wbmp->width, wbmp->height)) +{ + gdFree(wbmp); + return (-1); +} + if ((wbmp->bitmap = (int *) safe_emalloc(sizeof(int), (wbmp->width * wbmp->height), 0)) == NULL) { gdFree (wbmp); http://cvs.php.net/viewvc.cgi/php-src/ext/gd/config.m4?r1=1.120.2.25&r2=1.120.2.25.2.1&diff_format=u Index: php-src/ext/gd/config.m4 diff -u php-src/ext/gd/config.m4:1.120.2.25 php-src/ext/gd/config.m4:1.120.2.25.2.1 --- php-src/ext/gd/config.m4:1.120.2.25 Tue May 17 12:23:09 2005 +++ php-src/ext/gd/config.m4Sat Mar 10 13:06:37 2007 @@ -1,5 +1,5 @@ dnl -dnl $Id: config.m4,v 1.120.2.25 2005/05/17 12:23:09 tony2001 Exp $ +dnl $Id: config.m4,v 1.120.2.25.2.1 2007/03/10 13:06:37 pajoye Exp $ dnl dnl @@ -273,7 +273,7 @@ libgd/gdxpm.c libgd/gdfontt.c libgd/gdfonts.c libgd/gdfontmb.c libgd/gdfontl.c \ libgd/gdfontg.c libgd/gdtables.c libgd/gdft.c libgd/gdcache.c libgd/gdkanji.c \ libgd/wbmp.c libgd/gd_wbmp.c libgd/gdhelpers.c libgd/gd_topal.c libgd/gd_gif_in.c \ - libgd/xbm.c libgd/gd_gif_out.c " + libgd/xbm.c libgd/gd_gif_out.c libgd/gd_security.c" dnl check for fabsf and floorf which are available since C99 AC_CHECK_FUNCS(fabsf floorf) http://cvs.php.net/viewvc.cgi/php-src/ext/gd/gd.dsp?r1=1.9.2.8&r2=1.9.2.8.2.1&diff_format=u Index: php-src/ext/gd/gd.dsp diff -u php-src/ext/gd/gd.dsp:1.9.2.8 php-src/ext/gd/gd.dsp:1.9.2.8.2.1 --- php-src/ext/gd/gd.dsp:1.9.2.8 Fri Jul 23 02:43:10 2004 +++ php-src/ext/gd/gd.dsp Sat Mar 10 13:06:37 2007 @@ -104,6 +104,10 @@ # End Source File # Begin Source File +SOURCE=.\gd_security.c +# End Source File +# Begin Source File + SOURCE=.\gdttf.c # End Source File # End Group http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_security.c?view=markup&rev=1.1 Index: php-src/ext/gd/libgd/gd_security.c +++ php-src/ext/gd/libgd/gd_security.c /* * gd_security.c * * Implements buffer overflow check routines. * * Written 2004, Phil Knirsch. * Based on netpbm fixes by Alan Cox. * */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/session mod_files.c
tony2001Fri Mar 9 10:29:33 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/sessionmod_files.c Log: fix #40747 (possible crash in session when save_path is out of open_basedir) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.202&r2=1.1247.2.920.2.203&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.202 php-src/NEWS:1.1247.2.920.2.203 --- php-src/NEWS:1.1247.2.920.2.202 Wed Feb 28 18:26:31 2007 +++ php-src/NEWSFri Mar 9 10:29:33 2007 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2007, Version 4.4.7 +- Fixed bug #40747 (possible crash in session when save_path is out of + open_basedir). (Tony) 28 Feb 2007, Version 4.4.6 http://cvs.php.net/viewvc.cgi/php-src/ext/session/mod_files.c?r1=1.83.2.9.2.7&r2=1.83.2.9.2.8&diff_format=u Index: php-src/ext/session/mod_files.c diff -u php-src/ext/session/mod_files.c:1.83.2.9.2.7 php-src/ext/session/mod_files.c:1.83.2.9.2.8 --- php-src/ext/session/mod_files.c:1.83.2.9.2.7Thu Jan 4 23:50:45 2007 +++ php-src/ext/session/mod_files.c Fri Mar 9 10:29:33 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: mod_files.c,v 1.83.2.9.2.7 2007/01/04 23:50:45 iliaa Exp $ */ +/* $Id: mod_files.c,v 1.83.2.9.2.8 2007/03/09 10:29:33 tony2001 Exp $ */ #include "php.h" @@ -239,9 +239,6 @@ ps_files *data; char *p; - data = ecalloc(sizeof(*data), 1); - PS_SET_MOD_DATA(data); - if (*save_path == '\0') { save_path = php_get_temporary_directory(); @@ -252,6 +249,9 @@ return FAILURE; } } + + data = ecalloc(sizeof(*data), 1); + PS_SET_MOD_DATA(data); data->fd = -1; if ((p = strchr(save_path, ';'))) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Wed Feb 28 18:26:31 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Back to dev. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.37&r2=1.66.2.81.2.38&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.37 php-src/main/php_version.h:1.66.2.81.2.38 --- php-src/main/php_version.h:1.66.2.81.2.37 Wed Feb 28 18:24:07 2007 +++ php-src/main/php_version.h Wed Feb 28 18:26:31 2007 @@ -2,6 +2,6 @@ /* edit configure.in to change version number */ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 -#define PHP_RELEASE_VERSION 6 -#define PHP_EXTRA_VERSION "" -#define PHP_VERSION "4.4.6" +#define PHP_RELEASE_VERSION 7 +#define PHP_EXTRA_VERSION "-dev" +#define PHP_VERSION "4.4.7-dev" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.41&r2=1.396.2.164.2.42&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.41 php-src/configure.in:1.396.2.164.2.42 --- php-src/configure.in:1.396.2.164.2.41 Wed Feb 28 18:24:08 2007 +++ php-src/configure.inWed Feb 28 18:26:31 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.41 2007/02/28 18:24:08 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.42 2007/02/28 18:26:31 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -37,8 +37,8 @@ MAJOR_VERSION=4 MINOR_VERSION=4 -RELEASE_VERSION=6 -EXTRA_VERSION="" +RELEASE_VERSION=7 +EXTRA_VERSION="-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.201&r2=1.1247.2.920.2.202&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.201 php-src/NEWS:1.1247.2.920.2.202 --- php-src/NEWS:1.1247.2.920.2.201 Wed Feb 28 18:24:08 2007 +++ php-src/NEWSWed Feb 28 18:26:31 2007 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? ??? 2007, Version 4.4.7 + 28 Feb 2007, Version 4.4.6 - Updated PCRE to version 7.0. (Nuno) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Wed Feb 28 18:24:09 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Go with 4.4.6. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.36&r2=1.66.2.81.2.37&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.36 php-src/main/php_version.h:1.66.2.81.2.37 --- php-src/main/php_version.h:1.66.2.81.2.36 Thu Feb 22 14:47:30 2007 +++ php-src/main/php_version.h Wed Feb 28 18:24:07 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 6 -#define PHP_EXTRA_VERSION "RC2-dev" -#define PHP_VERSION "4.4.6RC2-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "4.4.6" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.40&r2=1.396.2.164.2.41&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.40 php-src/configure.in:1.396.2.164.2.41 --- php-src/configure.in:1.396.2.164.2.40 Thu Feb 22 14:47:29 2007 +++ php-src/configure.inWed Feb 28 18:24:08 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.40 2007/02/22 14:47:29 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.41 2007/02/28 18:24:08 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=6 -EXTRA_VERSION="RC2-dev" +EXTRA_VERSION="" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.200&r2=1.1247.2.920.2.201&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.200 php-src/NEWS:1.1247.2.920.2.201 --- php-src/NEWS:1.1247.2.920.2.200 Mon Feb 26 09:14:40 2007 +++ php-src/NEWSWed Feb 28 18:24:08 2007 @@ -1,14 +1,11 @@ PHP 4 NEWS ||| -?? Feb 2007, Version 4.4.6 - -- Fixed bug #40635 (segfault in cURL extension). (Tony) -- Fixed bug #40611 (possible cURL memory error). (Tony) - -22 Feb 2007, Version 4.4.6RC1 +28 Feb 2007, Version 4.4.6 - Updated PCRE to version 7.0. (Nuno) - Fixed segfault in ext/session when register_globals=On. (Tony) +- Fixed bug #40635 (segfault in cURL extension). (Tony) +- Fixed bug #40611 (possible cURL memory error). (Tony) - Fixed bug #40578 (imagettftext() multithreading issue). (Tony) - Fixed bug #40502 (ext/interbase compile failure). (Tony) - Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/curl curl.c
tony2001Mon Feb 26 09:14:41 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/curl curl.c Log: fix #40635 (segfault in cURL extension) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.199&r2=1.1247.2.920.2.200&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.199 php-src/NEWS:1.1247.2.920.2.200 --- php-src/NEWS:1.1247.2.920.2.199 Fri Feb 23 20:53:23 2007 +++ php-src/NEWSMon Feb 26 09:14:40 2007 @@ -2,6 +2,7 @@ ||| ?? Feb 2007, Version 4.4.6 +- Fixed bug #40635 (segfault in cURL extension). (Tony) - Fixed bug #40611 (possible cURL memory error). (Tony) 22 Feb 2007, Version 4.4.6RC1 http://cvs.php.net/viewvc.cgi/php-src/ext/curl/curl.c?r1=1.124.2.30.2.17&r2=1.124.2.30.2.18&diff_format=u Index: php-src/ext/curl/curl.c diff -u php-src/ext/curl/curl.c:1.124.2.30.2.17 php-src/ext/curl/curl.c:1.124.2.30.2.18 --- php-src/ext/curl/curl.c:1.124.2.30.2.17 Fri Feb 23 20:53:24 2007 +++ php-src/ext/curl/curl.c Mon Feb 26 09:14:41 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: curl.c,v 1.124.2.30.2.17 2007/02/23 20:53:24 tony2001 Exp $ */ +/* $Id: curl.c,v 1.124.2.30.2.18 2007/02/26 09:14:41 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1266,8 +1266,9 @@ return; } - if (ch->handlers->write->buf.len) { - memset(&ch->handlers->write->buf, 0, sizeof(smart_str)); + if (ch->handlers->write->buf.len > 0) { + smart_str_free(&ch->handlers->write->buf); + ch->handlers->write->buf.len = 0; } memset(ch->err.str, 0, CURL_ERROR_SIZE + 1); @@ -1297,6 +1298,7 @@ if (error != CURLE_OK && error != CURLE_PARTIAL_FILE) { if (ch->handlers->write->buf.len > 0) { smart_str_free(&ch->handlers->write->buf); + ch->handlers->write->buf.len = 0; } RETURN_FALSE; @@ -1306,9 +1308,10 @@ if (ch->handlers->write->method == PHP_CURL_RETURN && ch->handlers->write->buf.len > 0) { --ch->uses; - if (ch->handlers->write->type != PHP_CURL_BINARY) + if (ch->handlers->write->type != PHP_CURL_BINARY) { smart_str_0(&ch->handlers->write->buf); - RETURN_STRINGL(ch->handlers->write->buf.c, ch->handlers->write->buf.len, 0); + } + RETURN_STRINGL(ch->handlers->write->buf.c, ch->handlers->write->buf.len, 1); } --ch->uses; if (ch->handlers->write->method == PHP_CURL_RETURN) { @@ -1533,6 +1536,10 @@ zend_llist_clean(&ch->to_free.slist); zend_llist_clean(&ch->to_free.post); + if (ch->handlers->write->buf.len > 0) { + smart_str_free(&ch->handlers->write->buf); + ch->handlers->write->buf.len = 0; + } if (ch->handlers->write->func) { FREE_ZVAL(ch->handlers->write->func); ch->handlers->read->func = NULL; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/curl curl.c
tony2001Fri Feb 23 20:53:24 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/curl curl.c Log: fix #40611 (possible cURL memory error) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.198&r2=1.1247.2.920.2.199&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.198 php-src/NEWS:1.1247.2.920.2.199 --- php-src/NEWS:1.1247.2.920.2.198 Thu Feb 22 14:47:29 2007 +++ php-src/NEWSFri Feb 23 20:53:23 2007 @@ -2,6 +2,8 @@ ||| ?? Feb 2007, Version 4.4.6 +- Fixed bug #40611 (possible cURL memory error). (Tony) + 22 Feb 2007, Version 4.4.6RC1 - Updated PCRE to version 7.0. (Nuno) http://cvs.php.net/viewvc.cgi/php-src/ext/curl/curl.c?r1=1.124.2.30.2.16&r2=1.124.2.30.2.17&diff_format=u Index: php-src/ext/curl/curl.c diff -u php-src/ext/curl/curl.c:1.124.2.30.2.16 php-src/ext/curl/curl.c:1.124.2.30.2.17 --- php-src/ext/curl/curl.c:1.124.2.30.2.16 Fri Jan 12 16:38:40 2007 +++ php-src/ext/curl/curl.c Fri Feb 23 20:53:24 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: curl.c,v 1.124.2.30.2.16 2007/01/12 16:38:40 iliaa Exp $ */ +/* $Id: curl.c,v 1.124.2.30.2.17 2007/02/23 20:53:24 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -559,7 +559,9 @@ case PHP_CURL_FILE: return fwrite(data, size, nmemb, t->fp); case PHP_CURL_RETURN: - smart_str_appendl(&t->buf, data, (int) length); + if (length > 0) { + smart_str_appendl(&t->buf, data, (int) length); + } break; case PHP_CURL_USER: { zval *argv[2]; @@ -674,10 +676,11 @@ case PHP_CURL_STDOUT: /* Handle special case write when we're returning the entire transfer */ - if (ch->handlers->write->method == PHP_CURL_RETURN) + if (ch->handlers->write->method == PHP_CURL_RETURN && length > 0) { smart_str_appendl(&ch->handlers->write->buf, data, (int) length); - else + } else { PHPWRITE(data, length); + } break; case PHP_CURL_FILE: return fwrite(data, size, nmemb, t->fp); @@ -1309,7 +1312,7 @@ } --ch->uses; if (ch->handlers->write->method == PHP_CURL_RETURN) { - RETURN_STRINGL("", sizeof("") - 1, 0); + RETURN_EMPTY_STRING(); } RETURN_TRUE; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Thu Feb 22 14:47:30 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - Back to -dev. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.197&r2=1.1247.2.920.2.198&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.197 php-src/NEWS:1.1247.2.920.2.198 --- php-src/NEWS:1.1247.2.920.2.197 Thu Feb 22 14:45:30 2007 +++ php-src/NEWSThu Feb 22 14:47:29 2007 @@ -1,6 +1,9 @@ PHP 4 NEWS ||| +?? Feb 2007, Version 4.4.6 + 22 Feb 2007, Version 4.4.6RC1 + - Updated PCRE to version 7.0. (Nuno) - Fixed segfault in ext/session when register_globals=On. (Tony) - Fixed bug #40578 (imagettftext() multithreading issue). (Tony) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.39&r2=1.396.2.164.2.40&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.39 php-src/configure.in:1.396.2.164.2.40 --- php-src/configure.in:1.396.2.164.2.39 Thu Feb 22 14:45:30 2007 +++ php-src/configure.inThu Feb 22 14:47:29 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.39 2007/02/22 14:45:30 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.40 2007/02/22 14:47:29 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=6 -EXTRA_VERSION="RC1" +EXTRA_VERSION="RC2-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.35&r2=1.66.2.81.2.36&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.35 php-src/main/php_version.h:1.66.2.81.2.36 --- php-src/main/php_version.h:1.66.2.81.2.35 Thu Feb 22 14:45:30 2007 +++ php-src/main/php_version.h Thu Feb 22 14:47:30 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 6 -#define PHP_EXTRA_VERSION "RC1" -#define PHP_VERSION "4.4.6RC1" +#define PHP_EXTRA_VERSION "RC2-dev" +#define PHP_VERSION "4.4.6RC2-dev" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Thu Feb 22 14:45:31 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - Go with RC1. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.196&r2=1.1247.2.920.2.197&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.196 php-src/NEWS:1.1247.2.920.2.197 --- php-src/NEWS:1.1247.2.920.2.196 Wed Feb 21 18:41:22 2007 +++ php-src/NEWSThu Feb 22 14:45:30 2007 @@ -1,6 +1,6 @@ PHP 4 NEWS ||| -?? ??? 2007, Version 4.4.6 +22 Feb 2007, Version 4.4.6RC1 - Updated PCRE to version 7.0. (Nuno) - Fixed segfault in ext/session when register_globals=On. (Tony) - Fixed bug #40578 (imagettftext() multithreading issue). (Tony) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.38&r2=1.396.2.164.2.39&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.38 php-src/configure.in:1.396.2.164.2.39 --- php-src/configure.in:1.396.2.164.2.38 Tue Feb 13 18:22:06 2007 +++ php-src/configure.inThu Feb 22 14:45:30 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.38 2007/02/13 18:22:06 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.39 2007/02/22 14:45:30 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=6 -EXTRA_VERSION="-dev" +EXTRA_VERSION="RC1" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.34&r2=1.66.2.81.2.35&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.34 php-src/main/php_version.h:1.66.2.81.2.35 --- php-src/main/php_version.h:1.66.2.81.2.34 Tue Feb 13 18:22:06 2007 +++ php-src/main/php_version.h Thu Feb 22 14:45:30 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 6 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "4.4.6-dev" +#define PHP_EXTRA_VERSION "RC1" +#define PHP_VERSION "4.4.6RC1" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/gd/libgd gdft.c
tony2001Wed Feb 21 18:41:23 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/gd/libgd gdft.c Log: MFH: fix #40578 (imagettftext() multithreading issue) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.195&r2=1.1247.2.920.2.196&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.195 php-src/NEWS:1.1247.2.920.2.196 --- php-src/NEWS:1.1247.2.920.2.195 Fri Feb 16 11:47:19 2007 +++ php-src/NEWSWed Feb 21 18:41:22 2007 @@ -3,6 +3,7 @@ ?? ??? 2007, Version 4.4.6 - Updated PCRE to version 7.0. (Nuno) - Fixed segfault in ext/session when register_globals=On. (Tony) +- Fixed bug #40578 (imagettftext() multithreading issue). (Tony) - Fixed bug #40502 (ext/interbase compile failure). (Tony) - Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when parent is killed). (Dmitry) http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gdft.c?r1=1.11.2.19&r2=1.11.2.19.2.1&diff_format=u Index: php-src/ext/gd/libgd/gdft.c diff -u php-src/ext/gd/libgd/gdft.c:1.11.2.19 php-src/ext/gd/libgd/gdft.c:1.11.2.19.2.1 --- php-src/ext/gd/libgd/gdft.c:1.11.2.19 Thu Dec 9 14:20:20 2004 +++ php-src/ext/gd/libgd/gdft.c Wed Feb 21 18:41:23 2007 @@ -196,6 +196,16 @@ #include "jisx0208.h" #endif +extern int any2eucjp (char *, char *, unsigned int); + +/* Persistent font cache until explicitly cleared */ +/* Fonts can be used across multiple images */ + +/* 2.0.16: thread safety (the font cache is shared) */ +gdMutexDeclare(gdFontCacheMutex); +static gdCache_head_t *fontCache = NULL; +static FT_Library library; + #define Tcl_UniChar int #define TCL_UTF_MAX 3 static int @@ -740,9 +750,10 @@ /* find antialised color */ tc_key.bgcolor = *pixel; - tc_elem = (tweencolor_t *) gdCacheGet ( - tc_cache, &tc_key); + gdMutexLock(gdFontCacheMutex); + tc_elem = (tweencolor_t *) gdCacheGet (tc_cache, &tc_key); *pixel = tc_elem->tweencolor; + gdMutexUnlock(gdFontCacheMutex); } } } @@ -758,16 +769,6 @@ : (v1 > 0 ? ((v1 + 63) >> 6) : v1 >> 6); } -extern int any2eucjp (char *, char *, unsigned int); - -/* Persistent font cache until explicitly cleared */ -/* Fonts can be used across multiple images */ - -/* 2.0.16: thread safety (the font cache is shared) */ -gdMutexDeclare(gdFontCacheMutex); -static gdCache_head_t *fontCache = NULL; -static FT_Library library; - void gdFontCacheShutdown() { if (fontCache) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /sapi/cgi cgi_main.c
dmitry Fri Feb 16 11:47:20 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/sapi/cgi cgi_main.c Log: Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when parent is killed) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.194&r2=1.1247.2.920.2.195&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.194 php-src/NEWS:1.1247.2.920.2.195 --- php-src/NEWS:1.1247.2.920.2.194 Fri Feb 16 08:21:30 2007 +++ php-src/NEWSFri Feb 16 11:47:19 2007 @@ -4,6 +4,8 @@ - Updated PCRE to version 7.0. (Nuno) - Fixed segfault in ext/session when register_globals=On. (Tony) - Fixed bug #40502 (ext/interbase compile failure). (Tony) +- Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when + parent is killed). (Dmitry) 14 Feb 2007, Version 4.4.5 - Upgraded PEAR to 1.5.0. (Greg) http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.190.2.68.2.7&r2=1.190.2.68.2.8&diff_format=u Index: php-src/sapi/cgi/cgi_main.c diff -u php-src/sapi/cgi/cgi_main.c:1.190.2.68.2.7 php-src/sapi/cgi/cgi_main.c:1.190.2.68.2.8 --- php-src/sapi/cgi/cgi_main.c:1.190.2.68.2.7 Mon Jan 1 09:46:51 2007 +++ php-src/sapi/cgi/cgi_main.c Fri Feb 16 11:47:20 2007 @@ -20,7 +20,7 @@ +--+ */ -/* $Id: cgi_main.c,v 1.190.2.68.2.7 2007/01/01 09:46:51 sebastian Exp $ */ +/* $Id: cgi_main.c,v 1.190.2.68.2.8 2007/02/16 11:47:20 dmitry Exp $ */ #include "php.h" #include "php_globals.h" @@ -351,18 +351,14 @@ static int sapi_cgi_read_post(char *buffer, uint count_bytes TSRMLS_DC) { - uint read_bytes=0, tmp_read_bytes; -#if PHP_FASTCGI - char *pos = buffer; -#endif + int read_bytes=0, tmp_read_bytes; count_bytes = MIN(count_bytes, (uint)SG(request_info).content_length-SG(read_post_bytes)); while (read_bytes < count_bytes) { #if PHP_FASTCGI if (!FCGX_IsCGI()) { FCGX_Request *request = (FCGX_Request *)SG(server_context); - tmp_read_bytes = FCGX_GetStr( pos, count_bytes-read_bytes, request->in ); - pos += tmp_read_bytes; + tmp_read_bytes = FCGX_GetStr(buffer+read_bytes, count_bytes-read_bytes, request->in ); } else { tmp_read_bytes = read(0, buffer+read_bytes, count_bytes-read_bytes); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
tony2001Fri Feb 16 08:21:31 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: BFN http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.193&r2=1.1247.2.920.2.194&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.193 php-src/NEWS:1.1247.2.920.2.194 --- php-src/NEWS:1.1247.2.920.2.193 Tue Feb 13 20:23:28 2007 +++ php-src/NEWSFri Feb 16 08:21:30 2007 @@ -2,6 +2,8 @@ ||| ?? ??? 2007, Version 4.4.6 - Updated PCRE to version 7.0. (Nuno) +- Fixed segfault in ext/session when register_globals=On. (Tony) +- Fixed bug #40502 (ext/interbase compile failure). (Tony) 14 Feb 2007, Version 4.4.5 - Upgraded PEAR to 1.5.0. (Greg) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Tue Feb 13 18:22:07 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Back to -dev. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.33&r2=1.66.2.81.2.34&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.33 php-src/main/php_version.h:1.66.2.81.2.34 --- php-src/main/php_version.h:1.66.2.81.2.33 Tue Feb 13 18:20:10 2007 +++ php-src/main/php_version.h Tue Feb 13 18:22:06 2007 @@ -2,6 +2,6 @@ /* edit configure.in to change version number */ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 -#define PHP_RELEASE_VERSION 5 -#define PHP_EXTRA_VERSION "" -#define PHP_VERSION "4.4.5" +#define PHP_RELEASE_VERSION 6 +#define PHP_EXTRA_VERSION "-dev" +#define PHP_VERSION "4.4.6-dev" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.37&r2=1.396.2.164.2.38&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.37 php-src/configure.in:1.396.2.164.2.38 --- php-src/configure.in:1.396.2.164.2.37 Tue Feb 13 18:20:11 2007 +++ php-src/configure.inTue Feb 13 18:22:06 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.37 2007/02/13 18:20:11 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.38 2007/02/13 18:22:06 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -37,8 +37,8 @@ MAJOR_VERSION=4 MINOR_VERSION=4 -RELEASE_VERSION=5 -EXTRA_VERSION="" +RELEASE_VERSION=6 +EXTRA_VERSION="-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.191&r2=1.1247.2.920.2.192&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.191 php-src/NEWS:1.1247.2.920.2.192 --- php-src/NEWS:1.1247.2.920.2.191 Tue Feb 13 18:20:11 2007 +++ php-src/NEWSTue Feb 13 18:22:06 2007 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? ??? 2007, Version 4.4.6 + 14 Feb 2007, Version 4.4.5 - Upgraded PEAR to 1.5.0. (Greg) - Updated PCRE to version 6.7. (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Tue Feb 13 18:20:11 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_version.h /php-srcconfigure.in NEWS Log: - Package 4.4.5. http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.32&r2=1.66.2.81.2.33&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.32 php-src/main/php_version.h:1.66.2.81.2.33 --- php-src/main/php_version.h:1.66.2.81.2.32 Thu Feb 1 08:55:41 2007 +++ php-src/main/php_version.h Tue Feb 13 18:20:10 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 5 -#define PHP_EXTRA_VERSION "RC3-dev" -#define PHP_VERSION "4.4.5RC3-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "4.4.5" http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.36&r2=1.396.2.164.2.37&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.36 php-src/configure.in:1.396.2.164.2.37 --- php-src/configure.in:1.396.2.164.2.36 Thu Feb 1 08:55:41 2007 +++ php-src/configure.inTue Feb 13 18:20:11 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.36 2007/02/01 08:55:41 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.37 2007/02/13 18:20:11 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=5 -EXTRA_VERSION="RC3-dev" +EXTRA_VERSION="" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.190&r2=1.1247.2.920.2.191&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.190 php-src/NEWS:1.1247.2.920.2.191 --- php-src/NEWS:1.1247.2.920.2.190 Mon Feb 12 17:13:22 2007 +++ php-src/NEWSTue Feb 13 18:20:11 2007 @@ -1,30 +1,25 @@ PHP 4 NEWS ||| -?? Feb 2007, Version 4.4.5 -- Fixed bug #40335 (Compile fails when using GCC 4.1.1/binutils 2.17). (Tony) - -01 Feb 2007, Version 4.4.5RC2 -- Fixed bug #39819 (Using $this not in object context can cause segfaults). - (Dmitry) -- Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the - class). (Ilia) -- Backported a fix in the configure tests to detect the "rounding fuzz". - (Derick, Joe Orton) -- Backported fix for ext/imap compilation failure with recent c-client - versions. (Tony) +14 Feb 2007, Version 4.4.5 - Upgraded PEAR to 1.5.0. (Greg) +- Updated PCRE to version 6.7. (Ilia) - Moved extensions to PECL: . ext/ovrimos (Derick) -04 Jan 2007, Version 4.4.5RC1 - Added a meta tag to phpinfo() output to prevent search engines from indexing the page. (Ilia) -- Updated PCRE to version 6.7. (Ilia) +- Backported a fix in the configure tests to detect the "rounding fuzz". + (Derick, Joe Orton) +- Backported fix for ext/imap compilation failure with recent c-client + versions. (Tony) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #40335 (Compile fails when using GCC 4.1.1/binutils 2.17). (Tony) - Fixed bug #39971 (pg_insert/pg_update do not allow now() to be used for timestamp fields). (Ilia) - Fixed bug #39890 (using autoconf 2.6x and --with-layout=GNU breaks PEAR install path). (Tony) +- Fixed bug #39819 (Using $this not in object context can cause segfaults). + (Dmitry) - Fixed bug #39653 (ext/dba doesn't check for db-4.5 and db-4.4 when db4 support is enabled). (Tony) - Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony) @@ -48,6 +43,8 @@ - Fixed bug #37812 (aggregate_methods_by_list fails to take certain methods). (Hannes) - Fixed bug #36975 (natcasesort() causes array_pop() to misbehave). (Hannes) +- Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the + class). (Ilia) - Fixed bug #34066 (recursive array_walk causes segfault). (Tony) 17 Aug 2006, Version 4.4.4 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /main output.c php_output.h
tony2001Mon Feb 12 17:13:23 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/main output.c php_output.h Log: fix #40335 (Compile fails when using GCC 4.1.1/binutils 2.17) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.189&r2=1.1247.2.920.2.190&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.189 php-src/NEWS:1.1247.2.920.2.190 --- php-src/NEWS:1.1247.2.920.2.189 Thu Feb 1 08:55:40 2007 +++ php-src/NEWSMon Feb 12 17:13:22 2007 @@ -1,6 +1,7 @@ PHP 4 NEWS ||| ?? Feb 2007, Version 4.4.5 +- Fixed bug #40335 (Compile fails when using GCC 4.1.1/binutils 2.17). (Tony) 01 Feb 2007, Version 4.4.5RC2 - Fixed bug #39819 (Using $this not in object context can cause segfaults). http://cvs.php.net/viewvc.cgi/php-src/main/output.c?r1=1.142.2.16.2.5&r2=1.142.2.16.2.6&diff_format=u Index: php-src/main/output.c diff -u php-src/main/output.c:1.142.2.16.2.5 php-src/main/output.c:1.142.2.16.2.6 --- php-src/main/output.c:1.142.2.16.2.5Mon Jan 1 09:46:50 2007 +++ php-src/main/output.c Mon Feb 12 17:13:22 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: output.c,v 1.142.2.16.2.5 2007/01/01 09:46:50 sebastian Exp $ */ +/* $Id: output.c,v 1.142.2.16.2.6 2007/02/12 17:13:22 tony2001 Exp $ */ #include "php.h" #include "ext/standard/head.h" @@ -49,7 +49,7 @@ #endif /* {{{ php_default_output_func */ -static inline int php_default_output_func(const char *str, uint str_len TSRMLS_DC) +PHPAPI int php_default_output_func(const char *str, uint str_len TSRMLS_DC) { fwrite(str, 1, str_len, stderr); return str_len; http://cvs.php.net/viewvc.cgi/php-src/main/php_output.h?r1=1.47.2.1.8.2&r2=1.47.2.1.8.3&diff_format=u Index: php-src/main/php_output.h diff -u php-src/main/php_output.h:1.47.2.1.8.2 php-src/main/php_output.h:1.47.2.1.8.3 --- php-src/main/php_output.h:1.47.2.1.8.2 Mon Jan 1 09:46:50 2007 +++ php-src/main/php_output.h Mon Feb 12 17:13:22 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_output.h,v 1.47.2.1.8.2 2007/01/01 09:46:50 sebastian Exp $ */ +/* $Id: php_output.h,v 1.47.2.1.8.3 2007/02/12 17:13:22 tony2001 Exp $ */ #ifndef PHP_OUTPUT_H #define PHP_OUTPUT_H @@ -27,6 +27,7 @@ PHPAPI void php_output_activate(TSRMLS_D); PHPAPI void php_output_set_status(zend_bool status TSRMLS_DC); PHPAPI void php_output_register_constants(TSRMLS_D); +PHPAPI int php_default_output_func(const char *str, uint str_len TSRMLS_DC); PHPAPI int php_body_write(const char *str, uint str_length TSRMLS_DC); PHPAPI int php_header_write(const char *str, uint str_length TSRMLS_DC); PHPAPI int php_start_ob_buffer(zval *output_handler, uint chunk_size, zend_bool erase TSRMLS_DC); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Thu Feb 1 08:55:41 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - Back to -dev. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.188&r2=1.1247.2.920.2.189&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.188 php-src/NEWS:1.1247.2.920.2.189 --- php-src/NEWS:1.1247.2.920.2.188 Thu Feb 1 08:54:32 2007 +++ php-src/NEWSThu Feb 1 08:55:40 2007 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? Feb 2007, Version 4.4.5 + 01 Feb 2007, Version 4.4.5RC2 - Fixed bug #39819 (Using $this not in object context can cause segfaults). (Dmitry) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.35&r2=1.396.2.164.2.36&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.35 php-src/configure.in:1.396.2.164.2.36 --- php-src/configure.in:1.396.2.164.2.35 Thu Feb 1 08:54:32 2007 +++ php-src/configure.inThu Feb 1 08:55:41 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.35 2007/02/01 08:54:32 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.36 2007/02/01 08:55:41 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=5 -EXTRA_VERSION="RC2" +EXTRA_VERSION="RC3-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.31&r2=1.66.2.81.2.32&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.31 php-src/main/php_version.h:1.66.2.81.2.32 --- php-src/main/php_version.h:1.66.2.81.2.31 Thu Feb 1 08:54:32 2007 +++ php-src/main/php_version.h Thu Feb 1 08:55:41 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 5 -#define PHP_EXTRA_VERSION "RC2" -#define PHP_VERSION "4.4.5RC2" +#define PHP_EXTRA_VERSION "RC3-dev" +#define PHP_VERSION "4.4.5RC3-dev" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Thu Feb 1 08:54:33 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - Go with RC2. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.187&r2=1.1247.2.920.2.188&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.187 php-src/NEWS:1.1247.2.920.2.188 --- php-src/NEWS:1.1247.2.920.2.187 Mon Jan 29 10:08:16 2007 +++ php-src/NEWSThu Feb 1 08:54:32 2007 @@ -1,6 +1,6 @@ PHP 4 NEWS ||| -?? Jan 2007, Version 4.4.5 +01 Feb 2007, Version 4.4.5RC2 - Fixed bug #39819 (Using $this not in object context can cause segfaults). (Dmitry) - Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the @@ -9,7 +9,7 @@ (Derick, Joe Orton) - Backported fix for ext/imap compilation failure with recent c-client versions. (Tony) - +- Upgraded PEAR to 1.5.0. (Greg) - Moved extensions to PECL: . ext/ovrimos (Derick) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.34&r2=1.396.2.164.2.35&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.34 php-src/configure.in:1.396.2.164.2.35 --- php-src/configure.in:1.396.2.164.2.34 Fri Jan 5 08:56:56 2007 +++ php-src/configure.inThu Feb 1 08:54:32 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.34 2007/01/05 08:56:56 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.35 2007/02/01 08:54:32 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=5 -EXTRA_VERSION="RC2-dev" +EXTRA_VERSION="RC2" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.30&r2=1.66.2.81.2.31&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.30 php-src/main/php_version.h:1.66.2.81.2.31 --- php-src/main/php_version.h:1.66.2.81.2.30 Fri Jan 5 08:56:56 2007 +++ php-src/main/php_version.h Thu Feb 1 08:54:32 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 5 -#define PHP_EXTRA_VERSION "RC2-dev" -#define PHP_VERSION "4.4.5RC2-dev" +#define PHP_EXTRA_VERSION "RC2" +#define PHP_VERSION "4.4.5RC2" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/imap config.m4 php_imap.c
tony2001Mon Jan 29 10:08:17 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/imap config.m4 php_imap.c Log: backported fix for ext/imap compilation failure with recent c-client versions (fixes #39401) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.186&r2=1.1247.2.920.2.187&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.186 php-src/NEWS:1.1247.2.920.2.187 --- php-src/NEWS:1.1247.2.920.2.186 Mon Jan 22 19:59:21 2007 +++ php-src/NEWSMon Jan 29 10:08:16 2007 @@ -7,6 +7,8 @@ class). (Ilia) - Backported a fix in the configure tests to detect the "rounding fuzz". (Derick, Joe Orton) +- Backported fix for ext/imap compilation failure with recent c-client + versions. (Tony) - Moved extensions to PECL: . ext/ovrimos (Derick) http://cvs.php.net/viewvc.cgi/php-src/ext/imap/config.m4?r1=1.49.2.15&r2=1.49.2.15.2.1&diff_format=u Index: php-src/ext/imap/config.m4 diff -u php-src/ext/imap/config.m4:1.49.2.15 php-src/ext/imap/config.m4:1.49.2.15.2.1 --- php-src/ext/imap/config.m4:1.49.2.15Tue Jan 11 04:56:57 2005 +++ php-src/ext/imap/config.m4 Mon Jan 29 10:08:17 2007 @@ -1,5 +1,5 @@ dnl -dnl $Id: config.m4,v 1.49.2.15 2005/01/11 04:56:57 sniper Exp $ +dnl $Id: config.m4,v 1.49.2.15.2.1 2007/01/29 10:08:17 tony2001 Exp $ dnl AC_DEFUN([IMAP_INC_CHK],[if test -r "$i$1/c-client.h"; then @@ -127,6 +127,49 @@ AC_DEFINE(HAVE_IMAP2004,1,[ ]) ]) +dnl Check for new version of the utf8_mime2text() function +old_CFLAGS=$CFLAGS +CFLAGS="-I$IMAP_INC_DIR" +AC_CACHE_CHECK(for utf8_mime2text signature, ac_cv_utf8_mime2text, + AC_TRY_COMPILE([ +#include +#include + ],[ +SIZEDTEXT *src, *dst; +utf8_mime2text(src, dst); + ],[ +ac_cv_utf8_mime2text=old + ],[ +ac_cv_utf8_mime2text=new + ]) +) +if test "$ac_cv_utf8_mime2text" = "new"; then + AC_DEFINE(HAVE_NEW_MIME2TEXT, 1, [Whether utf8_mime2text() has new signature]) +fi +CFLAGS=$old_CPPFLAGS + +old_CFLAGS=$CFLAGS +CFLAGS="-I$IMAP_INC_DIR" +AC_CACHE_CHECK(for U8T_CANONICAL, ac_cv_u8t_canonical, + AC_TRY_COMPILE([ +#include + ],[ + int i = U8T_CANONICAL; + ],[ + ac_cv_u8t_canonical=yes + ],[ + ac_cv_u8t_canonical=no + ]) +) +CFLAGS=$old_CPPFLAGS + +if test "$ac_cv_u8t_canonical" = "no" && test "$ac_cv_utf8_mime2text" = "new"; then +AC_MSG_ERROR([utf8_mime2text() has new signature, but U8T_CANONICAL is missing. This should not happen. Check config.log for additional information.]) +fi +if test "$ac_cv_u8t_canonical" = "yes" && test "$ac_cv_utf8_mime2text" = "old"; then +AC_MSG_ERROR([utf8_mime2text() has old signature, but U8T_CANONICAL is present. This should not happen. Check config.log for additional information.]) +fi + dnl Check for c-client version 2001 old_CPPFLAGS=$CPPFLAGS CPPFLAGS=-I$IMAP_INC_DIR http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.142.2.44.2.10&r2=1.142.2.44.2.11&diff_format=u Index: php-src/ext/imap/php_imap.c diff -u php-src/ext/imap/php_imap.c:1.142.2.44.2.10 php-src/ext/imap/php_imap.c:1.142.2.44.2.11 --- php-src/ext/imap/php_imap.c:1.142.2.44.2.10 Mon Jan 1 09:46:43 2007 +++ php-src/ext/imap/php_imap.c Mon Jan 29 10:08:17 2007 @@ -26,7 +26,7 @@ | PHP 4.0 updates: Zeev Suraski <[EMAIL PROTECTED]> | +--+ */ -/* $Id: php_imap.c,v 1.142.2.44.2.10 2007/01/01 09:46:43 sebastian Exp $ */ +/* $Id: php_imap.c,v 1.142.2.44.2.11 2007/01/29 10:08:17 tony2001 Exp $ */ #define IMAP41 @@ -74,7 +74,11 @@ void rfc822_date(char *date); char *cpystr(const char *str); char *cpytxt(SIZEDTEXT *dst, char *text, unsigned long size); +#ifndef HAVE_NEW_MIME2TEXT long utf8_mime2text(SIZEDTEXT *src, SIZEDTEXT *dst); +#else +long utf8_mime2text (SIZEDTEXT *src, SIZEDTEXT *dst, long flags); +#endif unsigned long find_rightmost_bit(unsigned long *valptr); void fs_give(void **block); void *fs_get(size_t size); @@ -2064,7 +2068,11 @@ dest.size = 0; cpytxt(&src, Z_STRVAL_PP(str), Z_STRLEN_PP(str)); +#ifndef HAVE_NEW_MIME2TEXT utf8_mime2text(&src, &dest); +#else + utf8_mime2text(&src, &dest, U8T_CANONICAL); +#endif RETURN_STRINGL(dest.data, strlen(dest.data), 1); } /* }}} */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard config.m4
derick Mon Jan 22 19:59:21 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/standard config.m4 Log: - Backported a fix in the configure tests to detect the "rounding fuzz". http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.185&r2=1.1247.2.920.2.186&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.185 php-src/NEWS:1.1247.2.920.2.186 --- php-src/NEWS:1.1247.2.920.2.185 Mon Jan 22 19:51:38 2007 +++ php-src/NEWSMon Jan 22 19:59:21 2007 @@ -5,6 +5,8 @@ (Dmitry) - Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the class). (Ilia) +- Backported a fix in the configure tests to detect the "rounding fuzz". + (Derick, Joe Orton) - Moved extensions to PECL: . ext/ovrimos (Derick) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/config.m4?r1=1.47.2.16&r2=1.47.2.16.2.1&diff_format=u Index: php-src/ext/standard/config.m4 diff -u php-src/ext/standard/config.m4:1.47.2.16 php-src/ext/standard/config.m4:1.47.2.16.2.1 --- php-src/ext/standard/config.m4:1.47.2.16Thu Dec 30 07:02:18 2004 +++ php-src/ext/standard/config.m4 Mon Jan 22 19:59:21 2007 @@ -1,4 +1,4 @@ -dnl $Id: config.m4,v 1.47.2.16 2004/12/30 07:02:18 sniper Exp $ -*- sh -*- +dnl $Id: config.m4,v 1.47.2.16.2.1 2007/01/22 19:59:21 derick Exp $ -*- sh -*- divert(3)dnl @@ -250,8 +250,12 @@ AC_MSG_CHECKING([whether rounding works as expected]) AC_TRY_RUN([ #include + /* keep this out-of-line to prevent use of gcc inline floor() */ + double somefn(double n) { +return floor(n*pow(10,2) + 0.5); + } int main() { -return floor(0.045*pow(10,2) + 0.5)/10.0 != 0.5; +return somefn(0.045)/10.0 != 0.5; } ],[ PHP_ROUND_FUZZ=0.5 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/ovrimos .cvsignore CREDITS config.m4 ovrimos.c php_ovrimos.h
derick Mon Jan 22 19:51:38 2007 UTC Removed files: (Branch: PHP_4_4) /php-src/ext/ovrimos.cvsignore CREDITS config.m4 ovrimos.c php_ovrimos.h Modified files: /php-srcNEWS Log: - Move ext/ovrimos to PECL. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.184&r2=1.1247.2.920.2.185&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.184 php-src/NEWS:1.1247.2.920.2.185 --- php-src/NEWS:1.1247.2.920.2.184 Fri Jan 12 16:38:39 2007 +++ php-src/NEWSMon Jan 22 19:51:38 2007 @@ -6,6 +6,9 @@ - Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the class). (Ilia) +- Moved extensions to PECL: + . ext/ovrimos (Derick) + 04 Jan 2007, Version 4.4.5RC1 - Added a meta tag to phpinfo() output to prevent search engines from indexing the page. (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/curl curl.c
iliaa Fri Jan 12 16:38:40 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/curl curl.c Log: Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the class). http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.183&r2=1.1247.2.920.2.184&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.183 php-src/NEWS:1.1247.2.920.2.184 --- php-src/NEWS:1.1247.2.920.2.183 Tue Jan 9 17:06:42 2007 +++ php-src/NEWSFri Jan 12 16:38:39 2007 @@ -3,6 +3,8 @@ ?? Jan 2007, Version 4.4.5 - Fixed bug #39819 (Using $this not in object context can cause segfaults). (Dmitry) +- Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the + class). (Ilia) 04 Jan 2007, Version 4.4.5RC1 - Added a meta tag to phpinfo() output to prevent search engines from http://cvs.php.net/viewvc.cgi/php-src/ext/curl/curl.c?r1=1.124.2.30.2.15&r2=1.124.2.30.2.16&diff_format=u Index: php-src/ext/curl/curl.c diff -u php-src/ext/curl/curl.c:1.124.2.30.2.15 php-src/ext/curl/curl.c:1.124.2.30.2.16 --- php-src/ext/curl/curl.c:1.124.2.30.2.15 Mon Jan 1 09:46:40 2007 +++ php-src/ext/curl/curl.c Fri Jan 12 16:38:40 2007 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: curl.c,v 1.124.2.30.2.15 2007/01/01 09:46:40 sebastian Exp $ */ +/* $Id: curl.c,v 1.124.2.30.2.16 2007/01/12 16:38:40 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -702,19 +702,17 @@ retval, 2, argv TSRMLS_CC); ch->in_callback = 0; if (error == FAILURE) { - php_error(E_WARNING, "%s(): Couldn't call the CURLOPT_HEADERFUNCTION", - get_active_function_name(TSRMLS_C)); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not call the CURLOPT_HEADERFUNCTION"); length = -1; - } - else { + } else { if (Z_TYPE_P(retval) != IS_LONG) { convert_to_long_ex(&retval); } length = Z_LVAL_P(retval); + zval_ptr_dtor(&retval); } zval_ptr_dtor(&argv[0]); zval_ptr_dtor(&argv[1]); - zval_ptr_dtor(&retval); break; } @@ -1075,6 +1073,7 @@ case CURLOPT_WRITEFUNCTION: if (ch->handlers->write->func) { zval_ptr_dtor(&ch->handlers->write->func); + ch->handlers->write->func = NULL; } zval_add_ref(zvalue); ch->handlers->write->func = *zvalue; @@ -1083,6 +1082,7 @@ case CURLOPT_READFUNCTION: if (ch->handlers->read->func) { zval_ptr_dtor(&ch->handlers->read->func); + ch->handlers->read->func = NULL; } zval_add_ref(zvalue); ch->handlers->read->func = *zvalue; @@ -1091,6 +1091,7 @@ case CURLOPT_HEADERFUNCTION: if (ch->handlers->write_header->func) { zval_ptr_dtor(&ch->handlers->write_header->func); + ch->handlers->write_header->func = NULL; } zval_add_ref(zvalue); ch->handlers->write_header->func = *zvalue; @@ -1100,6 +1101,7 @@ case CURLOPT_PASSWDFUNCTION: if (ch->handlers->passwd) { zval_ptr_dtor(&ch->handlers->passwd); + ch->handlers->passwd = NULL; } zval_add_ref(zvalue); ch->handlers->passwd = *zvalue; @@ -1300,10 +1302,13 @@ ch->uses++; if (ch->handlers->write->method == PHP_CURL_RETURN && ch->handlers->write->buf.len > 0) { + --ch->uses; if (ch->handlers->write->type != PHP_CURL_BINARY) smart_str_0(&ch->handlers->write->buf); RETURN_STRINGL(ch->handlers->write->buf.c, ch->handlers->write->buf.len, 0); - } else if (ch->handlers->write->method == PHP_CURL_RETURN) { + } + --ch->uses; + if (ch->handlers->write->method == PHP_CURL_RETURN) { RETURN_STRINGL("", sizeof("") - 1, 0); } @@ -1506,7 +1511,11 @@ php_error_docref(NULL
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Fri Jan 5 08:56:56 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - Back to -dev http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.181&r2=1.1247.2.920.2.182&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.181 php-src/NEWS:1.1247.2.920.2.182 --- php-src/NEWS:1.1247.2.920.2.181 Fri Jan 5 08:54:57 2007 +++ php-src/NEWSFri Jan 5 08:56:56 2007 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? Jan 2007, Version 4.4.5 + 04 Jan 2007, Version 4.4.5RC1 - Added a meta tag to phpinfo() output to prevent search engines from indexing the page. (Ilia) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.33&r2=1.396.2.164.2.34&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.33 php-src/configure.in:1.396.2.164.2.34 --- php-src/configure.in:1.396.2.164.2.33 Fri Jan 5 08:54:57 2007 +++ php-src/configure.inFri Jan 5 08:56:56 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.33 2007/01/05 08:54:57 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.34 2007/01/05 08:56:56 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=5 -EXTRA_VERSION="RC1" +EXTRA_VERSION="RC2-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.29&r2=1.66.2.81.2.30&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.29 php-src/main/php_version.h:1.66.2.81.2.30 --- php-src/main/php_version.h:1.66.2.81.2.29 Fri Jan 5 08:54:57 2007 +++ php-src/main/php_version.h Fri Jan 5 08:56:56 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 5 -#define PHP_EXTRA_VERSION "RC1" -#define PHP_VERSION "4.4.5RC1" +#define PHP_EXTRA_VERSION "RC2-dev" +#define PHP_VERSION "4.4.5RC2-dev" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Fri Jan 5 08:54:57 2007 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - 4.4.5rc1 http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.180&r2=1.1247.2.920.2.181&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.180 php-src/NEWS:1.1247.2.920.2.181 --- php-src/NEWS:1.1247.2.920.2.180 Fri Dec 29 00:35:25 2006 +++ php-src/NEWSFri Jan 5 08:54:57 2007 @@ -1,6 +1,6 @@ PHP 4 NEWS ||| -?? ??? 2006, Version 4.4.5 +04 Jan 2007, Version 4.4.5RC1 - Added a meta tag to phpinfo() output to prevent search engines from indexing the page. (Ilia) - Updated PCRE to version 6.7. (Ilia) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.32&r2=1.396.2.164.2.33&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.32 php-src/configure.in:1.396.2.164.2.33 --- php-src/configure.in:1.396.2.164.2.32 Mon Dec 25 15:42:35 2006 +++ php-src/configure.inFri Jan 5 08:54:57 2007 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.32 2006/12/25 15:42:35 tony2001 Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.33 2007/01/05 08:54:57 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -38,7 +38,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=5 -EXTRA_VERSION="-dev" +EXTRA_VERSION="RC1" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.28&r2=1.66.2.81.2.29&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.28 php-src/main/php_version.h:1.66.2.81.2.29 --- php-src/main/php_version.h:1.66.2.81.2.28 Tue Aug 15 12:23:08 2006 +++ php-src/main/php_version.h Fri Jan 5 08:54:57 2007 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 5 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "4.4.5-dev" +#define PHP_EXTRA_VERSION "RC1" +#define PHP_VERSION "4.4.5RC1" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/pgsql pgsql.c
iliaa Fri Dec 29 00:35:26 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/pgsql pgsql.c /php-srcNEWS Log: MFH: Fixed bug #39971 (pg_insert/pg_update do not allow now() to be used for timestamp fields). http://cvs.php.net/viewvc.cgi/php-src/ext/pgsql/pgsql.c?r1=1.244.2.40.2.4&r2=1.244.2.40.2.5&diff_format=u Index: php-src/ext/pgsql/pgsql.c diff -u php-src/ext/pgsql/pgsql.c:1.244.2.40.2.4 php-src/ext/pgsql/pgsql.c:1.244.2.40.2.5 --- php-src/ext/pgsql/pgsql.c:1.244.2.40.2.4Thu Dec 28 15:21:41 2006 +++ php-src/ext/pgsql/pgsql.c Fri Dec 29 00:35:25 2006 @@ -19,7 +19,7 @@ +--+ */ -/* $Id: pgsql.c,v 1.244.2.40.2.4 2006/12/28 15:21:41 iliaa Exp $ */ +/* $Id: pgsql.c,v 1.244.2.40.2.5 2006/12/29 00:35:25 iliaa Exp $ */ #include @@ -3772,14 +3772,14 @@ switch(Z_TYPE_PP(val)) { case IS_STRING: if (Z_STRLEN_PP(val) == 0) { - ZVAL_STRING(new_val, "NULL", 1); - } - else { + ZVAL_STRINGL(new_val, "NULL", sizeof("NULL")-1, 1); + } else if (!strcasecmp(Z_STRVAL_PP(val), "now()")) { + ZVAL_STRINGL(new_val, "NOW()", sizeof("NOW()")-1, 1); + } else { /* FIXME: better regex must be used */ if (php_pgsql_convert_match(Z_STRVAL_PP(val), "^([0-9]{4}[/-][0-9]{1,2}[/-][0-9]{1,2})([ \\t]+(([0-9]{1,2}:[0-9]{1,2}){1}(:[0-9]{1,2}){0,1}(\\.[0-9]+){0,1}([ \\t]*([+-][0-9]{1,2}(:[0-9]{1,2}){0,1}|[a-zA-Z]{1,5})){0,1})){0,1}$", 1 TSRMLS_CC) == FAILURE) { err = 1; - } - else { + } else { ZVAL_STRING(new_val, Z_STRVAL_PP(val), 1); php_pgsql_add_quotes(new_val, 1 TSRMLS_CC); } @@ -3787,7 +3787,7 @@ break; case IS_NULL: - ZVAL_STRING(new_val, "NULL", 1); + ZVAL_STRINGL(new_val, "NULL", sizeof("NULL")-1, 1); break; default: http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.179&r2=1.1247.2.920.2.180&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.179 php-src/NEWS:1.1247.2.920.2.180 --- php-src/NEWS:1.1247.2.920.2.179 Mon Dec 25 15:42:35 2006 +++ php-src/NEWSFri Dec 29 00:35:25 2006 @@ -5,6 +5,8 @@ indexing the page. (Ilia) - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #39971 (pg_insert/pg_update do not allow now() to be used for + timestamp fields). (Ilia) - Fixed bug #39890 (using autoconf 2.6x and --with-layout=GNU breaks PEAR install path). (Tony) - Fixed bug #39653 (ext/dba doesn't check for db-4.5 and db-4.4 when db4 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in
tony2001Mon Dec 25 15:42:36 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcconfigure.in NEWS Log: MFH: fix bug #39890 (using autoconf 2.6x and --with-layout=GNU breaks PEAR install path) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.31&r2=1.396.2.164.2.32&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.31 php-src/configure.in:1.396.2.164.2.32 --- php-src/configure.in:1.396.2.164.2.31 Thu Nov 30 22:13:57 2006 +++ php-src/configure.inMon Dec 25 15:42:35 2006 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.31 2006/11/30 22:13:57 tony2001 Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.32 2006/12/25 15:42:35 tony2001 Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -1045,6 +1045,15 @@ fi fi +case $PHP_LAYOUT in + GNU) +datarootdir=$prefix/share +;; + *) +datarootdir=$prefix/php +;; +esac + dnl Expand all directory names for use in macros/constants EXPANDED_PEAR_INSTALLDIR=`eval echo $PEAR_INSTALLDIR` EXPANDED_EXTENSION_DIR=`eval echo $EXTENSION_DIR` @@ -1135,6 +1144,7 @@ PHP_SUBST(prefix) PHP_SUBST(localstatedir) PHP_SUBST(datadir) +PHP_SUBST(datarootdir) PHP_SUBST(sysconfdir) PHP_SUBST(AWK) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.178&r2=1.1247.2.920.2.179&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.178 php-src/NEWS:1.1247.2.920.2.179 --- php-src/NEWS:1.1247.2.920.2.178 Fri Dec 1 17:11:07 2006 +++ php-src/NEWSMon Dec 25 15:42:35 2006 @@ -5,6 +5,8 @@ indexing the page. (Ilia) - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #39890 (using autoconf 2.6x and --with-layout=GNU breaks PEAR + install path). (Tony) - Fixed bug #39653 (ext/dba doesn't check for db-4.5 and db-4.4 when db4 support is enabled). (Tony) - Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/ftp ftp.c
nlopess Fri Dec 1 17:11:07 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/ftpftp.c Log: MFH: fix bug #39458 http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.177&r2=1.1247.2.920.2.178&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.177 php-src/NEWS:1.1247.2.920.2.178 --- php-src/NEWS:1.1247.2.920.2.177 Tue Nov 28 11:41:35 2006 +++ php-src/NEWSFri Dec 1 17:11:07 2006 @@ -8,6 +8,7 @@ - Fixed bug #39653 (ext/dba doesn't check for db-4.5 and db-4.4 when db4 support is enabled). (Tony) - Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony) +- Fixed bug #39458 (ftp_nlist() returns false on empty dirs). (Nuno) - Fixed bug #39354 (Allow building of curl extension against libcurl 7.16.0). (Ilia) - Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty http://cvs.php.net/viewvc.cgi/php-src/ext/ftp/ftp.c?r1=1.68.2.22.2.2&r2=1.68.2.22.2.3&diff_format=u Index: php-src/ext/ftp/ftp.c diff -u php-src/ext/ftp/ftp.c:1.68.2.22.2.2 php-src/ext/ftp/ftp.c:1.68.2.22.2.3 --- php-src/ext/ftp/ftp.c:1.68.2.22.2.2 Sun Jan 1 13:46:52 2006 +++ php-src/ext/ftp/ftp.c Fri Dec 1 17:11:07 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: ftp.c,v 1.68.2.22.2.2 2006/01/01 13:46:52 sniper Exp $ */ +/* $Id: ftp.c,v 1.68.2.22.2.3 2006/12/01 17:11:07 nlopess Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1498,9 +1498,14 @@ if (!ftp_putcmd(ftp, cmd, path)) goto bail; - if (!ftp_getresp(ftp) || (ftp->resp != 150 && ftp->resp != 125)) + if (!ftp_getresp(ftp) || (ftp->resp != 150 && ftp->resp != 125 && ftp->resp != 226)) goto bail; + /* some servers don't open a ftp-data connection if the directory is empty */ + if (ftp->resp == 226) { + return ecalloc(1, sizeof(char**)); + } + /* pull data buffer into tmpfile */ if ((data = data_accept(data, ftp)) == NULL) goto bail; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/dba config.m4
tony2001Tue Nov 28 11:41:35 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/dbaconfig.m4 Log: MFH http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.176&r2=1.1247.2.920.2.177&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.176 php-src/NEWS:1.1247.2.920.2.177 --- php-src/NEWS:1.1247.2.920.2.176 Sun Nov 26 16:45:29 2006 +++ php-src/NEWSTue Nov 28 11:41:35 2006 @@ -5,6 +5,8 @@ indexing the page. (Ilia) - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #39653 (ext/dba doesn't check for db-4.5 and db-4.4 when db4 + support is enabled). (Tony) - Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony) - Fixed bug #39354 (Allow building of curl extension against libcurl 7.16.0). (Ilia) http://cvs.php.net/viewvc.cgi/php-src/ext/dba/config.m4?r1=1.29.2.28.2.1&r2=1.29.2.28.2.2&diff_format=u Index: php-src/ext/dba/config.m4 diff -u php-src/ext/dba/config.m4:1.29.2.28.2.1 php-src/ext/dba/config.m4:1.29.2.28.2.2 --- php-src/ext/dba/config.m4:1.29.2.28.2.1 Mon Aug 22 19:59:42 2005 +++ php-src/ext/dba/config.m4 Tue Nov 28 11:41:35 2006 @@ -1,5 +1,5 @@ dnl -dnl $Id: config.m4,v 1.29.2.28.2.1 2005/08/22 19:59:42 iliaa Exp $ +dnl $Id: config.m4,v 1.29.2.28.2.2 2006/11/28 11:41:35 tony2001 Exp $ dnl dnl Suppose we need FlatFile if no support or only CDB is used. @@ -223,7 +223,7 @@ break fi done -PHP_DBA_DB_CHECK(4, db-4.3 db-4.2 db-4.1 db-4.0 db-4 db4 db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) +PHP_DBA_DB_CHECK(4, db-4.5 db-4.4 db-4.3 db-4.2 db-4.1 db-4.0 db-4 db4 db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) fi ]) AC_DBA_STD_RESULT(db4,Berkeley DB4) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard info.c
iliaa Sun Nov 26 16:45:30 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/standard info.c Log: MFH: Added a meta tag to phpinfo() output to prevent search engines from indexing the page. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.175&r2=1.1247.2.920.2.176&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.175 php-src/NEWS:1.1247.2.920.2.176 --- php-src/NEWS:1.1247.2.920.2.175 Fri Nov 24 12:40:39 2006 +++ php-src/NEWSSun Nov 26 16:45:29 2006 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2006, Version 4.4.5 +- Added a meta tag to phpinfo() output to prevent search engines from + indexing the page. (Ilia) - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) - Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/info.c?r1=1.218.2.18.2.7&r2=1.218.2.18.2.8&diff_format=u Index: php-src/ext/standard/info.c diff -u php-src/ext/standard/info.c:1.218.2.18.2.7 php-src/ext/standard/info.c:1.218.2.18.2.8 --- php-src/ext/standard/info.c:1.218.2.18.2.7 Wed Jun 28 13:12:09 2006 +++ php-src/ext/standard/info.c Sun Nov 26 16:45:29 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: info.c,v 1.218.2.18.2.7 2006/06/28 13:12:09 derick Exp $ */ +/* $Id: info.c,v 1.218.2.18.2.8 2006/11/26 16:45:29 iliaa Exp $ */ #include "php.h" #include "php_ini.h" @@ -374,6 +374,7 @@ PUTS("\n"); php_info_print_style(); PUTS("phpinfo()"); + PUTS(""); /* php_printf("\n", charset); */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/ftp ftp.h
tony2001Fri Nov 24 12:40:39 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/ftpftp.h Log: MFH: fix #39583 (ftp_put() does not change transfer mode to ASCII) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.174&r2=1.1247.2.920.2.175&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.174 php-src/NEWS:1.1247.2.920.2.175 --- php-src/NEWS:1.1247.2.920.2.174 Sun Nov 12 01:16:41 2006 +++ php-src/NEWSFri Nov 24 12:40:39 2006 @@ -3,6 +3,7 @@ ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony) - Fixed bug #39354 (Allow building of curl extension against libcurl 7.16.0). (Ilia) - Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty http://cvs.php.net/viewvc.cgi/php-src/ext/ftp/ftp.h?r1=1.30.2.3.4.1&r2=1.30.2.3.4.2&diff_format=u Index: php-src/ext/ftp/ftp.h diff -u php-src/ext/ftp/ftp.h:1.30.2.3.4.1 php-src/ext/ftp/ftp.h:1.30.2.3.4.2 --- php-src/ext/ftp/ftp.h:1.30.2.3.4.1 Sun Jan 1 13:46:52 2006 +++ php-src/ext/ftp/ftp.h Fri Nov 24 12:40:39 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: ftp.h,v 1.30.2.3.4.1 2006/01/01 13:46:52 sniper Exp $ */ +/* $Id: ftp.h,v 1.30.2.3.4.2 2006/11/24 12:40:39 tony2001 Exp $ */ #ifndefFTP_H #defineFTP_H @@ -39,7 +39,7 @@ #defineFTP_BUFSIZE 4096 typedef enum ftptype { - FTPTYPE_ASCII, + FTPTYPE_ASCII=1, FTPTYPE_IMAGE } ftptype_t; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard array.c /ext/standard/tests/array bug36975.phpt
bjori Sun Nov 12 01:16:42 2006 UTC Added files: (Branch: PHP_4_4) /php-src/ext/standard/tests/array bug36975.phpt Modified files: /php-src/ext/standard array.c /php-srcNEWS Log: MFH: Fixed bug#36975 (natcasesort() causes array_pop() to misbehave) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/array.c?r1=1.199.2.44.2.12&r2=1.199.2.44.2.13&diff_format=u Index: php-src/ext/standard/array.c diff -u php-src/ext/standard/array.c:1.199.2.44.2.12 php-src/ext/standard/array.c:1.199.2.44.2.13 --- php-src/ext/standard/array.c:1.199.2.44.2.12Tue Sep 19 09:39:14 2006 +++ php-src/ext/standard/array.cSun Nov 12 01:16:41 2006 @@ -22,7 +22,7 @@ */ -/* $Id: array.c,v 1.199.2.44.2.12 2006/09/19 09:39:14 tony2001 Exp $ */ +/* $Id: array.c,v 1.199.2.44.2.13 2006/11/12 01:16:41 bjori Exp $ */ #include "php.h" #include "php_ini.h" @@ -1770,7 +1770,7 @@ } Z_ARRVAL_PP(stack)->nNextFreeElement = k; zend_hash_rehash(Z_ARRVAL_PP(stack)); - } else if (!key_len) { + } else if (!key_len && index >= Z_ARRVAL_PP(stack)->nNextFreeElement-1) { Z_ARRVAL_PP(stack)->nNextFreeElement = Z_ARRVAL_PP(stack)->nNextFreeElement - 1; } http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.173&r2=1.1247.2.920.2.174&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.173 php-src/NEWS:1.1247.2.920.2.174 --- php-src/NEWS:1.1247.2.920.2.173 Thu Nov 9 19:10:56 2006 +++ php-src/NEWSSun Nov 12 01:16:41 2006 @@ -21,6 +21,7 @@ (sj at sjaensch dot org, grzegorz dot nosek at netart dot pl, Tony). - Fixed bug #37812 (aggregate_methods_by_list fails to take certain methods). (Hannes) +- Fixed bug #36975 (natcasesort() causes array_pop() to misbehave). (Hannes) - Fixed bug #34066 (recursive array_walk causes segfault). (Tony) 17 Aug 2006, Version 4.4.4 http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/array/bug36975.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/array/bug36975.phpt +++ php-src/ext/standard/tests/array/bug36975.phpt --TEST-- Bug#36975 (natcasesort() causes array_pop() to misbehave) --FILE-- 'foo', 0 => 'baz'); array_pop($b); $b[] = 'bar'; array_push($b, 'bar'); print_r($b); $c = array(0, 0, 0, 0, 0); asort($c); array_pop($c); $c[] = 'foo'; $c[] = 'bar'; var_dump($c); ?> --EXPECT-- natcasesort success! array(6) { [0]=> string(2) "aa" [1]=> string(2) "aa" [3]=> string(2) "bb" [2]=> string(2) "bb" [5]=> string(2) "cc" [6]=> string(2) "cc" } Array ( [1] => foo [2] => bar [3] => bar ) array(6) { [4]=> int(0) [3]=> int(0) [2]=> int(0) [1]=> int(0) [5]=> string(3) "foo" [6]=> string(3) "bar" } --UEXPECT-- natcasesort success! array(6) { [0]=> unicode(2) "aa" [1]=> unicode(2) "aa" [3]=> unicode(2) "bb" [2]=> unicode(2) "bb" [5]=> unicode(2) "cc" [6]=> unicode(2) "cc" } Array ( [1] => foo [2] => bar [3] => bar ) array(6) { [4]=> int(0) [3]=> int(0) [2]=> int(0) [1]=> int(0) [5]=> unicode(3) "foo" [6]=> unicode(3) "bar" } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /sapi/apache2handler sapi_apache2.c
iliaa Thu Nov 9 19:10:56 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/sapi/apache2handlersapi_apache2.c /php-srcNEWS Log: MFH: Fixed bug #38456 (Apache2 segfaults when virtual() is called in .php ErrorDocument). http://cvs.php.net/viewvc.cgi/php-src/sapi/apache2handler/sapi_apache2.c?r1=1.1.2.40.2.10&r2=1.1.2.40.2.11&diff_format=u Index: php-src/sapi/apache2handler/sapi_apache2.c diff -u php-src/sapi/apache2handler/sapi_apache2.c:1.1.2.40.2.10 php-src/sapi/apache2handler/sapi_apache2.c:1.1.2.40.2.11 --- php-src/sapi/apache2handler/sapi_apache2.c:1.1.2.40.2.10Sun Jan 1 13:47:01 2006 +++ php-src/sapi/apache2handler/sapi_apache2.c Thu Nov 9 19:10:55 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: sapi_apache2.c,v 1.1.2.40.2.10 2006/01/01 13:47:01 sniper Exp $ */ +/* $Id: sapi_apache2.c,v 1.1.2.40.2.11 2006/11/09 19:10:55 iliaa Exp $ */ #include @@ -551,7 +551,7 @@ } /* check if comming due to ErrorDocument */ - if (parent_req && parent_req->status != HTTP_OK) { + if (parent_req && parent_req->status != HTTP_OK && strcmp(r->protocol, "INCLUDED")) { parent_req = NULL; goto normal; } http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.172&r2=1.1247.2.920.2.173&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.172 php-src/NEWS:1.1247.2.920.2.173 --- php-src/NEWS:1.1247.2.920.2.172 Tue Nov 7 18:29:20 2006 +++ php-src/NEWSThu Nov 9 19:10:56 2006 @@ -30,6 +30,8 @@ enabled. (Stefan E.) - Fixed a memory corruption error with an invalid foreach() call. (Stefan E., Dmitry, Derick) +- Fixed bug #38456 (Apache2 segfaults when virtual() is called in .php + ErrorDocument). (Ilia) - Fixed bug #38431 (xmlrpc_get_type() crashes PHP on objects). (Tony) - Fixed bug #38377 (session_destroy() gives warning after session_regenerate_id()). (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/curl curl.c
iliaa Fri Nov 3 14:55:59 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/curl curl.c /php-srcNEWS Log: MFH: Fixed bug #39354 (Allow building of curl extension against libcurl 7.16.0) http://cvs.php.net/viewvc.cgi/php-src/ext/curl/curl.c?r1=1.124.2.30.2.13&r2=1.124.2.30.2.14&diff_format=u Index: php-src/ext/curl/curl.c diff -u php-src/ext/curl/curl.c:1.124.2.30.2.13 php-src/ext/curl/curl.c:1.124.2.30.2.14 --- php-src/ext/curl/curl.c:1.124.2.30.2.13 Tue Oct 10 23:17:05 2006 +++ php-src/ext/curl/curl.c Fri Nov 3 14:55:59 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: curl.c,v 1.124.2.30.2.13 2006/10/10 23:17:05 iliaa Exp $ */ +/* $Id: curl.c,v 1.124.2.30.2.14 2006/11/03 14:55:59 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -258,7 +258,9 @@ REGISTER_CURL_CONSTANT(CURLOPT_FTPAPPEND); REGISTER_CURL_CONSTANT(CURLOPT_NETRC); REGISTER_CURL_CONSTANT(CURLOPT_FOLLOWLOCATION); +#if CURLOPT_FTPASCII != 0 REGISTER_CURL_CONSTANT(CURLOPT_FTPASCII); +#endif REGISTER_CURL_CONSTANT(CURLOPT_PUT); #if CURLOPT_MUTE != 0 REGISTER_CURL_CONSTANT(CURLOPT_MUTE); @@ -296,7 +298,9 @@ REGISTER_CURL_CONSTANT(CURLOPT_FILETIME); REGISTER_CURL_CONSTANT(CURLOPT_WRITEFUNCTION); REGISTER_CURL_CONSTANT(CURLOPT_READFUNCTION); +#if CURLOPT_PASSWDFUNCTION != 0 REGISTER_CURL_CONSTANT(CURLOPT_PASSWDFUNCTION); +#endif REGISTER_CURL_CONSTANT(CURLOPT_HEADERFUNCTION); REGISTER_CURL_CONSTANT(CURLOPT_MAXREDIRS); REGISTER_CURL_CONSTANT(CURLOPT_MAXCONNECTS); http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.170&r2=1.1247.2.920.2.171&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.170 php-src/NEWS:1.1247.2.920.2.171 --- php-src/NEWS:1.1247.2.920.2.170 Thu Oct 19 11:27:36 2006 +++ php-src/NEWSFri Nov 3 14:55:59 2006 @@ -3,6 +3,8 @@ ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #39354 (Allow building of curl extension against libcurl + 7.16.0). (Ilia) - Fixed bug #39129 (avoid creation of a dummy constructor. (Ilia) - Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty files). (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
bjori Thu Oct 19 11:27:36 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: BFN http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.169&r2=1.1247.2.920.2.170&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.169 php-src/NEWS:1.1247.2.920.2.170 --- php-src/NEWS:1.1247.2.920.2.169 Wed Oct 18 20:59:38 2006 +++ php-src/NEWSThu Oct 19 11:27:36 2006 @@ -10,6 +10,8 @@ - Fixed bug #38882 (ldap_connect causes segfault with newer versions of OpenLDAP). (Tony) - Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony,Ilia) +- Fixed bug #38722 (Calling undefined method prints insufficient error message) + (Hannes) - Fixed bug #38534 (segfault when calling setlocale() in userspace session handler). (Tony) - Fixed bug #38450 (constructor is not called for classes used in userspace -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/ldap config.m4
tony2001Wed Oct 18 20:59:38 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/ldap config.m4 /php-srcNEWS Log: MFH: fix bug #38882 (ldap_connect causes segfault with newer versions of OpenLDAP) http://cvs.php.net/viewvc.cgi/php-src/ext/ldap/config.m4?r1=1.26.2.8.2.1&r2=1.26.2.8.2.2&diff_format=u Index: php-src/ext/ldap/config.m4 diff -u php-src/ext/ldap/config.m4:1.26.2.8.2.1 php-src/ext/ldap/config.m4:1.26.2.8.2.2 --- php-src/ext/ldap/config.m4:1.26.2.8.2.1 Thu Nov 3 20:41:56 2005 +++ php-src/ext/ldap/config.m4 Wed Oct 18 20:59:38 2006 @@ -1,5 +1,5 @@ dnl -dnl $Id: config.m4,v 1.26.2.8.2.1 2005/11/03 20:41:56 sniper Exp $ +dnl $Id: config.m4,v 1.26.2.8.2.2 2006/10/18 20:59:38 tony2001 Exp $ dnl AC_DEFUN([PHP_LDAP_CHECKS], [ @@ -23,7 +23,7 @@ if test "$PHP_LDAP" != "no"; then - PHP_NEW_EXTENSION(ldap, ldap.c, $ext_shared) + PHP_NEW_EXTENSION(ldap, ldap.c, $ext_shared,,-DLDAP_DEPRECATED=1) if test "$PHP_LDAP" = "yes"; then for i in /usr/local /usr; do http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.168&r2=1.1247.2.920.2.169&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.168 php-src/NEWS:1.1247.2.920.2.169 --- php-src/NEWS:1.1247.2.920.2.168 Sun Oct 15 17:06:42 2006 +++ php-src/NEWSWed Oct 18 20:59:38 2006 @@ -7,6 +7,8 @@ - Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty files). (Ilia) - Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia) +- Fixed bug #38882 (ldap_connect causes segfault with newer versions of + OpenLDAP). (Tony) - Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony,Ilia) - Fixed bug #38534 (segfault when calling setlocale() in userspace session handler). (Tony) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
iliaa Sun Oct 15 17:06:42 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: BFN http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.167&r2=1.1247.2.920.2.168&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.167 php-src/NEWS:1.1247.2.920.2.168 --- php-src/NEWS:1.1247.2.920.2.167 Tue Oct 10 23:17:04 2006 +++ php-src/NEWSSun Oct 15 17:06:42 2006 @@ -3,6 +3,7 @@ ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #39129 (avoid creation of a dummy constructor. (Ilia) - Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty files). (Ilia) - Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/curl curl.c
iliaa Tue Oct 10 23:17:05 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS /php-src/ext/curl curl.c Log: MFH: Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty files). http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.166&r2=1.1247.2.920.2.167&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.166 php-src/NEWS:1.1247.2.920.2.167 --- php-src/NEWS:1.1247.2.920.2.166 Wed Oct 4 23:20:02 2006 +++ php-src/NEWSTue Oct 10 23:17:04 2006 @@ -3,6 +3,8 @@ ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) - Fixed missing open_basedir check inside chdir() function. (Ilia) +- Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty + files). (Ilia) - Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia) - Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony,Ilia) - Fixed bug #38534 (segfault when calling setlocale() in userspace session http://cvs.php.net/viewvc.cgi/php-src/ext/curl/curl.c?r1=1.124.2.30.2.12&r2=1.124.2.30.2.13&diff_format=u Index: php-src/ext/curl/curl.c diff -u php-src/ext/curl/curl.c:1.124.2.30.2.12 php-src/ext/curl/curl.c:1.124.2.30.2.13 --- php-src/ext/curl/curl.c:1.124.2.30.2.12 Thu Aug 10 17:27:11 2006 +++ php-src/ext/curl/curl.c Tue Oct 10 23:17:05 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: curl.c,v 1.124.2.30.2.12 2006/08/10 17:27:11 iliaa Exp $ */ +/* $Id: curl.c,v 1.124.2.30.2.13 2006/10/10 23:17:05 iliaa Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1299,6 +1299,8 @@ if (ch->handlers->write->type != PHP_CURL_BINARY) smart_str_0(&ch->handlers->write->buf); RETURN_STRINGL(ch->handlers->write->buf.c, ch->handlers->write->buf.len, 0); + } else if (ch->handlers->write->method == PHP_CURL_RETURN) { + RETURN_STRINGL("", sizeof("") - 1, 0); } RETURN_TRUE; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard dir.c
iliaa Wed Oct 4 23:20:02 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/standard dir.c /php-srcNEWS Log: MFB: Fixed missing open_basedir check inside chdir() function. http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.109.2.18.2.2&r2=1.109.2.18.2.3&diff_format=u Index: php-src/ext/standard/dir.c diff -u php-src/ext/standard/dir.c:1.109.2.18.2.2 php-src/ext/standard/dir.c:1.109.2.18.2.3 --- php-src/ext/standard/dir.c:1.109.2.18.2.2 Sun Jan 1 13:46:57 2006 +++ php-src/ext/standard/dir.c Wed Oct 4 23:20:02 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: dir.c,v 1.109.2.18.2.2 2006/01/01 13:46:57 sniper Exp $ */ +/* $Id: dir.c,v 1.109.2.18.2.3 2006/10/04 23:20:02 iliaa Exp $ */ /* {{{ includes/startup/misc */ @@ -275,7 +275,7 @@ RETURN_FALSE; } - if (PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { + if ((PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir(str TSRMLS_CC)) { RETURN_FALSE; } ret = VCWD_CHDIR(str); http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.165&r2=1.1247.2.920.2.166&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.165 php-src/NEWS:1.1247.2.920.2.166 --- php-src/NEWS:1.1247.2.920.2.165 Thu Sep 28 15:16:40 2006 +++ php-src/NEWSWed Oct 4 23:20:02 2006 @@ -2,6 +2,7 @@ ||| ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) +- Fixed missing open_basedir check inside chdir() function. (Ilia) - Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia) - Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony,Ilia) - Fixed bug #38534 (segfault when calling setlocale() in userspace session -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard url.c /ext/standard/tests/strings url_t.phpt
iliaa Thu Sep 28 15:16:41 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/ext/standard url.c /php-src/ext/standard/tests/strings url_t.phpt /php-srcNEWS Log: MFH: Fixed bug #38859 (parse_url() fails if passing '@' in passwd). http://cvs.php.net/viewvc.cgi/php-src/ext/standard/url.c?r1=1.58.2.21.2.3&r2=1.58.2.21.2.4&diff_format=u Index: php-src/ext/standard/url.c diff -u php-src/ext/standard/url.c:1.58.2.21.2.3 php-src/ext/standard/url.c:1.58.2.21.2.4 --- php-src/ext/standard/url.c:1.58.2.21.2.3Sun Feb 12 16:43:03 2006 +++ php-src/ext/standard/url.c Thu Sep 28 15:16:40 2006 @@ -15,7 +15,7 @@ | Author: Jim Winstead <[EMAIL PROTECTED]> | +--+ */ -/* $Id: url.c,v 1.58.2.21.2.3 2006/02/12 16:43:03 iliaa Exp $ */ +/* $Id: url.c,v 1.58.2.21.2.4 2006/09/28 15:16:40 iliaa Exp $ */ #include #include @@ -202,9 +202,17 @@ } else { e = p; } + + { + char *t = s; + p = NULL; + while (e > t && (t = memchr(t, '@', (e-t { + p = t++; + } + } /* check for login and password */ - if ((p = memchr(s, '@', (e-s { + if (p) { if ((pp = memchr(s, ':', (p-s { if ((pp-s) > 0) { ret->user = estrndup(s, (pp-s)); http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/strings/url_t.phpt?r1=1.3.2.7.2.1&r2=1.3.2.7.2.2&diff_format=u Index: php-src/ext/standard/tests/strings/url_t.phpt diff -u php-src/ext/standard/tests/strings/url_t.phpt:1.3.2.7.2.1 php-src/ext/standard/tests/strings/url_t.phpt:1.3.2.7.2.2 --- php-src/ext/standard/tests/strings/url_t.phpt:1.3.2.7.2.1 Tue Aug 16 14:12:13 2005 +++ php-src/ext/standard/tests/strings/url_t.phpt Thu Sep 28 15:16:40 2006 @@ -72,6 +72,7 @@ 'http://foo.com#bar', 'scheme:', 'foo+bar://[EMAIL PROTECTED]/bla', +'http://user:@[EMAIL PROTECTED]/path?argument?value#etc', ); foreach ($sample_urls as $url) { @@ -521,11 +522,11 @@ ["scheme"]=> string(4) "http" ["host"]=> - string(19) "[EMAIL PROTECTED]" + string(11) "www.php.net" ["port"]=> int(80) ["user"]=> - string(6) "secret" + string(14) "[EMAIL PROTECTED]" ["path"]=> string(10) "/index.php" ["query"]=> @@ -675,3 +676,19 @@ ["path"]=> string(4) "/bla" } +array(7) { + ["scheme"]=> + string(4) "http" + ["host"]=> + string(4) "host" + ["user"]=> + string(4) "user" + ["pass"]=> + string(5) "@pass" + ["path"]=> + string(5) "/path" + ["query"]=> + string(14) "argument?value" + ["fragment"]=> + string(3) "etc" +} \ No newline at end of file http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.164&r2=1.1247.2.920.2.165&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.164 php-src/NEWS:1.1247.2.920.2.165 --- php-src/NEWS:1.1247.2.920.2.164 Wed Sep 27 23:45:36 2006 +++ php-src/NEWSThu Sep 28 15:16:40 2006 @@ -3,6 +3,7 @@ ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) - Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia) +- Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony,Ilia) - Fixed bug #38534 (segfault when calling setlocale() in userspace session handler). (Tony) - Fixed bug #38450 (constructor is not called for classes used in userspace -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /main php_open_temporary_file.c
iliaa Wed Sep 27 23:45:36 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/main php_open_temporary_file.c /php-srcNEWS Log: MFH: Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). http://cvs.php.net/viewvc.cgi/php-src/main/php_open_temporary_file.c?r1=1.18.2.10.2.3&r2=1.18.2.10.2.4&diff_format=u Index: php-src/main/php_open_temporary_file.c diff -u php-src/main/php_open_temporary_file.c:1.18.2.10.2.3 php-src/main/php_open_temporary_file.c:1.18.2.10.2.4 --- php-src/main/php_open_temporary_file.c:1.18.2.10.2.3Tue May 23 23:23:39 2006 +++ php-src/main/php_open_temporary_file.c Wed Sep 27 23:45:36 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: php_open_temporary_file.c,v 1.18.2.10.2.3 2006/05/23 23:23:39 iliaa Exp $ */ +/* $Id: php_open_temporary_file.c,v 1.18.2.10.2.4 2006/09/27 23:45:36 iliaa Exp $ */ #include "php.h" @@ -207,6 +207,7 @@ PHPAPI int php_open_temporary_fd(const char *dir, const char *pfx, char **opened_path_p TSRMLS_DC) { int fd; + char *temp_dir = php_get_temporary_directory(); if (!pfx) { pfx = "tmp."; @@ -215,11 +216,19 @@ *opened_path_p = NULL; } + if (!dir || *dir == '\0') { + if (temp_dir && *temp_dir != '\0' && !php_check_open_basedir(temp_dir TSRMLS_CC)) { + return php_do_open_temporary_file(temp_dir, pfx, opened_path_p TSRMLS_CC); + } else { + return -1; + } + } + /* Try the directory given as parameter. */ fd = php_do_open_temporary_file(dir, pfx, opened_path_p TSRMLS_CC); if (fd == -1) { /* Use default temporary directory. */ - fd = php_do_open_temporary_file(php_get_temporary_directory(), pfx, opened_path_p TSRMLS_CC); + fd = php_do_open_temporary_file(temp_dir, pfx, opened_path_p TSRMLS_CC); } return fd; } http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.163&r2=1.1247.2.920.2.164&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.163 php-src/NEWS:1.1247.2.920.2.164 --- php-src/NEWS:1.1247.2.920.2.163 Tue Sep 19 09:06:37 2006 +++ php-src/NEWSWed Sep 27 23:45:36 2006 @@ -2,6 +2,7 @@ ||| ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) +- Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia) - Fixed bug #38534 (segfault when calling setlocale() in userspace session handler). (Tony) - Fixed bug #38450 (constructor is not called for classes used in userspace -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard array.c /ext/standard/tests/array bug34066.phpt
tony2001Tue Sep 19 09:06:37 2006 UTC Added files: (Branch: PHP_4_4) /php-src/ext/standard/tests/array bug34066.phpt Modified files: /php-srcNEWS /php-src/ext/standard array.c Log: MFH: fix #34066 (recursive array_walk causes segfault) add test http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.162&r2=1.1247.2.920.2.163&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.162 php-src/NEWS:1.1247.2.920.2.163 --- php-src/NEWS:1.1247.2.920.2.162 Wed Aug 30 20:07:55 2006 +++ php-src/NEWSTue Sep 19 09:06:37 2006 @@ -10,6 +10,7 @@ (sj at sjaensch dot org, grzegorz dot nosek at netart dot pl, Tony). - Fixed bug #37812 (aggregate_methods_by_list fails to take certain methods). (Hannes) +- Fixed bug #34066 (recursive array_walk causes segfault). (Tony) 17 Aug 2006, Version 4.4.4 - Fixed memory_limit on 64bit systems. (Stefan E.) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/array.c?r1=1.199.2.44.2.10&r2=1.199.2.44.2.11&diff_format=u Index: php-src/ext/standard/array.c diff -u php-src/ext/standard/array.c:1.199.2.44.2.10 php-src/ext/standard/array.c:1.199.2.44.2.11 --- php-src/ext/standard/array.c:1.199.2.44.2.10Sun Jan 1 13:46:57 2006 +++ php-src/ext/standard/array.cTue Sep 19 09:06:37 2006 @@ -22,7 +22,7 @@ */ -/* $Id: array.c,v 1.199.2.44.2.10 2006/01/01 13:46:57 sniper Exp $ */ +/* $Id: array.c,v 1.199.2.44.2.11 2006/09/19 09:06:37 tony2001 Exp $ */ #include "php.h" #include "php_ini.h" @@ -1029,31 +1029,28 @@ PHP_FUNCTION(array_walk) { int argc; - zval **array, -**userdata = NULL, + zval *array, +*userdata = NULL, +*tmp, **old_walk_func_name; HashTable *target_hash; - argc = ZEND_NUM_ARGS(); old_walk_func_name = BG(array_walk_func_name); - if (argc < 2 || argc > 3 || - zend_get_parameters_ex(argc, &array, &BG(array_walk_func_name), &userdata) == FAILURE) { - BG(array_walk_func_name) = old_walk_func_name; - WRONG_PARAM_COUNT; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "az|z", &array, &tmp, &userdata) == FAILURE) { + return; } - target_hash = HASH_OF(*array); + target_hash = HASH_OF(array); if (!target_hash) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "The argument should be an array"); - BG(array_walk_func_name) = old_walk_func_name; RETURN_FALSE; } - if (Z_TYPE_PP(BG(array_walk_func_name)) != IS_ARRAY && - Z_TYPE_PP(BG(array_walk_func_name)) != IS_STRING) { + if (Z_TYPE_P(tmp) != IS_ARRAY && Z_TYPE_P(tmp) != IS_STRING) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Wrong syntax for function name"); - BG(array_walk_func_name) = old_walk_func_name; RETURN_FALSE; + } else { + BG(array_walk_func_name) = &tmp; } - php_array_walk(target_hash, userdata TSRMLS_CC); + php_array_walk(target_hash, userdata ? &userdata : NULL TSRMLS_CC); BG(array_walk_func_name) = old_walk_func_name; RETURN_TRUE; } http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/array/bug34066.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/array/bug34066.phpt +++ php-src/ext/standard/tests/array/bug34066.phpt --TEST-- Bug #34066 (recursive array_walk causes segfault) --FILE-- "1", "DocDate" => "19.09.06", "ReSubmissionDate" => "", "DocTyp"=> "Stapelauftrag", "CustID"=> "0", "CustomerAddress" => array( array( "Name1" => 'name1', "Name2" => 'name2', "Name3" => "", "City" => 'city', "Street"=> 'street', "Postal"=> 'postcode', "IATA" => "90", "Country" => "Deutschland", "ShortName" => 'short', "ContactKey"=> "", "EMail" => '[EMAIL PROTECTED]', ) ), "Text1" => "", "Text2" => "", "Wildcard1" => "", "Wildcard2" => "", "Dispatch" => "Paketdienst", "Weight"=> "0,0", "BillingCustID" => "430020", "ExtDocNr" => "003", "AnalysisLock" => "", "PrintFlag" => "", "FormType" => "0", "Curr" => "EUR",
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
iliaa Wed Aug 30 20:07:55 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: pcre news http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.161&r2=1.1247.2.920.2.162&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.161 php-src/NEWS:1.1247.2.920.2.162 --- php-src/NEWS:1.1247.2.920.2.161 Mon Aug 28 19:59:31 2006 +++ php-src/NEWSWed Aug 30 20:07:55 2006 @@ -1,6 +1,7 @@ PHP 4 NEWS ||| ?? ??? 2006, Version 4.4.5 +- Updated PCRE to version 6.7. (Ilia) - Fixed bug #38534 (segfault when calling setlocale() in userspace session handler). (Tony) - Fixed bug #38450 (constructor is not called for classes used in userspace -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS
tony2001Mon Aug 28 19:59:31 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS Log: BFN though, the leak is still there, we can't fix that in 4_4 http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.160&r2=1.1247.2.920.2.161&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.160 php-src/NEWS:1.1247.2.920.2.161 --- php-src/NEWS:1.1247.2.920.2.160 Sat Aug 26 14:15:07 2006 +++ php-src/NEWSMon Aug 28 19:59:31 2006 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2006, Version 4.4.5 +- Fixed bug #38534 (segfault when calling setlocale() in userspace session + handler). (Tony) - Fixed bug #38450 (constructor is not called for classes used in userspace stream wrappers). (Tony) - Fixed bug #38378 (wddx_serialize_value() generates no wellformed xml). -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard aggregation.c /ext/standard/tests/aggregation bug37812.phpt
bjori Sat Aug 26 14:15:07 2006 UTC Added files: (Branch: PHP_4_4) /php-src/ext/standard/tests/aggregation bug37812.phpt Modified files: /php-src/ext/standard aggregation.c /php-srcNEWS Log: Fixed bug #37812 aggregate_methods_by_list fails to take certain methods Add test http://cvs.php.net/viewvc.cgi/php-src/ext/standard/aggregation.c?r1=1.11.4.7.4.1&r2=1.11.4.7.4.2&diff_format=u Index: php-src/ext/standard/aggregation.c diff -u php-src/ext/standard/aggregation.c:1.11.4.7.4.1 php-src/ext/standard/aggregation.c:1.11.4.7.4.2 --- php-src/ext/standard/aggregation.c:1.11.4.7.4.1 Sun Jan 1 13:46:57 2006 +++ php-src/ext/standard/aggregation.c Sat Aug 26 14:15:06 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: aggregation.c,v 1.11.4.7.4.1 2006/01/01 13:46:57 sniper Exp $ */ +/* $Id: aggregation.c,v 1.11.4.7.4.2 2006/08/26 14:15:06 bjori Exp $ */ #include "php.h" #include "basic_functions.h" @@ -146,7 +146,7 @@ */ zend_hash_internal_pointer_reset(Z_ARRVAL_P(list_hash)); while (zend_hash_get_current_key_ex(Z_ARRVAL_P(list_hash), &func_name, &func_name_len, &num_key, 0, NULL) == HASH_KEY_IS_STRING) { - if (!strncmp(func_name, from_ce->name, MIN(func_name_len-1, from_ce->name_length)) || + if (!strncmp(func_name, from_ce->name, MAX(func_name_len-1, from_ce->name_length)) || func_name[0] == '_' || zend_hash_find(&from_ce->function_table, func_name, func_name_len, (void**)&function) == FAILURE) { zend_hash_move_forward(Z_ARRVAL_P(list_hash)); http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.159&r2=1.1247.2.920.2.160&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.159 php-src/NEWS:1.1247.2.920.2.160 --- php-src/NEWS:1.1247.2.920.2.159 Thu Aug 24 08:42:16 2006 +++ php-src/NEWSSat Aug 26 14:15:07 2006 @@ -5,6 +5,8 @@ stream wrappers). (Tony) - Fixed bug #38378 (wddx_serialize_value() generates no wellformed xml). (sj at sjaensch dot org, grzegorz dot nosek at netart dot pl, Tony). +- Fixed bug #37812 (aggregate_methods_by_list fails to take certain methods). + (Hannes) 17 Aug 2006, Version 4.4.4 - Fixed memory_limit on 64bit systems. (Stefan E.) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/aggregation/bug37812.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/aggregation/bug37812.phpt +++ php-src/ext/standard/tests/aggregation/bug37812.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/standard/tests/file bug38450.phpt /main user_streams.c
tony2001Thu Aug 24 08:42:16 2006 UTC Added files: (Branch: PHP_4_4) /php-src/ext/standard/tests/filebug38450.phpt Modified files: /php-srcNEWS /php-src/main user_streams.c Log: fix #38450 (constructor is not called for classes used in userspace stream wrappers) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.158&r2=1.1247.2.920.2.159&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.158 php-src/NEWS:1.1247.2.920.2.159 --- php-src/NEWS:1.1247.2.920.2.158 Thu Aug 24 08:30:28 2006 +++ php-src/NEWSThu Aug 24 08:42:16 2006 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2006, Version 4.4.5 +- Fixed bug #38450 (constructor is not called for classes used in userspace + stream wrappers). (Tony) - Fixed bug #38378 (wddx_serialize_value() generates no wellformed xml). (sj at sjaensch dot org, grzegorz dot nosek at netart dot pl, Tony). http://cvs.php.net/viewvc.cgi/php-src/main/user_streams.c?r1=1.29.2.4.2.2&r2=1.29.2.4.2.3&diff_format=u Index: php-src/main/user_streams.c diff -u php-src/main/user_streams.c:1.29.2.4.2.2 php-src/main/user_streams.c:1.29.2.4.2.3 --- php-src/main/user_streams.c:1.29.2.4.2.2Sun Jan 1 13:47:00 2006 +++ php-src/main/user_streams.c Thu Aug 24 08:42:16 2006 @@ -17,7 +17,7 @@ +--+ */ -/* $Id: user_streams.c,v 1.29.2.4.2.2 2006/01/01 13:47:00 sniper Exp $ */ +/* $Id: user_streams.c,v 1.29.2.4.2.3 2006/08/24 08:42:16 tony2001 Exp $ */ #include "php.h" #include "php_globals.h" @@ -193,7 +193,33 @@ object_init_ex(us->object, uwrap->ce); ZVAL_REFCOUNT(us->object) = 1; PZVAL_IS_REF(us->object) = 1; - + + if (zend_hash_exists(&uwrap->ce->function_table, uwrap->ce->name, uwrap->ce->name_length+1)) { + zval *retval_ptr; + zval *function_name; + + MAKE_STD_ZVAL(function_name); + ZVAL_STRINGL(function_name, uwrap->ce->name, uwrap->ce->name_length, 1); + + if (call_user_function_ex(EG(function_table), &us->object, function_name, &retval_ptr, 0, 0, 1, NULL TSRMLS_CC) == FAILURE) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not execute %s::%s()", uwrap->ce->name, uwrap->ce->name); + zval_dtor(function_name); + FREE_ZVAL(function_name); + zval_dtor(us->object); + FREE_ZVAL(us->object); + efree(us); + FG(user_stream_current_filename) = NULL; + return NULL; + } else { + if (retval_ptr) { + zval_ptr_dtor(&retval_ptr); + } + } + zval_dtor(function_name); + FREE_ZVAL(function_name); + } + + /* call it's stream_open method - set up params first */ MAKE_STD_ZVAL(zfilename); ZVAL_STRING(zfilename, filename, 1); http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/file/bug38450.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/file/bug38450.phpt +++ php-src/ext/standard/tests/file/bug38450.phpt --TEST-- Bug #38450 (constructor is not called for classes used in userspace stream wrappers) --FILE-- varname = $url["host"]; $this->position = 0; return true; } function stream_read($count) { $ret = substr($GLOBALS[$this->varname], $this->position, $count); $this->position += strlen($ret); return $ret; } function stream_write($data) { $left = substr($GLOBALS[$this->varname], 0, $this->position); $right = substr($GLOBALS[$this->varname], $this->position + strlen($data)); $GLOBALS[$this->varname] = $left . $data . $right; $this->position += strlen($data); return strlen($data); } function stream_tell() { return $this->position; } function stream_eof() { return $this->position >= strlen($GLOBALS[$this->varname]); } function stream_seek($offset, $whence) { switch ($whence) { case SEEK_SET: if ($offset < strlen($GLOBALS[$this->varname]) && $offset >= 0) { $this->position = $offset; return true; } else { return false; } break; case SEEK_CUR:
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS /ext/wddx wddx.c /ext/wddx/tests bug38738.phpt
tony2001Thu Aug 24 08:30:28 2006 UTC Added files: (Branch: PHP_4_4) /php-src/ext/wddx/tests bug38738.phpt Modified files: /php-srcNEWS /php-src/ext/wddx wddx.c Log: fix #38378 (wddx_serialize_value() generates no wellformed xml) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.157&r2=1.1247.2.920.2.158&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.157 php-src/NEWS:1.1247.2.920.2.158 --- php-src/NEWS:1.1247.2.920.2.157 Tue Aug 15 12:23:08 2006 +++ php-src/NEWSThu Aug 24 08:30:28 2006 @@ -1,6 +1,8 @@ PHP 4 NEWS ||| ?? ??? 2006, Version 4.4.5 +- Fixed bug #38378 (wddx_serialize_value() generates no wellformed xml). + (sj at sjaensch dot org, grzegorz dot nosek at netart dot pl, Tony). 17 Aug 2006, Version 4.4.4 - Fixed memory_limit on 64bit systems. (Stefan E.) http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.96.2.6.2.7&r2=1.96.2.6.2.8&diff_format=u Index: php-src/ext/wddx/wddx.c diff -u php-src/ext/wddx/wddx.c:1.96.2.6.2.7 php-src/ext/wddx/wddx.c:1.96.2.6.2.8 --- php-src/ext/wddx/wddx.c:1.96.2.6.2.7Fri May 26 01:55:26 2006 +++ php-src/ext/wddx/wddx.c Thu Aug 24 08:30:28 2006 @@ -16,7 +16,7 @@ +--+ */ -/* $Id: wddx.c,v 1.96.2.6.2.7 2006/05/26 01:55:26 iliaa Exp $ */ +/* $Id: wddx.c,v 1.96.2.6.2.8 2006/08/24 08:30:28 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -432,7 +432,7 @@ tmp = *var; zval_copy_ctor(&tmp); convert_to_string(&tmp); - snprintf(tmp_buf, Z_STRLEN(tmp), WDDX_NUMBER, Z_STRVAL(tmp)); + snprintf(tmp_buf, sizeof(tmp_buf), WDDX_NUMBER, Z_STRVAL(tmp)); zval_dtor(&tmp); php_wddx_add_chunk(packet, tmp_buf); @@ -630,8 +630,8 @@ if (name) { name_esc = php_escape_html_entities(name, name_len, &name_esc_len, 0, ENT_QUOTES, NULL TSRMLS_CC); - tmp_buf = emalloc(name_esc_len + 1); - snprintf(tmp_buf, name_esc_len, WDDX_VAR_S, name_esc); + tmp_buf = emalloc(name_esc_len + sizeof(WDDX_VAR_S)); + snprintf(tmp_buf, name_esc_len + sizeof(WDDX_VAR_S), WDDX_VAR_S, name_esc); php_wddx_add_chunk(packet, tmp_buf); efree(tmp_buf); efree(name_esc); http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/tests/bug38738.phpt?view=markup&rev=1.1 Index: php-src/ext/wddx/tests/bug38738.phpt +++ php-src/ext/wddx/tests/bug38738.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Tue Aug 15 12:23:08 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - Back to dev. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.156&r2=1.1247.2.920.2.157&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.156 php-src/NEWS:1.1247.2.920.2.157 --- php-src/NEWS:1.1247.2.920.2.156 Tue Aug 15 12:22:14 2006 +++ php-src/NEWSTue Aug 15 12:23:08 2006 @@ -1,5 +1,7 @@ PHP 4 NEWS ||| +?? ??? 2006, Version 4.4.5 + 17 Aug 2006, Version 4.4.4 - Fixed memory_limit on 64bit systems. (Stefan E.) - Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.) http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.29&r2=1.396.2.164.2.30&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.29 php-src/configure.in:1.396.2.164.2.30 --- php-src/configure.in:1.396.2.164.2.29 Tue Aug 15 12:22:14 2006 +++ php-src/configure.inTue Aug 15 12:23:08 2006 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.29 2006/08/15 12:22:14 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.30 2006/08/15 12:23:08 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -40,8 +40,8 @@ MAJOR_VERSION=4 MINOR_VERSION=4 -RELEASE_VERSION=4 -EXTRA_VERSION="" +RELEASE_VERSION=5 +EXTRA_VERSION="-dev" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.27&r2=1.66.2.81.2.28&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.27 php-src/main/php_version.h:1.66.2.81.2.28 --- php-src/main/php_version.h:1.66.2.81.2.27 Tue Aug 15 12:22:14 2006 +++ php-src/main/php_version.h Tue Aug 15 12:23:08 2006 @@ -2,6 +2,6 @@ /* edit configure.in to change version number */ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 -#define PHP_RELEASE_VERSION 4 -#define PHP_EXTRA_VERSION "" -#define PHP_VERSION "4.4.4" +#define PHP_RELEASE_VERSION 5 +#define PHP_EXTRA_VERSION "-dev" +#define PHP_VERSION "4.4.5-dev" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) / NEWS configure.in /main php_version.h
derick Tue Aug 15 12:22:14 2006 UTC Modified files: (Branch: PHP_4_4) /php-srcNEWS configure.in /php-src/main php_version.h Log: - Go with 4.4.4. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.155&r2=1.1247.2.920.2.156&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.920.2.155 php-src/NEWS:1.1247.2.920.2.156 --- php-src/NEWS:1.1247.2.920.2.155 Sat Aug 12 15:48:10 2006 +++ php-src/NEWSTue Aug 15 12:22:14 2006 @@ -1,8 +1,6 @@ PHP 4 NEWS ||| -?? Aug 2006, Version 4.4.4 - -12 Aug 2006, Version 4.4.4RC1 +17 Aug 2006, Version 4.4.4 - Fixed memory_limit on 64bit systems. (Stefan E.) - Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.) - Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are http://cvs.php.net/viewvc.cgi/php-src/configure.in?r1=1.396.2.164.2.28&r2=1.396.2.164.2.29&diff_format=u Index: php-src/configure.in diff -u php-src/configure.in:1.396.2.164.2.28 php-src/configure.in:1.396.2.164.2.29 --- php-src/configure.in:1.396.2.164.2.28 Sat Aug 12 15:48:10 2006 +++ php-src/configure.inTue Aug 15 12:22:14 2006 @@ -1,4 +1,4 @@ -dnl ## $Id: configure.in,v 1.396.2.164.2.28 2006/08/12 15:48:10 derick Exp $ -*- sh -*- +dnl ## $Id: configure.in,v 1.396.2.164.2.29 2006/08/15 12:22:14 derick Exp $ -*- sh -*- dnl ## Process this file with autoconf to produce a configure script. divert(1) @@ -41,7 +41,7 @@ MAJOR_VERSION=4 MINOR_VERSION=4 RELEASE_VERSION=4 -EXTRA_VERSION="RC2-dev" +EXTRA_VERSION="" VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION" dnl Define where extension directories are located in the configure context http://cvs.php.net/viewvc.cgi/php-src/main/php_version.h?r1=1.66.2.81.2.26&r2=1.66.2.81.2.27&diff_format=u Index: php-src/main/php_version.h diff -u php-src/main/php_version.h:1.66.2.81.2.26 php-src/main/php_version.h:1.66.2.81.2.27 --- php-src/main/php_version.h:1.66.2.81.2.26 Sat Aug 12 15:48:11 2006 +++ php-src/main/php_version.h Tue Aug 15 12:22:14 2006 @@ -3,5 +3,5 @@ #define PHP_MAJOR_VERSION 4 #define PHP_MINOR_VERSION 4 #define PHP_RELEASE_VERSION 4 -#define PHP_EXTRA_VERSION "RC2-dev" -#define PHP_VERSION "4.4.4RC2-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "4.4.4" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php