Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/zlib/tests/bug61139.phpt ext/zlib/zlib_fopen_wrapper.c

2012-05-01 Thread Hannes Magnusson
Why is this test creating the file in the root directory?
And should it be created at all since the function fails?

-Hannes

On Fri, Mar 2, 2012 at 15:16, Nikita Popov ni...@php.net wrote:
 nikic                                    Fri, 02 Mar 2012 14:16:47 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=323819

 Log:
 Merge: Fix bug #61139: gzopen leaks when specifying invalid mode

 Bug: https://bugs.php.net/61139 (Assigned) gzopen leaks when specifying 
 invalid mode

 Changed paths:
    U   php/php-src/branches/PHP_5_4/NEWS
    A   php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
    U   php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c

 Modified: php/php-src/branches/PHP_5_4/NEWS
 ===
 --- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 14:08:11 UTC (rev 323818)
 +++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 14:16:47 UTC (rev 323819)
 @@ -43,6 +43,9 @@
  - XMLRPC:
   . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita 
 Popov)

 +- Zlib:
 +  . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita 
 Popov)
 +
  01 Mar 2012, PHP 5.4.0

  - Installation:

 Added: php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
 ===
 --- php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt                 
           (rev 0)
 +++ php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt   2012-03-02 
 14:16:47 UTC (rev 323819)
 @@ -0,0 +1,14 @@
 +--TEST--
 +Bug #61139 (gzopen leaks when specifying invalid mode)
 +--SKIPIF--
 +?php
 +if (!extension_loaded('zlib')) {
 +       die('skip - zlib extension not loaded');
 +}
 +?
 +--FILE--
 +?php
 +
 +gzopen('someFile', 'c');
 +--EXPECTF--
 +Warning: gzopen(): gzopen failed in %s on line %d

 Modified: php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c
 ===
 --- php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c  2012-03-02 
 14:08:11 UTC (rev 323818)
 +++ php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c  2012-03-02 
 14:16:47 UTC (rev 323819)
 @@ -109,7 +109,7 @@
  php_stream *php_stream_gzopen(php_stream_wrapper *wrapper, char *path, char 
 *mode, int options,
                                                          char **opened_path, 
 php_stream_context *context STREAMS_DC TSRMLS_DC)
  {
 -       struct php_gz_stream_data_t *self = {0};
 +       struct php_gz_stream_data_t *self;
        php_stream *stream = NULL, *innerstream = NULL;

        /* sanity check the stream: it can be either read-only or write-only */
 @@ -120,8 +120,6 @@
                return NULL;
        }

 -       self = emalloc(sizeof(*self));
 -
        if (strncasecmp(compress.zlib://, path, 16) == 0) {
                path += 16;
        } else if (strncasecmp(zlib:, path, 5) == 0) {
 @@ -134,32 +132,29 @@
                int fd;

                if (SUCCESS == php_stream_cast(innerstream, PHP_STREAM_AS_FD, 
 (void **) fd, REPORT_ERRORS)) {
 -                       self-gz_file = gzdopen(dup(fd), mode);
 +                       self = emalloc(sizeof(*self));
                        self-stream = innerstream;
 -                       if (self-gz_file)      {
 +                       self-gz_file = gzdopen(dup(fd), mode);
 +
 +                       if (self-gz_file) {
                                stream = 
 php_stream_alloc_rel(php_stream_gzio_ops, self, 0, mode);
                                if (stream) {
                                        stream-flags |= 
 PHP_STREAM_FLAG_NO_BUFFER;
                                        return stream;
                                }
 +
                                gzclose(self-gz_file);
                        }
 +
 +                       efree(self);
                        if (options  REPORT_ERRORS) {
                                php_error_docref(NULL TSRMLS_CC, E_WARNING, 
 gzopen failed);
                        }
 -               } else if (innerstream) {
 -                       php_stream_close(innerstream);
                }
 -       }

 -       if (stream) {
 -               php_stream_close(stream);
 +               php_stream_close(innerstream);
        }
 -
 -       if (self) {
 -               efree(self);
 -       }
 -
 +
        return NULL;
  }



 --
 PHP CVS Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php


[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-17 Thread Ilia Alshanetsky
iliaaSat, 17 Mar 2012 17:51:51 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324323

Log:
Fixed typo

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-17 10:37:21 UTC (rev 324322)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-17 17:51:51 UTC (rev 324323)
@@ -12,7 +12,7 @@
 exist in ISO-8859-1). (Gustavo)
   . Fixed bug #61273 (call_user_func_array with more than 16333 arguments
 leaks / crashes). (Laruence)
-  . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
+  . Fixed bug #61225 (Incorrect lexing of 0b00*+NUM). (Pierrick)
   . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
   . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita
 Popov)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/info.c trunk/ext/standard/info.c

2012-03-15 Thread Adam Harvey
aharvey  Fri, 16 Mar 2012 02:07:46 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324289

Log:
Fix bug #61409 (Bad formatting on phpinfo()). Patch by Jakub Vrana.

Bug: https://bugs.php.net/61409 (Assigned) Bad formatting on php_info()
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/standard/info.c
U   php/php-src/trunk/ext/standard/info.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-15 23:17:06 UTC (rev 324288)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-16 02:07:46 UTC (rev 324289)
@@ -96,6 +96,7 @@
 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)
   . Make max_file_uploads ini directive settable outside of php.ini (Rasmus)
+  . Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana)
   . Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia)
   . Fixed bug #60106 (stream_socket_server silently truncates long unix socket
 paths). (Ilia)

Modified: php/php-src/branches/PHP_5_4/ext/standard/info.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/info.c2012-03-15 23:17:06 UTC 
(rev 324288)
+++ php/php-src/branches/PHP_5_4/ext/standard/info.c2012-03-16 02:07:46 UTC 
(rev 324289)
@@ -117,7 +117,7 @@
HashPosition pos;

if (!sapi_module.phpinfo_as_text) {
-   php_info_printf(tr class=\v\tdRegistered 
%s/tdtd, name);
+   php_info_printf(trtd class=\e\Registered 
%s/tdtd class=\v\, name);
} else {
php_info_printf(\nRegistered %s = , name);
}

Modified: php/php-src/trunk/ext/standard/info.c
===
--- php/php-src/trunk/ext/standard/info.c   2012-03-15 23:17:06 UTC (rev 
324288)
+++ php/php-src/trunk/ext/standard/info.c   2012-03-16 02:07:46 UTC (rev 
324289)
@@ -117,7 +117,7 @@
HashPosition pos;

if (!sapi_module.phpinfo_as_text) {
-   php_info_printf(tr class=\v\tdRegistered 
%s/tdtd, name);
+   php_info_printf(trtd class=\e\Registered 
%s/tdtd class=\v\, name);
} else {
php_info_printf(\nRegistered %s = , name);
}

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-13 Thread Pierre Joye
pajoye   Tue, 13 Mar 2012 12:55:33 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324185

Log:
- add CVE

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-13 11:03:09 UTC (rev 324184)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-13 12:55:33 UTC (rev 324185)
@@ -317,9 +317,9 @@
 been added. (Scott)
   . Added http_response_code() function. FR #52555. (Paul Dragoonis, Kalle)
   . Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).
-(Stas)
+(CVE-2012-1172). (Stas)
   . Fixed bug #54374 (Insufficient validating of upload name leading to
-corrupted $_FILES indices). (Stas, lekensteyn at gmail dot com)
+corrupted $_FILES indices). (CVE-2012-1172). (Stas, lekensteyn at gmail 
dot com)

 - Improved CLI SAPI:
   . Added built-in web server that is intended for testing purpose.

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/html.c branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt trunk/ext/standard/html.c trunk/ext/standard/tests/str

2012-03-13 Thread Gustavo André dos Santos Lopes
cataphract   Tue, 13 Mar 2012 18:08:30 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324199

Log:
- Fixed bug #61374: html_entity_decode tries to decode code points that don't
  exist in ISO-8859-1.

Bug: https://bugs.php.net/61374 (Assigned) html_entity_decode tries to decode 
code points that don't exist in ISO-8859-1
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/standard/html.c
A   php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt
U   php/php-src/trunk/ext/standard/html.c
A   php/php-src/trunk/ext/standard/tests/strings/bug61374.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-13 16:09:42 UTC (rev 324198)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-13 18:08:30 UTC (rev 324199)
@@ -8,6 +8,8 @@
   . Connection: close instead of Connection: closed (Gustavo)

 - Core:
+  . Fixed bug #61374 (html_entity_decode tries to decode code points that don't
+exist in ISO-8859-1). (Gustavo)
   . Fixed bug #61273 (call_user_func_array with more than 16333 arguments
 leaks / crashes). (Laruence)
   . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)

Modified: php/php-src/branches/PHP_5_4/ext/standard/html.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/html.c2012-03-13 16:09:42 UTC 
(rev 324198)
+++ php/php-src/branches/PHP_5_4/ext/standard/html.c2012-03-13 18:08:30 UTC 
(rev 324199)
@@ -1004,8 +1004,9 @@
/*  code2 == '\0' always true for current 
maps */)
goto invalid_code;

-   /* deal with encodings other than utf-8/iso-8859-1 */
-   if (!CHARSET_UNICODE_COMPAT(charset)) {
+   /* UTF-8 doesn't need mapping (ISO-8859-1 doesn't either, but
+* the call is needed to ensure the codepoint = U+00FF)  */
+   if (charset != cs_utf_8) {
/* replace unicode code point */
if (map_from_unicode(code, charset, code) == FAILURE 
|| code2 != 0)
goto invalid_code; /* not representable in 
target charset */

Added: php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt
===
--- php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt   
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt   
2012-03-13 18:08:30 UTC (rev 324199)
@@ -0,0 +1,7 @@
+--TEST--
+Bug #61374: html_entity_decode tries to decode code points that don't exist in 
ISO-8859-1
+--FILE--
+?php
+echo html_entity_decode('OElig;', 0, 'ISO-8859-1');
+--EXPECT--
+OElig;


Property changes on: 
php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug61374.phpt
___
Added: svn:keywords
   + Id Rev Revision
Added: svn:eol-style
   + native

Modified: php/php-src/trunk/ext/standard/html.c
===
--- php/php-src/trunk/ext/standard/html.c   2012-03-13 16:09:42 UTC (rev 
324198)
+++ php/php-src/trunk/ext/standard/html.c   2012-03-13 18:08:30 UTC (rev 
324199)
@@ -1004,8 +1004,9 @@
/*  code2 == '\0' always true for current 
maps */)
goto invalid_code;

-   /* deal with encodings other than utf-8/iso-8859-1 */
-   if (!CHARSET_UNICODE_COMPAT(charset)) {
+   /* UTF-8 doesn't need mapping (ISO-8859-1 doesn't either, but
+* the call is needed to ensure the codepoint = U+00FF)  */
+   if (charset != cs_utf_8) {
/* replace unicode code point */
if (map_from_unicode(code, charset, code) == FAILURE 
|| code2 != 0)
goto invalid_code; /* not representable in 
target charset */

Added: php/php-src/trunk/ext/standard/tests/strings/bug61374.phpt
===
--- php/php-src/trunk/ext/standard/tests/strings/bug61374.phpt  
(rev 0)
+++ php/php-src/trunk/ext/standard/tests/strings/bug61374.phpt  2012-03-13 
18:08:30 UTC (rev 324199)
@@ -0,0 +1,7 @@
+--TEST--
+Bug #61374: html_entity_decode tries to decode code points that don't exist in 
ISO-8859-1
+--FILE--
+?php
+echo html_entity_decode('OElig;', 0, 'ISO-8859-1');
+--EXPECT--
+OElig;


Property changes on: php/php-src/trunk/ext/standard/tests/strings/bug61374.phpt
___
Added: svn:keywords
   + Id Rev Revision
Added: svn:eol-style
   + native

-- 
PHP CVS Mailing List 

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-12 Thread Rasmus Lerdorf
rasmus   Mon, 12 Mar 2012 15:21:15 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324160

Log:
Remove reference to default_charset here since the it isn't
really about the ini option at all. That only comes into play
when you force it by passing and empty encoding string to those
functions.

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-12 14:52:02 UTC (rev 324159)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-12 15:21:15 UTC (rev 324160)
@@ -168,8 +168,8 @@
   . Changed error handlers to only generate docref links when the docref_root
 php.ini setting is not empty. (Derick)
   . Changed silent conversion of array to string to produce a notice. (Patrick)
-  . Changed default value of default_charset php.ini option from ISO-8859-1 
to
-UTF-8. (Rasmus)
+  . Changed default encoding from ISO-8859-1 to UTF-8 when not specified in
+htmlspecialchars and htmlentities. (Rasmus)
   . Changed casting of null/''/false into an Object when adding a property
 from E_STRICT into a warning. (Scott)
   . Changed E_ALL to include E_STRICT. (Stas)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cli/php_cli_server.c branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt trunk/sapi/cli/php_cli_server.c trunk/sapi/cli/tes

2012-03-11 Thread Xinchen Hui
laruence Sun, 11 Mar 2012 08:56:14 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324098

Log:
Implemented FR #60850 (Built in web server does not set 
$_SERVER['SCRIPT_FILENAME'] when using router)

Bug: https://bugs.php.net/60850 (Open) Built in web server does not set 
$_SERVER['SCRIPT_FILENAME'] when using router
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
A   php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt
U   php/php-src/trunk/sapi/cli/php_cli_server.c
A   php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-11 08:41:40 UTC (rev 324097)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-11 08:56:14 UTC (rev 324098)
@@ -4,6 +4,8 @@

 - CLI Server:
   . Connection: close instead of Connection: closed (Gustavo)
+  . Implemented FR #60850 (Built in web server does not set
+$_SERVER['SCRIPT_FILENAME'] when using router). (Laruence)

 - Core:
   . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)

Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
===
--- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c  2012-03-11 
08:41:40 UTC (rev 324097)
+++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c  2012-03-11 
08:56:14 UTC (rev 324098)
@@ -599,6 +599,11 @@
sapi_cli_server_register_variable(track_vars_array, SCRIPT_NAME, 
client-request.vpath TSRMLS_CC);
if (SG(request_info).path_translated) {
sapi_cli_server_register_variable(track_vars_array, 
SCRIPT_FILENAME, SG(request_info).path_translated TSRMLS_CC);
+   } else if (client-server-router) {
+   char *temp;
+   spprintf(temp, 0, %s/%s, client-server-document_root, 
client-server-router);
+   sapi_cli_server_register_variable(track_vars_array, 
SCRIPT_FILENAME, temp TSRMLS_CC);
+   efree(temp);
}
if (client-request.path_info) {
sapi_cli_server_register_variable(track_vars_array, 
PATH_INFO, client-request.path_info TSRMLS_CC);

Added: php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt
===
--- php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt 
(rev 0)
+++ php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_017.phpt 
2012-03-11 08:56:14 UTC (rev 324098)
@@ -0,0 +1,44 @@
+--TEST--
+Implement Req #60850 (Built in web server does not set 
$_SERVER['SCRIPT_FILENAME'] when using router)
+--SKIPIF--
+?php
+include skipif.inc;
+?
+--FILE--
+?php
+include php_cli_server.inc;
+php_cli_server_start(PHP
+var_dump(\$_SERVER['SCRIPT_FILENAME']);
+PHP
+);
+
+list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
+$port = intval($port)?:80;
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+  die(connect failed);
+}
+
+if(fwrite($fp, HEADER
+POST / HTTP/1.1
+Host: {$host}
+
+
+HEADER
+)) {
+   while (!feof($fp)) {
+   echo fgets($fp);
+   }
+}
+
+fclose($fp);
+?
+--EXPECTF--
+HTTP/1.1 200 OK
+Host: %s
+Connection: close
+X-Powered-By: %s
+Content-type: text/html
+
+string(%d) %s/tests/index.php

Modified: php/php-src/trunk/sapi/cli/php_cli_server.c
===
--- php/php-src/trunk/sapi/cli/php_cli_server.c 2012-03-11 08:41:40 UTC (rev 
324097)
+++ php/php-src/trunk/sapi/cli/php_cli_server.c 2012-03-11 08:56:14 UTC (rev 
324098)
@@ -599,6 +599,11 @@
sapi_cli_server_register_variable(track_vars_array, SCRIPT_NAME, 
client-request.vpath TSRMLS_CC);
if (SG(request_info).path_translated) {
sapi_cli_server_register_variable(track_vars_array, 
SCRIPT_FILENAME, SG(request_info).path_translated TSRMLS_CC);
+   } else if (client-server-router) {
+   char *temp;
+   spprintf(temp, 0, %s/%s, client-server-document_root, 
client-server-router);
+   sapi_cli_server_register_variable(track_vars_array, 
SCRIPT_FILENAME, temp TSRMLS_CC);
+   efree(temp);
}
if (client-request.path_info) {
sapi_cli_server_register_variable(track_vars_array, 
PATH_INFO, client-request.path_info TSRMLS_CC);

Added: php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt
===
--- php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt
(rev 0)
+++ php/php-src/trunk/sapi/cli/tests/php_cli_server_017.phpt2012-03-11 
08:56:14 UTC (rev 324098)
@@ -0,0 +1,44 @@
+--TEST--
+Implement Req #60850 (Built in web server does not set 

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-11 Thread Xinchen Hui
laruence Sun, 11 Mar 2012 09:07:02 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324101

Log:
Same wrong order here

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-11 09:06:12 UTC (rev 324100)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-11 09:07:02 UTC (rev 324101)
@@ -61,10 +61,10 @@
 object). (Laruence)

 - PDO_mysql
+  . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't
+always work). (Johannes)
   . Fixed bug #61194 (PDO should export compression flag with myslqnd).
 (Johannes)
-  . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't
-always work). (Johannes)

 - Phar
   . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-07 Thread Gustavo André dos Santos Lopes
cataphract   Wed, 07 Mar 2012 19:47:18 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=324008

Log:
- Updated NEWS with news of bug #61306 having been resolved (see r323988).
- Tidied up NEWS

Bug: https://bugs.php.net/61306 (Assigned) Segfault at end of request
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-07 17:34:24 UTC (rev 324007)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-07 19:47:18 UTC (rev 324008)
@@ -2,35 +2,34 @@
 |||
 ?? ??? 2012, PHP 5.4.1 RC1

-- Array:
-  . Fixed bug #52719 (array_walk_recursive crashes if third param of the
-function is by reference). (Nikita Popov)
-  . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
-(Laruence)
-
 - CLI Server:
   . Connection: close instead of Connection: closed (Gustavo)

 - Core:
-  . Fixed bug #60573 (type hinting with self keyword causes weird errors).
+  . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
+  . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
+  . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita
+Popov)
+  . Fixed bug #61087 (Memory leak in parse_ini_file when specifying
+invalid scanner mode). (Nikic, Laruence)
+  . Fixed bug #61072 (Memory leak when restoring an exception handler).
+(Nikic, Laruence)
+  . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
 (Laruence)
+  . Fixed bug #61052 (Missing error check in trait 'insteadof' clause). 
(Stefan)
+  . Fixed bug #61011 (Crash when an exception is thrown by __autoload
+accessing a static property). (Laruence)
+  . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
+vars). (Laruence)
+  . Fixed bug #60978 (exit code incorrect). (Laruence)
+  . Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
+  . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
   . Fixed bug #60717 (Order of traits in use statement can cause a fatal
 error). (Stefan)
-  . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
-  . Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
-  . Fixed bug #60978 (exit code incorrect). (Laruence)
-  . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
-vars). (Laruence)
-  . Fixed bug #61011 (Crash when an exception is thrown by __autoload
-accessing a static property). (Laruence)
-  . Fixed bug #61052 (Missing error check in trait 'insteadof' clause). 
(Stefan)
-  . Fixed bug #61072 (Memory leak when restoring an exception handler).
-(Nikic, Laruence)
-  . Fixed bug #61087 (Memory leak in parse_ini_file when specifying
-invalid scanner mode). (Nikic, Laruence)
-  . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita 
Popov)
-  . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
-  . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
+  . Fixed bug #60573 (type hinting with self keyword causes weird errors).
+(Laruence)
+  . Fixed bug #52719 (array_walk_recursive crashes if third param of the
+function is by reference). (Nikita Popov)

 - Installation
   . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
@@ -70,15 +69,19 @@
 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)
   . Make max_file_uploads ini directive settable outside of php.ini (Rasmus)
-  . Fixed bug #60106 (stream_socket_server silently truncates long unix socket 
paths). (Ilia)
+  . Fixed bug #60106 (stream_socket_server silently truncates long unix socket
+paths). (Ilia)

 - XMLRPC:
-  . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita 
Popov)
-  . Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary 
variable). (Nikita Popov)
+  . Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary
+variable). (Nikita Popov)
+  . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
+Popov)

 - Zlib:
+  . Fixed bug #61306 (initialization of global inappropriate for ZTS). 
(Gustavo)
+  . Fixed bug #61287 (A particular string fails to decompress). (Mike)
   . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita 
Popov)
-  . Fixed bug #61287 (A particular string fails to decompress). (Mike)

 01 Mar 2012, PHP 5.4.0


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/pdo/pdo_dbh.c trunk/ext/pdo/pdo_dbh.c

2012-03-05 Thread Xinchen Hui
laruence Tue, 06 Mar 2012 03:45:27 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323935

Log:
Fixed bug #61292 (Segfault while calling a method on an overloaded PDO object)

Bug: https://bugs.php.net/61292 (Verified) Segfault while calling a method on 
an overloaded PDO object.
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c
U   php/php-src/trunk/ext/pdo/pdo_dbh.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-06 02:21:04 UTC (rev 323934)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-06 03:45:27 UTC (rev 323935)
@@ -49,6 +49,10 @@
   . Fixed bug #60887 (SoapClient ignores user_agent option and sends no
 User-Agent header). (carloschilazo at gmail dot com)

+- PDO
+  . Fixed bug #61292 (Segfault while calling a method on an overloaded PDO
+object). (Laruence)
+
 - PDO_mysql
   . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't
 always work). (Johannes)

Modified: php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c
===
--- php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c  2012-03-06 02:21:04 UTC 
(rev 323934)
+++ php/php-src/branches/PHP_5_4/ext/pdo/pdo_dbh.c  2012-03-06 03:45:27 UTC 
(rev 323935)
@@ -343,6 +343,7 @@
pdbh-def_stmt_ce = dbh-def_stmt_ce;
pdbh-def_stmt_ctor_args = 
dbh-def_stmt_ctor_args;
pdbh-std.properties = dbh-std.properties;
+   pdbh-std.properties_table = 
dbh-std.properties_table;
}
/* kill the non-persistent thingamy */
efree(dbh);

Modified: php/php-src/trunk/ext/pdo/pdo_dbh.c
===
--- php/php-src/trunk/ext/pdo/pdo_dbh.c 2012-03-06 02:21:04 UTC (rev 323934)
+++ php/php-src/trunk/ext/pdo/pdo_dbh.c 2012-03-06 03:45:27 UTC (rev 323935)
@@ -343,6 +343,7 @@
pdbh-def_stmt_ce = dbh-def_stmt_ce;
pdbh-def_stmt_ctor_args = 
dbh-def_stmt_ctor_args;
pdbh-std.properties = dbh-std.properties;
+   pdbh-std.properties_table = 
dbh-std.properties_table;
}
/* kill the non-persistent thingamy */
efree(dbh);

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug60717.phpt branches/PHP_5_4/Zend/tests/traits/bugs/abstract-methods06.phpt branches/PHP_5_4/Zend/zend_compile.c

2012-03-04 Thread Stefan Marr
gron Sun, 04 Mar 2012 18:26:11 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323891

Log:
Fixed Bug #60717 (Order of traits in use statement can cause a fatal error)
# Compatibility is now correctly checked in both directions.
# Introduced helper method for the test.

Bug: https://bugs.php.net/60717 (Assigned) Order of traits in use statement can 
cause a fatal error
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt
U   
php/php-src/branches/PHP_5_4/Zend/tests/traits/bugs/abstract-methods06.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A   php/php-src/trunk/Zend/tests/traits/bug60717.phpt
U   php/php-src/trunk/Zend/tests/traits/bugs/abstract-methods06.phpt
U   php/php-src/trunk/Zend/zend_compile.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-03-04 17:21:16 UTC (rev 323890)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-03-04 18:26:11 UTC (rev 323891)
@@ -14,6 +14,8 @@
 - Core:
   . Fixed bug #60573 (type hinting with self keyword causes weird errors).
 (Laruence)
+  . Fixed bug #60717 (Order of traits in use statement can cause a fatal
+error). (Stefan)
   . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
   . Fixed bug #60978 (exit code incorrect). (Laruence)
   . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical

Added: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60717.phpt	2012-03-04 18:26:11 UTC (rev 323891)
@@ -0,0 +1,73 @@
+--TEST--
+Bug #60717 (Order of traits in use statement can cause unexpected unresolved abstract method)
+--FILE--
+?php
+
+namespace HTML
+{
+	interface Helper
+	{
+		function text($text);
+		function attributes(array $attributes = null);
+		function textArea(array $attributes = null, $value);
+	}
+
+	trait TextUTF8
+	{
+		function text($text) {}
+	}
+
+	trait TextArea
+	{
+		function textArea(array $attributes = null, $value) {}
+		abstract function attributes(array $attributes = null);
+		abstract function text($text);
+	}
+
+	trait HTMLAttributes
+	{
+		function attributes(array $attributes = null) {	}
+		abstract function text($text);
+	}
+
+	class HTMLHelper implements Helper
+	{
+		use TextArea, HTMLAttributes, TextUTF8;
+	}
+
+	class HTMLHelper2 implements Helper
+	{
+		use TextArea, TextUTF8, HTMLAttributes;
+	}
+
+	class HTMLHelper3 implements Helper
+	{
+		use HTMLAttributes, TextArea, TextUTF8;
+	}
+
+	class HTMLHelper4 implements Helper
+	{
+		use HTMLAttributes, TextUTF8, TextArea;
+	}
+
+	class HTMLHelper5 implements Helper
+	{
+		use TextUTF8, TextArea, HTMLAttributes;
+	}
+
+	class HTMLHelper6 implements Helper
+	{
+		use TextUTF8, HTMLAttributes, TextArea;
+	}
+
+	$o = new HTMLHelper;
+$o = new HTMLHelper2;
+$o = new HTMLHelper3;
+$o = new HTMLHelper4;
+$o = new HTMLHelper5;
+$o = new HTMLHelper6;
+echo 'Done';
+}
+
+--EXPECT--
+Done

Modified: php/php-src/branches/PHP_5_4/Zend/tests/traits/bugs/abstract-methods06.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bugs/abstract-methods06.phpt	2012-03-04 17:21:16 UTC (rev 323890)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bugs/abstract-methods06.phpt	2012-03-04 18:26:11 UTC (rev 323891)
@@ -23,4 +23,4 @@

 ?
 --EXPECTF--
-Fatal error: Declaration of THelloB::hello() must be compatible with THelloA::hello($a) in %s on line %d
\ No newline at end of file
+Fatal error: Declaration of THelloA::hello($a) must be compatible with THelloB::hello() in %s on line %d
\ No newline at end of file

Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c	2012-03-04 17:21:16 UTC (rev 323890)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c	2012-03-04 18:26:11 UTC (rev 323891)
@@ -3623,6 +3623,18 @@
 }
 /* }}} */

+static zend_bool zend_traits_method_compatibility_check(zend_function *fn, zend_function *other_fn TSRMLS_DC) /* {{{ */
+{
+	zend_uintfn_flags = fn-common.scope-ce_flags;
+	zend_uint other_flags = other_fn-common.scope-ce_flags;
+
+	return zend_do_perform_implementation_check(fn, other_fn TSRMLS_CC)
+		 zend_do_perform_implementation_check(other_fn, fn TSRMLS_CC)
+		 ((fn_flags  ZEND_ACC_FINAL) == (other_flags  ZEND_ACC_FINAL))   /* equal final qualifier */
+		 ((fn_flags  ZEND_ACC_STATIC)== (other_flags  ZEND_ACC_STATIC)); /* equal static qualifier */
+}
+/* }}} */
+
 static int zend_traits_merge_functions(zend_function *fn TSRMLS_DC, int 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug55524.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/traits/bug55524.phpt trunk/Zend/zend_compile.c

2012-03-04 Thread Stefan Marr
gron Sun, 04 Mar 2012 18:33:33 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323892

Log:
Fixed Bug #60911 (Confusing error message when extending traits)

Bug: https://bugs.php.net/60911 (Assigned) Confusing error message when 
extending traits
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
U   php/php-src/trunk/Zend/tests/traits/bug55524.phpt
U   php/php-src/trunk/Zend/zend_compile.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-04 18:26:11 UTC (rev 323891)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-04 18:33:33 UTC (rev 323892)
@@ -17,6 +17,7 @@
   . Fixed bug #60717 (Order of traits in use statement can cause a fatal
 error). (Stefan)
   . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
+  . Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
   . Fixed bug #60978 (exit code incorrect). (Laruence)
   . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
 vars). (Laruence)

Modified: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
2012-03-04 18:26:11 UTC (rev 323891)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug55524.phpt
2012-03-04 18:33:33 UTC (rev 323892)
@@ -12,4 +12,4 @@
 echo 'DONE';
 ?
 --EXPECTF--
-Fatal error: A trait (Foo) cannot extend a class in %s on line %d
+Fatal error: A trait (Foo) cannot extend a class. Traits can only be composed 
from other traits with the 'use' keyword. Error in %s on line %d

Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-04 18:26:11 UTC 
(rev 323891)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-04 18:33:33 UTC 
(rev 323892)
@@ -4995,7 +4995,7 @@
if (doing_inheritance) {
/* Make sure a trait does not try to extend a class */
if ((new_class_entry-ce_flags  ZEND_ACC_TRAIT) == ZEND_ACC_TRAIT) {
-   zend_error(E_COMPILE_ERROR, A trait (%s) cannot extend a class, 
new_class_entry-name);
+   zend_error(E_COMPILE_ERROR, A trait (%s) cannot extend a class. 
Traits can only be composed from other traits with the 'use' keyword. Error, 
new_class_entry-name);
}

opline-extended_value = parent_class_name-u.op.var;

Modified: php/php-src/trunk/Zend/tests/traits/bug55524.phpt
===
--- php/php-src/trunk/Zend/tests/traits/bug55524.phpt   2012-03-04 18:26:11 UTC 
(rev 323891)
+++ php/php-src/trunk/Zend/tests/traits/bug55524.phpt   2012-03-04 18:33:33 UTC 
(rev 323892)
@@ -12,4 +12,4 @@
 echo 'DONE';
 ?
 --EXPECTF--
-Fatal error: A trait (Foo) cannot extend a class in %s on line %d
+Fatal error: A trait (Foo) cannot extend a class. Traits can only be composed 
from other traits with the 'use' keyword. Error in %s on line %d

Modified: php/php-src/trunk/Zend/zend_compile.c
===
--- php/php-src/trunk/Zend/zend_compile.c   2012-03-04 18:26:11 UTC (rev 
323891)
+++ php/php-src/trunk/Zend/zend_compile.c   2012-03-04 18:33:33 UTC (rev 
323892)
@@ -4995,7 +4995,7 @@
if (doing_inheritance) {
/* Make sure a trait does not try to extend a class */
if ((new_class_entry-ce_flags  ZEND_ACC_TRAIT) == ZEND_ACC_TRAIT) {
-   zend_error(E_COMPILE_ERROR, A trait (%s) cannot extend a class, 
new_class_entry-name);
+   zend_error(E_COMPILE_ERROR, A trait (%s) cannot extend a class. 
Traits can only be composed from other traits with the 'use' keyword. Error, 
new_class_entry-name);
}

opline-extended_value = parent_class_name-u.op.var;

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug61052.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/traits/bug61052.phpt trunk/Zend/zend_compile.c

2012-03-04 Thread Stefan Marr
gron Sun, 04 Mar 2012 19:34:19 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323898

Log:
Fixed Bug #61052 (Missing error check in trait 'insteadof' clause)

Bug: https://bugs.php.net/61052 (Assigned) missing error check in trait 
'insteadof' clause
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A   php/php-src/trunk/Zend/tests/traits/bug61052.phpt
U   php/php-src/trunk/Zend/zend_compile.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-04 19:30:01 UTC (rev 323897)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-04 19:34:19 UTC (rev 323898)
@@ -23,6 +23,7 @@
 vars). (Laruence)
   . Fixed bug #61011 (Crash when an exception is thrown by __autoload
 accessing a static property). (Laruence)
+  . Fixed bug #61052 (Missing error check in trait 'insteadof' clause). 
(Stefan)
   . Fixed bug #61072 (Memory leak when restoring an exception handler).
 (Nikic, Laruence)
   . Fixed bug #61087 (Memory leak in parse_ini_file when specifying

Added: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug61052.phpt
2012-03-04 19:34:19 UTC (rev 323898)
@@ -0,0 +1,18 @@
+--TEST--
+Bug #61052 (missing error check in trait 'insteadof' clause)
+--FILE--
+?php
+trait T1 {
+  function foo(){ echo T1\n; }
+}
+trait T2 {
+  function foo(){ echo T2\n; }
+}
+class C {
+  use T1, T2 {
+T1::foo insteadof T1;
+  }
+}
+C::foo();
+--EXPECTF--
+Fatal error: Inconsistent insteadof definition. The method foo is to be used 
from T1, but T1 is also on the exclude list in %s on line %d

Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-04 19:30:01 UTC 
(rev 323897)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-04 19:34:19 UTC 
(rev 323898)
@@ -3984,13 +3984,28 @@

/** With the other traits, we are more 
permissive.
We do not give errors for those. This 
allows to be more
-   defensive in such definitions. */
+   defensive in such definitions.
+   However, we want to make sure that the 
insteadof declartion
+   is consistent in itself.
+*/
j = 0;
while (cur_precedence-exclude_from_classes[j]) 
{
char* class_name = 
(char*)cur_precedence-exclude_from_classes[j];
zend_uint name_length = 
strlen(class_name);

cur_precedence-exclude_from_classes[j] 
= zend_fetch_class(class_name, name_length, ZEND_FETCH_CLASS_TRAIT TSRMLS_CC);
+
+   /* make sure that the trait method is 
not from a class mentioned in
+exclude_from_classes, for consistency 
*/
+   if (cur_precedence-trait_method-ce == 
cur_precedence-exclude_from_classes[i]) {
+   zend_error(E_COMPILE_ERROR,
+  
Inconsistent insteadof definition. 
+  The method 
%s is to be used from %s, but %s is also on the exclude list,
+  
cur_method_ref-method_name,
+  
cur_precedence-trait_method-ce-name,
+  
cur_precedence-trait_method-ce-name);
+   }
+
efree(class_name);
j++;
}

Added: php/php-src/trunk/Zend/tests/traits/bug61052.phpt
===
--- php/php-src/trunk/Zend/tests/traits/bug61052.phpt   
(rev 0)
+++ php/php-src/trunk/Zend/tests/traits/bug61052.phpt   2012-03-04 19:34:19 UTC 
(rev 323898)
@@ -0,0 +1,18 @@
+--TEST--
+Bug #61052 (missing error check in trait 'insteadof' clause)
+--FILE--
+?php
+trait T1 {
+  function foo(){ echo T1\n; }
+}
+trait T2 {
+  

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/phar/phar_object.c

2012-03-02 Thread Nikita Popov
nikicFri, 02 Mar 2012 08:21:54 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323804

Log:
Merge: Fix bug #61184 Phar::webPhar() generates headers with trailing NUL bytes

Bug: https://bugs.php.net/61184 (Assigned) Phar::webPhar() generates headers 
with trailing NUL bytes
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/phar/phar_object.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 08:04:51 UTC (rev 323803)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 08:21:54 UTC (rev 323804)
@@ -28,6 +28,9 @@
 - Installation
   . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)

+- Phar
+  . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL 
bytes). (Nikita Popov)
+
 - Reflection:
   . Fixed bug #60968 (Late static binding doesn't work with
 ReflectionMethod::invokeArgs()). (Laruence)

Modified: php/php-src/branches/PHP_5_4/ext/phar/phar_object.c
===
--- php/php-src/branches/PHP_5_4/ext/phar/phar_object.c 2012-03-02 08:04:51 UTC 
(rev 323803)
+++ php/php-src/branches/PHP_5_4/ext/phar/phar_object.c 2012-03-02 08:21:54 UTC 
(rev 323804)
@@ -428,7 +428,7 @@
sapi_header_line ctr = {0};

ctr.response_code = 403;
-   ctr.line_len = sizeof(HTTP/1.0 403 Access Denied);
+   ctr.line_len = sizeof(HTTP/1.0 403 Access Denied)-1;
ctr.line = HTTP/1.0 403 Access Denied;
sapi_header_op(SAPI_HEADER_REPLACE, ctr TSRMLS_CC);
sapi_send_headers(TSRMLS_C);
@@ -453,7 +453,7 @@
}

ctr.response_code = 404;
-   ctr.line_len = sizeof(HTTP/1.0 404 Not Found)+1;
+   ctr.line_len = sizeof(HTTP/1.0 404 Not Found)-1;
ctr.line = HTTP/1.0 404 Not Found;
sapi_header_op(SAPI_HEADER_REPLACE, ctr TSRMLS_CC);
sapi_send_headers(TSRMLS_C);
@@ -893,7 +893,7 @@
char *tmp = NULL, sa = '\0';
sapi_header_line ctr = {0};
ctr.response_code = 301;
-   ctr.line_len = sizeof(HTTP/1.1 301 Moved 
Permanently)+1;
+   ctr.line_len = sizeof(HTTP/1.1 301 Moved 
Permanently)-1;
ctr.line = HTTP/1.1 301 Moved Permanently;
sapi_header_op(SAPI_HEADER_REPLACE, ctr TSRMLS_CC);


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-02 Thread Nikita Popov
nikicFri, 02 Mar 2012 08:25:28 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323805

Log:
Forgot NEWS for r323803

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 08:21:54 UTC (rev 323804)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 08:25:28 UTC (rev 323805)
@@ -20,6 +20,7 @@
   . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
   . Fixed bug #60573 (type hinting with self keyword causes weird errors).
 (Laruence)
+  . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita 
Popov)

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-02 Thread Laruence
Hi Nikic:

  just FYI, I was told that, the entries in NEWS should be in desc
order(in a category) by bug id  :)

thanks

On Fri, Mar 2, 2012 at 4:25 PM, Nikita Popov ni...@php.net wrote:
 nikic                                    Fri, 02 Mar 2012 08:25:28 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=323805

 Log:
 Forgot NEWS for r323803

 Changed paths:
    U   php/php-src/branches/PHP_5_4/NEWS

 Modified: php/php-src/branches/PHP_5_4/NEWS
 ===
 --- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 08:21:54 UTC (rev 323804)
 +++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 08:25:28 UTC (rev 323805)
 @@ -20,6 +20,7 @@
   . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
   . Fixed bug #60573 (type hinting with self keyword causes weird errors).
     (Laruence)
 +  . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita 
 Popov)

  - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)


 --
 PHP CVS Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php



-- 
Laruence  Xinchen Hui
http://www.laruence.com/

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/xmlrpc/tests/bug61097.phpt ext/xmlrpc/xmlrpc-epi-php.c

2012-03-02 Thread Nikita Popov
nikicFri, 02 Mar 2012 14:08:11 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323818

Log:
Merge: Fix bug #61097: Memory leak in xmlrpc functions copying zvals

Bug: https://bugs.php.net/61097 (Assigned) Memory leak in xmlrpc functions 
copying zvals
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt
U   php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 13:17:32 UTC (rev 323817)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 14:08:11 UTC (rev 323818)
@@ -40,6 +40,9 @@
   . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
 (Laruence)

+- XMLRPC:
+  . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita 
Popov)
+
 01 Mar 2012, PHP 5.4.0

 - Installation:

Added: php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt
===
--- php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt 
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/xmlrpc/tests/bug61097.phpt 2012-03-02 
14:08:11 UTC (rev 323818)
@@ -0,0 +1,16 @@
+--TEST--
+Bug #61097 (Memory leak in xmlrpc functions copying zvals)
+--SKIPIF--
+?php if (!extension_loaded(xmlrpc)) print skip; ?
+--FILE--
+?php
+$server = xmlrpc_server_create();
+
+$method = 'abc';
+xmlrpc_server_register_introspection_callback($server, $method);
+xmlrpc_server_register_method($server, 'abc', $method);
+
+echo 'Done';
+?
+--EXPECT--
+Done

Modified: php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c
===
--- php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c2012-03-02 
13:17:32 UTC (rev 323817)
+++ php/php-src/branches/PHP_5_4/ext/xmlrpc/xmlrpc-epi-php.c2012-03-02 
14:08:11 UTC (rev 323818)
@@ -1043,9 +1043,8 @@
 */
if (XMLRPC_ServerRegisterMethod(server-server_ptr, method_key, 
php_xmlrpc_callback)) {
/* save for later use */
-   MAKE_STD_ZVAL(method_name_save);
-   *method_name_save = **method_name;
-   zval_copy_ctor(method_name_save);
+   ALLOC_ZVAL(method_name_save);
+   MAKE_COPY_ZVAL(method_name, method_name_save);

/* register our php method */
add_zval(server-method_map, method_key, 
method_name_save);
@@ -1073,9 +1072,8 @@

if (type == le_xmlrpc_server) {
/* save for later use */
-   MAKE_STD_ZVAL(method_name_save);
-   *method_name_save = **method_name;
-   zval_copy_ctor(method_name_save);
+   ALLOC_ZVAL(method_name_save);
+   MAKE_COPY_ZVAL(method_name, method_name_save);

/* register our php method */
add_zval(server-introspection_map, NULL, method_name_save);

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/zlib/tests/bug61139.phpt ext/zlib/zlib_fopen_wrapper.c

2012-03-02 Thread Nikita Popov
nikicFri, 02 Mar 2012 14:16:47 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323819

Log:
Merge: Fix bug #61139: gzopen leaks when specifying invalid mode

Bug: https://bugs.php.net/61139 (Assigned) gzopen leaks when specifying invalid 
mode
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
U   php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 14:08:11 UTC (rev 323818)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 14:16:47 UTC (rev 323819)
@@ -43,6 +43,9 @@
 - XMLRPC:
   . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita 
Popov)

+- Zlib:
+  . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita 
Popov)
+
 01 Mar 2012, PHP 5.4.0

 - Installation:

Added: php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt
===
--- php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt   
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/zlib/tests/bug61139.phpt   2012-03-02 
14:16:47 UTC (rev 323819)
@@ -0,0 +1,14 @@
+--TEST--
+Bug #61139 (gzopen leaks when specifying invalid mode)
+--SKIPIF--
+?php
+if (!extension_loaded('zlib')) {
+   die('skip - zlib extension not loaded');
+}
+?
+--FILE--
+?php
+
+gzopen('someFile', 'c');
+--EXPECTF--
+Warning: gzopen(): gzopen failed in %s on line %d

Modified: php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c
===
--- php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c  2012-03-02 
14:08:11 UTC (rev 323818)
+++ php/php-src/branches/PHP_5_4/ext/zlib/zlib_fopen_wrapper.c  2012-03-02 
14:16:47 UTC (rev 323819)
@@ -109,7 +109,7 @@
 php_stream *php_stream_gzopen(php_stream_wrapper *wrapper, char *path, char 
*mode, int options,
  char **opened_path, 
php_stream_context *context STREAMS_DC TSRMLS_DC)
 {
-   struct php_gz_stream_data_t *self = {0};
+   struct php_gz_stream_data_t *self;
php_stream *stream = NULL, *innerstream = NULL;

/* sanity check the stream: it can be either read-only or write-only */
@@ -120,8 +120,6 @@
return NULL;
}

-   self = emalloc(sizeof(*self));
-
if (strncasecmp(compress.zlib://, path, 16) == 0) {
path += 16;
} else if (strncasecmp(zlib:, path, 5) == 0) {
@@ -134,32 +132,29 @@
int fd;

if (SUCCESS == php_stream_cast(innerstream, PHP_STREAM_AS_FD, 
(void **) fd, REPORT_ERRORS)) {
-   self-gz_file = gzdopen(dup(fd), mode);
+   self = emalloc(sizeof(*self));
self-stream = innerstream;
-   if (self-gz_file)  {
+   self-gz_file = gzdopen(dup(fd), mode);
+
+   if (self-gz_file) {
stream = 
php_stream_alloc_rel(php_stream_gzio_ops, self, 0, mode);
if (stream) {
stream-flags |= 
PHP_STREAM_FLAG_NO_BUFFER;
return stream;
}
+
gzclose(self-gz_file);
}
+
+   efree(self);
if (options  REPORT_ERRORS) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, 
gzopen failed);
}
-   } else if (innerstream) {
-   php_stream_close(innerstream);
}
-   }

-   if (stream) {
-   php_stream_close(stream);
+   php_stream_close(innerstream);
}
-
-   if (self) {
-   efree(self);
-   }
-
+
return NULL;
 }


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/mbstring/mbstring.c ext/mbstring/php_mbregex.c ext/mbstring/php_mbregex.h ext/mbstring/tests/mb_ereg_replace_callback.phpt

2012-03-02 Thread Rui Hirokawa
hirokawa Fri, 02 Mar 2012 14:19:05 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323820

Log:
MFH mb_ereg_replace_callback() for security enhancements.

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c
U   php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c
U   php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.h
A   
php/php-src/branches/PHP_5_4/ext/mbstring/tests/mb_ereg_replace_callback.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-03-02 14:16:47 UTC (rev 323819)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-03-02 14:19:05 UTC (rev 323820)
@@ -46,6 +46,9 @@
 - Zlib:
   . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov)

+- mbstring:
+  . MFH mb_ereg_replace_callback() for security enhancements. (Rui)
+
 01 Mar 2012, PHP 5.4.0

 - Installation:

Modified: php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c
===
--- php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c	2012-03-02 14:16:47 UTC (rev 323819)
+++ php/php-src/branches/PHP_5_4/ext/mbstring/mbstring.c	2012-03-02 14:19:05 UTC (rev 323820)
@@ -467,6 +467,13 @@
 	ZEND_ARG_INFO(0, string)
 ZEND_END_ARG_INFO()

+ZEND_BEGIN_ARG_INFO_EX(arginfo_mb_ereg_replace_callback, 0, 0, 3)
+	ZEND_ARG_INFO(0, pattern)
+	ZEND_ARG_INFO(0, callback)
+	ZEND_ARG_INFO(0, string)
+	ZEND_ARG_INFO(0, option)
+ZEND_END_ARG_INFO()
+
 ZEND_BEGIN_ARG_INFO_EX(arginfo_mb_split, 0, 0, 2)
 	ZEND_ARG_INFO(0, pattern)
 	ZEND_ARG_INFO(0, string)

Modified: php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c
===
--- php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c	2012-03-02 14:16:47 UTC (rev 323819)
+++ php/php-src/branches/PHP_5_4/ext/mbstring/php_mbregex.c	2012-03-02 14:19:05 UTC (rev 323820)
@@ -784,7 +784,7 @@
 /* }}} */

 /* {{{ _php_mb_regex_ereg_replace_exec */
-static void _php_mb_regex_ereg_replace_exec(INTERNAL_FUNCTION_PARAMETERS, OnigOptionType options)
+static void _php_mb_regex_ereg_replace_exec(INTERNAL_FUNCTION_PARAMETERS, OnigOptionType options, int is_callable)
 {
 	zval **arg_pattern_zval;

@@ -794,6 +794,9 @@
 	char *replace;
 	int replace_len;

+	zend_fcall_info arg_replace_fci;
+	zend_fcall_info_cache arg_replace_fci_cache;
+
 	char *string;
 	int string_len;

@@ -826,12 +829,22 @@
 		char *option_str = NULL;
 		int option_str_len = 0;

-		if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zss|s,
-	arg_pattern_zval,
-	replace, replace_len,
-	string, string_len,
-	option_str, option_str_len) == FAILURE) {
-			RETURN_FALSE;
+		if (!is_callable) {
+			if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zss|s,
+		arg_pattern_zval,
+		replace, replace_len,
+		string, string_len,
+		option_str, option_str_len) == FAILURE) {
+RETURN_FALSE;
+			}
+		} else {
+			if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, Zfs|s,
+		arg_pattern_zval,
+		arg_replace_fci, arg_replace_fci_cache,
+		string, string_len,
+		option_str, option_str_len) == FAILURE) {
+RETURN_FALSE;
+			}
 		}

 		if (option_str != NULL) {
@@ -859,7 +872,7 @@
 		RETURN_FALSE;
 	}

-	if (eval) {
+	if (eval || is_callable) {
 		pbuf = eval_buf;
 		description = zend_make_compiled_string_description(mbregex replace TSRMLS_CC);
 	} else {
@@ -867,6 +880,13 @@
 		description = NULL;
 	}

+	if (is_callable) {
+		if (eval) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, Option 'e' cannot be used with replacement callback);
+			RETURN_FALSE;
+		}
+	}
+
 	/* do the actual work */
 	err = 0;
 	pos = (OnigUChar *)string;
@@ -889,28 +909,32 @@
 #endif
 			/* copy the part of the string before the match */
 			smart_str_appendl(out_buf, pos, (size_t)((OnigUChar *)(string + regs-beg[0]) - pos));
-			/* copy replacement and backrefs */
-			i = 0;
-			p = replace;
-			while (i  replace_len) {
-int fwd = (int) php_mb_mbchar_bytes_ex(p, enc);
-n = -1;
-if ((replace_len - i) = 2  fwd == 1 
+
+			if (!is_callable) {
+/* copy replacement and backrefs */
+i = 0;
+p = replace;
+while (i  replace_len) {
+	int fwd = (int) php_mb_mbchar_bytes_ex(p, enc);
+	n = -1;
+	if ((replace_len - i) = 2  fwd == 1 
 	p[0] == '\\'  p[1] = '0'  p[1] = '9') {
-	n = p[1] - '0';
-}
-if (n = 0  n  regs-num_regs) {
-	if (regs-beg[n] = 0  regs-beg[n]  regs-end[n]  regs-end[n] = string_len) {
-		smart_str_appendl(pbuf, string + regs-beg[n], regs-end[n] - regs-beg[n]);
+		n = p[1] - '0';
 	}
-	p += 2;
-	i += 2;
-} else {
-	smart_str_appendl(pbuf, p, fwd);
-	p += fwd;
-	i += fwd;
+	if (n = 0  n  regs-num_regs) {
+		if (regs-beg[n] = 0  regs-beg[n]  regs-end[n]  

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-02 Thread Christopher Jones
sixd Fri, 02 Mar 2012 15:46:51 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323823

Log:
Reorder

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 15:43:37 UTC (rev 323822)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 15:46:51 UTC (rev 323823)
@@ -2,43 +2,47 @@
 |||
 ?? ??? 2012, PHP 5.4.1 RC1

+- Array:
+  . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
+(Laruence)
+
 - CLI Server:
   . Connection: close instead of Connection: closed (Gustavo)

 - Core:
-  . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
-  . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
+  . Fixed bug #60573 (type hinting with self keyword causes weird errors).
+(Laruence)
+  . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
+  . Fixed bug #60978 (exit code incorrect). (Laruence)
+  . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
+vars). (Laruence)
+  . Fixed bug #61011 (Crash when an exception is thrown by __autoload
+accessing a static property). (Laruence)
+  . Fixed bug #61072 (Memory leak when restoring an exception handler).
+(Nikic, Laruence)
   . Fixed bug #61087 (Memory leak in parse_ini_file when specifying
 invalid scanner mode). (Nikic, Laruence)
-  . Fixed bug #61072 (Memory leak when restoring an exception handler).
-(Nikic, Laruence)
-  . Fixed bug #61011 (Crash when an exception is thrown by __autoload
-accessing a static property). (Laruence)
-  . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
-vars). (Laruence)
-  . Fixed bug #60978 (exit code incorrect). (Laruence)
-  . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
-  . Fixed bug #60573 (type hinting with self keyword causes weird errors).
-(Laruence)
   . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita 
Popov)
+  . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
+  . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)

-- Standard:
-  . Fixed memory leak in substr_replace. (Pierrick)
-  . make max_file_uploads ini directive settable outside of php.ini (Rasmus)
-
 - Installation
   . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)

+- mbstring:
+  . MFH mb_ereg_replace_callback() for security enhancements. (Rui)
+
 - Phar
-  . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL 
bytes). (Nikita Popov)
+  . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL
+bytes). (Nikita Popov)

 - Reflection:
   . Fixed bug #60968 (Late static binding doesn't work with
 ReflectionMethod::invokeArgs()). (Laruence)

-- Array:
-  . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
-(Laruence)
+- Standard:
+  . Fixed memory leak in substr_replace. (Pierrick)
+  . Make max_file_uploads ini directive settable outside of php.ini (Rasmus)

 - XMLRPC:
   . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita 
Popov)
@@ -46,9 +50,6 @@
 - Zlib:
   . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita 
Popov)

-- mbstring:
-  . MFH mb_ereg_replace_callback() for security enhancements. (Rui)
-
 01 Mar 2012, PHP 5.4.0

 - Installation:

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/string.c

2012-03-01 Thread Pierrick Charron
pierrick Thu, 01 Mar 2012 15:10:29 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323710

Log:
Fixed memory leak in substr_replace

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/standard/string.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-01 15:10:23 UTC (rev 323709)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-01 15:10:29 UTC (rev 323710)
@@ -1,7 +1,10 @@
 PHPNEWS
 |||
 ?? ??? 2012, PHP 5.4.1 RC1
-
+
+- Standard:
+  . Fixed memory leak in substr_replace. (Pierrick)
+
 01 Mar 2012, PHP 5.4.0

 - autoconf 2.59+ is now supported (and required) for generating the

Modified: php/php-src/branches/PHP_5_4/ext/standard/string.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/string.c  2012-03-01 15:10:23 UTC 
(rev 323709)
+++ php/php-src/branches/PHP_5_4/ext/standard/string.c  2012-03-01 15:10:29 UTC 
(rev 323710)
@@ -2518,6 +2518,9 @@

if(Z_REFCOUNT_P(orig_str) != refcount) {
php_error_docref(NULL 
TSRMLS_CC, E_WARNING, Argument was modified while replacing);
+   if(Z_TYPE_PP(tmp_repl) != 
IS_STRING) {
+   zval_dtor(repl_str);
+   }
break;
}


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/string.c

2012-03-01 Thread Antony Dovgal

On 03/01/2012 07:10 PM, Pierrick Charron wrote:

pierrick Thu, 01 Mar 2012 15:10:29 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323710

Log:
Fixed memory leak in substr_replace


+test ?

--
Wbr,
Antony Dovgal
---
http://pinba.org - realtime profiling for PHP

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-01 Thread Christopher Jones
sixd Thu, 01 Mar 2012 17:59:59 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323721

Log:
Tidy up PHP 5.4.0 section, incuding removing most (?) bugs in new
features found/fixed during RC phase, and removing 5.4 section entries
for bugs already publicly released in PHP = 5.3.10.

There are still many things in UPGRADING not mentioned here.

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-03-01 17:51:54 UTC (rev 323720)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-03-01 17:59:59 UTC (rev 323721)
@@ -7,25 +7,30 @@

 01 Mar 2012, PHP 5.4.0

-- autoconf 2.59+ is now supported (and required) for generating the
-  configure script with ./buildconf. Autoconf 2.60+ is desirable
-  otherwise the configure help order may be incorrect.  (Rasmus, Chris Jones)
+- Installation:
+  . autoconf 2.59+ is now supported (and required) for generating the
+configure script with ./buildconf. Autoconf 2.60+ is desirable
+otherwise the configure help order may be incorrect.  (Rasmus, Chris Jones)

 - Removed legacy features:
   . break/continue $var syntax. (Dmitry)
-  . Safe mode and all related ini options. (Kalle)
-  . register_globals and register_long_arrays ini options. (Kalle)
+  . Safe mode and all related php.ini options. (Kalle)
+  . register_globals and register_long_arrays php.ini options. (Kalle)
   . import_request_variables(). (Kalle)
   . allow_call_time_pass_reference. (Pierrick)
-  . define_syslog_variables ini option and its associated function. (Kalle)
-  . highlight.bg ini option. (Kalle)
+  . define_syslog_variables php.ini option and its associated function. (Kalle)
+  . highlight.bg php.ini option. (Kalle)
+  . safe_mode, safe_mode_gid, safe_mode_include_dir,
+safe_mode_exec_dir, safe_mode_allowed_env_vars and
+safe_mode_protected_env_vars php.ini options.
+  . zend.ze1_compatibility_mode php.ini option.
   . Session bug compatibility mode (session.bug_compat_42 and
-session.bug_compat_warn ini options). (Kalle)
+session.bug_compat_warn php.ini options). (Kalle)
   . session_is_registered(), session_register() and session_unregister()
 functions. (Kalle)
-  . y2k_compliance ini option. (Kalle)
+  . y2k_compliance php.ini option. (Kalle)
   . magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase
-ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
+php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
 but always return false, set_magic_quotes_runtime raises an
 E_CORE_ERROR. (Pierrick, Pierre)
   . Removed support for putenv(TZ=..) for setting the timezone. (Derick)
@@ -33,21 +38,21 @@
 date.timezone or date_default_timezone_set(). Instead of a guessed
 timezone, UTC is now used instead. (Derick)

-- Moved extensions to PECL: (Johannes)
+- Moved extensions to PECL:
   . ext/sqlite.  (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are
-not affected)
+not affected) (Johannes)

 - General improvements:
   . Added short array syntax support ([1,2,3]), see UPGRADING guide for full
 details. (rsky0711 at gmail . com, sebastian.deutsch at 9elements . com,
 Pierre)
-  . Added binary numbers format (0b001010). (Jonah dot Harris at gmail dot com)
+  . Added binary number format (0b001010). (Jonah dot Harris at gmail dot com)
   . Added support for Class::{expr}() syntax (Pierrick)
-  . Added multibyte support by default. Previously php had to be compiled
-with --enable-zend-multibyte. Now it can be enabled or disabled through
-zend.multibyte directive in php.ini. (Dmitry)
+  . Added multibyte support by default. Previously PHP had to be compiled
+with --enable-zend-multibyte.  Now it can be enabled or disabled through
+the zend.multibyte directive in php.ini. (Dmitry)
   . Removed compile time dependency from ext/mbstring (Dmitry)
-  . Added support for Traits. (Stefan)
+  . Added support for Traits. (Stefan, with fixes by Dmitry and Laruence)
   . Added closure $this support back. (Stas)
   . Added array dereferencing support. (Felipe)
   . Added callable typehint. (Hannes)
@@ -59,21 +64,21 @@
   . Implemented Zend Signal Handling (configurable option --enable-zend-signals,
 off by default). (Lucas Nealan, Arnaud Le Blanc, Brian Shire, Ilia)
   . Improved output layer, see README.NEW-OUTPUT-API for internals. (Mike)
-  . Improved unix build system to allow building multiple PHP binary SAPIs and
+  . Improved UNIX build system to allow building multiple PHP binary SAPIs and
 one SAPI module the same time. FR #53271, FR #52419. (Jani)
   . Implemented closure rebinding as parameter to bindTo. (Gustavo Lopes)
   . Improved the warning message of incompatible arguments. (Laruence)
   . Improved ternary operator performance when returning arrays. (Arnaud, Dmitry)
   . 

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/string.c

2012-03-01 Thread Pierrick Charron
Test for bug #55871 is already covering this issue.

P.

On 1 March 2012 11:35, Antony Dovgal t...@daylessday.org wrote:
 On 03/01/2012 07:10 PM, Pierrick Charron wrote:

 pierrick                                 Thu, 01 Mar 2012 15:10:29 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=323710

 Log:
 Fixed memory leak in substr_replace


 +test ?

 --
 Wbr,
 Antony Dovgal
 ---
 http://pinba.org - realtime profiling for PHP

 --
 PHP CVS Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS main/main.c

2012-03-01 Thread Rasmus Lerdorf
rasmus   Thu, 01 Mar 2012 22:49:03 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323739

Log:
Merge: make max_file_uploads PHP_INI_SYSTEM|PHP_INI_PERDIR

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/main/main.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-01 22:48:49 UTC (rev 323738)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-01 22:49:03 UTC (rev 323739)
@@ -4,6 +4,7 @@

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)
+  . make max_file_uploads ini directive settable outside of php.ini (Rasmus)

 01 Mar 2012, PHP 5.4.0


Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c2012-03-01 22:48:49 UTC (rev 
323738)
+++ php/php-src/branches/PHP_5_4/main/main.c2012-03-01 22:49:03 UTC (rev 
323739)
@@ -552,7 +552,7 @@
PHP_INI_ENTRY(mail.force_extra_parameters,NULL,   
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnChangeMailForceExtra)
PHP_INI_ENTRY(disable_functions,  , 
PHP_INI_SYSTEM, NULL)
PHP_INI_ENTRY(disable_classes,, 
PHP_INI_SYSTEM, NULL)
-   PHP_INI_ENTRY(max_file_uploads,   20,   
PHP_INI_SYSTEM, NULL)
+   PHP_INI_ENTRY(max_file_uploads,   20,   
PHP_INI_SYSTEM|PHP_INI_PERDIR,  NULL)

STD_PHP_INI_BOOLEAN(allow_url_fopen,  1,
PHP_INI_SYSTEM, OnUpdateBool,   allow_url_fopen,
php_core_globals,   core_globals)
STD_PHP_INI_BOOLEAN(allow_url_include,0,
PHP_INI_SYSTEM, OnUpdateBool,   allow_url_include,  
php_core_globals,   core_globals)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug61165.phpt branches/PHP_5_4/Zend/zend_API.c trunk/NEWS

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 02:51:57 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323765

Log:
MFH: Fix bug #61165 (Segfault - strip_tags())

Bug: https://bugs.php.net/61165 (Assigned) Segfault - strip_tags()
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_API.c
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 02:38:18 UTC (rev 323764)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 02:51:57 UTC (rev 323765)
@@ -4,6 +4,7 @@

 - Core:
   . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
+  . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt   
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug61165.phpt   2012-03-02 
02:51:57 UTC (rev 323765)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #61165 (Segfault - strip_tags())
+--FILE--
+?php
+
+$handler = NULL;
+class T {
+public $_this;
+
+public function __toString() {
+   global $handler;
+   $handler = $this;
+$this-_this = $this; // -- uncoment this
+return 'A';
+}
+}
+
+$t = new T;
+for ($i = 0; $i  3; $i++) {
+strip_tags($t);
+   strip_tags(new T);
+}
+var_dump($handler);
+--EXPECTF--
+object(T)#%d (1) {
+  [_this]=
+  *RECURSION*
+}

Modified: php/php-src/branches/PHP_5_4/Zend/zend_API.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_API.c2012-03-02 02:38:18 UTC 
(rev 323764)
+++ php/php-src/branches/PHP_5_4/Zend/zend_API.c2012-03-02 02:51:57 UTC 
(rev 323765)
@@ -262,12 +262,16 @@
 static int parse_arg_object_to_string(zval **arg, char **p, int *pl, int type 
TSRMLS_DC) /* {{{ */
 {
if (Z_OBJ_HANDLER_PP(arg, cast_object)) {
-   SEPARATE_ZVAL_IF_NOT_REF(arg);
-   if (Z_OBJ_HANDLER_PP(arg, cast_object)(*arg, *arg, type 
TSRMLS_CC) == SUCCESS) {
+   zval *obj;
+   MAKE_STD_ZVAL(obj);
+   if (Z_OBJ_HANDLER_P(*arg, cast_object)(*arg, obj, type 
TSRMLS_CC) == SUCCESS) {
+   zval_ptr_dtor(arg);
+   *arg = obj;
*pl = Z_STRLEN_PP(arg);
*p = Z_STRVAL_PP(arg);
return SUCCESS;
}
+   efree(obj);
}
/* Standard PHP objects */
if (Z_OBJ_HT_PP(arg) == std_object_handlers || !Z_OBJ_HANDLER_PP(arg, 
cast_object)) {

Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS  2012-03-02 02:38:18 UTC (rev 323764)
+++ php/php-src/trunk/NEWS  2012-03-02 02:51:57 UTC (rev 323765)
@@ -6,7 +6,6 @@
   . World domination

 - Core:
-  . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
   . Fixed bug #61072 (Memory leak when restoring an exception handler).
 (Nikic, Laruence)
   . Fixed bug #61011 (Crash when an exception is thrown by __autoload

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_builtin_functions.c trunk/NEWS

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 02:56:08 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323766

Log:
MFH: Fixed bug #61072 (Memory leak when restoring an exception handler).

Bug: https://bugs.php.net/61072 (Assigned) Memory leak when restoring an 
exception handler
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 02:51:57 UTC (rev 323765)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 02:56:08 UTC (rev 323766)
@@ -5,6 +5,8 @@
 - Core:
   . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
   . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
+  . Fixed bug #61072 (Memory leak when restoring an exception handler).
+(Nikic, Laruence)

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)

Modified: php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c  2012-03-02 
02:51:57 UTC (rev 323765)
+++ php/php-src/branches/PHP_5_4/Zend/zend_builtin_functions.c  2012-03-02 
02:56:08 UTC (rev 323766)
@@ -1615,8 +1615,7 @@
RETURN_TRUE;
}

-   *EG(user_exception_handler) = *exception_handler;
-   zval_copy_ctor(EG(user_exception_handler));
+   MAKE_COPY_ZVAL(exception_handler, EG(user_exception_handler));

if (!had_orig_exception_handler) {
RETURN_NULL();

Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS  2012-03-02 02:51:57 UTC (rev 323765)
+++ php/php-src/trunk/NEWS  2012-03-02 02:56:08 UTC (rev 323766)
@@ -6,8 +6,6 @@
   . World domination

 - Core:
-  . Fixed bug #61072 (Memory leak when restoring an exception handler).
-(Nikic, Laruence)
   . Fixed bug #61011 (Crash when an exception is thrown by __autoload
 accessing a static property). (Laruence)
   . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug61011.phpt branches/PHP_5_4/Zend/zend_vm_def.h branches/PHP_5_4/Zend/zend_vm_execute.h trunk/NEWS

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 03:12:15 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323767

Log:
MFH: Fixed bug #61011 (Crash when an exception is thrown by __autoload 
accessing a static property)

Bug: https://bugs.php.net/61011 (Assigned) Crash when an exception is thrown by 
__autoload accessing a static property
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
U   php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-03-02 02:56:08 UTC (rev 323766)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-03-02 03:12:15 UTC (rev 323767)
@@ -7,6 +7,8 @@
   . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
   . Fixed bug #61072 (Memory leak when restoring an exception handler).
 (Nikic, Laruence)
+  . Fixed bug #61011 (Crash when an exception is thrown by __autoload
+accessing a static property). (Laruence)

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug61011.phpt	2012-03-02 03:12:15 UTC (rev 323767)
@@ -0,0 +1,35 @@
+--TEST--
+Bug #61011 (Crash when an exception is thrown by __autoload accessing a static property)
+--FILE--
+?php
+function __autoload($name) {
+	throw new Exception($name);
+}
+try {
+	echo AAA::$a; //zend_fetch_var_address_helper
+} catch (Exception $e) {
+	try {
+		echo AAA::XXX; //ZEND_FETCH_CONSTANT
+	} catch (Exception $e) {
+		try {
+			echo AAA::foo(); //ZEND_INIT_STATIC_METHOD_CALL
+		} catch (Exception $e) {
+			try  {
+unset(AAA::$a); // ZEND_UNSET_VAR
+			} catch (Exception $e){
+try {
+	isset(::$a); // ZEND_ISSET_ISEMPTY_VAR
+} catch (Exception $e) {
+	try  {
+		$a = array(AAA, foo);
+		$a(); //ZEND_INIT_FCALL_BY_NAME
+	} catch (Exception $e) {
+	}
+}
+			}
+		}
+	}
+}
+echo 'okey';
+--EXPECT--
+okey

Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h	2012-03-02 02:56:08 UTC (rev 323766)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h	2012-03-02 03:12:15 UTC (rev 323767)
@@ -1039,6 +1039,14 @@
 ce = CACHED_PTR(opline-op2.literal-cache_slot);
 			} else {
 ce = zend_fetch_class_by_name(Z_STRVAL_P(opline-op2.zv), Z_STRLEN_P(opline-op2.zv), opline-op2.literal + 1, 0 TSRMLS_CC);
+if (UNEXPECTED(ce == NULL)) {
+	if (OP1_TYPE != IS_CONST  varname == tmp_varname) {
+		zval_dtor(tmp_varname);
+	}
+	FREE_OP1();
+	CHECK_EXCEPTION();
+	ZEND_VM_NEXT_OPCODE();
+}
 CACHE_PTR(opline-op2.literal-cache_slot, ce);
 			}
 		} else {
@@ -2234,7 +2242,8 @@
 		} else {
 			ce = zend_fetch_class_by_name(Z_STRVAL_P(opline-op1.zv), Z_STRLEN_P(opline-op1.zv), opline-op1.literal + 1, opline-extended_value TSRMLS_CC);
 			if (UNEXPECTED(ce == NULL)) {
-zend_error_noreturn(E_ERROR, Class '%s' not found, Z_STRVAL_P(opline-op1.zv));
+CHECK_EXCEPTION();
+ZEND_VM_NEXT_OPCODE();
 			}
 			CACHE_PTR(opline-op1.literal-cache_slot, ce);
 		}
@@ -2414,7 +2423,8 @@
 			if (Z_TYPE_PP(obj) == IS_STRING) {
 ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC);
 if (UNEXPECTED(ce == NULL)) {
-	zend_error_noreturn(E_ERROR, Class '%s' not found, Z_STRVAL_PP(obj));
+	CHECK_EXCEPTION();
+	ZEND_VM_NEXT_OPCODE();
 }
 EX(called_scope) = ce;
 EX(object) = NULL;
@@ -2964,6 +2974,7 @@
 		catch_ce = CACHED_PTR(opline-op1.literal-cache_slot);
 	} else {
 		catch_ce = zend_fetch_class_by_name(Z_STRVAL_P(opline-op1.zv), Z_STRLEN_P(opline-op1.zv), opline-op1.literal + 1, ZEND_FETCH_CLASS_NO_AUTOLOAD TSRMLS_CC);
+
 		CACHE_PTR(opline-op1.literal-cache_slot, catch_ce);
 	}
 	ce = Z_OBJCE_P(EG(exception));
@@ -3492,7 +3503,8 @@
 			} else {
 ce = zend_fetch_class_by_name(Z_STRVAL_P(opline-op1.zv), Z_STRLEN_P(opline-op1.zv), opline-op1.literal + 1, opline-extended_value TSRMLS_CC);
 if (UNEXPECTED(ce == NULL)) {
-	zend_error_noreturn(E_ERROR, Undefined class constant '%s', Z_STRVAL_P(opline-op2.zv));
+	CHECK_EXCEPTION();
+	ZEND_VM_NEXT_OPCODE();
 }
 CACHE_PTR(opline-op1.literal-cache_slot, ce);
 			}
@@ -3879,6 +3891,16 @@
 ce = CACHED_PTR(opline-op2.literal-cache_slot);
 			} else {
 ce = zend_fetch_class_by_name(Z_STRVAL_P(opline-op2.zv), Z_STRLEN_P(opline-op2.zv), opline-op2.literal + 1, 0 TSRMLS_CC);
+if (UNEXPECTED(ce == NULL)) {
+	if (OP1_TYPE != 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/php_variables.c branches/PHP_5_4/tests/basic/bug61000.phpt trunk/NEWS

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 03:18:04 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323769

Log:
MFH: Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical 
vars)

Bug: https://bugs.php.net/61000 (Assigned) Exceeding max nesting level doesn't 
delete numerical vars
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/main/php_variables.c
A   php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:14:20 UTC (rev 323768)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:18:04 UTC (rev 323769)
@@ -9,6 +9,8 @@
 (Nikic, Laruence)
   . Fixed bug #61011 (Crash when an exception is thrown by __autoload
 accessing a static property). (Laruence)
+  . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
+vars). (Laruence)

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)

Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c   2012-03-02 03:14:20 UTC 
(rev 323768)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c   2012-03-02 03:18:04 UTC 
(rev 323769)
@@ -133,7 +133,7 @@

if (track_vars_array) {
ht = Z_ARRVAL_P(track_vars_array);
-   zend_hash_del(ht, var, var_len + 1);
+   zend_symtable_del(ht, var, var_len + 1);
}

zval_dtor(val);

Added: php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt
===
--- php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt  
(rev 0)
+++ php/php-src/branches/PHP_5_4/tests/basic/bug61000.phpt  2012-03-02 
03:18:04 UTC (rev 323769)
@@ -0,0 +1,19 @@
+--TEST--
+Bug #61000 (Exceeding max nesting level doesn't delete numerical vars)
+--INI--
+max_input_nesting_level=2
+--POST--
+1[a][]=foo1[a][b][c]=bar
+--GET--
+a[a][]=fooa[a][b][c]=bar
+--FILE--
+?php
+print_r($_GET);
+print_r($_POST);
+--EXPECTF--
+Array
+(
+)
+Array
+(
+)

Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS  2012-03-02 03:14:20 UTC (rev 323768)
+++ php/php-src/trunk/NEWS  2012-03-02 03:18:04 UTC (rev 323769)
@@ -6,8 +6,6 @@
   . World domination

 - Core:
-  . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
-vars). (Laruence)
   . Fixed bug #60978 (exit code incorrect). (Laruence)
   . Fixed bug #60573 (type hinting with self keyword causes weird errors).
 (Laruence)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60978.phpt branches/PHP_5_4/Zend/zend_execute_API.c trunk/NEWS trunk/Zend/tests/bug60978.phpt

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 03:25:41 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323771

Log:
MFH: Fixed bug #60978 (exit code incorrect)

Bug: https://bugs.php.net/60978 (Assigned) exit code incorrect
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c
U   php/php-src/trunk/NEWS
U   php/php-src/trunk/Zend/tests/bug60978.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:20:50 UTC (rev 323770)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:25:41 UTC (rev 323771)
@@ -11,6 +11,7 @@
 accessing a static property). (Laruence)
   . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
 vars). (Laruence)
+  . Fixed bug #60978 (exit code incorrect). (Laruence)

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt   
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt   2012-03-02 
03:25:41 UTC (rev 323771)
@@ -0,0 +1,10 @@
+--TEST--
+Bug #60978 (exit code incorrect)
+--FILE--
+?php
+$php = getenv('TEST_PHP_EXECUTABLE');
+exec($php . ' -n -r exit(2);', $output, $exit_code);
+echo $exit_code;
+?
+--EXPECT--
+2


Property changes on: php/php-src/branches/PHP_5_4/Zend/tests/bug60978.phpt
___
Added: svn:executable
   + *

Modified: php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c2012-03-02 
03:20:50 UTC (rev 323770)
+++ php/php-src/branches/PHP_5_4/Zend/zend_execute_API.c2012-03-02 
03:25:41 UTC (rev 323771)
@@ -1195,7 +1195,13 @@
}
CG(interactive) = 0;

-   zend_execute(new_op_array TSRMLS_CC);
+   zend_try {
+   zend_execute(new_op_array TSRMLS_CC);
+   } zend_catch {
+   destroy_op_array(new_op_array TSRMLS_CC);
+   efree(new_op_array);
+   zend_bailout();
+   } zend_end_try();

CG(interactive) = orig_interactive;
if (local_retval_ptr) {

Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS  2012-03-02 03:20:50 UTC (rev 323770)
+++ php/php-src/trunk/NEWS  2012-03-02 03:25:41 UTC (rev 323771)
@@ -6,7 +6,6 @@
   . World domination

 - Core:
-  . Fixed bug #60978 (exit code incorrect). (Laruence)
   . Fixed bug #60573 (type hinting with self keyword causes weird errors).
 (Laruence)


Modified: php/php-src/trunk/Zend/tests/bug60978.phpt
===
--- php/php-src/trunk/Zend/tests/bug60978.phpt  2012-03-02 03:20:50 UTC (rev 
323770)
+++ php/php-src/trunk/Zend/tests/bug60978.phpt  2012-03-02 03:25:41 UTC (rev 
323771)
@@ -3,7 +3,7 @@
 --FILE--
 ?php
 $php = getenv('TEST_PHP_EXECUTABLE');
-exec($php . ' -r exit(2);', $output, $exit_code);
+exec($php . '-n -r exit(2);', $output, $exit_code);
 echo $exit_code;
 ?
 --EXPECT--

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60573.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/NEWS

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 03:32:12 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323773

Log:
MFH: Fixed bug #60573 (type hinting with self keyword causes weird errors)

Bug: https://bugs.php.net/60573 (Assigned) type hinting with self keyword 
causes weird errors
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:29:24 UTC (rev 323772)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:32:12 UTC (rev 323773)
@@ -12,6 +12,8 @@
   . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
 vars). (Laruence)
   . Fixed bug #60978 (exit code incorrect). (Laruence)
+  . Fixed bug #60573 (type hinting with self keyword causes weird errors).
+(Laruence)

 - Standard:
   . Fixed memory leak in substr_replace. (Pierrick)

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt   
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt   2012-03-02 
03:32:12 UTC (rev 323773)
@@ -0,0 +1,84 @@
+--TEST--
+Bug #60573 (type hinting with self keyword causes weird errors)
+--FILE--
+?php
+class Foo1 {
+
+public function setSelf(self $s) { }
+
+}
+
+class Bar1 extends Foo1 {
+
+public function setSelf(parent $s) { }
+
+}
+
+class Foo2 {
+
+public function setSelf(Foo2 $s) { }
+
+}
+
+class Bar2 extends Foo2 {
+
+public function setSelf(parent $s) { }
+
+}
+
+class Base {
+}
+
+class Foo3 extends Base{
+
+public function setSelf(parent $s) { }
+
+}
+
+class Bar3 extends Foo3 {
+
+public function setSelf(Base $s) { }
+
+}
+
+class Foo4 {
+
+public function setSelf(self $s) { }
+
+}
+
+class Bar4 extends Foo4 {
+
+public function setSelf(self $s) { }
+
+}
+
+class Foo5 extends Base {
+
+public function setSelf(parent $s) { }
+
+}
+
+class Bar5 extends Foo5 {
+
+public function setSelf(parent $s) { }
+
+}
+
+abstract class Foo6 extends Base {
+
+abstract public function setSelf(parent $s);
+
+}
+
+class Bar6 extends Foo6 {
+
+public function setSelf(Foo6 $s) { }
+
+}
+--EXPECTF--
+Strict Standards: Declaration of Bar4::setSelf() should be compatible with 
Foo4::setSelf(Foo4 $s) in %sbug60573.php on line %d
+
+Strict Standards: Declaration of Bar5::setSelf() should be compatible with 
Foo5::setSelf(Base $s) in %sbug60573.php on line %d
+
+Fatal error: Declaration of Bar6::setSelf() must be compatible with 
Foo6::setSelf(Base $s) in %sbug60573.php on line %d


Property changes on: php/php-src/branches/PHP_5_4/Zend/tests/bug60573.phpt
___
Added: svn:executable
   + *

Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-02 03:29:24 UTC 
(rev 323772)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c2012-03-02 03:32:12 UTC 
(rev 323773)
@@ -2958,30 +2958,57 @@
/* Only one has a type hint and the other one doesn't */
return 0;
}
-   if (fe-common.arg_info[i].class_name
-strcasecmp(fe-common.arg_info[i].class_name, 
proto-common.arg_info[i].class_name)!=0) {
-   const char *colon;

-   if (fe-common.type != ZEND_USER_FUNCTION) {
-   return 0;
-   } else if (strchr(proto-common.arg_info[i].class_name, 
'\\') != NULL ||
-   (colon = 
zend_memrchr(fe-common.arg_info[i].class_name, '\\', 
fe-common.arg_info[i].class_name_len)) == NULL ||
-   strcasecmp(colon+1, 
proto-common.arg_info[i].class_name) != 0) {
-   zend_class_entry **fe_ce, **proto_ce;
-   int found, found2;
-
-   found = 
zend_lookup_class(fe-common.arg_info[i].class_name, 
fe-common.arg_info[i].class_name_len, fe_ce TSRMLS_CC);
-   found2 = 
zend_lookup_class(proto-common.arg_info[i].class_name, 
proto-common.arg_info[i].class_name_len, proto_ce TSRMLS_CC);
-
-   /* Check for class alias */
-   if (found != SUCCESS || found2 != SUCCESS ||
-   (*fe_ce)-type == ZEND_INTERNAL_CLASS ||
-   (*proto_ce)-type == 
ZEND_INTERNAL_CLASS ||
-   *fe_ce != *proto_ce) {
+   if 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/reflection/php_reflection.c branches/PHP_5_4/ext/reflection/tests/bug60367.phpt trunk/NEWS

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 03:36:30 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323777

Log:
MFH: Fixed bug #60968 (Late static binding doesn't work with 
ReflectionMethod::invokeArgs())

Bug: https://bugs.php.net/60968 (Assigned) Late static binding doesn't work 
with ReflectionMethod::invokeArgs()
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
U   php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:36:30 UTC (rev 323777)
@@ -22,6 +22,10 @@
 - Installation
   . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)

+- Reflection:
+  . Fixed bug #60968 (Late static binding doesn't work with
+ReflectionMethod::invokeArgs()). (Laruence)
+
 01 Mar 2012, PHP 5.4.0

 - Installation:

Modified: php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
===
--- php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/branches/PHP_5_4/ext/reflection/php_reflection.c
2012-03-02 03:36:30 UTC (rev 323777)
@@ -2920,7 +2920,7 @@
fcc.initialized = 1;
fcc.function_handler = mptr;
fcc.calling_scope = obj_ce;
-   fcc.called_scope = obj_ce;
+   fcc.called_scope = intern-ce;
fcc.object_ptr = object;

result = zend_call_function(fci, fcc TSRMLS_CC);

Modified: php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt
===
--- php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt 
2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/branches/PHP_5_4/ext/reflection/tests/bug60367.phpt 
2012-03-02 03:36:30 UTC (rev 323777)
@@ -20,7 +20,9 @@

 $method = new ReflectionMethod(b::call);
 $method-invoke(null);
+$method-invokeArgs(null, array());
 $method = new ReflectionMethod(A::call);
 $method-invoke(null);
+$method-invokeArgs(null, array());
 --EXPECTF--
-BA
+BBAA

Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS  2012-03-02 03:34:03 UTC (rev 323776)
+++ php/php-src/trunk/NEWS  2012-03-02 03:36:30 UTC (rev 323777)
@@ -31,10 +31,6 @@
 - pgsql
   . Added pg_escape_literal() and pg_escape_identifier() (Yasuo)

-- Reflection:
-  . Fixed bug #60968 (Late static binding doesn't work with
-ReflectionMethod::invokeArgs()). (Laruence)
-
 - Array:
   . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
 (Laruence)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS sapi/cli/php_cli_server.c

2012-03-01 Thread Rasmus Lerdorf
rasmus   Fri, 02 Mar 2012 03:38:04 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323778

Log:
CLI Server was sending Connection: closed instead of Connection: close

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:36:30 UTC (rev 323777)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:38:04 UTC (rev 323778)
@@ -2,6 +2,9 @@
 |||
 ?? ??? 2012, PHP 5.4.1 RC1

+- CLI Server:
+  . Connection: close instead of Connection: closed (Rasmus)
+
 - Core:
   . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
   . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)

Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
===
--- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c  2012-03-02 
03:36:30 UTC (rev 323777)
+++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c  2012-03-02 
03:38:04 UTC (rev 323778)
@@ -351,7 +351,7 @@
smart_str_appendl_ex(buffer, \r\n, 2, persistent);
}
}
-   smart_str_appendl_ex(buffer, Connection: closed\r\n, 
sizeof(Connection: closed\r\n) - 1, persistent);
+   smart_str_appendl_ex(buffer, Connection: close\r\n, 
sizeof(Connection: close\r\n) - 1, persistent);
 } /* }}} */

 static const char *get_mime_type(const char *ext, size_t ext_len) /* {{{ */

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-03-01 Thread Rasmus Lerdorf
rasmus   Fri, 02 Mar 2012 03:40:08 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323780

Log:
Actually, this was a merge from trunk, and Gustavo did it originally.

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:39:04 UTC (rev 323779)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:40:08 UTC (rev 323780)
@@ -3,7 +3,7 @@
 ?? ??? 2012, PHP 5.4.1 RC1

 - CLI Server:
-  . Connection: close instead of Connection: closed (Rasmus)
+  . Connection: close instead of Connection: closed (Gustavo)

 - Core:
   . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/array.c branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt trunk/NEWS

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 03:40:40 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323782

Log:
MFH: Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX)

Bug: https://bugs.php.net/61058 (Assigned) array_fill leaks if start index is 
PHP_INT_MAX
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/standard/array.c
A   php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:40:30 UTC (rev 323781)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-03-02 03:40:40 UTC (rev 323782)
@@ -30,6 +30,10 @@
   . Fixed bug #60968 (Late static binding doesn't work with
 ReflectionMethod::invokeArgs()). (Laruence)

+- Array:
+  . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
+(Laruence)
+
 01 Mar 2012, PHP 5.4.0

 - Installation:

Modified: php/php-src/branches/PHP_5_4/ext/standard/array.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/array.c   2012-03-02 03:40:30 UTC 
(rev 323781)
+++ php/php-src/branches/PHP_5_4/ext/standard/array.c   2012-03-02 03:40:40 UTC 
(rev 323782)
@@ -1563,12 +1563,17 @@
array_init_size(return_value, num);

num--;
+   zend_hash_index_update(Z_ARRVAL_P(return_value), start_key, val, 
sizeof(zval *), NULL);
zval_add_ref(val);
-   zend_hash_index_update(Z_ARRVAL_P(return_value), start_key, val, 
sizeof(zval *), NULL);

while (num--) {
-   zval_add_ref(val);
-   zend_hash_next_index_insert(Z_ARRVAL_P(return_value), val, 
sizeof(zval *), NULL);
+   if (zend_hash_next_index_insert(Z_ARRVAL_P(return_value), val, 
sizeof(zval *), NULL) == SUCCESS) {
+   zval_add_ref(val);
+   } else {
+   zval_dtor(return_value);
+   php_error_docref(NULL TSRMLS_CC, E_WARNING, Cannot add 
element to the array as the next element is already occupied);
+   RETURN_FALSE;
+   }
}
 }
 /* }}} */

Added: php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt
===
--- php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt 
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/standard/tests/array/bug61058.phpt 
2012-03-02 03:40:40 UTC (rev 323782)
@@ -0,0 +1,8 @@
+--TEST--
+Bug #61058 (array_fill leaks if start index is PHP_INT_MAX)
+--FILE--
+?php
+array_fill(PHP_INT_MAX, 2, '*');
+?
+--EXPECTF--
+Warning: array_fill(): Cannot add element to the array as the next element is 
already occupied in %sbug61058.php on line %d

Modified: php/php-src/trunk/NEWS
===
--- php/php-src/trunk/NEWS  2012-03-02 03:40:30 UTC (rev 323781)
+++ php/php-src/trunk/NEWS  2012-03-02 03:40:40 UTC (rev 323782)
@@ -31,8 +31,4 @@
 - pgsql
   . Added pg_escape_literal() and pg_escape_identifier() (Yasuo)

-- Array:
-  . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
-(Laruence)
-
  NOTE: Insert NEWS from last stable release here prior to actual release! 


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS Zend/tests/bug61087.phpt Zend/zend_ini_scanner.c Zend/zend_ini_scanner.l Zend/zend_ini_scanner_defs.h

2012-03-01 Thread Xinchen Hui
laruence Fri, 02 Mar 2012 03:52:06 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323786

Log:
MFH: Fixed bug #61087 (Memory leak in parse_ini_file when specifying invalid 
scanner mode)

Bug: https://bugs.php.net/61087 (Assigned) Memory leak in parse_ini_file when 
specifying invalid scanner mode
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c
U   php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.l
U   php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner_defs.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-03-02 03:51:26 UTC (rev 323785)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-03-02 03:52:06 UTC (rev 323786)
@@ -8,6 +8,8 @@
 - Core:
   . Fixed bug #61225 (Incorect lexing of 0b00*+NUM). (Pierrick)
   . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
+  . Fixed bug #61087 (Memory leak in parse_ini_file when specifying
+invalid scanner mode). (Nikic, Laruence)
   . Fixed bug #61072 (Memory leak when restoring an exception handler).
 (Nikic, Laruence)
   . Fixed bug #61011 (Crash when an exception is thrown by __autoload

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug61087.phpt	2012-03-02 03:52:06 UTC (rev 323786)
@@ -0,0 +1,10 @@
+--TEST--
+Bug #61087 (Memory leak in parse_ini_file when specifying invalid scanner mode)
+--FILE--
+?php
+// the used file is actually irrelevant, so just use this file
+// even though it's not an .ini
+parse_ini_file(__FILE__, false, 100);
+?
+--EXPECTF--
+Warning: Invalid scanner mode in %s on line %d

Modified: php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c	2012-03-02 03:51:26 UTC (rev 323785)
+++ php/php-src/branches/PHP_5_4/Zend/zend_ini_scanner.c	2012-03-02 03:52:06 UTC (rev 323786)
@@ -1,4 +1,4 @@
-/* Generated by re2c 0.13.5 on Mon Jan 17 14:03:33 2011 */
+/* Generated by re2c 0.13.5 on Fri Mar  2 11:49:21 2012 */
 #line 1 Zend/zend_ini_scanner.l
 /*
+--+
@@ -230,12 +230,15 @@
 	char *buf;
 	size_t size;

-	if (zend_stream_fixup(fh, buf, size TSRMLS_CC) == FAILURE ||
-		init_ini_scanner(scanner_mode, fh TSRMLS_CC) == FAILURE
-	) {
+	if (zend_stream_fixup(fh, buf, size TSRMLS_CC) == FAILURE) {
 		return FAILURE;
 	}

+	if (init_ini_scanner(scanner_mode, fh TSRMLS_CC) == FAILURE) {
+		zend_file_handle_dtor(fh TSRMLS_CC);
+		return FAILURE;
+	}
+
 	yy_scan_buffer(buf, size TSRMLS_CC);

 	return SUCCESS;
@@ -330,7 +333,7 @@
 		}
 	}

-#line 334 Zend/zend_ini_scanner.c
+#line 337 Zend/zend_ini_scanner.c
 {
 	YYCTYPE yych;
 	unsigned int yyaccept = 0;
@@ -459,7 +462,7 @@
 yy3:
 		YYDEBUG(3, *YYCURSOR);
 		yyleng = YYCURSOR - SCNG(yy_text);
-#line 426 Zend/zend_ini_scanner.l
+#line 429 Zend/zend_ini_scanner.l
 		{ /* Get option name */
 	/* Eat leading whitespace */
 	EAT_LEADING_WHITESPACE();
@@ -469,7 +472,7 @@

 	RETURN_TOKEN(TC_LABEL, yytext, yyleng);
 }
-#line 473 Zend/zend_ini_scanner.c
+#line 476 Zend/zend_ini_scanner.c
 yy4:
 		YYDEBUG(4, *YYCURSOR);
 		yyaccept = 0;
@@ -478,24 +481,24 @@
 yy5:
 		YYDEBUG(5, *YYCURSOR);
 		yyleng = YYCURSOR - SCNG(yy_text);
-#line 544 Zend/zend_ini_scanner.l
+#line 547 Zend/zend_ini_scanner.l
 		{
 	/* eat whitespace */
 	goto restart;
 }
-#line 487 Zend/zend_ini_scanner.c
+#line 490 Zend/zend_ini_scanner.c
 yy6:
 		YYDEBUG(6, *YYCURSOR);
 		++YYCURSOR;
 yy7:
 		YYDEBUG(7, *YYCURSOR);
 		yyleng = YYCURSOR - SCNG(yy_text);
-#line 549 Zend/zend_ini_scanner.l
+#line 552 Zend/zend_ini_scanner.l
 		{
 	SCNG(lineno)++;
 	return END_OF_LINE;
 }
-#line 499 Zend/zend_ini_scanner.c
+#line 502 Zend/zend_ini_scanner.c
 yy8:
 		YYDEBUG(8, *YYCURSOR);
 		yych = *++YYCURSOR;
@@ -530,11 +533,11 @@
 		++YYCURSOR;
 		YYDEBUG(11, *YYCURSOR);
 		yyleng = YYCURSOR - SCNG(yy_text);
-#line 472 Zend/zend_ini_scanner.l
+#line 475 Zend/zend_ini_scanner.l
 		{ /* Disallow these chars outside option values */
 	return yytext[0];
 }
-#line 538 Zend/zend_ini_scanner.c
+#line 541 Zend/zend_ini_scanner.c
 yy12:
 		YYDEBUG(12, *YYCURSOR);
 		yyaccept = 1;
@@ -551,11 +554,11 @@
 		goto yy54;
 		YYDEBUG(15, *YYCURSOR);
 		yyleng = YYCURSOR - SCNG(yy_text);
-#line 572 Zend/zend_ini_scanner.l
+#line 575 Zend/zend_ini_scanner.l
 		{
 	return 0;
 }
-#line 559 Zend/zend_ini_scanner.c
+#line 562 Zend/zend_ini_scanner.c
 yy16:
 		YYDEBUG(16, *YYCURSOR);
 		++YYCURSOR;
@@ -564,7 +567,7 @@
 yy17:
 		YYDEBUG(17, *YYCURSOR);
 		yyleng = YYCURSOR - 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/standard/var_unserializer.c branches/PHP_5_4/ext/standard/var_unserializer.re trunk/ext/standard/var_unserializer.c trunk/ext/st

2012-02-28 Thread Pierre Joye
pajoye   Tue, 28 Feb 2012 18:36:10 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323633

Log:
- fix bug #60879, unserialize does not invoke __wakeup

Bug: https://bugs.php.net/60879 (Closed) unserialize() Does not invoke 
__wakeup() on object
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
U   php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re
U   php/php-src/trunk/ext/standard/var_unserializer.c
U   php/php-src/trunk/ext/standard/var_unserializer.re

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-28 17:22:32 UTC (rev 323632)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-28 18:36:10 UTC (rev 323633)
@@ -13,6 +13,8 @@
 default (Stas).
   . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
 $double=false). (Gustavo)
+  . Fixed bug #60879 (unserialize() Does not invoke __wakeup() on object).
+(Pierre, Steve)
   . Fixed output layer compat function not passing along input buffer with
 php_output_context_pass() if the output_handler_func does not set out_str
 (releaze3 at gmail dot com, Mike)

Modified: php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
2012-02-28 17:22:32 UTC (rev 323632)
+++ php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.c
2012-02-28 18:36:10 UTC (rev 323633)
@@ -375,6 +375,9 @@
return elements;
 }

+#ifdef PHP_WIN32
+# pragma optimize(, off)
+#endif
 static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
 {
zval *retval_ptr = NULL;
@@ -399,6 +402,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);

 }
+#ifdef PHP_WIN32
+# pragma optimize(, on)
+#endif

 PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
 {

Modified: php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re
===
--- php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re   
2012-02-28 17:22:32 UTC (rev 323632)
+++ php/php-src/branches/PHP_5_4/ext/standard/var_unserializer.re   
2012-02-28 18:36:10 UTC (rev 323633)
@@ -379,6 +379,9 @@
return elements;
 }

+#ifdef PHP_WIN32
+# pragma optimize(, off)
+#endif
 static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
 {
zval *retval_ptr = NULL;
@@ -403,6 +406,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);

 }
+#ifdef PHP_WIN32
+# pragma optimize(, on)
+#endif

 PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
 {

Modified: php/php-src/trunk/ext/standard/var_unserializer.c
===
--- php/php-src/trunk/ext/standard/var_unserializer.c   2012-02-28 17:22:32 UTC 
(rev 323632)
+++ php/php-src/trunk/ext/standard/var_unserializer.c   2012-02-28 18:36:10 UTC 
(rev 323633)
@@ -375,6 +375,9 @@
return elements;
 }

+#ifdef PHP_WIN32
+# pragma optimize(, off)
+#endif
 static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
 {
zval *retval_ptr = NULL;
@@ -399,6 +402,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);

 }
+#ifdef PHP_WIN32
+# pragma optimize(, on)
+#endif

 PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
 {

Modified: php/php-src/trunk/ext/standard/var_unserializer.re
===
--- php/php-src/trunk/ext/standard/var_unserializer.re  2012-02-28 17:22:32 UTC 
(rev 323632)
+++ php/php-src/trunk/ext/standard/var_unserializer.re  2012-02-28 18:36:10 UTC 
(rev 323633)
@@ -379,6 +379,9 @@
return elements;
 }

+#ifdef PHP_WIN32
+# pragma optimize(, off)
+#endif
 static inline int object_common2(UNSERIALIZE_PARAMETER, long elements)
 {
zval *retval_ptr = NULL;
@@ -403,6 +406,9 @@
return finish_nested_data(UNSERIALIZE_PASSTHRU);

 }
+#ifdef PHP_WIN32
+# pragma optimize(, on)
+#endif

 PHPAPI int php_var_unserialize(UNSERIALIZE_PARAMETER)
 {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-02-28 Thread Christopher Jones

Stas,

Some of those bug fixes listed under 5.4.0 are already fixed in 5.3.10.
Random examples include the OCI8 fixes, OpenSSL fix 60279, Tidy fix 54682,
and CURL fix 60439.

Do you need a hand sorting out the dups?

Chris

On 02/28/2012 04:50 PM, Stanislav Malyshev wrote:

stas Wed, 29 Feb 2012 00:50:00 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323645

Log:
prepare NEWS for 5.4.0

Changed paths:
 U   php/php-src/branches/PHP_5_4/NEWS






--
Email: christopher.jo...@oracle.com
Tel:  +1 650 506 8630
Blog:  http://blogs.oracle.com/opal/

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-02-28 Thread Stanislav Malyshev
stas Wed, 29 Feb 2012 07:24:27 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323658

Log:
back to dev

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-29 07:22:43 UTC (rev 323657)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-29 07:24:27 UTC (rev 323658)
@@ -1,5 +1,7 @@
 PHPNEWS
 |||
+?? ??? 2012, PHP 5.4.1 RC1
+
 01 Mar 2012, PHP 5.4.0

 - autoconf 2.59+ is now supported (and required) for generating the

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-02-29 07:22:43 UTC (rev 
323657)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-02-29 07:24:27 UTC (rev 
323658)
@@ -119,8 +119,8 @@

 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
-PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=
+PHP_RELEASE_VERSION=1
+PHP_EXTRA_VERSION=RC1-dev
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-29 07:22:43 UTC 
(rev 323657)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-29 07:24:27 UTC 
(rev 323658)
@@ -2,7 +2,7 @@
 /* edit configure.in to change version number */
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
-#define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION 
-#define PHP_VERSION 5.4.0
-#define PHP_VERSION_ID 50400
+#define PHP_RELEASE_VERSION 1
+#define PHP_EXTRA_VERSION RC1-dev
+#define PHP_VERSION 5.4.1RC1-dev
+#define PHP_VERSION_ID 50401

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-02-16 Thread Michael Wallner
mike Thu, 16 Feb 2012 09:04:32 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323251

Log:
NEWS for r323219

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-16 08:00:00 UTC (rev 323250)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-16 09:04:32 UTC (rev 323251)
@@ -10,6 +10,9 @@
 default (Stas).
   . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
 $double=false). (Gustavo)
+  . Fixed output layer compat function not passing along input buffer with
+php_output_context_pass() if the output_handler_func does not set out_str
+(releaze3 at gmail dot com, Mike)

 - CGI/FastCGI SAPI
   . Fixed reinitialization of SAPI callbacks after php_module_startup().

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c

2012-02-15 Thread Stanislav Malyshev
stas Thu, 16 Feb 2012 01:51:45 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323245

Log:
make ZEND_SIGNALS configurable, off by default
also make ZEND_SIGNALS enabled and disabled binary-compatible

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/Zend.m4
U   php/php-src/branches/PHP_5_4/Zend/zend.h
U   php/php-src/branches/PHP_5_4/main/main.c
U   php/php-src/trunk/Zend/Zend.m4
U   php/php-src/trunk/Zend/zend.h
U   php/php-src/trunk/main/main.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-16 00:51:37 UTC (rev 323244)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-16 01:51:45 UTC (rev 323245)
@@ -4,6 +4,8 @@
 - Core:
   . Added ability to reset user opcode handlers (Yoram).
   . Improved max_input_vars directive to check nested variables (Dmitry).
+  . Made ZEND_SIGNALS configurable via --enable-zend-signals, off by
+default (Stas).
   . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
 $double=false). (Gustavo)


Modified: php/php-src/branches/PHP_5_4/Zend/Zend.m4
===
--- php/php-src/branches/PHP_5_4/Zend/Zend.m4   2012-02-16 00:51:37 UTC (rev 
323244)
+++ php/php-src/branches/PHP_5_4/Zend/Zend.m4   2012-02-16 01:51:45 UTC (rev 
323245)
@@ -393,14 +393,20 @@
 AC_CHECK_FUNCS(mremap)


+AC_ARG_ENABLE(zend-signals,
+[  --enable-zend-signals   Use zend signal handling],[
+  ZEND_SIGNALS=$enableval
+],[
+  ZEND_SIGNALS=no
+])
+
 AC_CHECK_FUNC(sigaction, [
-   ZEND_SIGNALS=yes
-   AC_DEFINE(ZEND_SIGNALS, 1, [Use zend signal handling])
AC_DEFINE(HAVE_SIGACTION, 1, [Whether sigaction() is available])
 ], [
ZEND_SIGNALS=no
 ])
 if test $ZEND_SIGNALS = yes; then
+   AC_DEFINE(ZEND_SIGNALS, 1, [Use zend signal handling])
CFLAGS=$CFLAGS -DZEND_SIGNALS
 fi


Modified: php/php-src/branches/PHP_5_4/Zend/zend.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend.h2012-02-16 00:51:37 UTC (rev 
323244)
+++ php/php-src/branches/PHP_5_4/Zend/zend.h2012-02-16 01:51:45 UTC (rev 
323245)
@@ -531,10 +531,8 @@
int (*write_function)(const char *str, uint str_length);
FILE *(*fopen_function)(const char *filename, char **opened_path 
TSRMLS_DC);
void (*message_handler)(long message, const void *data TSRMLS_DC);
-#ifndef ZEND_SIGNALS
void (*block_interruptions)(void);
void (*unblock_interruptions)(void);
-#endif
int (*get_configuration_directive)(const char *name, uint name_length, 
zval *contents);
void (*ticks_function)(int ticks);
void (*on_timeout)(int seconds TSRMLS_DC);
@@ -677,10 +675,8 @@
 extern ZEND_API int (*zend_printf)(const char *format, ...) 
ZEND_ATTRIBUTE_PTR_FORMAT(printf, 1, 2);
 extern ZEND_API zend_write_func_t zend_write;
 extern ZEND_API FILE *(*zend_fopen)(const char *filename, char **opened_path 
TSRMLS_DC);
-#ifndef ZEND_SIGNALS
 extern ZEND_API void (*zend_block_interruptions)(void);
 extern ZEND_API void (*zend_unblock_interruptions)(void);
-#endif
 extern ZEND_API void (*zend_ticks_function)(int ticks);
 extern ZEND_API void (*zend_error_cb)(int type, const char *error_filename, 
const uint error_lineno, const char *format, va_list args) 
ZEND_ATTRIBUTE_PTR_FORMAT(printf, 4, 0);
 extern ZEND_API void (*zend_on_timeout)(int seconds TSRMLS_DC);

Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c2012-02-16 00:51:37 UTC (rev 
323244)
+++ php/php-src/branches/PHP_5_4/main/main.c2012-02-16 01:51:45 UTC (rev 
323245)
@@ -1999,10 +1999,8 @@
zuf.write_function = php_output_wrapper;
zuf.fopen_function = php_fopen_wrapper_for_zend;
zuf.message_handler = php_message_handler_for_zend;
-#ifndef ZEND_SIGNALS
zuf.block_interruptions = sapi_module.block_interruptions;
zuf.unblock_interruptions = sapi_module.unblock_interruptions;
-#endif
zuf.get_configuration_directive = 
php_get_configuration_directive_for_zend;
zuf.ticks_function = php_run_ticks;
zuf.on_timeout = php_on_timeout;

Modified: php/php-src/trunk/Zend/Zend.m4
===
--- php/php-src/trunk/Zend/Zend.m4  2012-02-16 00:51:37 UTC (rev 323244)
+++ php/php-src/trunk/Zend/Zend.m4  2012-02-16 01:51:45 UTC (rev 323245)
@@ -393,14 +393,20 @@
 AC_CHECK_FUNCS(mremap)


+AC_ARG_ENABLE(zend-signals,
+[  --enable-zend-signals   Use zend signal handling],[
+  ZEND_SIGNALS=$enableval
+],[
+  ZEND_SIGNALS=no
+])
+
 AC_CHECK_FUNC(sigaction, [
-   ZEND_SIGNALS=yes
-   AC_DEFINE(ZEND_SIGNALS, 1, [Use zend signal handling])

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c

2012-02-15 Thread Rasmus Lerdorf
On 02/15/2012 05:51 PM, Stanislav Malyshev wrote:
 stas Thu, 16 Feb 2012 01:51:45 +
 
 Revision: http://svn.php.net/viewvc?view=revisionrevision=323245
 
 Log:
 make ZEND_SIGNALS configurable, off by default
 also make ZEND_SIGNALS enabled and disabled binary-compatible
 
 Changed paths:
 U   php/php-src/branches/PHP_5_4/NEWS
 U   php/php-src/branches/PHP_5_4/Zend/Zend.m4
 U   php/php-src/branches/PHP_5_4/Zend/zend.h
 U   php/php-src/branches/PHP_5_4/main/main.c
 U   php/php-src/trunk/Zend/Zend.m4
 U   php/php-src/trunk/Zend/zend.h
 U   php/php-src/trunk/main/main.c

Did you run the tests? Just from a quick skim I think this would break
both the pcntl and the posix extension.

-Rasmus

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c

2012-02-15 Thread Rasmus Lerdorf
On 02/15/2012 08:52 PM, Rasmus Lerdorf wrote:
 On 02/15/2012 05:51 PM, Stanislav Malyshev wrote:
 stas Thu, 16 Feb 2012 01:51:45 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=323245

 Log:
 make ZEND_SIGNALS configurable, off by default
 also make ZEND_SIGNALS enabled and disabled binary-compatible

 Changed paths:
 U   php/php-src/branches/PHP_5_4/NEWS
 U   php/php-src/branches/PHP_5_4/Zend/Zend.m4
 U   php/php-src/branches/PHP_5_4/Zend/zend.h
 U   php/php-src/branches/PHP_5_4/main/main.c
 U   php/php-src/trunk/Zend/Zend.m4
 U   php/php-src/trunk/Zend/zend.h
 U   php/php-src/trunk/main/main.c
 
 Did you run the tests? Just from a quick skim I think this would break
 both the pcntl and the posix extension.

ok, the pcntl test failures were due to the API bump and not having
recompiled shared extensions that rely on zend_signals

posix seems ok

-Rasmus

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/Zend.m4 branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/main/main.c trunk/Zend/Zend.m4 trunk/Zend/zend.h trunk/main/main.c

2012-02-15 Thread Stas Malyshev

Hi!


Did you run the tests? Just from a quick skim I think this would break
both the pcntl and the posix extension.


Yes, I did - no (new) fails both on Mac and Linux. If you see any please 
tell me.

--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-02-15 Thread Stanislav Malyshev
stas Thu, 16 Feb 2012 07:45:08 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323247

Log:
5.4.0rc8

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-16 04:02:04 UTC (rev 323246)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-16 07:45:08 UTC (rev 323247)
@@ -1,6 +1,6 @@
 PHPNEWS
 |||
-?? Feb 2012, PHP 5.4.0 RC 8
+15 Feb 2012, PHP 5.4.0 RC 8
 - Core:
   . Added ability to reset user opcode handlers (Yoram).
   . Improved max_input_vars directive to check nested variables (Dmitry).

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-02-16 04:02:04 UTC (rev 
323246)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-02-16 07:45:08 UTC (rev 
323247)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC8-dev
+PHP_EXTRA_VERSION=RC8
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 04:02:04 UTC 
(rev 323246)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 07:45:08 UTC 
(rev 323247)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC8-dev
-#define PHP_VERSION 5.4.0RC8-dev
+#define PHP_EXTRA_VERSION RC8
+#define PHP_VERSION 5.4.0RC8
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-02-15 Thread Stanislav Malyshev
stas Thu, 16 Feb 2012 07:47:02 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323248

Log:
back to dev

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-16 07:45:08 UTC (rev 323247)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-16 07:47:02 UTC (rev 323248)
@@ -1,5 +1,7 @@
 PHPNEWS
 |||
+?? ??? 2012, PHP 5.4.0 RC 9
+
 15 Feb 2012, PHP 5.4.0 RC 8
 - Core:
   . Added ability to reset user opcode handlers (Yoram).

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-02-16 07:45:08 UTC (rev 
323247)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-02-16 07:47:02 UTC (rev 
323248)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC8
+PHP_EXTRA_VERSION=RC9-dev
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 07:45:08 UTC 
(rev 323247)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-16 07:47:02 UTC 
(rev 323248)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC8
-#define PHP_VERSION 5.4.0RC8
+#define PHP_EXTRA_VERSION RC9-dev
+#define PHP_VERSION 5.4.0RC9-dev
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_execute.c trunk/Zend/zend_execute.c

2012-02-14 Thread Dmitry Stogov
dmitry   Tue, 14 Feb 2012 09:27:08 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323204

Log:
Added ability to reset user opcode handlers (Yoram)

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend_execute.c
U   php/php-src/trunk/Zend/zend_execute.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-14 09:26:38 UTC (rev 323203)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-14 09:27:08 UTC (rev 323204)
@@ -2,6 +2,7 @@
 |||
 ?? Feb 2012, PHP 5.4.0 RC 8
 - Core:
+  . Added ability to reset user opcode handlers (Yoram).
   . Improved max_input_vars directive to check nested variables (Dmitry).
   . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
 $double=false). (Gustavo)

Modified: php/php-src/branches/PHP_5_4/Zend/zend_execute.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_execute.c2012-02-14 09:26:38 UTC 
(rev 323203)
+++ php/php-src/branches/PHP_5_4/Zend/zend_execute.c2012-02-14 09:27:08 UTC 
(rev 323204)
@@ -1512,7 +1512,12 @@
 ZEND_API int zend_set_user_opcode_handler(zend_uchar opcode, 
user_opcode_handler_t handler)
 {
if (opcode != ZEND_USER_OPCODE) {
-   zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+   if (handler == NULL) {
+   /* restore the original handler */
+   zend_user_opcodes[opcode] = opcode;
+   } else {
+   zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+   }
zend_user_opcode_handlers[opcode] = handler;
return SUCCESS;
}

Modified: php/php-src/trunk/Zend/zend_execute.c
===
--- php/php-src/trunk/Zend/zend_execute.c   2012-02-14 09:26:38 UTC (rev 
323203)
+++ php/php-src/trunk/Zend/zend_execute.c   2012-02-14 09:27:08 UTC (rev 
323204)
@@ -1512,7 +1512,12 @@
 ZEND_API int zend_set_user_opcode_handler(zend_uchar opcode, 
user_opcode_handler_t handler)
 {
if (opcode != ZEND_USER_OPCODE) {
-   zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+   if (handler == NULL) {
+   /* restore the original handler */
+   zend_user_opcodes[opcode] = opcode;
+   } else {
+   zend_user_opcodes[opcode] = ZEND_USER_OPCODE;
+   }
zend_user_opcode_handlers[opcode] = handler;
return SUCCESS;
}

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cgi/cgi_main.c trunk/sapi/cgi/cgi_main.c

2012-02-14 Thread Dmitry Stogov
dmitry   Tue, 14 Feb 2012 13:31:23 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323212

Log:
Fixed reinitialization of SAPI callbacks after php_module_startup()

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c
U   php/php-src/trunk/sapi/cgi/cgi_main.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-14 13:05:31 UTC (rev 323211)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-14 13:31:23 UTC (rev 323212)
@@ -7,6 +7,10 @@
   . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
 $double=false). (Gustavo)

+- CGI/FastCGI SAPI
+  . Fixed reinitialization of SAPI callbacks after php_module_startup().
+(Dmitry)
+
 02 Feb 2012, PHP 5.4.0 RC 7
 - Core:
   . Fixed bug #60895 (Possible invalid handler usage in windows random

Modified: php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c
===
--- php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c2012-02-14 13:05:31 UTC 
(rev 323211)
+++ php/php-src/branches/PHP_5_4/sapi/cgi/cgi_main.c2012-02-14 13:31:23 UTC 
(rev 323212)
@@ -1860,6 +1860,15 @@
php_optind = orig_optind;
php_optarg = orig_optarg;

+   if (fastcgi || bindpath) {
+   /* Override SAPI callbacks */
+   cgi_sapi_module.ub_write = sapi_fcgi_ub_write;
+   cgi_sapi_module.flush= sapi_fcgi_flush;
+   cgi_sapi_module.read_post= sapi_fcgi_read_post;
+   cgi_sapi_module.getenv   = sapi_fcgi_getenv;
+   cgi_sapi_module.read_cookies = sapi_fcgi_read_cookies;
+   }
+
 #ifdef ZTS
SG(request_info).path_translated = NULL;
 #endif
@@ -1929,13 +1938,6 @@
fastcgi = fcgi_is_fastcgi();
}
if (fastcgi) {
-   /* Override SAPI callbacks */
-   sapi_module.ub_write = sapi_fcgi_ub_write;
-   sapi_module.flush= sapi_fcgi_flush;
-   sapi_module.read_post= sapi_fcgi_read_post;
-   sapi_module.getenv   = sapi_fcgi_getenv;
-   sapi_module.read_cookies = sapi_fcgi_read_cookies;
-
/* How many times to run PHP scripts before dying */
if (getenv(PHP_FCGI_MAX_REQUESTS)) {
max_requests = atoi(getenv(PHP_FCGI_MAX_REQUESTS));

Modified: php/php-src/trunk/sapi/cgi/cgi_main.c
===
--- php/php-src/trunk/sapi/cgi/cgi_main.c   2012-02-14 13:05:31 UTC (rev 
323211)
+++ php/php-src/trunk/sapi/cgi/cgi_main.c   2012-02-14 13:31:23 UTC (rev 
323212)
@@ -1859,6 +1859,15 @@
php_optind = orig_optind;
php_optarg = orig_optarg;

+   if (fastcgi || bindpath) {
+   /* Override SAPI callbacks */
+   cgi_sapi_module.ub_write = sapi_fcgi_ub_write;
+   cgi_sapi_module.flush= sapi_fcgi_flush;
+   cgi_sapi_module.read_post= sapi_fcgi_read_post;
+   cgi_sapi_module.getenv   = sapi_fcgi_getenv;
+   cgi_sapi_module.read_cookies = sapi_fcgi_read_cookies;
+   }
+
 #ifdef ZTS
SG(request_info).path_translated = NULL;
 #endif
@@ -1928,13 +1937,6 @@
fastcgi = fcgi_is_fastcgi();
}
if (fastcgi) {
-   /* Override SAPI callbacks */
-   sapi_module.ub_write = sapi_fcgi_ub_write;
-   sapi_module.flush= sapi_fcgi_flush;
-   sapi_module.read_post= sapi_fcgi_read_post;
-   sapi_module.getenv   = sapi_fcgi_getenv;
-   sapi_module.read_cookies = sapi_fcgi_read_cookies;
-
/* How many times to run PHP scripts before dying */
if (getenv(PHP_FCGI_MAX_REQUESTS)) {
max_requests = atoi(getenv(PHP_FCGI_MAX_REQUESTS));

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Gustavo André dos Santos Lopes
cataphract   Sun, 05 Feb 2012 09:59:33 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323074

Log:
- Merge r323056 (see bug #60965).

Bug: https://bugs.php.net/60965 (Critical) Buffer overflow on 
htmlspecialchars/entities with $double=false
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/standard/html.c
A + php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt
(from 
php/php-src/trunk/ext/standard/tests/strings/bug60965.phpt:r323056)

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-05 09:58:50 UTC (rev 323073)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-05 09:59:33 UTC (rev 323074)
@@ -1,10 +1,13 @@
 PHPNEWS
 |||
 ?? Feb 2012, PHP 5.4.0 RC 8
+- Core:
+  . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
+$double=false). (Gustavo)

 02 Feb 2012, PHP 5.4.0 RC 7
 - Core:
-  . Fix bug #60895 (Possible invalid handler usage in windows random
+  . Fixed bug #60895 (Possible invalid handler usage in windows random
 functions). (Pierre)
   . Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
   . Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.

Modified: php/php-src/branches/PHP_5_4/ext/standard/html.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/html.c2012-02-05 09:58:50 UTC 
(rev 323073)
+++ php/php-src/branches/PHP_5_4/ext/standard/html.c2012-02-05 09:59:33 UTC 
(rev 323074)
@@ -1215,7 +1215,6 @@
size_t cursor, maxlen, len;
char *replaced;
enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
-   int matches_map;
int doctype = flags  ENT_HTML_DOC_TYPE_MASK;
entity_table_opt entity_table;
const enc_to_uni *to_uni_table = NULL;
@@ -1253,12 +1252,14 @@
}
}

+   /* initial estimate */
if (oldlen  64) {
maxlen = 128;
} else {
maxlen = 2 * oldlen;
}
-   replaced = emalloc(maxlen);
+
+   replaced = emalloc(maxlen + 1);
len = 0;
cursor = 0;
while (cursor  oldlen) {
@@ -1271,7 +1272,7 @@
/* guarantee we have at least 40 bytes to write.
 * In HTML5, entities may take up to 33 bytes */
if (len + 40  maxlen) {
-   replaced = erealloc(replaced, maxlen += 128);
+   replaced = erealloc(replaced, (maxlen += 128) + 1);
}

if (status == FAILURE) {
@@ -1291,7 +1292,6 @@
mbsequence = old[cursor_before];
mbseqlen = cursor - cursor_before;
}
-   matches_map = 0;

if (this_char != '') { /* no entity on this position */
const unsigned char *rep= NULL;
@@ -1302,12 +1302,15 @@
goto pass_char_through;

if (all) { /* false that 
CHARSET_PARTIAL_SUPPORT(charset) */
-   /* look for entity for this char */
if (to_uni_table != NULL) {
+   /* !CHARSET_UNICODE_COMPAT therefore 
not UTF-8; since UTF-8
+* is the only multibyte encoding with 
!CHARSET_PARTIAL_SUPPORT,
+* we're using a single byte encoding */
map_to_unicode(this_char, to_uni_table, 
this_char);
if (this_char == 0x) /* no mapping; 
pass through */
goto pass_char_through;
}
+   /* the cursor may advance */
find_entity_for_char(this_char, charset, 
entity_table.ms_table, rep,
rep_len, old, oldlen, cursor);
} else {
@@ -1397,6 +1400,10 @@
}
}
/* checks passed; copy entity to result */
+   /* entity size is unbounded, we may need more 
memory */
+   if (maxlen  len + ent_len + 2 /*  and ; */) {
+   replaced = erealloc(replaced, (maxlen 
+= ent_len + 128) + 1);
+   }
replaced[len++] = '';
memcpy(replaced[len], old[cursor], ent_len);
 

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Nuno Lopes
I didn't carefully review this patch, but doesn't this code suffer from 
potential math overflow?

i.e. with strlen($input_str)  INT_MAX/2  (or UINT_MAX/2)

Nuno

- Original Message - 
From: Gustavo André dos Santos Lopes cataphr...@php.net

To: php-cvs@lists.php.net
Sent: Sunday, February 05, 2012 9:59 AM
Subject: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS 
ext/standard/html.c ext/standard/tests/strings/bug60965.phpt




cataphract   Sun, 05 Feb 2012 09:59:33 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323074

Log:
- Merge r323056 (see bug #60965).

Bug: https://bugs.php.net/60965 (Critical) Buffer overflow on 
htmlspecialchars/entities with $double=false


Changed paths:
   U   php/php-src/branches/PHP_5_4/NEWS
   U   php/php-src/branches/PHP_5_4/ext/standard/html.c
   A + 
php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt
   (from 
php/php-src/trunk/ext/standard/tests/strings/bug60965.phpt:r323056)


Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-02-05 09:58:50 UTC (rev 323073)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-02-05 09:59:33 UTC (rev 323074)
@@ -1,10 +1,13 @@
PHP 
NEWS

|||
?? Feb 2012, PHP 5.4.0 RC 8
+- Core:
+  . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
+$double=false). (Gustavo)

02 Feb 2012, PHP 5.4.0 RC 7
- Core:
-  . Fix bug #60895 (Possible invalid handler usage in windows random
+  . Fixed bug #60895 (Possible invalid handler usage in windows random
functions). (Pierre)
  . Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
  . Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.

Modified: php/php-src/branches/PHP_5_4/ext/standard/html.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/html.c 2012-02-05 09:58:50 
UTC (rev 323073)
+++ php/php-src/branches/PHP_5_4/ext/standard/html.c 2012-02-05 09:59:33 
UTC (rev 323074)

@@ -1215,7 +1215,6 @@
 size_t cursor, maxlen, len;
 char *replaced;
 enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
- int matches_map;
 int doctype = flags  ENT_HTML_DOC_TYPE_MASK;
 entity_table_opt entity_table;
 const enc_to_uni *to_uni_table = NULL;
@@ -1253,12 +1252,14 @@
 }
 }

+ /* initial estimate */
 if (oldlen  64) {
 maxlen = 128;
 } else {
 maxlen = 2 * oldlen;
 }
- replaced = emalloc(maxlen);
+
+ replaced = emalloc(maxlen + 1);
 len = 0;
 cursor = 0;
 while (cursor  oldlen) {
@@ -1271,7 +1272,7 @@
 /* guarantee we have at least 40 bytes to write.
 * In HTML5, entities may take up to 33 bytes */
 if (len + 40  maxlen) {
- replaced = erealloc(replaced, maxlen += 128);
+ replaced = erealloc(replaced, (maxlen += 128) + 1);
 }

 if (status == FAILURE) {
@@ -1291,7 +1292,6 @@
 mbsequence = old[cursor_before];
 mbseqlen = cursor - cursor_before;
 }
- matches_map = 0;

 if (this_char != '') { /* no entity on this position */
 const unsigned char *rep = NULL;
@@ -1302,12 +1302,15 @@
 goto pass_char_through;

 if (all) { /* false that CHARSET_PARTIAL_SUPPORT(charset) */
- /* look for entity for this char */
 if (to_uni_table != NULL) {
+ /* !CHARSET_UNICODE_COMPAT therefore not UTF-8; since UTF-8
+ * is the only multibyte encoding with !CHARSET_PARTIAL_SUPPORT,
+ * we're using a single byte encoding */
 map_to_unicode(this_char, to_uni_table, this_char);
 if (this_char == 0x) /* no mapping; pass through */
 goto pass_char_through;
 }
+ /* the cursor may advance */
 find_entity_for_char(this_char, charset, entity_table.ms_table, rep,
 rep_len, old, oldlen, cursor);
 } else {
@@ -1397,6 +1400,10 @@
 }
 }
 /* checks passed; copy entity to result */
+ /* entity size is unbounded, we may need more memory */
+ if (maxlen  len + ent_len + 2 /*  and ; */) {
+ replaced = erealloc(replaced, (maxlen += ent_len + 128) + 1);
+ }
 replaced[len++] = '';
 memcpy(replaced[len], old[cursor], ent_len);
 len += ent_len;

Copied: 
php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt 
(from rev 323056, 
php/php-src/trunk/ext/standard/tests/strings/bug60965.phpt)

===
--- php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt 
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/standard/tests/strings/bug60965.phpt 
2012-02-05 09:59:33 UTC (rev 323074)

@@ -0,0 +1,10 @@
+--TEST--
+Bug #60965: Buffer overflow on htmlspecialchars/entities with 
$double=false

+--FILE--
+?php
+echo 
htmlspecialchars('#x05;',

+ENT_QUOTES, 'UTF-8', false), \n;
+echo Done.\n;
+--EXPECT--
+quot;quot;quot;quot;quot;quot;quot

Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Gustavo Lopes

On Sun, 5 Feb 2012 10:55:39 -, Nuno Lopes wrote:

I didn't carefully review this patch, but doesn't this code suffer
from potential math overflow?
i.e. with strlen($input_str)  INT_MAX/2  (or UINT_MAX/2)



All the length and position variables are of type size_t, so I'd say 
we'd be out of memory long before that could be a problem (unless 
there's some architecture of which I'm not aware where SIZE_T is low 
enough for this to be a problem).


--
Gustavo Lopes

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Gustavo Lopes

On Sun, 05 Feb 2012 14:00:11 +0100, Gustavo Lopes wrote:

On Sun, 5 Feb 2012 10:55:39 -, Nuno Lopes wrote:

I didn't carefully review this patch, but doesn't this code suffer
from potential math overflow?
i.e. with strlen($input_str)  INT_MAX/2  (or UINT_MAX/2)



All the length and position variables are of type size_t, so I'd say
we'd be out of memory long before that could be a problem (unless
there's some architecture of which I'm not aware where SIZE_T is low
enough for this to be a problem).


read: SIZE_MAX, not SIZE_T

--
Gustavo Lopes

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Pierre Joye
2012/2/5 Gustavo Lopes glo...@nebm.ist.utl.pt:

 All the length and position variables are of type size_t, so I'd say
 we'd be out of memory long before that could be a problem (unless
 there's some architecture of which I'm not aware where SIZE_T is low
 enough for this to be a problem).


 read: SIZE_MAX, not SIZE_T

By the way, SIZE_MAX (can be up to 65k or so afair) should not be used
in relation with buffer (string or other) length. It defines the
maximum size of a single object allocation that the compiler can
manage. Not sure if it is actually what you want here.

-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Gustavo Lopes

On Sun, 5 Feb 2012 14:37:27 +0100, Pierre Joye wrote:

2012/2/5 Gustavo Lopes glo...@nebm.ist.utl.pt:

All the length and position variables are of type size_t, so I'd 
say

we'd be out of memory long before that could be a problem (unless
there's some architecture of which I'm not aware where SIZE_T is 
low

enough for this to be a problem).



read: SIZE_MAX, not SIZE_T


By the way, SIZE_MAX (can be up to 65k or so afair) should not be 
used

in relation with buffer (string or other) length. It defines the
maximum size of a single object allocation that the compiler can
manage. Not sure if it is actually what you want here.


SIZE_MAX is indeed the limit of size_t. See ISO/IEC 9899:TC3, section 
7.18.3 on http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf 
(page 259).


Forgetting the irrelevant case where size_t is 16 bit wide, there is 
indeed a potential problem if size_t is 32-bit wide. First, if you can 
pass a string with about 2GB you could the multiplication by 2 would 
wrap around. But you could even pass a smaller string (possibly 10/15 
times less, I don't know what's the maximum expansion factor of 
htmlentities) and then it could wrap in the reallocation. I'll take this 
into account.


--
Gustavo Lopes

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Gustavo Lopes

On Sun, 05 Feb 2012 15:00:11 +0100, Gustavo Lopes wrote:

On Sun, 5 Feb 2012 14:37:27 +0100, Pierre Joye wrote:

2012/2/5 Gustavo Lopes glo...@nebm.ist.utl.pt:

All the length and position variables are of type size_t, so I'd 
say

we'd be out of memory long before that could be a problem (unless
there's some architecture of which I'm not aware where SIZE_T is 
low

enough for this to be a problem).



read: SIZE_MAX, not SIZE_T


By the way, SIZE_MAX (can be up to 65k or so afair) should not be 
used

in relation with buffer (string or other) length. It defines the
maximum size of a single object allocation that the compiler can
manage. Not sure if it is actually what you want here.


SIZE_MAX is indeed the limit of size_t. See ISO/IEC 9899:TC3, section
7.18.3 on http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf
(page 259).

Forgetting the irrelevant case where size_t is 16 bit wide, there is
indeed a potential problem if size_t is 32-bit wide. First, if you 
can

pass a string with about 2GB you could the multiplication by 2 would
wrap around. But you could even pass a smaller string (possibly 10/15
times less, I don't know what's the maximum expansion factor of
htmlentities) and then it could wrap in the reallocation. I'll take
this into account.


See 
http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/html.c?r1=323079r2=323078pathrev=323079


I don't know if this is worth merging to 5.4 at this point; after all 
5.3 has the same problem.


--
Gustavo Lopes

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/html.c ext/standard/tests/strings/bug60965.phpt

2012-02-05 Thread Nuno Lopes

On Sun, 05 Feb 2012 15:00:11 +0100, Gustavo Lopes wrote:

On Sun, 5 Feb 2012 14:37:27 +0100, Pierre Joye wrote:

2012/2/5 Gustavo Lopes glo...@nebm.ist.utl.pt:


All the length and position variables are of type size_t, so I'd say
we'd be out of memory long before that could be a problem (unless
there's some architecture of which I'm not aware where SIZE_T is low
enough for this to be a problem).



read: SIZE_MAX, not SIZE_T


By the way, SIZE_MAX (can be up to 65k or so afair) should not be used
in relation with buffer (string or other) length. It defines the
maximum size of a single object allocation that the compiler can
manage. Not sure if it is actually what you want here.


SIZE_MAX is indeed the limit of size_t. See ISO/IEC 9899:TC3, section
7.18.3 on http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf
(page 259).

Forgetting the irrelevant case where size_t is 16 bit wide, there is
indeed a potential problem if size_t is 32-bit wide. First, if you can
pass a string with about 2GB you could the multiplication by 2 would
wrap around. But you could even pass a smaller string (possibly 10/15
times less, I don't know what's the maximum expansion factor of
htmlentities) and then it could wrap in the reallocation. I'll take
this into account.


See 
http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/html.c?r1=323079r2=323078pathrev=323079


I don't know if this is worth merging to 5.4 at this point; after all 5.3 
has the same problem.


Obrigado!
I think this bug (although probably exploitable) is low risk, since it 
requires a large 'memory_limit' value to be triggable.

Your last patch seems good to me.

Nuno 



--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-02-01 Thread Stanislav Malyshev
stas Thu, 02 Feb 2012 06:08:29 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323009

Log:
5.4.0 rc7

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-01 23:20:30 UTC (rev 323008)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-02 06:08:29 UTC (rev 323009)
@@ -1,6 +1,6 @@
 PHPNEWS
 |||
-?? Jan 2012, PHP 5.4.0 RC 7
+02 Feb 2012, PHP 5.4.0 RC 7
 - Core:
   . Fix bug #60895 (Possible invalid handler usage in windows random
 functions). (Pierre)

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-02-01 23:20:30 UTC (rev 
323008)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-02-02 06:08:29 UTC (rev 
323009)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC7-dev
+PHP_EXTRA_VERSION=RC7
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-01 23:20:30 UTC 
(rev 323008)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-02 06:08:29 UTC 
(rev 323009)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC7-dev
-#define PHP_VERSION 5.4.0RC7-dev
+#define PHP_EXTRA_VERSION RC7
+#define PHP_VERSION 5.4.0RC7
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-02-01 Thread Stanislav Malyshev
stas Thu, 02 Feb 2012 06:09:50 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=323010

Log:
back to dev

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-02-02 06:08:29 UTC (rev 323009)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-02-02 06:09:50 UTC (rev 323010)
@@ -1,5 +1,7 @@
 PHPNEWS
 |||
+?? Feb 2012, PHP 5.4.0 RC 8
+
 02 Feb 2012, PHP 5.4.0 RC 7
 - Core:
   . Fix bug #60895 (Possible invalid handler usage in windows random

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-02-02 06:08:29 UTC (rev 
323009)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-02-02 06:09:50 UTC (rev 
323010)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC7
+PHP_EXTRA_VERSION=RC8-dev
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-02 06:08:29 UTC 
(rev 323009)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-02-02 06:09:50 UTC 
(rev 323010)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC7
-#define PHP_VERSION 5.4.0RC7
+#define PHP_EXTRA_VERSION RC8-dev
+#define PHP_VERSION 5.4.0RC8-dev
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_vm_def.h branches/PHP_5_4/Zend/zend_vm_execute.h trunk/Zend/zend_vm_def.h trunk/Zend/zend_vm_execute.h

2012-01-30 Thread Dmitry Stogov
dmitry   Mon, 30 Jan 2012 10:51:02 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322928

Log:
Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
U   php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
U   php/php-src/trunk/Zend/zend_vm_def.h
U   php/php-src/trunk/Zend/zend_vm_execute.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-01-30 10:08:11 UTC (rev 322927)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-01-30 10:51:02 UTC (rev 322928)
@@ -5,6 +5,8 @@
   . Fix bug #60895 (Possible invalid handler usage in windows random
 functions). (Pierre)
   . Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
+  . Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.
+(Dmitry)

 - OpenSSL:
   . Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.

Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h	2012-01-30 10:08:11 UTC (rev 322927)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h	2012-01-30 10:51:02 UTC (rev 322928)
@@ -2187,6 +2187,7 @@
 zend_error_noreturn(E_ERROR, Call to undefined method %s::%s(), Z_OBJ_CLASS_NAME_P(EX(object)), function_name_strval);
 			}
 			if (OP2_TYPE == IS_CONST 
+			EXPECTED(EX(fbc)-type = ZEND_USER_FUNCTION) 
 			EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0) 
 			EXPECTED(EX(object) == object)) {
 CACHE_POLYMORPHIC_PTR(opline-op2.literal-cache_slot, EX(called_scope), EX(fbc));
@@ -2284,7 +2285,9 @@
 			if (UNEXPECTED(EX(fbc) == NULL)) {
 zend_error_noreturn(E_ERROR, Call to undefined method %s::%s(), ce-name, function_name_strval);
 			}
-			if (OP2_TYPE == IS_CONST  EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+			if (OP2_TYPE == IS_CONST 
+			EXPECTED(EX(fbc)-type = ZEND_USER_FUNCTION) 
+			EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
 if (OP1_TYPE == IS_CONST) {
 	CACHE_PTR(opline-op2.literal-cache_slot, EX(fbc));
 } else {

Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h	2012-01-30 10:08:11 UTC (rev 322927)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h	2012-01-30 10:51:02 UTC (rev 322928)
@@ -3453,7 +3453,9 @@
 			if (UNEXPECTED(EX(fbc) == NULL)) {
 zend_error_noreturn(E_ERROR, Call to undefined method %s::%s(), ce-name, function_name_strval);
 			}
-			if (IS_CONST == IS_CONST  EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+			if (IS_CONST == IS_CONST 
+			EXPECTED(EX(fbc)-type = ZEND_USER_FUNCTION) 
+			EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
 if (IS_CONST == IS_CONST) {
 	CACHE_PTR(opline-op2.literal-cache_slot, EX(fbc));
 } else {
@@ -4237,7 +4239,9 @@
 			if (UNEXPECTED(EX(fbc) == NULL)) {
 zend_error_noreturn(E_ERROR, Call to undefined method %s::%s(), ce-name, function_name_strval);
 			}
-			if (IS_TMP_VAR == IS_CONST  EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+			if (IS_TMP_VAR == IS_CONST 
+			EXPECTED(EX(fbc)-type = ZEND_USER_FUNCTION) 
+			EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
 if (IS_CONST == IS_CONST) {
 	CACHE_PTR(opline-op2.literal-cache_slot, EX(fbc));
 } else {
@@ -4900,7 +4904,9 @@
 			if (UNEXPECTED(EX(fbc) == NULL)) {
 zend_error_noreturn(E_ERROR, Call to undefined method %s::%s(), ce-name, function_name_strval);
 			}
-			if (IS_VAR == IS_CONST  EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+			if (IS_VAR == IS_CONST 
+			EXPECTED(EX(fbc)-type = ZEND_USER_FUNCTION) 
+			EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
 if (IS_CONST == IS_CONST) {
 	CACHE_PTR(opline-op2.literal-cache_slot, EX(fbc));
 } else {
@@ -5434,7 +5440,9 @@
 			if (UNEXPECTED(EX(fbc) == NULL)) {
 zend_error_noreturn(E_ERROR, Call to undefined method %s::%s(), ce-name, function_name_strval);
 			}
-			if (IS_UNUSED == IS_CONST  EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
+			if (IS_UNUSED == IS_CONST 
+			EXPECTED(EX(fbc)-type = ZEND_USER_FUNCTION) 
+			EXPECTED((EX(fbc)-common.fn_flags  (ZEND_ACC_CALL_VIA_HANDLER|ZEND_ACC_NEVER_CACHE)) == 0)) {
 if 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60825.phpt branches/PHP_5_4/Zend/zend_vm_def.h branches/PHP_5_4/Zend/zend_vm_execute.h trunk/NEWS

2012-01-25 Thread Xinchen Hui
laruence Thu, 26 Jan 2012 01:21:35 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322770

Log:
Fixed bug #60825 (Segfault when running symfony 2 tests)

Bug: https://bugs.php.net/60825 (Critical) Segfault when running symfony 2 tests
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
U   php/php-src/branches/PHP_5_4/Zend/zend_vm_execute.h
U   php/php-src/trunk/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-01-25 23:11:18 UTC (rev 322769)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-01-26 01:21:35 UTC (rev 322770)
@@ -9,6 +9,8 @@
 $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
   . Fixed bug #60809 (TRAITS - PHPDoc Comment Style Bug). (Dmitry)
   . Fixed bug #60768 (Output buffer not discarded) (Mike)
+  . Fixed bug #60825 (Segfault when running symfony 2 tests).
+(Dmitry, Laruence)

 - Hash
   . Fixed bug #60221 (Tiger hash output byte order) (Mike)

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60825.phpt	2012-01-26 01:21:35 UTC (rev 322770)
@@ -0,0 +1,19 @@
+--TEST--
+Bug #60825 (Segfault when running symfony 2 tests)
+--DESCRIPTION--
+run this with valgrind
+--FILE--
+?php
+class test {
+	public static $x;
+	public function __toString() {
+		self::$x = $this;
+		return __FILE__;
+	}
+}
+$a = new test;
+require_once $a;
+debug_zval_dump(test::$x);
+?
+--EXPECTF--
+string(%d) %sbug60825.php refcount(2)

Modified: php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h	2012-01-25 23:11:18 UTC (rev 322769)
+++ php/php-src/branches/PHP_5_4/Zend/zend_vm_def.h	2012-01-26 01:21:35 UTC (rev 322770)
@@ -2391,7 +2391,7 @@
 			CHECK_EXCEPTION();
 			ZEND_VM_NEXT_OPCODE();
 		} else if (OP2_TYPE != IS_CONST 
-			EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) 
+			EXPECTED(Z_TYPE_P(function_name) == IS_ARRAY) 
 			zend_hash_num_elements(Z_ARRVAL_P(function_name)) == 2) {
 			zend_class_entry *ce;
 			zval **method = NULL;
@@ -2399,15 +2399,15 @@

 			zend_hash_index_find(Z_ARRVAL_P(function_name), 0, (void **) obj);
 			zend_hash_index_find(Z_ARRVAL_P(function_name), 1, (void **) method);
-
+
 			if (Z_TYPE_PP(obj) != IS_STRING  Z_TYPE_PP(obj) != IS_OBJECT) {
 zend_error_noreturn(E_ERROR, First array member is not a valid class name or object);
 			}
-
+
 			if (Z_TYPE_PP(method) != IS_STRING) {
 zend_error_noreturn(E_ERROR, Second array member is not a valid method);
 			}
-
+
 			if (Z_TYPE_PP(obj) == IS_STRING) {
 ce = zend_fetch_class_by_name(Z_STRVAL_PP(obj), Z_STRLEN_PP(obj), NULL, 0 TSRMLS_CC);
 if (UNEXPECTED(ce == NULL)) {
@@ -2415,7 +2415,7 @@
 }
 EX(called_scope) = ce;
 EX(object) = NULL;
-
+
 if (ce-get_static_method) {
 	EX(fbc) = ce-get_static_method(ce, Z_STRVAL_PP(method), Z_STRLEN_PP(method) TSRMLS_CC);
 } else {
@@ -2429,7 +2429,7 @@
 if (UNEXPECTED(EX(fbc) == NULL)) {
 	zend_error_noreturn(E_ERROR, Call to undefined method %s::%s(), Z_OBJ_CLASS_NAME_P(EX(object)), Z_STRVAL_PP(method));
 }
-
+
 if ((EX(fbc)-common.fn_flags  ZEND_ACC_STATIC) != 0) {
 	EX(object) = NULL;
 } else {
@@ -3693,17 +3693,18 @@
 	zend_op_array *new_op_array=NULL;
 	zend_free_op free_op1;
 	zval *inc_filename;
-	zval tmp_inc_filename;
+zval *tmp_inc_filename = NULL;
 	zend_bool failure_retval=0;

 	SAVE_OPLINE();
 	inc_filename = GET_OP1_ZVAL_PTR(BP_VAR_R);

 	if (inc_filename-type!=IS_STRING) {
-		ZVAL_COPY_VALUE(tmp_inc_filename, inc_filename);
-		zval_copy_ctor(tmp_inc_filename);
-		convert_to_string(tmp_inc_filename);
-		inc_filename = tmp_inc_filename;
+		MAKE_STD_ZVAL(tmp_inc_filename);
+		ZVAL_COPY_VALUE(tmp_inc_filename, inc_filename);
+		zval_copy_ctor(tmp_inc_filename);
+		convert_to_string(tmp_inc_filename);
+		inc_filename = tmp_inc_filename;
 	}

 	if (opline-extended_value != ZEND_EVAL  strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
@@ -3767,8 +3768,8 @@
 			EMPTY_SWITCH_DEFAULT_CASE()
 		}
 	}
-	if (inc_filename==tmp_inc_filename) {
-		zval_dtor(tmp_inc_filename);
+	if (tmp_inc_filename) {
+		zval_ptr_dtor(tmp_inc_filename);
 	}
 	FREE_OP1();
 	if (UNEXPECTED(EG(exception) != NULL)) {
@@ -4510,15 +4511,15 @@
 			if (Z_TYPE_P(offset) = IS_BOOL /* simple scalar types */
 || (Z_TYPE_P(offset) == IS_STRING /* or numeric string */
 		 IS_LONG == is_numeric_string(Z_STRVAL_P(offset), Z_STRLEN_P(offset), NULL, NULL, 0))) {
-ZVAL_COPY_VALUE(tmp, offset);
-

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/ftp/ftp.c ext/openssl/xp_ssl.c

2012-01-25 Thread Scott MacVicar
scottmac Thu, 26 Jan 2012 05:15:57 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322785

Log:
MFH r322485
Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/ftp/ftp.c
U   php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-26 04:16:32 UTC (rev 322784)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-26 05:15:57 UTC (rev 322785)
@@ -1,6 +1,8 @@
 PHPNEWS
 |||
-?? Jan 2012, PHP 5.4.0
+?? Jan 2012, PHP 5.4.0 RC 7
+- Fix possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
+  CVE-2011-3389. (Scott)

 19 Jan 2012, PHP 5.4.0 RC6


Modified: php/php-src/branches/PHP_5_4/ext/ftp/ftp.c
===
--- php/php-src/branches/PHP_5_4/ext/ftp/ftp.c  2012-01-26 04:16:32 UTC (rev 
322784)
+++ php/php-src/branches/PHP_5_4/ext/ftp/ftp.c  2012-01-26 05:15:57 UTC (rev 
322785)
@@ -243,6 +243,7 @@
 {
 #if HAVE_OPENSSL_EXT
SSL_CTX *ctx = NULL;
+   long ssl_ctx_options = SSL_OP_ALL;
 #endif
if (ftp == NULL) {
return 0;
@@ -279,7 +280,10 @@
return 0;
}

-   SSL_CTX_set_options(ctx, SSL_OP_ALL);
+#if OPENSSL_VERSION_NUMBER = 0x0090605fL
+   ssl_ctx_options = ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+#endif
+   SSL_CTX_set_options(ctx, ssl_ctx_options);

ftp-ssl_handle = SSL_new(ctx);
if (ftp-ssl_handle == NULL) {
@@ -1495,6 +1499,7 @@

 #if HAVE_OPENSSL_EXT
SSL_CTX *ctx;
+   long ssl_ctx_options = SSL_OP_ALL;
 #endif

if (data-fd != -1) {
@@ -1521,7 +1526,10 @@
return 0;
}

-   SSL_CTX_set_options(ctx, SSL_OP_ALL);
+#if OPENSSL_VERSION_NUMBER = 0x0090605fL
+   ssl_ctx_options = ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+#endif
+   SSL_CTX_set_options(ctx, ssl_ctx_options);

data-ssl_handle = SSL_new(ctx);
if (data-ssl_handle == NULL) {

Modified: php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c
===
--- php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c   2012-01-26 04:16:32 UTC 
(rev 322784)
+++ php/php-src/branches/PHP_5_4/ext/openssl/xp_ssl.c   2012-01-26 05:15:57 UTC 
(rev 322785)
@@ -310,6 +310,7 @@
TSRMLS_DC)
 {
SSL_METHOD *method;
+   long ssl_ctx_options = SSL_OP_ALL;

if (sslsock-ssl_handle) {
if (sslsock-s.is_blocked) {
@@ -377,7 +378,10 @@
return -1;
}

-   SSL_CTX_set_options(sslsock-ctx, SSL_OP_ALL);
+#if OPENSSL_VERSION_NUMBER = 0x0090605fL
+   ssl_ctx_options = ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+#endif
+   SSL_CTX_set_options(sslsock-ctx, ssl_ctx_options);

 #if OPENSSL_VERSION_NUMBER = 0x0090806fL
{

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/traits/bug60809.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/traits/bug60809.phpt trunk/Zend/zend_compile.c

2012-01-20 Thread Dmitry Stogov
dmitry   Fri, 20 Jan 2012 12:30:57 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322495

Log:
Fixed Bug #60809 (TRAITS - PHPDoc Comment Style Bug)
Fixed some other traits related bugs (uninitialized variable, return = 
continue)
Removed some trait related redundant code and variables

Bug: https://bugs.php.net/60809 (Critical) TRAITS - PHPDoc Comment Style Bug
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A   php/php-src/trunk/Zend/tests/traits/bug60809.phpt
U   php/php-src/trunk/Zend/zend_compile.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-01-20 12:28:37 UTC (rev 322494)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-01-20 12:30:57 UTC (rev 322495)
@@ -7,6 +7,7 @@
 - Core:
   . Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
 $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
+  . Fixed bug #60809 (TRAITS - PHPDoc Comment Style Bug). (Dmitry)
   . Fixed bug #60768 (Output buffer not discarded) (Mike)

 - Hash

Added: php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/traits/bug60809.phpt	2012-01-20 12:30:57 UTC (rev 322495)
@@ -0,0 +1,36 @@
+--TEST--
+Bug #60809 (TRAITS - PHPDoc Comment Style Bug)
+--FILE--
+?php
+class ExampleParent {
+	private $hello_world = hello foo\n;
+	public function foo() {
+	   echo $this-hello_world;
+	}
+}
+
+class Example extends ExampleParent {
+	use ExampleTrait;
+}
+
+trait ExampleTrait {
+	/**
+	 *
+	 */
+	private $hello_world = hello bar\n;
+	/**
+	 *
+	 */
+	public $prop = ops;
+	public function bar() {
+		echo $this-hello_world;
+	}
+}
+
+$x = new Example();
+$x-foo();
+$x-bar();
+?
+--EXPECT--
+hello foo
+hello bar

Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c	2012-01-20 12:28:37 UTC (rev 322494)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c	2012-01-20 12:30:57 UTC (rev 322495)
@@ -3714,19 +3714,15 @@
 static int zend_traits_merge_functions_to_class(zend_function *fn TSRMLS_DC, int num_args, va_list args, zend_hash_key *hash_key) /* {{{ */
 {
 	zend_class_entry *ce = va_arg(args, zend_class_entry*);
-	int add = 0;
 	zend_function* existing_fn = NULL;
 	zend_function fn_copy, *fn_copy_p;
 	zend_function* prototype = NULL;  /* is used to determine the prototype according to the inheritance chain */

-	if (zend_hash_quick_find(ce-function_table, hash_key-arKey, hash_key-nKeyLength, hash_key-h, (void**) existing_fn) == FAILURE) {
-		add = 1; /* not found */
-	} else if (existing_fn-common.scope != ce) {
-		add = 1; /* or inherited from other class or interface */
-	}
-
-	if (add) {
+	if (zend_hash_quick_find(ce-function_table, hash_key-arKey, hash_key-nKeyLength, hash_key-h, (void**) existing_fn) == FAILURE ||
+	existing_fn-common.scope != ce) {
+		/* not found or inherited from other class or interface */
 		zend_function* parent_function;
+
 		if (ce-parent  zend_hash_quick_find(ce-parent-function_table, hash_key-arKey, hash_key-nKeyLength, hash_key-h, (void**) parent_function) != FAILURE) {
 			prototype = parent_function; /* -common.fn_flags |= ZEND_ACC_ABSTRACT; */

@@ -3800,7 +3796,6 @@
 static int zend_traits_copy_functions(zend_function *fn TSRMLS_DC, int num_args, va_list args, zend_hash_key *hash_key) /* {{{ */
 {
 	HashTable* target;
-	zend_class_entry *target_ce;
 	zend_trait_alias** aliases;
 	HashTable* exclude_table;
 	char* lcname;
@@ -3810,7 +3805,6 @@
 	size_t i = 0;

 	target= va_arg(args, HashTable*);
-	target_ce = va_arg(args, zend_class_entry*);
 	aliases   = va_arg(args, zend_trait_alias**);
 	exclude_table = va_arg(args, HashTable*);

@@ -3901,9 +3895,9 @@
 /* }}} */

 /* Copies function table entries to target function table with applied aliasing */
-static void zend_traits_copy_trait_function_table(HashTable *target, zend_class_entry *target_ce, HashTable *source, zend_trait_alias** aliases, HashTable* exclude_table TSRMLS_DC) /* {{{ */
+static void zend_traits_copy_trait_function_table(HashTable *target, HashTable *source, zend_trait_alias** aliases, HashTable* exclude_table TSRMLS_DC) /* {{{ */
 {
-	zend_hash_apply_with_arguments(source TSRMLS_CC, (apply_func_args_t)zend_traits_copy_functions, 4, target, target_ce, aliases, exclude_table);
+	zend_hash_apply_with_arguments(source TSRMLS_CC, (apply_func_args_t)zend_traits_copy_functions, 3, target, aliases, exclude_table);
 }
 /* }}} */

@@ -4035,10 +4029,10 @@
 			

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/hash/config.m4 branches/PHP_5_4/ext/hash/config.w32 branches/PHP_5_4/ext/hash/hash.c branches/PHP_5_4/ext/hash/hash_salsa.c bran

2012-01-18 Thread Michael Wallner
mike Wed, 18 Jan 2012 09:15:34 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322437

Log:
merge ext/hash from trunk

Changed paths:
_U  php/php-src/branches/PHP_5_4/
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/hash/config.m4
U   php/php-src/branches/PHP_5_4/ext/hash/config.w32
U   php/php-src/branches/PHP_5_4/ext/hash/hash.c
D   php/php-src/branches/PHP_5_4/ext/hash/hash_salsa.c
U   php/php-src/branches/PHP_5_4/ext/hash/hash_tiger.c
U   php/php-src/branches/PHP_5_4/ext/hash/php_hash.h
D   php/php-src/branches/PHP_5_4/ext/hash/php_hash_salsa.h
U   php/php-src/branches/PHP_5_4/ext/hash/tests/hash_algos.phpt
U   php/php-src/branches/PHP_5_4/ext/hash/tests/hash_copy_001.phpt
U   php/php-src/branches/PHP_5_4/ext/hash/tests/hash_file_basic1.phpt
U   php/php-src/branches/PHP_5_4/ext/hash/tests/hash_hmac_basic.phpt
U   php/php-src/branches/PHP_5_4/ext/hash/tests/hash_hmac_file_basic.phpt
U   php/php-src/branches/PHP_5_4/ext/hash/tests/tiger.phpt
U   php/php-src/trunk/NEWS


Property changes on: php/php-src/branches/PHP_5_4
___
Modified: svn:mergeinfo
   - /php/php-src/trunk:284726
   + /php/php-src/trunk:284726,322419,322421,322423

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/NEWS	2012-01-18 09:15:34 UTC (rev 322437)
@@ -7,6 +7,10 @@
 $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
   . Fixed bug #60768 (Output buffer not discarded) (Mike)

+- Hash
+  . Fixed bug #60221 (Tiger hash output byte order) (Mike)
+  . Removed Salsa10/Salsa20, which are actually stream ciphers (Mike)
+
 - Pdo Firebird:
   . Fixed bug #47415 (segfaults when passing lowercased column name to
 bindColumn). (Mariuz)

Modified: php/php-src/branches/PHP_5_4/ext/hash/config.m4
===
--- php/php-src/branches/PHP_5_4/ext/hash/config.m4	2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/ext/hash/config.m4	2012-01-18 09:15:34 UTC (rev 322437)
@@ -27,10 +27,10 @@

   EXT_HASH_SOURCES=hash.c hash_md.c hash_sha.c hash_ripemd.c hash_haval.c \
 hash_tiger.c hash_gost.c hash_snefru.c hash_whirlpool.c hash_adler32.c \
-hash_crc32.c hash_salsa.c hash_fnv.c hash_joaat.c
+hash_crc32.c hash_fnv.c hash_joaat.c
   EXT_HASH_HEADERS=php_hash.h php_hash_md.h php_hash_sha.h php_hash_ripemd.h \
 php_hash_haval.h php_hash_tiger.h php_hash_gost.h php_hash_snefru.h \
-php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h php_hash_salsa.h \
+php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h \
 php_hash_fnv.h php_hash_joaat.h php_hash_types.h

   PHP_NEW_EXTENSION(hash, $EXT_HASH_SOURCES, $ext_shared)

Modified: php/php-src/branches/PHP_5_4/ext/hash/config.w32
===
--- php/php-src/branches/PHP_5_4/ext/hash/config.w32	2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/ext/hash/config.w32	2012-01-18 09:15:34 UTC (rev 322437)
@@ -15,11 +15,11 @@
 	AC_DEFINE('HAVE_HASH_EXT', 1);
 	EXTENSION(hash, hash.c hash_md.c hash_sha.c hash_ripemd.c hash_haval.c 
 		+ hash_tiger.c hash_gost.c hash_snefru.c hash_whirlpool.c 
-		+ hash_adler32.c hash_crc32.c hash_salsa.c hash_joaat.c hash_fnv.c);
+		+ hash_adler32.c hash_crc32.c hash_joaat.c hash_fnv.c);

 		PHP_INSTALL_HEADERS(ext/hash/, php_hash.h php_hash_md.h php_hash_sha.h php_hash_ripemd.h  +
 		php_hash_haval.h php_hash_tiger.h php_hash_gost.h php_hash_snefru.h  +
-		php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h php_hash_salsa.h  +
+		php_hash_whirlpool.h php_hash_adler32.h php_hash_crc32.h  +
 		php_hash_types.h);
 }


Modified: php/php-src/branches/PHP_5_4/ext/hash/hash.c
===
--- php/php-src/branches/PHP_5_4/ext/hash/hash.c	2012-01-18 07:57:40 UTC (rev 322436)
+++ php/php-src/branches/PHP_5_4/ext/hash/hash.c	2012-01-18 09:15:34 UTC (rev 322437)
@@ -851,8 +851,6 @@
 	php_hash_register_algo(adler32,		php_hash_adler32_ops);
 	php_hash_register_algo(crc32,			php_hash_crc32_ops);
 	php_hash_register_algo(crc32b,		php_hash_crc32b_ops);
-	php_hash_register_algo(salsa10,		php_hash_salsa10_ops);
-	php_hash_register_algo(salsa20,		php_hash_salsa20_ops);
 	php_hash_register_algo(fnv132,		php_hash_fnv132_ops);
 	php_hash_register_algo(fnv164,		php_hash_fnv164_ops);
 	php_hash_register_algo(joaat,			php_hash_joaat_ops);

Deleted: php/php-src/branches/PHP_5_4/ext/hash/hash_salsa.c
===
--- php/php-src/branches/PHP_5_4/ext/hash/hash_salsa.c	2012-01-18 07:57:40 UTC (rev 322436)
+++ 

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-01-18 Thread Stanislav Malyshev
stas Thu, 19 Jan 2012 06:27:56 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322461

Log:
5.4.0RC6

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-19 00:20:04 UTC (rev 322460)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-19 06:27:56 UTC (rev 322461)
@@ -1,7 +1,9 @@
 PHPNEWS
 |||
-?? Jan 2012, PHP 5.4.0 RC6
+?? Jan 2012, PHP 5.4.0

+19 Jan 2012, PHP 5.4.0 RC6
+
 - Core:
   . Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
 $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-01-19 00:20:04 UTC (rev 
322460)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-01-19 06:27:56 UTC (rev 
322461)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC6-dev
+PHP_EXTRA_VERSION=RC6
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-19 00:20:04 UTC 
(rev 322460)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-19 06:27:56 UTC 
(rev 322461)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC6-dev
-#define PHP_VERSION 5.4.0RC6-dev
+#define PHP_EXTRA_VERSION RC6
+#define PHP_VERSION 5.4.0RC6
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/output.c branches/PHP_5_4/tests/output/bug60768.phpt trunk/main/output.c trunk/tests/output/bug60768.phpt

2012-01-16 Thread Michael Wallner
mike Mon, 16 Jan 2012 17:51:35 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322374

Log:
Fix bug #60768  Output buffer not discarded

 in php_output_handler_op():
  * if appending to buffer succeeds, just return HANDLER_NO_DATA
and do nothing else
  * if a zero sized string or true is returned from the handler
function, reset the context as well as the handler's buffer

Bug: https://bugs.php.net/60768 (error getting bug information)
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/main/output.c
A   php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt
U   php/php-src/trunk/main/output.c
A   php/php-src/trunk/tests/output/bug60768.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-16 16:10:50 UTC (rev 322373)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-16 17:51:35 UTC (rev 322374)
@@ -5,6 +5,7 @@
 - Core:
   . Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
 $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
+  . Fixed bug #60768 (Output buffer not discarded) (Mike)

 - Pdo Firebird:
   . Fixed bug #47415 (segfaults when passing lowercased column name to

Modified: php/php-src/branches/PHP_5_4/main/output.c
===
--- php/php-src/branches/PHP_5_4/main/output.c  2012-01-16 16:10:50 UTC (rev 
322373)
+++ php/php-src/branches/PHP_5_4/main/output.c  2012-01-16 17:51:35 UTC (rev 
322374)
@@ -885,7 +885,8 @@

/* storable? */
if (php_output_handler_append(handler, context-in TSRMLS_CC)  
!context-op) {
-   status = PHP_OUTPUT_HANDLER_NO_DATA;
+   context-op = original_op;
+   return PHP_OUTPUT_HANDLER_NO_DATA;
} else {
/* need to start? */
if (!(handler-flags  PHP_OUTPUT_HANDLER_STARTED)) {
@@ -961,14 +962,14 @@
handler-buffer.used = 0;
handler-buffer.size = 0;
break;
+   case PHP_OUTPUT_HANDLER_NO_DATA:
+   /* handler ate all */
+   php_output_context_reset(context);
+   /* no break */
case PHP_OUTPUT_HANDLER_SUCCESS:
/* no more buffered data */
handler-buffer.used = 0;
break;
-   case PHP_OUTPUT_HANDLER_NO_DATA:
-   /* handler ate all */
-   php_output_context_reset(context);
-   break;
}

context-op = original_op;

Added: php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt
===
--- php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt 
(rev 0)
+++ php/php-src/branches/PHP_5_4/tests/output/bug60768.phpt 2012-01-16 
17:51:35 UTC (rev 322374)
@@ -0,0 +1,25 @@
+--TEST--
+Bug #60768 Output buffer not discarded
+--FILE--
+?php
+
+global $storage;
+
+ob_start(function($buffer) use ($storage) { $storage .= $buffer; }, 20);
+
+echo str_repeat(0, 20); // fill in the buffer
+
+for($i = 0; $i  10; $i++) {
+echo str_pad($i, 9, ' ', STR_PAD_LEFT) . \n; // full buffer dumped every 
time
+}
+
+ob_end_flush();
+
+printf(Output size: %d, expected %d\n, strlen($storage), 20 + 10 * 10);
+
+?
+DONE
+--EXPECT--
+Output size: 120, expected 120
+DONE
+

Modified: php/php-src/trunk/main/output.c
===
--- php/php-src/trunk/main/output.c 2012-01-16 16:10:50 UTC (rev 322373)
+++ php/php-src/trunk/main/output.c 2012-01-16 17:51:35 UTC (rev 322374)
@@ -885,7 +885,8 @@

/* storable? */
if (php_output_handler_append(handler, context-in TSRMLS_CC)  
!context-op) {
-   status = PHP_OUTPUT_HANDLER_NO_DATA;
+   context-op = original_op;
+   return PHP_OUTPUT_HANDLER_NO_DATA;
} else {
/* need to start? */
if (!(handler-flags  PHP_OUTPUT_HANDLER_STARTED)) {
@@ -961,14 +962,14 @@
handler-buffer.used = 0;
handler-buffer.size = 0;
break;
+   case PHP_OUTPUT_HANDLER_NO_DATA:
+   /* handler ate all */
+   php_output_context_reset(context);
+   /* no break */
case PHP_OUTPUT_HANDLER_SUCCESS:
/* no more buffered data */
handler-buffer.used = 0;
break;
-   case PHP_OUTPUT_HANDLER_NO_DATA:
-   /* handler ate all */
-   php_output_context_reset(context);
- 

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/snmp/snmp.c ext/snmp/tests/bug60749.phpt ext/snmp/tests/ipv6.phpt

2012-01-13 Thread Boris Lytochkin
lytboris Fri, 13 Jan 2012 18:46:56 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322214

Log:
merge from trunk:
Fixed bug #60585 (php build fails with USE flag snmp when IPv6 support is 
disabled
Fixed bug #60749 (SNMP module should not strip non-standard SNMP port from 
hostname

Bugs: https://bugs.php.net/60585 (Assigned) php build fails with USE flag snmp 
when IPv6 support is disabled
  https://bugs.php.net/60749 (Assigned) SNMP module should not strip 
non-standard SNMP port from hostname
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
_U  php/php-src/branches/PHP_5_4/ext/snmp/
U   php/php-src/branches/PHP_5_4/ext/snmp/snmp.c
_U  php/php-src/branches/PHP_5_4/ext/snmp/tests/
A + php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt
(from php/php-src/trunk/ext/snmp/tests/bug60749.phpt:r322213)
U   php/php-src/branches/PHP_5_4/ext/snmp/tests/ipv6.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-13 18:34:21 UTC (rev 322213)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-13 18:46:56 UTC (rev 322214)
@@ -12,6 +12,12 @@
   . Fixed bug #53280 (segfaults if query column count less than param count).
 (Mariuz)

+- SNMP:
+  . Fixed bug #60585 (php build fails with USE flag snmp when IPv6 support
+is disabled). (Boris Lytochkin)
+  . Fixed bug #60749 (SNMP module should not strip non-standard SNMP port
+from hostname). (Boris Lytochkin)
+
 07 Jan 2012, PHP 5.4.0 RC5
 - Core:
   . Fixed bug #60613 (Segmentation fault with $cls-{expr}() syntax). (Dmitry)


Property changes on: php/php-src/branches/PHP_5_4/ext/snmp
___
Modified: svn:mergeinfo
   - 
/php/php-src/trunk/ext/snmp:284726,311033-315236,315606,315608,315862,315924,316022,316029,316031
   + 
/php/php-src/trunk/ext/snmp:284726,311033-315236,315606,315608,315862,315924,316022,316029,316031,322213

Modified: php/php-src/branches/PHP_5_4/ext/snmp/snmp.c
===
--- php/php-src/branches/PHP_5_4/ext/snmp/snmp.c2012-01-13 18:34:21 UTC 
(rev 322213)
+++ php/php-src/branches/PHP_5_4/ext/snmp/snmp.c2012-01-13 18:46:56 UTC 
(rev 322214)
@@ -1171,11 +1171,11 @@
continue;
}
 #else
-   if (res-sa_family != AF_INET) {
+   if ((*res)-sa_family != AF_INET) {
res++;
continue;
}
-   strcat(pptr, inet_ntoa(res));
+   strcat(pptr, inet_ntoa(((struct 
sockaddr_in*)(*res))-sin_addr));
 #endif
break;
}
@@ -1188,6 +1188,12 @@
There should be check for non-empty session-peername!
*/

+   /* put back non-standard SNMP port */
+   if (session-remote_port != SNMP_PORT) {
+   pptr = session-peername + strlen(session-peername);
+   sprintf(pptr, :%d, session-remote_port);
+   }
+
php_network_freeaddresses(psal);

if (version == SNMP_VERSION_3) {


Property changes on: php/php-src/branches/PHP_5_4/ext/snmp/tests
___
Modified: svn:mergeinfo
   - 
/php/php-src/trunk/ext/snmp/tests:284726,311033-315236,315386,315606,315608,315862,315916,315924,316022,316029,316031
   + 
/php/php-src/trunk/ext/snmp/tests:284726,311033-315236,315386,315606,315608,315862,315916,315924,316022,316029,316031,322213

Copied: php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt (from rev 
322213, php/php-src/trunk/ext/snmp/tests/bug60749.phpt)
===
--- php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt   
(rev 0)
+++ php/php-src/branches/PHP_5_4/ext/snmp/tests/bug60749.phpt   2012-01-13 
18:46:56 UTC (rev 322214)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #60749: SNMP module should not strip non-standard SNMP port from hostname
+--CREDITS--
+Boris Lytochkin
+--SKIPIF--
+?php
+require_once(dirname(__FILE__).'/skipif.inc');
+?
+--FILE--
+?php
+require_once(dirname(__FILE__).'/snmp_include.inc');
+
+$hostname = php.net;
+$ip = gethostbyname($hostname);
+if (ip2long($ip) === FALSE) {
+   echo Could not resolve $hostname properly!\n;
+   exit(1);
+}
+$port = 1161;
+$session = new SNMP(SNMP::VERSION_1, $hostname:$port, $community, $timeout, 
$retries);
+$info = $session-info;
+if (strcmp($info[hostname], $ip:$port) !== 0) {
+   echo ' . $info[hostname] . ' != '$ip:$port'\n;
+}
+var_dump($session-close());
+?
+--EXPECTF--
+bool(true)

Modified: php/php-src/branches/PHP_5_4/ext/snmp/tests/ipv6.phpt
===
--- php/php-src/branches/PHP_5_4/ext/snmp/tests/ipv6.phpt   2012-01-13 
18:34:21 

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-01-10 Thread Popa Adrian Marius
mariuz   Tue, 10 Jan 2012 13:42:14 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=322021

Log:
Added fixes Pdo Firebird bugs to the NEWS file

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-10 13:33:01 UTC (rev 322020)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-10 13:42:14 UTC (rev 322021)
@@ -6,6 +6,12 @@
   . Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
 $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)

+- Pdo Firebird:
+  . Fixed bug #47415 (segfaults when passing lowercased column name to
+bindColumn). (Mariuz)
+  . Fixed bug #53280 (segfaults if query column count less than param count).
+(Mariuz)
+
 07 Jan 2012, PHP 5.4.0 RC5
 - Core:
   . Fixed bug #60613 (Segmentation fault with $cls-{expr}() syntax). (Dmitry)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS main/php_variables.c

2012-01-06 Thread Patrick Allaert
patrickallaert   Fri, 06 Jan 2012 13:38:06 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321828

Log:
Changed: restoring REQUEST_TIME as a long, introducing REQUEST_TIME_FLOAT 
instead as discussed on the ML

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/main/php_variables.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-06 13:37:51 UTC (rev 321827)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-06 13:38:06 UTC (rev 321828)
@@ -2,6 +2,10 @@
 |||
 ?? Jan 2012, PHP 5.4.0 RC6

+- Core:
+  . Restoring $_SERVER['REQUEST_TIME'] as a long and introducing
+$_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. (Patrick)
+
 07 Jan 2012, PHP 5.4.0 RC5
 - Core:
   . Fixed bug #60613 (Segmentation fault with $cls-{expr}() syntax). (Dmitry)

Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c   2012-01-06 13:37:51 UTC 
(rev 321827)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c   2012-01-06 13:38:06 UTC 
(rev 321828)
@@ -581,10 +581,13 @@
}
/* store request init time */
{
-   zval new_entry;
-   Z_TYPE(new_entry) = IS_DOUBLE;
-   Z_DVAL(new_entry) = sapi_get_request_time(TSRMLS_C);
-   php_register_variable_ex(REQUEST_TIME, new_entry, array_ptr 
TSRMLS_CC);
+   zval request_time_float, request_time_long;
+   Z_TYPE(request_time_float) = IS_DOUBLE;
+   Z_DVAL(request_time_float) = sapi_get_request_time(TSRMLS_C);
+   php_register_variable_ex(REQUEST_TIME_FLOAT, 
request_time_float, array_ptr TSRMLS_CC);
+   Z_TYPE(request_time_long) = IS_LONG;
+   Z_LVAL(request_time_long) = 
zend_dval_to_lval(Z_DVAL(request_time_float));
+   php_register_variable_ex(REQUEST_TIME, request_time_long, 
array_ptr TSRMLS_CC);
}

 }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend.h branches/PHP_5_4/Zend/zend_signal.h trunk/Zend/zend.h trunk/Zend/zend_signal.h

2012-01-04 Thread Xinchen Hui
laruence Wed, 04 Jan 2012 08:25:06 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321753

Log:
Fixed bug #60627 (httpd.worker segfault on startup with php_value)

Bug: https://bugs.php.net/60627 (Analyzed) httpd.worker segfault on startup 
with php_value
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend.h
U   php/php-src/branches/PHP_5_4/Zend/zend_signal.h
U   php/php-src/trunk/Zend/zend.h
U   php/php-src/trunk/Zend/zend_signal.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-04 08:13:58 UTC (rev 321752)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-04 08:25:06 UTC (rev 321753)
@@ -5,6 +5,8 @@
   . Fixed bug #60613 (Segmentation fault with $cls-{expr}() syntax). (Dmitry)
   . Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
   . Fixed bug #55871 (Interruption in substr_replace()). (Stas)
+  . Fixed bug #60627 (httpd.worker segfault on startup with php_value).
+(Laruence)

 - SAPI:
   . Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).

Modified: php/php-src/branches/PHP_5_4/Zend/zend.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend.h2012-01-04 08:13:58 UTC (rev 
321752)
+++ php/php-src/branches/PHP_5_4/Zend/zend.h2012-01-04 08:25:06 UTC (rev 
321753)
@@ -709,8 +709,8 @@
 #else
 #include zend_signal.h

-#define HANDLE_BLOCK_INTERRUPTIONS()   SIGG(depth)++;
-#define HANDLE_UNBLOCK_INTERRUPTIONS() if 
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) { 
zend_signal_handler_unblock(TSRMLS_C); }
+#define HANDLE_BLOCK_INTERRUPTIONS()   
ZEND_SIGNAL_BLOCK_INTERRUPUTIONS()
+#define HANDLE_UNBLOCK_INTERRUPTIONS() 
ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS()
 #endif

 BEGIN_EXTERN_C()

Modified: php/php-src/branches/PHP_5_4/Zend/zend_signal.h
===
--- php/php-src/branches/PHP_5_4/Zend/zend_signal.h 2012-01-04 08:13:58 UTC 
(rev 321752)
+++ php/php-src/branches/PHP_5_4/Zend/zend_signal.h 2012-01-04 08:25:06 UTC 
(rev 321753)
@@ -69,9 +69,13 @@
 BEGIN_EXTERN_C()
 ZEND_API extern int zend_signal_globals_id;
 END_EXTERN_C()
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS() if 
(EXPECTED(zend_signal_globals_id)) { SIGG(depth)++; }
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if 
(EXPECTED(zend_signal_globals_id)  
UNEXPECTED((--SIGG(depth))==SIGG(blocked))) { 
zend_signal_handler_unblock(TSRMLS_C); }
 #else /* ZTS */
 # define SIGG(v) (zend_signal_globals.v)
 extern ZEND_API zend_signal_globals_t zend_signal_globals;
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS()  SIGG(depth)++;
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if 
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) { 
zend_signal_handler_unblock(TSRMLS_C); }
 #endif /* not ZTS */

 # define SIGNAL_BEGIN_CRITICAL()   sigset_t oldmask; \

Modified: php/php-src/trunk/Zend/zend.h
===
--- php/php-src/trunk/Zend/zend.h   2012-01-04 08:13:58 UTC (rev 321752)
+++ php/php-src/trunk/Zend/zend.h   2012-01-04 08:25:06 UTC (rev 321753)
@@ -709,8 +709,8 @@
 #else
 #include zend_signal.h

-#define HANDLE_BLOCK_INTERRUPTIONS()   SIGG(depth)++;
-#define HANDLE_UNBLOCK_INTERRUPTIONS() if 
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) { 
zend_signal_handler_unblock(TSRMLS_C); }
+#define HANDLE_BLOCK_INTERRUPTIONS()   
ZEND_SIGNAL_BLOCK_INTERRUPUTIONS()
+#define HANDLE_UNBLOCK_INTERRUPTIONS() 
ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS()
 #endif

 BEGIN_EXTERN_C()

Modified: php/php-src/trunk/Zend/zend_signal.h
===
--- php/php-src/trunk/Zend/zend_signal.h2012-01-04 08:13:58 UTC (rev 
321752)
+++ php/php-src/trunk/Zend/zend_signal.h2012-01-04 08:25:06 UTC (rev 
321753)
@@ -69,9 +69,13 @@
 BEGIN_EXTERN_C()
 ZEND_API extern int zend_signal_globals_id;
 END_EXTERN_C()
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS() if 
(EXPECTED(zend_signal_globals_id)) { SIGG(depth)++; }
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if 
(EXPECTED(zend_signal_globals_id)  
UNEXPECTED((--SIGG(depth))==SIGG(blocked))) { 
zend_signal_handler_unblock(TSRMLS_C); }
 #else /* ZTS */
 # define SIGG(v) (zend_signal_globals.v)
 extern ZEND_API zend_signal_globals_t zend_signal_globals;
+# define ZEND_SIGNAL_BLOCK_INTERRUPUTIONS()  SIGG(depth)++;
+# define ZEND_SIGNAL_UNBLOCK_INTERRUPTIONS() if 
(UNEXPECTED((--SIGG(depth))==SIGG(blocked))) { 
zend_signal_handler_unblock(TSRMLS_C); }
 #endif /* not ZTS */

 # define SIGNAL_BEGIN_CRITICAL()   sigset_t oldmask; \

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-01-04 Thread Stanislav Malyshev
stas Thu, 05 Jan 2012 07:22:29 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321780

Log:
5.4.0rc5

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-05 07:14:54 UTC (rev 321779)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-05 07:22:29 UTC (rev 321780)
@@ -1,6 +1,6 @@
 PHPNEWS
 |||
-?? Jan 2012, PHP 5.4.0 RC5
+07 Jan 2012, PHP 5.4.0 RC5
 - Core:
   . Fixed bug #60613 (Segmentation fault with $cls-{expr}() syntax). (Dmitry)
   . Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-01-05 07:14:54 UTC (rev 
321779)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-01-05 07:22:29 UTC (rev 
321780)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC5-dev
+PHP_EXTRA_VERSION=RC5
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:14:54 UTC 
(rev 321779)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:22:29 UTC 
(rev 321780)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC5-dev
-#define PHP_VERSION 5.4.0RC5-dev
+#define PHP_EXTRA_VERSION RC5
+#define PHP_VERSION 5.4.0RC5
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2012-01-04 Thread Stanislav Malyshev
stas Thu, 05 Jan 2012 07:24:26 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321781

Log:
back to dev

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-05 07:22:29 UTC (rev 321780)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-05 07:24:26 UTC (rev 321781)
@@ -1,5 +1,7 @@
 PHPNEWS
 |||
+?? Jan 2012, PHP 5.4.0 RC6
+
 07 Jan 2012, PHP 5.4.0 RC5
 - Core:
   . Fixed bug #60613 (Segmentation fault with $cls-{expr}() syntax). (Dmitry)

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2012-01-05 07:22:29 UTC (rev 
321780)
+++ php/php-src/branches/PHP_5_4/configure.in   2012-01-05 07:24:26 UTC (rev 
321781)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC5
+PHP_EXTRA_VERSION=RC6-dev
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:22:29 UTC 
(rev 321780)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2012-01-05 07:24:26 UTC 
(rev 321781)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC5
-#define PHP_VERSION 5.4.0RC5
+#define PHP_EXTRA_VERSION RC6-dev
+#define PHP_VERSION 5.4.0RC6-dev
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/session/mod_user_class.c trunk/ext/session/mod_user_class.c

2012-01-03 Thread Arpad Ray
arpadWed, 04 Jan 2012 01:31:30 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321741

Log:
fix return values of inherited session handler to match user handlers - #60640

Bug: https://bugs.php.net/60640 (Assigned) Invalid return values
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c
U   php/php-src/trunk/ext/session/mod_user_class.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-04 01:22:15 UTC (rev 321740)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-04 01:31:30 UTC (rev 321741)
@@ -22,6 +22,8 @@
   . Fixed bug #60629 (memory corruption when web server closed the fcgi fd).
 (fat)

+- Improved Session extension:
+  . Fixed bug #60640 (invalid return values). (Arpad)

 22 Dec 2011, PHP 5.4.0 RC4
 - Core:

Modified: php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c
===
--- php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c   2012-01-04 
01:22:15 UTC (rev 321740)
+++ php/php-src/branches/PHP_5_4/ext/session/mod_user_class.c   2012-01-04 
01:31:30 UTC (rev 321741)
@@ -48,7 +48,7 @@
}

PS(mod_user_is_open) = 1;
-   RETVAL_LONG(PS(default_mod)-s_open(PS(mod_data), save_path, 
session_name TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_open(PS(mod_data), 
save_path, session_name TSRMLS_CC));
 }
 /* }}} */

@@ -63,7 +63,7 @@
zend_parse_parameters_none();

PS(mod_user_is_open) = 0;
-   RETVAL_LONG(PS(default_mod)-s_close(PS(mod_data) TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_close(PS(mod_data) 
TSRMLS_CC));
 }
 /* }}} */

@@ -104,7 +104,7 @@
return;
}

-   RETVAL_LONG(PS(default_mod)-s_write(PS(mod_data), key, val, val_len 
TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_write(PS(mod_data), key, 
val, val_len TSRMLS_CC));
 }
 /* }}} */

@@ -122,7 +122,7 @@
}

PS(mod_user_is_open) = 0;
-   RETVAL_LONG(PS(default_mod)-s_destroy(PS(mod_data), key TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_destroy(PS(mod_data), key 
TSRMLS_CC));
 }
 /* }}} */

@@ -139,6 +139,6 @@
return;
}

-   RETVAL_LONG(PS(default_mod)-s_gc(PS(mod_data), maxlifetime, nrdels 
TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_gc(PS(mod_data), 
maxlifetime, nrdels TSRMLS_CC));
 }
 /* }}} */

Modified: php/php-src/trunk/ext/session/mod_user_class.c
===
--- php/php-src/trunk/ext/session/mod_user_class.c  2012-01-04 01:22:15 UTC 
(rev 321740)
+++ php/php-src/trunk/ext/session/mod_user_class.c  2012-01-04 01:31:30 UTC 
(rev 321741)
@@ -48,7 +48,7 @@
}

PS(mod_user_is_open) = 1;
-   RETVAL_LONG(PS(default_mod)-s_open(PS(mod_data), save_path, 
session_name TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_open(PS(mod_data), 
save_path, session_name TSRMLS_CC));
 }
 /* }}} */

@@ -63,7 +63,7 @@
zend_parse_parameters_none();

PS(mod_user_is_open) = 0;
-   RETVAL_LONG(PS(default_mod)-s_close(PS(mod_data) TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_close(PS(mod_data) 
TSRMLS_CC));
 }
 /* }}} */

@@ -104,7 +104,7 @@
return;
}

-   RETVAL_LONG(PS(default_mod)-s_write(PS(mod_data), key, val, val_len 
TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_write(PS(mod_data), key, 
val, val_len TSRMLS_CC));
 }
 /* }}} */

@@ -122,7 +122,7 @@
}

PS(mod_user_is_open) = 0;
-   RETVAL_LONG(PS(default_mod)-s_destroy(PS(mod_data), key TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_destroy(PS(mod_data), key 
TSRMLS_CC));
 }
 /* }}} */

@@ -139,6 +139,6 @@
return;
}

-   RETVAL_LONG(PS(default_mod)-s_gc(PS(mod_data), maxlifetime, nrdels 
TSRMLS_CC));
+   RETVAL_BOOL(SUCCESS == PS(default_mod)-s_gc(PS(mod_data), 
maxlifetime, nrdels TSRMLS_CC));
 }
 /* }}} */

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2012-01-03 Thread Arpad Ray
arpadWed, 04 Jan 2012 01:34:08 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321742

Log:
NEWS entry for r321738

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-04 01:31:30 UTC (rev 321741)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-04 01:34:08 UTC (rev 321742)
@@ -24,6 +24,8 @@

 - Improved Session extension:
   . Fixed bug #60640 (invalid return values). (Arpad)
+  . Implement FR #60551 (session_set_save_handler should support a core's
+session handler interface). (Arpad)

 22 Dec 2011, PHP 5.4.0 RC4
 - Core:

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/rfc1867.c branches/PHP_5_4/tests/basic/bug55500.phpt trunk/main/rfc1867.c trunk/tests/basic/bug55500.phpt

2012-01-01 Thread Stanislav Malyshev
stas Sun, 01 Jan 2012 23:54:25 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321664

Log:
fix bug #54374, bug #55500 - filter file names better, no dangling [s

Bugs: https://bugs.php.net/54374 (Open) Insufficient validating of upload name 
leading to corrupted $_FILES indices
  https://bugs.php.net/55500 (error getting bug information)
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/main/rfc1867.c
A   php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt
U   php/php-src/trunk/main/rfc1867.c
A   php/php-src/trunk/tests/basic/bug55500.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2012-01-01 23:51:21 UTC (rev 321663)
+++ php/php-src/branches/PHP_5_4/NEWS   2012-01-01 23:54:25 UTC (rev 321664)
@@ -5,6 +5,12 @@
   . Fixed bug #60613 (Segmentation fault with $cls-{expr}() syntax). (Dmitry)
   . Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)

+- SAPI:
+  . Fixed bug #54374 (Insufficient validating of upload name leading to
+corrupted $_FILES indices). (Stas, lekensteyn at gmail dot com)
+  . Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).
+(Stas)
+
 - CLI SAPI:
   . Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence)


Modified: php/php-src/branches/PHP_5_4/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_4/main/rfc1867.c 2012-01-01 23:51:21 UTC (rev 
321663)
+++ php/php-src/branches/PHP_5_4/main/rfc1867.c 2012-01-01 23:54:25 UTC (rev 
321664)
@@ -556,7 +556,7 @@
 {
char *s = strrchr(path, '\\');
char *s2 = strrchr(path, '/');
-
+
if (s  s2) {
if (s  s2) {
++s;
@@ -942,6 +942,10 @@
}
tmp++;
}
+   /* Brackets should always be closed */
+   if(c != 0) {
+   skip_upload = 1;
+   }
}

total_bytes = cancel_upload = 0;
@@ -977,7 +981,7 @@

offset = 0;
end = 0;
-
+
if (!cancel_upload) {
/* only bother to open temp file if we have 
data */
blen = multipart_buffer_read(mbuff, buff, 
sizeof(buff), end TSRMLS_CC);
@@ -1275,7 +1279,7 @@
php_rfc1867_getword = getword;
php_rfc1867_getword_conf = getword_conf;
php_rfc1867_basename = basename;
-}
+}
 /* }}} */

 /*

Added: php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt
===
--- php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt  
(rev 0)
+++ php/php-src/branches/PHP_5_4/tests/basic/bug55500.phpt  2012-01-01 
23:54:25 UTC (rev 321664)
@@ -0,0 +1,67 @@
+--TEST--
+Bug #55500 (Corrupted $_FILES indices lead to security concern)
+--INI--
+file_uploads=1
+error_reporting=E_ALL~E_NOTICE
+upload_max_filesize=1024
+--POST_RAW--
+Content-Type: multipart/form-data; 
boundary=---20896060251896012921717172737
+-20896060251896012921717172737
+Content-Disposition: form-data; name=file[]; filename=file1.txt
+Content-Type: text/plain-file1
+
+1
+-20896060251896012921717172737
+Content-Disposition: form-data; name=file[[type]; filename=file2.txt
+Content-Type: text/plain-file2
+
+2
+-20896060251896012921717172737
+Content-Disposition: form-data; name=file[[name]; filename=file3.txt
+Content-Type: text/plain-file3
+
+3
+-20896060251896012921717172737
+Content-Disposition: form-data; name=file[name][; filename=file4.txt
+Content-Type: text/plain-file3
+
+4
+-20896060251896012921717172737--
+--FILE--
+?php
+var_dump($_FILES);
+var_dump($_POST);
+?
+--EXPECTF--
+array(1) {
+  [%u|b%file]=
+  array(5) {
+[%u|b%name]=
+array(1) {
+  [0]=
+  %unicode|string%(9) file1.txt
+}
+[%u|b%type]=
+array(1) {
+  [0]=
+  %unicode|string%(16) text/plain-file1
+}
+[%u|b%tmp_name]=
+array(1) {
+  [0]=
+  %unicode|string%(%d) %s
+}
+[%u|b%error]=
+array(1) {
+  [0]=
+  int(0)
+}
+[%u|b%size]=
+array(1) {
+  [0]=
+  int(1)
+}
+  }
+}
+array(0) {
+}

Modified: php/php-src/trunk/main/rfc1867.c
===
--- php/php-src/trunk/main/rfc1867.c2012-01-01 23:51:21 UTC (rev 321663)
+++ php/php-src/trunk/main/rfc1867.c2012-01-01 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4

2011-12-27 Thread Hannes Magnusson
bjoriTue, 27 Dec 2011 13:53:11 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321435

Log:
Looks like we need to explicity add libstdc++ on recent linux' too, like fedora 
14 and ubuntu 11
This fixes build failures for ext/intl and several pecl exts

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/acinclude.m4
U   php/php-src/trunk/acinclude.m4

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-27 11:05:58 UTC (rev 321434)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-27 13:53:11 UTC (rev 321435)
@@ -7,6 +7,10 @@
 - CLI SAPI:
   . Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence)

+- Intl:
+  . Fixed build on Fedora 15 / Ubuntu 11. (Hannes)
+
+
 22 Dec 2011, PHP 5.4.0 RC4
 - Core:
   . Added max_input_vars directive to prevent attacks based on hash collisions

Modified: php/php-src/branches/PHP_5_4/acinclude.m4
===
--- php/php-src/branches/PHP_5_4/acinclude.m4   2011-12-27 11:05:58 UTC (rev 
321434)
+++ php/php-src/branches/PHP_5_4/acinclude.m4   2011-12-27 13:53:11 UTC (rev 
321435)
@@ -762,11 +762,7 @@
   if test -z $php_cxx_done; then
 AC_PROG_CXX
 AC_PROG_CXXCPP
-case $host_alias in
-  *darwin*)
-PHP_ADD_LIBRARY(stdc++)
-  ;;
-esac
+PHP_ADD_LIBRARY(stdc++)
 php_cxx_done=yes
   fi
 ])

Modified: php/php-src/trunk/acinclude.m4
===
--- php/php-src/trunk/acinclude.m4  2011-12-27 11:05:58 UTC (rev 321434)
+++ php/php-src/trunk/acinclude.m4  2011-12-27 13:53:11 UTC (rev 321435)
@@ -762,11 +762,7 @@
   if test -z $php_cxx_done; then
 AC_PROG_CXX
 AC_PROG_CXXCPP
-case $host_alias in
-  *darwin*)
-PHP_ADD_LIBRARY(stdc++)
-  ;;
-esac
+PHP_ADD_LIBRARY(stdc++)
 php_cxx_done=yes
   fi
 ])

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4

2011-12-27 Thread Nuno Lopes
Uhm, I don't think this change makes much sense (nor does the previous 
behaviour on Mac)..
Extensions that use C++ should pull in the required libraries themselves. We 
shouldn't be linking PHP everytime with libstdc++ if that is not needed.


Nuno


- Original Message -

bjoriTue, 27 Dec 2011 13:53:11 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321435

Log:
Looks like we need to explicity add libstdc++ on recent linux' too, like 
fedora 14 and ubuntu 11

This fixes build failures for ext/intl and several pecl exts

Changed paths:
   U   php/php-src/branches/PHP_5_4/NEWS
   U   php/php-src/branches/PHP_5_4/acinclude.m4
   U   php/php-src/trunk/acinclude.m4

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-12-27 11:05:58 UTC (rev 321434)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-12-27 13:53:11 UTC (rev 321435)
@@ -7,6 +7,10 @@
- CLI SAPI:
  . Fixed bug #60591 (Memory leak when access a non-exists file). 
(Laruence)


+- Intl:
+  . Fixed build on Fedora 15 / Ubuntu 11. (Hannes)
+
+
22 Dec 2011, PHP 5.4.0 RC4
- Core:
  . Added max_input_vars directive to prevent attacks based on hash 
collisions


Modified: php/php-src/branches/PHP_5_4/acinclude.m4
===
--- php/php-src/branches/PHP_5_4/acinclude.m4 2011-12-27 11:05:58 UTC (rev 
321434)
+++ php/php-src/branches/PHP_5_4/acinclude.m4 2011-12-27 13:53:11 UTC (rev 
321435)

@@ -762,11 +762,7 @@
  if test -z $php_cxx_done; then
AC_PROG_CXX
AC_PROG_CXXCPP
-case $host_alias in
-  *darwin*)
-PHP_ADD_LIBRARY(stdc++)
-  ;;
-esac
+PHP_ADD_LIBRARY(stdc++)
php_cxx_done=yes
  fi
])

Modified: php/php-src/trunk/acinclude.m4
===
--- php/php-src/trunk/acinclude.m4 2011-12-27 11:05:58 UTC (rev 321434)
+++ php/php-src/trunk/acinclude.m4 2011-12-27 13:53:11 UTC (rev 321435)
@@ -762,11 +762,7 @@
  if test -z $php_cxx_done; then
AC_PROG_CXX
AC_PROG_CXXCPP
-case $host_alias in
-  *darwin*)
-PHP_ADD_LIBRARY(stdc++)
-  ;;
-esac
+PHP_ADD_LIBRARY(stdc++)
php_cxx_done=yes
  fi
])



--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60611.phpt branches/PHP_5_4/Zend/zend_compile.c trunk/Zend/tests/bug60611.phpt trunk/Zend/zend_compile.c

2011-12-27 Thread Xinchen Hui
laruence Tue, 27 Dec 2011 08:38:18 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321429

Log:
Fix bug #60611 (Segmentation fault with Cls::{expr}() syntax)

Bug: https://bugs.php.net/60611 (Open) Segmentation fault with Cls::{expr}() 
syntax
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
A   php/php-src/trunk/Zend/tests/bug60611.phpt
U   php/php-src/trunk/Zend/zend_compile.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-27 06:24:33 UTC (rev 321428)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-27 08:38:18 UTC (rev 321429)
@@ -1,6 +1,9 @@
 PHPNEWS
 |||
 ?? Jan 2012, PHP 5.4.0 RC5
+- Core:
+  . Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
+
 - CLI SAPI:
   . Fixed bug #60591 (Memory leak when access a non-exists file). (Laruence)


Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt   
(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60611.phpt   2011-12-27 
08:38:18 UTC (rev 321429)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #60611 (Segmentation fault with Cls::{expr}() syntax)
+--FILE--
+?php
+class Cls {
+   function __call($name, $arg) {
+   }
+   static function __callStatic($name, $arg) {
+   }
+}
+
+Cls::{0}();
+Cls::{1.0}();
+Cls::{true}();
+Cls::{false}();
+Cls::{null}();
+
+$cls = new Cls;
+$cls-{0}();
+$cls-{1.0}();
+$cls-{true}();
+$cls-{false}();
+$cls-{null}();
+
+echo done;
+?
+--EXPECT--
+done

Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c2011-12-27 06:24:33 UTC 
(rev 321428)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c2011-12-27 08:38:18 UTC 
(rev 321429)
@@ -1973,9 +1973,10 @@
if (last_op-opcode == ZEND_FETCH_OBJ_R) {
if (last_op-op2_type == IS_CONST) {
zval name;
-
name = CONSTANT(last_op-op2.constant);
-   if (!IS_INTERNED(Z_STRVAL(name))) {
+   if (Z_TYPE(name) != IS_STRING) {
+   convert_to_string(name);
+   } else if (!IS_INTERNED(Z_STRVAL(name))) {
Z_STRVAL(name) = estrndup(Z_STRVAL(name), 
Z_STRLEN(name));
}
FREE_POLYMORPHIC_CACHE_SLOT(last_op-op2.constant);
@@ -2367,7 +2368,11 @@
zend_op *opline;

if (method_name-op_type == IS_CONST) {
-   char *lcname = 
zend_str_tolower_dup(Z_STRVAL(method_name-u.constant), 
Z_STRLEN(method_name-u.constant));
+   char *lcname;
+   if (Z_TYPE(method_name-u.constant) !=  IS_STRING) {
+   convert_to_string(method_name-u.constant);
+   }
+   lcname = 
zend_str_tolower_dup(Z_STRVAL(method_name-u.constant), 
Z_STRLEN(method_name-u.constant));
if ((sizeof(ZEND_CONSTRUCTOR_FUNC_NAME)-1) == 
Z_STRLEN(method_name-u.constant) 
memcmp(lcname, ZEND_CONSTRUCTOR_FUNC_NAME, 
sizeof(ZEND_CONSTRUCTOR_FUNC_NAME)-1) == 0) {
zval_dtor(method_name-u.constant);

Added: php/php-src/trunk/Zend/tests/bug60611.phpt
===
--- php/php-src/trunk/Zend/tests/bug60611.phpt  (rev 0)
+++ php/php-src/trunk/Zend/tests/bug60611.phpt  2011-12-27 08:38:18 UTC (rev 
321429)
@@ -0,0 +1,28 @@
+--TEST--
+Bug #60611 (Segmentation fault with Cls::{expr}() syntax)
+--FILE--
+?php
+class Cls {
+   function __call($name, $arg) {
+   }
+   static function __callStatic($name, $arg) {
+   }
+}
+
+Cls::{0}();
+Cls::{1.0}();
+Cls::{true}();
+Cls::{false}();
+Cls::{null}();
+
+$cls = new Cls;
+$cls-{0}();
+$cls-{1.0}();
+$cls-{true}();
+$cls-{false}();
+$cls-{null}();
+
+echo done;
+?
+--EXPECT--
+done

Modified: php/php-src/trunk/Zend/zend_compile.c
===
--- php/php-src/trunk/Zend/zend_compile.c   2011-12-27 06:24:33 UTC (rev 
321428)
+++ php/php-src/trunk/Zend/zend_compile.c   2011-12-27 08:38:18 UTC (rev 
321429)
@@ -1973,9 +1973,10 @@
if (last_op-opcode == ZEND_FETCH_OBJ_R) {
if (last_op-op2_type == IS_CONST) {
zval name;
-
name = CONSTANT(last_op-op2.constant);
-  

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4

2011-12-27 Thread Hannes Magnusson
On Tue, Dec 27, 2011 at 18:02, Nuno Lopes nlop...@php.net wrote:
 Uhm, I don't think this change makes much sense (nor does the previous
 behaviour on Mac)..
 Extensions that use C++ should pull in the required libraries themselves. We
 shouldn't be linking PHP everytime with libstdc++ if that is not needed.

Then what is the idea behind PHP_REQUIRE_CXX?
As I see it, it should pull in everything needed for the extension to use c++.

-Hannes

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/acinclude.m4 trunk/acinclude.m4

2011-12-27 Thread Nuno Lopes

On Tue, Dec 27, 2011 at 18:02, Nuno Lopes nlop...@php.net wrote:

Uhm, I don't think this change makes much sense (nor does the previous
behaviour on Mac)..
Extensions that use C++ should pull in the required libraries themselves. 
We

shouldn't be linking PHP everytime with libstdc++ if that is not needed.


Then what is the idea behind PHP_REQUIRE_CXX?
As I see it, it should pull in everything needed for the extension to use 
c++.


Ah, sorry, I was fooled by your commit message.. I didn't noticed your 
change was in PHP_REQUIRE_CXX.
Anyway, pulling libstdc++ is a bit too gcc centric. If I use, say, clang, 
then I may want to use libc++ instead. The right fix, I believe, is to 
change the link command to use $CXX instead of $CC, since the c++ compiler 
knows which libraries it needs. For example, it seems that PHP_SHARED_MODULE 
is doing the right thing.


Nuno 



--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2011-12-21 Thread Stanislav Malyshev
stas Thu, 22 Dec 2011 03:25:28 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321314

Log:
5.4.0rc4

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-22 03:22:42 UTC (rev 321313)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-22 03:25:28 UTC (rev 321314)
@@ -1,6 +1,6 @@
 PHPNEWS
 |||
-?? Dec 2011, PHP 5.4.0 RC4
+22 Dec 2011, PHP 5.4.0 RC4
 - Core:
   . Added max_input_vars directive to prevent attacks based on hash collisions
 (Dmitry).

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2011-12-22 03:22:42 UTC (rev 
321313)
+++ php/php-src/branches/PHP_5_4/configure.in   2011-12-22 03:25:28 UTC (rev 
321314)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC4-dev
+PHP_EXTRA_VERSION=RC4
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-22 03:22:42 UTC 
(rev 321313)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-22 03:25:28 UTC 
(rev 321314)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC4-dev
-#define PHP_VERSION 5.4.0RC4-dev
+#define PHP_EXTRA_VERSION RC4
+#define PHP_VERSION 5.4.0RC4
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_object_handlers.c

2011-12-19 Thread Xinchen Hui
laruence Mon, 19 Dec 2011 09:58:29 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321158

Log:
Fixed bug #60558 (Invalid read and writes)

Bug: https://bugs.php.net/60558 (Open) Invalid read and writes
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
U   php/php-src/trunk/Zend/zend_object_handlers.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-19 09:57:38 UTC (rev 321157)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-19 09:58:29 UTC (rev 321158)
@@ -7,6 +7,7 @@
   . Fixed bug #60536 (Traits Segfault). (Laruence)
   . Fixed bug #60362 (non-existent sub-sub keys should not have values).
 (Laruence, alan_k, Stas)
+  . Fixed bug #60558 (Invalid read and writes). (Laruence)

 - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,

Modified: php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19 
09:57:38 UTC (rev 321157)
+++ php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19 
09:58:29 UTC (rev 321158)
@@ -85,6 +85,7 @@
prop_info-offset = 0 

zobj-properties_table[prop_info-offset]) {
if 
(UNEXPECTED(flags[prop_info-offset])) {
+   Z_ADDREF_P(*(zval 
**)zobj-properties_table[prop_info-offset]);

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);
} else {

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);

Modified: php/php-src/trunk/Zend/zend_object_handlers.c
===
--- php/php-src/trunk/Zend/zend_object_handlers.c   2011-12-19 09:57:38 UTC 
(rev 321157)
+++ php/php-src/trunk/Zend/zend_object_handlers.c   2011-12-19 09:58:29 UTC 
(rev 321158)
@@ -85,6 +85,7 @@
prop_info-offset = 0 

zobj-properties_table[prop_info-offset]) {
if 
(UNEXPECTED(flags[prop_info-offset])) {
+   Z_ADDREF_P(*(zval 
**)zobj-properties_table[prop_info-offset]);

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);
} else {

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_object_handlers.c

2011-12-19 Thread Xinchen Hui
laruence Mon, 19 Dec 2011 12:00:09 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321161

Log:
Revert previous bad fix, introduce memory leak

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
U   php/php-src/trunk/Zend/zend_object_handlers.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-19 10:50:15 UTC (rev 321160)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-19 12:00:09 UTC (rev 321161)
@@ -7,7 +7,6 @@
   . Fixed bug #60536 (Traits Segfault). (Laruence)
   . Fixed bug #60362 (non-existent sub-sub keys should not have values).
 (Laruence, alan_k, Stas)
-  . Fixed bug #60558 (Invalid read and writes). (Laruence)

 - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,

Modified: php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19 
10:50:15 UTC (rev 321160)
+++ php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c2011-12-19 
12:00:09 UTC (rev 321161)
@@ -85,7 +85,6 @@
prop_info-offset = 0 

zobj-properties_table[prop_info-offset]) {
if 
(UNEXPECTED(flags[prop_info-offset])) {
-   Z_ADDREF_P(*(zval 
**)zobj-properties_table[prop_info-offset]);

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);
} else {

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);

Modified: php/php-src/trunk/Zend/zend_object_handlers.c
===
--- php/php-src/trunk/Zend/zend_object_handlers.c   2011-12-19 10:50:15 UTC 
(rev 321160)
+++ php/php-src/trunk/Zend/zend_object_handlers.c   2011-12-19 12:00:09 UTC 
(rev 321161)
@@ -85,7 +85,6 @@
prop_info-offset = 0 

zobj-properties_table[prop_info-offset]) {
if 
(UNEXPECTED(flags[prop_info-offset])) {
-   Z_ADDREF_P(*(zval 
**)zobj-properties_table[prop_info-offset]);

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);
} else {

zend_hash_quick_add(zobj-properties, prop_info-name, 
prop_info-name_length+1, prop_info-h, 
(void**)zobj-properties_table[prop_info-offset], sizeof(zval*), 
(void**)zobj-properties_table[prop_info-offset]);

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c

2011-12-19 Thread Xinchen Hui
laruence Mon, 19 Dec 2011 16:48:18 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321166

Log:
Fixed bug #60558 (Invalid read and writes)
Re-Fixed bug #60536 (Traits Segfault)
#Thanks to tony2001, I found the previous fix -r321089 is actually not a 
correct one.
#The key problem there is because the traits didn't correct set the 
property_info.offset
#for private properties. so here come the new fix.

Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes
  https://bugs.php.net/60536 (Closed) Traits Segfault
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
U   php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
U   php/php-src/trunk/Zend/zend_compile.c
U   php/php-src/trunk/Zend/zend_object_handlers.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2011-12-19 16:14:50 UTC (rev 321165)
+++ php/php-src/branches/PHP_5_4/NEWS	2011-12-19 16:48:18 UTC (rev 321166)
@@ -7,6 +7,7 @@
   . Fixed bug #60536 (Traits Segfault). (Laruence)
   . Fixed bug #60362 (non-existent sub-sub keys should not have values).
 (Laruence, alan_k, Stas)
+  . Fixed bug #60558 (Invalid read and writes). (Laruence)

 - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,

Modified: php/php-src/branches/PHP_5_4/Zend/zend_compile.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_compile.c	2011-12-19 16:14:50 UTC (rev 321165)
+++ php/php-src/branches/PHP_5_4/Zend/zend_compile.c	2011-12-19 16:48:18 UTC (rev 321166)
@@ -4208,6 +4208,50 @@
 }
 /* }}} */

+static void zend_traits_register_private_property(zend_class_entry *ce, const char *name, int name_len, zend_property_info *old_info, zval *property TSRMLS_DC) /* {{{ */
+{
+	char *priv_name;
+	int priv_name_length;
+	const char *interned_name;
+	zend_property_info property_info;
+	ulong h = zend_get_hash_value(name, name_len+1);
+	property_info = *old_info;
+
+	if (old_info-flags  ZEND_ACC_STATIC) {
+		property_info.offset = ce-default_static_members_count++;
+		ce-default_static_members_table = perealloc(ce-default_static_members_table, sizeof(zval*) * ce-default_static_members_count, ce-type == ZEND_INTERNAL_CLASS);
+		ce-default_static_members_table[property_info.offset] = property;
+		if (ce-type == ZEND_USER_CLASS) {
+			ce-static_members_table = ce-default_static_members_table;
+		}
+	} else {
+		property_info.offset = ce-default_properties_count++;
+		ce-default_properties_table = perealloc(ce-default_properties_table, sizeof(zval*) * ce-default_properties_count, ce-type == ZEND_INTERNAL_CLASS);
+		ce-default_properties_table[property_info.offset] = property;
+	}
+
+	zend_mangle_property_name(priv_name, priv_name_length, ce-name, ce-name_length, name, name_len, ce-type  ZEND_INTERNAL_CLASS);
+	property_info.name = priv_name;
+	property_info.name_length = priv_name_length;
+
+	interned_name = zend_new_interned_string(property_info.name, property_info.name_length+1, 0 TSRMLS_CC);
+	if (interned_name != property_info.name) {
+		if (ce-type == ZEND_USER_CLASS) {
+			efree((char*)property_info.name);
+		} else {
+			free((char*)property_info.name);
+		}
+		property_info.name = interned_name;
+	}
+
+	property_info.h = zend_get_hash_value(property_info.name, property_info.name_length+1);
+
+	property_info.ce = ce;
+
+	zend_hash_quick_update(ce-properties_info, name, name_len+1, h, property_info, sizeof(zend_property_info), NULL);
+}
+/* }}} */
+
 static void zend_do_traits_property_binding(zend_class_entry *ce TSRMLS_DC) /* {{{ */
 {
 	size_t i;
@@ -4295,6 +4339,17 @@
 	prop_name,
 	ce-name);
 	}
+} else {
+	/* private property, make the property_info.offset indenpended */
+	if (property_info-flags  ZEND_ACC_STATIC) {
+		prop_value = ce-traits[i]-default_static_members_table[property_info-offset];
+	} else {
+		prop_value = ce-traits[i]-default_properties_table[property_info-offset];
+	}
+	Z_ADDREF_P(prop_value);
+
+	zend_traits_register_private_property(ce, prop_name, prop_name_length, property_info, prop_value TSRMLS_CC);
+	return;
 }
 			}


Modified: php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
===
--- php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c	2011-12-19 16:14:50 UTC (rev 321165)
+++ php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c	2011-12-19 16:48:18 UTC (rev 321166)
@@ -62,7 +62,6 @@
 		ALLOC_HASHTABLE(zobj-properties);
 		zend_hash_init(zobj-properties, 0, NULL, ZVAL_PTR_DTOR, 0);
 		if (ce-default_properties_count) {
-			char *flags = ecalloc(ce-default_properties_count, sizeof(char));
 			for (zend_hash_internal_pointer_reset_ex(ce-properties_info, pos);
 			 

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c

2011-12-19 Thread Stefan Marr
Hi:

Thanks guys!

I have only briefly rechecked the code, and dont remember at the moment how the 
default property table works, but for me it feels like these offsets are also 
incorrect for public or protected stuff that gets newly added to the class?

Best regards
Stefan

On 19 Dec 2011, at 17:48, Xinchen Hui wrote:

 laruence Mon, 19 Dec 2011 16:48:18 +
 
 Revision: http://svn.php.net/viewvc?view=revisionrevision=321166
 
 Log:
 Fixed bug #60558 (Invalid read and writes)
 Re-Fixed bug #60536 (Traits Segfault)
 #Thanks to tony2001, I found the previous fix -r321089 is actually not a 
 correct one.
 #The key problem there is because the traits didn't correct set the 
 property_info.offset
 #for private properties. so here come the new fix.
 
 Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes
  https://bugs.php.net/60536 (Closed) Traits Segfault
 
 Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
U   php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
U   php/php-src/trunk/Zend/zend_compile.c
U   php/php-src/trunk/Zend/zend_object_handlers.c
 
 svn-diffs-321166.txt-- 
 PHP CVS Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php

-- 
Stefan Marr
Software Languages Lab
Vrije Universiteit Brussel
Pleinlaan 2 / B-1050 Brussels / Belgium
http://soft.vub.ac.be/~smarr
Phone: +32 2 629 2974
Fax:   +32 2 629 3525


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c

2011-12-19 Thread Xinchen Hui
Hi:
 For public and protected properties, you will have only one copy
in the child class, so there is no such conflict.

Thanks

Sent from my iPhone

在 2011-12-20,1:12,Stefan Marr p...@stefan-marr.de 写道:

 Hi:

 Thanks guys!

 I have only briefly rechecked the code, and dont remember at the moment how 
 the default property table works, but for me it feels like these offsets are 
 also incorrect for public or protected stuff that gets newly added to the 
 class?

 Best regards
 Stefan

 On 19 Dec 2011, at 17:48, Xinchen Hui wrote:

 laruence Mon, 19 Dec 2011 16:48:18 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=321166

 Log:
 Fixed bug #60558 (Invalid read and writes)
 Re-Fixed bug #60536 (Traits Segfault)
 #Thanks to tony2001, I found the previous fix -r321089 is actually not a 
 correct one.
 #The key problem there is because the traits didn't correct set the 
 property_info.offset
 #for private properties. so here come the new fix.

 Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes
 https://bugs.php.net/60536 (Closed) Traits Segfault

 Changed paths:
   U   php/php-src/branches/PHP_5_4/NEWS
   U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
   U   php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
   U   php/php-src/trunk/Zend/zend_compile.c
   U   php/php-src/trunk/Zend/zend_object_handlers.c

 svn-diffs-321166.txt--
 PHP CVS Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php

 --
 Stefan Marr
 Software Languages Lab
 Vrije Universiteit Brussel
 Pleinlaan 2 / B-1050 Brussels / Belgium
 http://soft.vub.ac.be/~smarr
 Phone: +32 2 629 2974
 Fax:   +32 2 629 3525


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/zend_compile.c branches/PHP_5_4/Zend/zend_object_handlers.c trunk/Zend/zend_compile.c trunk/Zend/zend_object_handlers.c

2011-12-19 Thread Xinchen Hui
s/class/object/

Sent from my iPhone

在 2011-12-20,9:29,Xinchen Hui larue...@gmail.com 写道:

 Hi:
 For public and protected properties, you will have only one copy
 in the child class, so there is no such conflict.

 Thanks

 Sent from my iPhone

 在 2011-12-20,1:12,Stefan Marr p...@stefan-marr.de 写道:

 Hi:

 Thanks guys!

 I have only briefly rechecked the code, and dont remember at the moment how 
 the default property table works, but for me it feels like these offsets are 
 also incorrect for public or protected stuff that gets newly added to the 
 class?

 Best regards
 Stefan

 On 19 Dec 2011, at 17:48, Xinchen Hui wrote:

 laruence Mon, 19 Dec 2011 16:48:18 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=321166

 Log:
 Fixed bug #60558 (Invalid read and writes)
 Re-Fixed bug #60536 (Traits Segfault)
 #Thanks to tony2001, I found the previous fix -r321089 is actually not a 
 correct one.
 #The key problem there is because the traits didn't correct set the 
 property_info.offset
 #for private properties. so here come the new fix.

 Bugs: https://bugs.php.net/60558 (Re-Opened) Invalid read and writes
https://bugs.php.net/60536 (Closed) Traits Segfault

 Changed paths:
  U   php/php-src/branches/PHP_5_4/NEWS
  U   php/php-src/branches/PHP_5_4/Zend/zend_compile.c
  U   php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
  U   php/php-src/trunk/Zend/zend_compile.c
  U   php/php-src/trunk/Zend/zend_object_handlers.c

 svn-diffs-321166.txt--
 PHP CVS Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php

 --
 Stefan Marr
 Software Languages Lab
 Vrije Universiteit Brussel
 Pleinlaan 2 / B-1050 Brussels / Belgium
 http://soft.vub.ac.be/~smarr
 Phone: +32 2 629 2974
 Fax:   +32 2 629 3525


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/Zend/tests/bug60536_001.phpt branches/PHP_5_4/Zend/tests/bug60536_002.phpt branches/PHP_5_4/Zend/tests/bug60536_003.phpt branches/PH

2011-12-16 Thread Xinchen Hui
laruence Fri, 16 Dec 2011 19:02:52 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321073

Log:
Fixed bug #60536 (Traits Segfault)
# this is a tough one, I think I should explain
# Zend use zend_object-properties_table both as zval ** and zval ***
# if a zend_object-properties is not initialized, the properties_table is zval 
**
# while in rebuild_object_properties, zend will store the zval ** to 
zend_object-properties
# then stash the zval ***(ie, zobj-properties_table[0] is zval ** now) to  
zobj-properties_table[0]
# so when a zend_object inherit form multi parent and these parent have a same 
property_info-offset
# properties, will result in a repeat zval **-zval ** transform, which will 
lead to a segmentfault
# *may be* this fix is not the best fix, we should not use this tricky way, and 
rewrite this mechanism.

Bug: https://bugs.php.net/60536 (Analyzed) Traits Segfault
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60536_004.phpt
A   php/php-src/branches/PHP_5_4/Zend/tests/bug60536_005.phpt
U   php/php-src/branches/PHP_5_4/Zend/zend_object_handlers.c
A   php/php-src/trunk/Zend/tests/bug60536_001.phpt
A   php/php-src/trunk/Zend/tests/bug60536_002.phpt
A   php/php-src/trunk/Zend/tests/bug60536_003.phpt
A   php/php-src/trunk/Zend/tests/bug60536_004.phpt
A   php/php-src/trunk/Zend/tests/bug60536_005.phpt
U   php/php-src/trunk/Zend/zend_object_handlers.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2011-12-16 18:48:28 UTC (rev 321072)
+++ php/php-src/branches/PHP_5_4/NEWS	2011-12-16 19:02:52 UTC (rev 321073)
@@ -4,6 +4,7 @@
 - Core:
   . Added max_input_vars directive to prevent attacks based on hash collisions
 (Dmitry).
+  . Fixed bug #60536 (Traits Segfault). (Laruence)
 - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
 one 200 RQ and one 404). (Laruence)

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60536_001.phpt	2011-12-16 19:02:52 UTC (rev 321073)
@@ -0,0 +1,26 @@
+--TEST--
+Bug #60536 (Traits Segfault)
+--FILE--
+?php
+trait T { private $x = 0; }
+class X {
+	use T;
+}
+class Y extends X {
+	  use T;
+	  function x() {
+	  return ++$this-x;
+  }
+}
+class Z extends Y {
+	  function z() {
+		  return ++$this-x;
+  }
+}
+$a = new Z();
+$a-x();
+echo DONE;
+?
+--EXPECTF--
+Strict Standards: X and T define the same property ($x) in the composition of Y. This might be incompatible, to improve maintainability consider using accessor methods in traits instead. Class was composed in %sbug60536_001.php on line %d
+DONE

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60536_002.phpt	2011-12-16 19:02:52 UTC (rev 321073)
@@ -0,0 +1,40 @@
+--TEST--
+The same rules are applied for properties that are defined in the class hierarchy. Thus, if the properties are compatible, a notice is issued, if not a fatal error occures. (relevant with #60536)
+--FILE--
+?php
+error_reporting(E_ALL | E_STRICT);
+
+class Base {
+  private $hello;
+}
+
+trait THello1 {
+  private $hello;
+}
+
+echo PRE-CLASS-GUARD\n;
+class Notice extends Base {
+use THello1;
+private $hello;
+}
+echo POST-CLASS-GUARD\n;
+
+// now we do the test for a fatal error
+
+class TraitsTest {
+	use THello1;
+public $hello;
+}
+
+echo POST-CLASS-GUARD2\n;
+
+$t = new TraitsTest;
+$t-hello = foo;
+?
+--EXPECTF--
+PRE-CLASS-GUARD
+
+Strict Standards: Notice and THello1 define the same property ($hello) in the composition of Notice. This might be incompatible, to improve maintainability consider using accessor methods in traits instead. Class was composed in %s on line %d
+POST-CLASS-GUARD
+
+Fatal error: TraitsTest and THello1 define the same property ($hello) in the composition of TraitsTest. However, the definition differs and is considered incompatible. Class was composed in %s on line %d

Added: php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt
===
--- php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt	(rev 0)
+++ php/php-src/branches/PHP_5_4/Zend/tests/bug60536_003.phpt	2011-12-16 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_variables.c trunk/main/main.c trunk/main/php_globals.h tru

2011-12-14 Thread Dmitry Stogov
dmitry   Wed, 14 Dec 2011 08:56:35 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321003

Log:
Added max_input_vars directive to prevent attacks based on hash collisions

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/main/main.c
U   php/php-src/branches/PHP_5_4/main/php_globals.h
U   php/php-src/branches/PHP_5_4/main/php_variables.c
U   php/php-src/trunk/main/main.c
U   php/php-src/trunk/main/php_globals.h
U   php/php-src/trunk/main/php_variables.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-14 04:02:56 UTC (rev 321002)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-14 08:56:35 UTC (rev 321003)
@@ -1,6 +1,9 @@
 PHPNEWS
 |||
 ?? Dec 2011, PHP 5.4.0 RC4
+- Core:
+  . Added max_input_vars directive to prevent attacks based on hash collisions
+(Dmitry).
 - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
 one 200 RQ and one 404). (Laruence)
@@ -9,6 +12,8 @@

 08 Dec 2011, PHP 5.4.0 RC3
 - Core:
+  . Fixed bug #60444 (Segmentation fault with include  class extending).
+(Laruence, Dmitry).
   . Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
 (php at mickweiss dot com)
   . Fixed bug #60240 (invalid read/writes when unserializing specially crafted

Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c2011-12-14 04:02:56 UTC (rev 
321002)
+++ php/php-src/branches/PHP_5_4/main/main.c2011-12-14 08:56:35 UTC (rev 
321003)
@@ -531,6 +531,7 @@
STD_PHP_INI_ENTRY(post_max_size,  8M,   
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateLong,   
post_max_size,  sapi_globals_struct,sapi_globals)
STD_PHP_INI_ENTRY(upload_tmp_dir, NULL,   
PHP_INI_SYSTEM, OnUpdateStringUnempty,  upload_tmp_dir, 
php_core_globals,   core_globals)
STD_PHP_INI_ENTRY(max_input_nesting_level, 64,  
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateLongGEZero, 
max_input_nesting_level,php_core_globals,   
core_globals)
+   STD_PHP_INI_ENTRY(max_input_vars, 1000, 
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateLongGEZero, max_input_vars, 
php_core_globals,   core_globals)

STD_PHP_INI_ENTRY(user_dir,   NULL,   
PHP_INI_SYSTEM, OnUpdateString, user_dir,   
php_core_globals,   core_globals)
STD_PHP_INI_ENTRY(variables_order,EGPCS,
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateStringUnempty,  
variables_order,php_core_globals,   core_globals)

Modified: php/php-src/branches/PHP_5_4/main/php_globals.h
===
--- php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 04:02:56 UTC 
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 08:56:35 UTC 
(rev 321003)
@@ -146,6 +146,7 @@
zend_bool com_initialized;
 #endif
long max_input_nesting_level;
+   long max_input_vars;
zend_bool in_user_include;

char *user_ini_filename;

Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c   2011-12-14 04:02:56 UTC 
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c   2011-12-14 08:56:35 UTC 
(rev 321003)
@@ -179,6 +179,9 @@
escaped_index = index;
if (zend_symtable_find(symtable1, 
escaped_index, index_len + 1, (void **) gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) != 
IS_ARRAY) {
+   if (zend_hash_num_elements(symtable1) 
= PG(max_input_vars)) {
+   php_error_docref(NULL 
TSRMLS_CC, E_ERROR, Input variables exceeded %ld. To increase the limit change 
max_input_vars in php.ini., PG(max_input_vars));
+   }
MAKE_STD_ZVAL(gpc_element);
array_init(gpc_element);
zend_symtable_update(symtable1, 
escaped_index, index_len + 1, gpc_element, sizeof(zval *), (void **) 
gpc_element_p);
@@ -220,6 

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_variables.c trunk/main/main.c trunk/main/php_globals.h

2011-12-14 Thread Pierre Joye
hi Dmitry,

Please add a note to the UPGRADING guide as well.

Thanks,

On Wed, Dec 14, 2011 at 9:56 AM, Dmitry Stogov dmi...@php.net wrote:
 dmitry                                   Wed, 14 Dec 2011 08:56:35 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=321003

 Log:
 Added max_input_vars directive to prevent attacks based on hash collisions

 Changed paths:
    U   php/php-src/branches/PHP_5_4/NEWS
    U   php/php-src/branches/PHP_5_4/main/main.c
    U   php/php-src/branches/PHP_5_4/main/php_globals.h
    U   php/php-src/branches/PHP_5_4/main/php_variables.c
    U   php/php-src/trunk/main/main.c
    U   php/php-src/trunk/main/php_globals.h
    U   php/php-src/trunk/main/php_variables.c

 Modified: php/php-src/branches/PHP_5_4/NEWS
 ===
 --- php/php-src/branches/PHP_5_4/NEWS   2011-12-14 04:02:56 UTC (rev 321002)
 +++ php/php-src/branches/PHP_5_4/NEWS   2011-12-14 08:56:35 UTC (rev 321003)
 @@ -1,6 +1,9 @@
  PHP                                                                        
 NEWS
  |||
  ?? Dec 2011, PHP 5.4.0 RC4
 +- Core:
 +  . Added max_input_vars directive to prevent attacks based on hash 
 collisions
 +    (Dmitry).
  - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
     one 200 RQ and one 404). (Laruence)
 @@ -9,6 +12,8 @@

  08 Dec 2011, PHP 5.4.0 RC3
  - Core:
 +  . Fixed bug #60444 (Segmentation fault with include  class extending).
 +    (Laruence, Dmitry).
   . Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
     (php at mickweiss dot com)
   . Fixed bug #60240 (invalid read/writes when unserializing specially crafted

 Modified: php/php-src/branches/PHP_5_4/main/main.c
 ===
 --- php/php-src/branches/PHP_5_4/main/main.c    2011-12-14 04:02:56 UTC (rev 
 321002)
 +++ php/php-src/branches/PHP_5_4/main/main.c    2011-12-14 08:56:35 UTC (rev 
 321003)
 @@ -531,6 +531,7 @@
        STD_PHP_INI_ENTRY(post_max_size,                      8M,          
  PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateLong,                   
 post_max_size,                  sapi_globals_struct,sapi_globals)
        STD_PHP_INI_ENTRY(upload_tmp_dir,                     NULL,          
  PHP_INI_SYSTEM,         OnUpdateStringUnempty,  upload_tmp_dir,              
    php_core_globals,       core_globals)
        STD_PHP_INI_ENTRY(max_input_nesting_level, 64,              
 PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateLongGEZero,     
 max_input_nesting_level,                        php_core_globals,       
 core_globals)
 +       STD_PHP_INI_ENTRY(max_input_vars,                     1000,       
   PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateLongGEZero,     
 max_input_vars,                                         php_core_globals,     
   core_globals)

        STD_PHP_INI_ENTRY(user_dir,                           NULL,          
  PHP_INI_SYSTEM,         OnUpdateString,                 user_dir,            
                    php_core_globals,       core_globals)
        STD_PHP_INI_ENTRY(variables_order,            EGPCS,        
 PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateStringUnempty,  
 variables_order,                php_core_globals,       core_globals)

 Modified: php/php-src/branches/PHP_5_4/main/php_globals.h
 ===
 --- php/php-src/branches/PHP_5_4/main/php_globals.h     2011-12-14 04:02:56 
 UTC (rev 321002)
 +++ php/php-src/branches/PHP_5_4/main/php_globals.h     2011-12-14 08:56:35 
 UTC (rev 321003)
 @@ -146,6 +146,7 @@
        zend_bool com_initialized;
  #endif
        long max_input_nesting_level;
 +       long max_input_vars;
        zend_bool in_user_include;

        char *user_ini_filename;

 Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
 ===
 --- php/php-src/branches/PHP_5_4/main/php_variables.c   2011-12-14 04:02:56 
 UTC (rev 321002)
 +++ php/php-src/branches/PHP_5_4/main/php_variables.c   2011-12-14 08:56:35 
 UTC (rev 321003)
 @@ -179,6 +179,9 @@
                                escaped_index = index;
                                if (zend_symtable_find(symtable1, 
 escaped_index, index_len + 1, (void **) gpc_element_p) == FAILURE
                                        || Z_TYPE_PP(gpc_element_p) != 
 IS_ARRAY) {
 +                                       if (zend_hash_num_elements(symtable1) 
 = PG(max_input_vars)) {
 +                                               php_error_docref(NULL 
 TSRMLS_CC, E_ERROR, Input variables exceeded %ld. To increase the limit 
 change max_input_vars in php.ini., PG(max_input_vars));
 +                                       }
                                        MAKE_STD_ZVAL(gpc_element);
                       

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_variables.c trunk/main/main.c trunk/main/php_globals.h

2011-12-14 Thread Christopher Jones


Dmitry,

Please update php.ini-*.

Thanks,

Chris

On 12/14/2011 12:56 AM, Dmitry Stogov wrote:

dmitry   Wed, 14 Dec 2011 08:56:35 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=321003

Log:
Added max_input_vars directive to prevent attacks based on hash collisions

Changed paths:
 U   php/php-src/branches/PHP_5_4/NEWS
 U   php/php-src/branches/PHP_5_4/main/main.c
 U   php/php-src/branches/PHP_5_4/main/php_globals.h
 U   php/php-src/branches/PHP_5_4/main/php_variables.c
 U   php/php-src/trunk/main/main.c
 U   php/php-src/trunk/main/php_globals.h
 U   php/php-src/trunk/main/php_variables.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-14 04:02:56 UTC (rev 321002)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-14 08:56:35 UTC (rev 321003)
@@ -1,6 +1,9 @@
  PHP
NEWS
  
|||
  ?? Dec 2011, PHP 5.4.0 RC4
+- Core:
+  . Added max_input_vars directive to prevent attacks based on hash collisions
+(Dmitry).
  - CLI SAPI:
. Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
  one 200 RQ and one 404). (Laruence)
@@ -9,6 +12,8 @@

  08 Dec 2011, PHP 5.4.0 RC3
  - Core:
+  . Fixed bug #60444 (Segmentation fault with include  class extending).
+(Laruence, Dmitry).
. Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
  (php at mickweiss dot com)
. Fixed bug #60240 (invalid read/writes when unserializing specially crafted

Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c2011-12-14 04:02:56 UTC (rev 
321002)
+++ php/php-src/branches/PHP_5_4/main/main.c2011-12-14 08:56:35 UTC (rev 
321003)
@@ -531,6 +531,7 @@
STD_PHP_INI_ENTRY(post_max_size,8M, 
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateLong,   post_max_size,  
sapi_globals_struct,sapi_globals)
STD_PHP_INI_ENTRY(upload_tmp_dir,   NULL,   
PHP_INI_SYSTEM, OnUpdateStringUnempty,  upload_tmp_dir, 
php_core_globals,   core_globals)
STD_PHP_INI_ENTRY(max_input_nesting_level, 64,  
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateLongGEZero, max_input_nesting_level,
php_core_globals,   core_globals)
+   STD_PHP_INI_ENTRY(max_input_vars,   1000,   
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateLongGEZero, max_input_vars, 
php_core_globals,   core_globals)

STD_PHP_INI_ENTRY(user_dir, NULL,   
PHP_INI_SYSTEM, OnUpdateString, user_dir, 
  php_core_globals,   core_globals)
STD_PHP_INI_ENTRY(variables_order,  EGPCS,  
PHP_INI_SYSTEM|PHP_INI_PERDIR,  OnUpdateStringUnempty,  variables_order,
php_core_globals,   core_globals)

Modified: php/php-src/branches/PHP_5_4/main/php_globals.h
===
--- php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 04:02:56 UTC 
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_globals.h 2011-12-14 08:56:35 UTC 
(rev 321003)
@@ -146,6 +146,7 @@
zend_bool com_initialized;
  #endif
long max_input_nesting_level;
+   long max_input_vars;
zend_bool in_user_include;

char *user_ini_filename;

Modified: php/php-src/branches/PHP_5_4/main/php_variables.c
===
--- php/php-src/branches/PHP_5_4/main/php_variables.c   2011-12-14 04:02:56 UTC 
(rev 321002)
+++ php/php-src/branches/PHP_5_4/main/php_variables.c   2011-12-14 08:56:35 UTC 
(rev 321003)
@@ -179,6 +179,9 @@
escaped_index = index;
if (zend_symtable_find(symtable1, escaped_index, 
index_len + 1, (void **)gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) != 
IS_ARRAY) {
+   if (zend_hash_num_elements(symtable1)= 
PG(max_input_vars)) {
+   php_error_docref(NULL TSRMLS_CC, E_ERROR, 
Input variables exceeded %ld. To increase the limit change max_input_vars in 
php.ini., PG(max_input_vars));
+   }
MAKE_STD_ZVAL(gpc_element);
array_init(gpc_element);

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2011-12-11 Thread Popa Adrian Marius
mariuz   Mon, 12 Dec 2011 06:33:43 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=320877

Log:
bug fixed #48877 - bindValue and bindParam do not work for PDO Firebird

Bug: https://bugs.php.net/48877 (Closed) bindValue and bindParam do not 
work for PDO Firebird
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-11 21:08:15 UTC (rev 320876)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-12 06:33:43 UTC (rev 320877)
@@ -4,6 +4,8 @@
 - CLI SAPI:
   . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
 one 200 RQ and one 404). (Laruence)
+- Pdo Firebird:
+  . Fixed bug #48877 (bindValue and bindParam do not work for PDO 
Firebird).(Mariuz)

 08 Dec 2011, PHP 5.4.0 RC3
 - Core:

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cli/php_cli_server.c branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt trunk/sapi/cli/php_cli_server.c trunk/sapi/cli/tes

2011-12-08 Thread Xinchen Hui
laruence Fri, 09 Dec 2011 05:37:41 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=320716

Log:
Fixed bug #60477 (Segfault after two multipart/form-data POST requests)

Bug: https://bugs.php.net/60477 (Assigned) Segfault after two 
multipart/form-data POST requestes, one 200 RQ and one 404
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
A   php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
U   php/php-src/trunk/sapi/cli/php_cli_server.c
A   php/php-src/trunk/sapi/cli/tests/php_cli_server_014.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-09 05:25:05 UTC (rev 320715)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-09 05:37:41 UTC (rev 320716)
@@ -1,6 +1,9 @@
 PHPNEWS
 |||
 ?? Dec 2011, PHP 5.4.0 RC4
+- CLI SAPI:
+  . Fixed bug #60477 (Segfault after two multipart/form-data POST requests).
+(Laruence)

 08 Dec 2011, PHP 5.4.0 RC3
 - Core:

Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
===
--- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c  2011-12-09 
05:25:05 UTC (rev 320715)
+++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c  2011-12-09 
05:37:41 UTC (rev 320716)
@@ -1921,6 +1921,7 @@
php_cli_server_close_connection(server, client TSRMLS_CC);
destroy_request_info(SG(request_info));
SG(server_context) = NULL;
+   SG(rfc1867_uploaded_files) = NULL;
return SUCCESS;
 }
 /* }}} */

Added: php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
===
--- php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt 
(rev 0)
+++ php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt 
2011-12-09 05:37:41 UTC (rev 320716)
@@ -0,0 +1,76 @@
+--TEST--
+Bug #60477: Segfault after two multipart/form-data POST requestes
+--SKIPIF--
+?php
+include skipif.inc;
+?
+--FILE--
+?php
+include php_cli_server.inc;
+php_cli_server_start('echo done, \n;', TRUE);
+
+list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
+$port = intval($port)?:80;
+$output = '';
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+  die(connect failed);
+}
+
+if(fwrite($fp, HEADER
+POST /index.php HTTP/1.1
+Host: {$host}
+Content-Type: multipart/form-data; boundary=-123456789
+Content-Length: 70
+
+-123456789
+Content-Type: application/x-www-form-urlencoded
+a=b
+HEADER
+)) {
+   while (!feof($fp)) {
+   $output .= fgets($fp);
+   }
+}
+
+fclose($fp);
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if(fwrite($fp, HEADER
+POST /main/no-exists.php HTTP/1.1
+Host: {$host}
+Content-Type: multipart/form-data; boundary=-123456789
+Content-Length: 70
+
+-123456789
+Content-Type: application/x-www-form-urlencoded
+a=b
+HEADER
+)) {
+   while (!feof($fp)) {
+   $output .= fgets($fp);
+   }
+}
+
+echo preg_replace(/style type=\text\/css\(.*?)\/style/s, style 
type=\text/css\AAA/style, $output), \n;
+fclose($fp);
+
+?
+--EXPECTF--
+
+HTTP/1.1 200 OK
+Host: %s
+Connection: closed
+X-Powered-By: %s
+Content-type: %s
+
+done
+HTTP/1.1 404 Not Found
+Host: %s
+Connection: closed
+Content-Type: %s
+Content-Length: %d
+
+htmlheadtitle404 Not Found/titlestyle type=text/cssAAA/style
+/headbodyh1 class=hNot Found/h1pThe requested resource 
/main/no-exists.php was not found on this server./p/body/html

Modified: php/php-src/trunk/sapi/cli/php_cli_server.c
===
--- php/php-src/trunk/sapi/cli/php_cli_server.c 2011-12-09 05:25:05 UTC (rev 
320715)
+++ php/php-src/trunk/sapi/cli/php_cli_server.c 2011-12-09 05:37:41 UTC (rev 
320716)
@@ -1921,6 +1921,7 @@
php_cli_server_close_connection(server, client TSRMLS_CC);
destroy_request_info(SG(request_info));
SG(server_context) = NULL;
+   SG(rfc1867_uploaded_files) = NULL;
return SUCCESS;
 }
 /* }}} */

Added: php/php-src/trunk/sapi/cli/tests/php_cli_server_014.phpt
===
--- php/php-src/trunk/sapi/cli/tests/php_cli_server_014.phpt
(rev 0)
+++ php/php-src/trunk/sapi/cli/tests/php_cli_server_014.phpt2011-12-09 
05:37:41 UTC (rev 320716)
@@ -0,0 +1,76 @@
+--TEST--
+Bug #60477: Segfault after two multipart/form-data POST requestes
+--SKIPIF--
+?php
+include skipif.inc;
+?
+--FILE--
+?php
+include php_cli_server.inc;
+php_cli_server_start('echo done, \n;', TRUE);
+

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS

2011-12-08 Thread Xinchen Hui
laruence Fri, 09 Dec 2011 05:55:31 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=320718

Log:
typo, sorry

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-09 05:46:40 UTC (rev 320717)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-09 05:55:31 UTC (rev 320718)
@@ -2,8 +2,8 @@
 |||
 ?? Dec 2011, PHP 5.4.0 RC4
 - CLI SAPI:
-  . Fixed bug #60477 (Segfault after two multipart/form-data POST requests).
-(Laruence)
+  . Fixed bug #60477 (Segfault after two multipart/form-data POST requests,
+one 200 RQ and one 404). (Laruence)

 08 Dec 2011, PHP 5.4.0 RC3
 - Core:

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/sapi/cli/php_cli_server.c branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt trunk/sapi/cli/php_cli_server.c trunk/sapi/cli

2011-12-08 Thread Laruence
Hi:
   this fix should be a  suboptimal fix,  the problem is for static
file,  builtin server bypass the sapi_activate (in the
send_error_page),  call sapi_activate_header_only instead.

   then when it call the sapi_deactivate, crashed.

   I have tried to make a optimize fix , but failed.

   I will have another try later, in this weekend maybe.

thanks.

On Fri, Dec 9, 2011 at 1:37 PM, Xinchen Hui larue...@php.net wrote:
 laruence                                 Fri, 09 Dec 2011 05:37:41 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=320716

 Log:
 Fixed bug #60477 (Segfault after two multipart/form-data POST requests)

 Bug: https://bugs.php.net/60477 (Assigned) Segfault after two 
 multipart/form-data POST requestes, one 200 RQ and one 404

 Changed paths:
    U   php/php-src/branches/PHP_5_4/NEWS
    U   php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
    A   php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
    U   php/php-src/trunk/sapi/cli/php_cli_server.c
    A   php/php-src/trunk/sapi/cli/tests/php_cli_server_014.phpt

 Modified: php/php-src/branches/PHP_5_4/NEWS
 ===
 --- php/php-src/branches/PHP_5_4/NEWS   2011-12-09 05:25:05 UTC (rev 320715)
 +++ php/php-src/branches/PHP_5_4/NEWS   2011-12-09 05:37:41 UTC (rev 320716)
 @@ -1,6 +1,9 @@
  PHP                                                                        
 NEWS
  |||
  ?? Dec 2011, PHP 5.4.0 RC4
 +- CLI SAPI:
 +  . Fixed bug #60477 (Segfault after two multipart/form-data POST requests).
 +    (Laruence)

  08 Dec 2011, PHP 5.4.0 RC3
  - Core:

 Modified: php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c
 ===
 --- php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c      2011-12-09 
 05:25:05 UTC (rev 320715)
 +++ php/php-src/branches/PHP_5_4/sapi/cli/php_cli_server.c      2011-12-09 
 05:37:41 UTC (rev 320716)
 @@ -1921,6 +1921,7 @@
        php_cli_server_close_connection(server, client TSRMLS_CC);
        destroy_request_info(SG(request_info));
        SG(server_context) = NULL;
 +       SG(rfc1867_uploaded_files) = NULL;
        return SUCCESS;
  }
  /* }}} */

 Added: php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt
 ===
 --- php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt       
                   (rev 0)
 +++ php/php-src/branches/PHP_5_4/sapi/cli/tests/php_cli_server_014.phpt 
 2011-12-09 05:37:41 UTC (rev 320716)
 @@ -0,0 +1,76 @@
 +--TEST--
 +Bug #60477: Segfault after two multipart/form-data POST requestes
 +--SKIPIF--
 +?php
 +include skipif.inc;
 +?
 +--FILE--
 +?php
 +include php_cli_server.inc;
 +php_cli_server_start('echo done, \n;', TRUE);
 +
 +list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
 +$port = intval($port)?:80;
 +$output = '';
 +
 +$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
 +if (!$fp) {
 +  die(connect failed);
 +}
 +
 +if(fwrite($fp, HEADER
 +POST /index.php HTTP/1.1
 +Host: {$host}
 +Content-Type: multipart/form-data; boundary=-123456789
 +Content-Length: 70
 +
 +-123456789
 +Content-Type: application/x-www-form-urlencoded
 +a=b
 +HEADER
 +)) {
 +       while (!feof($fp)) {
 +               $output .= fgets($fp);
 +       }
 +}
 +
 +fclose($fp);
 +
 +$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
 +if(fwrite($fp, HEADER
 +POST /main/no-exists.php HTTP/1.1
 +Host: {$host}
 +Content-Type: multipart/form-data; boundary=-123456789
 +Content-Length: 70
 +
 +-123456789
 +Content-Type: application/x-www-form-urlencoded
 +a=b
 +HEADER
 +)) {
 +       while (!feof($fp)) {
 +               $output .= fgets($fp);
 +       }
 +}
 +
 +echo preg_replace(/style type=\text\/css\(.*?)\/style/s, style 
 type=\text/css\AAA/style, $output), \n;
 +fclose($fp);
 +
 +?
 +--EXPECTF--
 +
 +HTTP/1.1 200 OK
 +Host: %s
 +Connection: closed
 +X-Powered-By: %s
 +Content-type: %s
 +
 +done
 +HTTP/1.1 404 Not Found
 +Host: %s
 +Connection: closed
 +Content-Type: %s
 +Content-Length: %d
 +
 +htmlheadtitle404 Not Found/titlestyle type=text/cssAAA/style
 +/headbodyh1 class=hNot Found/h1pThe requested resource 
 /main/no-exists.php was not found on this server./p/body/html

 Modified: php/php-src/trunk/sapi/cli/php_cli_server.c
 ===
 --- php/php-src/trunk/sapi/cli/php_cli_server.c 2011-12-09 05:25:05 UTC (rev 
 320715)
 +++ php/php-src/trunk/sapi/cli/php_cli_server.c 2011-12-09 05:37:41 UTC (rev 
 320716)
 @@ -1921,6 +1921,7 @@
        php_cli_server_close_connection(server, client TSRMLS_CC);
        destroy_request_info(SG(request_info));
        SG(server_context) = NULL;
 +       SG(rfc1867_uploaded_files) = NULL;
        return SUCCESS;
  }
  /* }}} */

 Added: 

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_ini.c branches/PHP_5_4/tests/basic/bug54514.phpt trunk/mai

2011-12-07 Thread Xinchen Hui
laruence Wed, 07 Dec 2011 10:33:13 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=320567

Log:
Implemented FR #54514 (Get php binary path during script execution).

Bug: https://bugs.php.net/54514 (Open) Get php binary path during script 
execution
  
Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/main/main.c
U   php/php-src/branches/PHP_5_4/main/php_globals.h
U   php/php-src/branches/PHP_5_4/main/php_ini.c
A   php/php-src/branches/PHP_5_4/tests/basic/bug54514.phpt
U   php/php-src/trunk/main/main.c
U   php/php-src/trunk/main/php_globals.h
U   php/php-src/trunk/main/php_ini.c
A   php/php-src/trunk/tests/basic/bug54514.phpt

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS	2011-12-07 10:28:56 UTC (rev 320566)
+++ php/php-src/branches/PHP_5_4/NEWS	2011-12-07 10:33:13 UTC (rev 320567)
@@ -6,6 +6,8 @@
 (php at mickweiss dot com)
   . Fixed bug #60240 (invalid read/writes when unserializing specially crafted
 strings). (Mike)
+  . Implement FR #54514 (Get php binary path during script execution).
+(Laruence)

 - CLI SAPI:
   . Implement FR #60390 (Missing $_SERVER['SERVER_PORT']). (Pierre)

Modified: php/php-src/branches/PHP_5_4/main/main.c
===
--- php/php-src/branches/PHP_5_4/main/main.c	2011-12-07 10:28:56 UTC (rev 320566)
+++ php/php-src/branches/PHP_5_4/main/main.c	2011-12-07 10:33:13 UTC (rev 320567)
@@ -255,6 +255,57 @@
 }
 /* }}} */

+/* {{{ php_binary_init
+ */
+static void php_binary_init(TSRMLS_D)
+{
+	char *binary_location;
+#ifdef PHP_WIN32
+	binary_location = (char *)malloc(MAXPATHLEN);
+	if (GetModuleFileName(0, binary_location, MAXPATHLEN) == 0) {
+		free(binary_location);
+		PG(php_binary) = NULL;
+	}
+#else
+	if (sapi_module.executable_location) {
+		binary_location = (char *)malloc(MAXPATHLEN);
+		if (!strchr(sapi_module.executable_location, '/')) {
+			char *envpath, *path;
+			int found = 0;
+
+			if ((envpath = getenv(PATH)) != NULL) {
+char *search_dir, search_path[MAXPATHLEN];
+char *last = NULL;
+
+path = estrdup(envpath);
+search_dir = php_strtok_r(path, :, last);
+
+while (search_dir) {
+	snprintf(search_path, MAXPATHLEN, %s/%s, search_dir, sapi_module.executable_location);
+	if (VCWD_REALPATH(search_path, binary_location)  !VCWD_ACCESS(binary_location, X_OK)) {
+		found = 1;
+		break;
+	}
+	search_dir = php_strtok_r(NULL, :, last);
+}
+efree(path);
+			}
+			if (!found) {
+free(binary_location);
+binary_location = NULL;
+			}
+		} else if (!VCWD_REALPATH(sapi_module.executable_location, binary_location) || VCWD_ACCESS(binary_location, X_OK)) {
+			free(binary_location);
+			binary_location = NULL;
+		}
+	} else {
+		binary_location = NULL;
+	}
+#endif
+	PG(php_binary) = binary_location;
+}
+/* }}} */
+
 /* {{{ PHP_INI_MH
  */
 static PHP_INI_MH(OnUpdateTimeout)
@@ -1819,6 +1870,9 @@
 	if (core_globals-disable_classes) {
 		free(core_globals-disable_classes);
 	}
+	if (core_globals-php_binary) {
+		free(core_globals-php_binary);
+	}

 	php_shutdown_ticks(TSRMLS_C);
 }
@@ -2069,6 +2123,13 @@
 	REGISTER_MAIN_LONG_CONSTANT(PHP_WINDOWS_NT_WORKSTATION, VER_NT_WORKSTATION, CONST_PERSISTENT | CONST_CS);
 #endif

+	php_binary_init(TSRMLS_C);
+	if (PG(php_binary)) {
+		REGISTER_MAIN_STRINGL_CONSTANT(PHP_BINARY, PG(php_binary), strlen(PG(php_binary)), CONST_PERSISTENT | CONST_CS);
+	} else {
+		REGISTER_MAIN_STRINGL_CONSTANT(PHP_BINARY, , 0, CONST_PERSISTENT | CONST_CS);
+	}
+
 	php_output_register_constants(TSRMLS_C);
 	php_rfc1867_register_constants(TSRMLS_C);


Modified: php/php-src/branches/PHP_5_4/main/php_globals.h
===
--- php/php-src/branches/PHP_5_4/main/php_globals.h	2011-12-07 10:28:56 UTC (rev 320566)
+++ php/php-src/branches/PHP_5_4/main/php_globals.h	2011-12-07 10:33:13 UTC (rev 320567)
@@ -84,6 +84,7 @@
 	char *include_path;
 	char *open_basedir;
 	char *extension_dir;
+	char *php_binary;

 	char *upload_tmp_dir;
 	long upload_max_filesize;

Modified: php/php-src/branches/PHP_5_4/main/php_ini.c
===
--- php/php-src/branches/PHP_5_4/main/php_ini.c	2011-12-07 10:28:56 UTC (rev 320566)
+++ php/php-src/branches/PHP_5_4/main/php_ini.c	2011-12-07 10:33:13 UTC (rev 320567)
@@ -393,7 +393,6 @@
 		int search_path_size;
 		char *default_location;
 		char *env_location;
-		char *binary_location;
 		static const char paths_separator[] = { ZEND_PATHS_SEPARATOR, 0 };
 #ifdef PHP_WIN32
 		char *reg_location;
@@ -472,52 +471,12 @@
 			strlcat(php_ini_search_path, ., search_path_size);
 		}

-		/* Add binary directory */
-#ifdef PHP_WIN32
-		binary_location = (char *) emalloc(MAXPATHLEN);
-		if 

Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_ini.c branches/PHP_5_4/tests/basic/bug54514.phpt trunk

2011-12-07 Thread Pierre Joye
this patch is not correct, php crashes on startup when a request is initialized.

==7872==at 0x816204B: php_auto_globals_create_request (php_variables.c:804)
==7872==by 0x818E564: zend_auto_global_init (zend_compile.c:6694)
==7872==by 0x81BB0CE: zend_hash_apply (zend_hash.c:716)
==7872==by 0x818FFEA: zend_activate_auto_globals (zend_compile.c:6704)
==7872==by 0x81629BE: php_hash_environment (php_variables.c:629)
==7872==by 0x8154D1C: php_request_startup (main.c:1567)
==7872==by 0x82507CD: do_cli (php_cli.c:954)
==7872==by 0x8251403: main (php_cli.c:1356)

or on windows:

php_auto_globals_create_request(const char * name=0x10663298, unsigned
int name_len=8, void * * * tsrm_ls=0x026a4f60)  Line 804 + 0x16
bytes   C
zend_auto_global_init(_zend_auto_global * auto_global=0x029a3620, void
* * * tsrm_ls=0x026a4f60)  Line 6694 + 0x1b bytes   C
zend_hash_apply(_hashtable * ht=0x029ebd40, int (void *, void * * *)*
apply_func=0x1026b880, void * * * tsrm_ls=0x026a4f60)  Line 716 + 0x10
bytes   C
zend_activate_auto_globals(void * * * tsrm_ls=0x026a4f60)  Line 6704 +
0x23 bytes  C
php_hash_environment(void * * * tsrm_ls=0x026a4f60)  Line 629 + 0x9 bytes   
C
php_request_startup(void * * * tsrm_ls=0x026a4f60)  Line 1567 + 0x9 bytes   
C
do_cli(int argc=6, char * * argv=0x026a4e28, void * * *
tsrm_ls=0x026a4f60)  Line 954 + 0xc bytes   C
main(int argc=6, char * * argv=0x026a4e28)  Line 1356 + 0x11 bytes  C
__tmainCRTStartup()  Line 586 + 0x19 bytes  C
mainCRTStartup()  Line 403  C
On Wed, Dec 7, 2011 at 11:33 AM, Xinchen Hui larue...@php.net wrote:
 laruence                                 Wed, 07 Dec 2011 10:33:13 +

 Revision: http://svn.php.net/viewvc?view=revisionrevision=320567

 Log:
 Implemented FR #54514 (Get php binary path during script execution).

 Bug: https://bugs.php.net/54514 (Open) Get php binary path during script 
 execution

 Changed paths:
    U   php/php-src/branches/PHP_5_4/NEWS
    U   php/php-src/branches/PHP_5_4/main/main.c
    U   php/php-src/branches/PHP_5_4/main/php_globals.h
    U   php/php-src/branches/PHP_5_4/main/php_ini.c
    A   php/php-src/branches/PHP_5_4/tests/basic/bug54514.phpt
    U   php/php-src/trunk/main/main.c
    U   php/php-src/trunk/main/php_globals.h
    U   php/php-src/trunk/main/php_ini.c
    A   php/php-src/trunk/tests/basic/bug54514.phpt


 --
 PHP CVS Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php



-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/main/main.c branches/PHP_5_4/main/php_globals.h branches/PHP_5_4/main/php_ini.c branches/PHP_5_4/tests/basic/bug54514.phpt trunk

2011-12-07 Thread Pierre Joye
seems to be due to partially generated global table, clean build and I
cannot reproduce the crash anymore. Sorry for the noise :)

On Wed, Dec 7, 2011 at 12:20 PM, Pierre Joye pierre@gmail.com wrote:
 this patch is not correct, php crashes on startup when a request is 
 initialized.


-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/NEWS branches/PHP_5_4/ext/openssl/openssl.c trunk/ext/openssl/openssl.c

2011-12-07 Thread Scott MacVicar
scottmac Wed, 07 Dec 2011 20:50:33 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=320612

Log:
Make sure that we set the strong crypto result to false as well as returning 
false.

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
U   php/php-src/trunk/ext/openssl/openssl.c

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-07 20:36:39 UTC (rev 320611)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-07 20:50:33 UTC (rev 320612)
@@ -18,6 +18,10 @@

 - Intl:
   . Added support for UTS #46. (Gustavo)
+
+- OpenSSL:
+  . On error in openssl_random_pseudo_bytes() make sure we set strong result
+to false. (Scott)

 - Reflection:
   . Fixed bug #60367 (Reflection and Late Static Binding). (Laruence)

Modified: php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
===
--- php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-12-07 20:36:39 UTC 
(rev 320611)
+++ php/php-src/branches/PHP_5_4/ext/openssl/openssl.c  2011-12-07 20:50:33 UTC 
(rev 320612)
@@ -4941,13 +4941,19 @@
 #ifdef PHP_WIN32
strong_result = 1;
/* random/urandom equivalent on Windows */
-   if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == 
FAILURE){
+   if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == 
FAILURE) {
efree(buffer);
+   if (zstrong_result_returned) {
+   ZVAL_BOOL(zstrong_result_returned, 0);
+   }
RETURN_FALSE;
}
 #else
if ((strong_result = RAND_pseudo_bytes(buffer, buffer_length))  0) {
efree(buffer);
+   if (zstrong_result_returned) {
+   ZVAL_BOOL(zstrong_result_returned, 0);
+   }
RETURN_FALSE;
}
 #endif

Modified: php/php-src/trunk/ext/openssl/openssl.c
===
--- php/php-src/trunk/ext/openssl/openssl.c 2011-12-07 20:36:39 UTC (rev 
320611)
+++ php/php-src/trunk/ext/openssl/openssl.c 2011-12-07 20:50:33 UTC (rev 
320612)
@@ -4939,11 +4939,17 @@
/* random/urandom equivalent on Windows */
if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == 
FAILURE){
efree(buffer);
+   if (zstrong_result_returned) {
+   ZVAL_BOOL(zstrong_result_returned, 0);
+   }
RETURN_FALSE;
}
 #else
if ((strong_result = RAND_pseudo_bytes(buffer, buffer_length))  0) {
efree(buffer);
+   if (zstrong_result_returned) {
+   ZVAL_BOOL(zstrong_result_returned, 0);
+   }
RETURN_FALSE;
}
 #endif

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2011-12-07 Thread Stanislav Malyshev
stas Thu, 08 Dec 2011 07:15:44 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=320631

Log:
5.4.0rc3

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-08 06:57:34 UTC (rev 320630)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-08 07:15:44 UTC (rev 320631)
@@ -1,6 +1,6 @@
 PHPNEWS
 |||
-?? ??? 2011, PHP 5.4.0 RC3
+08 Dec 2011, PHP 5.4.0 RC3
 - Core:
   . Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
 (php at mickweiss dot com)

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2011-12-08 06:57:34 UTC (rev 
320630)
+++ php/php-src/branches/PHP_5_4/configure.in   2011-12-08 07:15:44 UTC (rev 
320631)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC3-dev
+PHP_EXTRA_VERSION=RC3
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-08 06:57:34 UTC 
(rev 320630)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-08 07:15:44 UTC 
(rev 320631)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC3-dev
-#define PHP_VERSION 5.4.0RC3-dev
+#define PHP_EXTRA_VERSION RC3
+#define PHP_VERSION 5.4.0RC3
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS configure.in main/php_version.h

2011-12-07 Thread Stanislav Malyshev
stas Thu, 08 Dec 2011 07:17:27 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=320632

Log:
back to dev

Changed paths:
U   php/php-src/branches/PHP_5_4/NEWS
U   php/php-src/branches/PHP_5_4/configure.in
U   php/php-src/branches/PHP_5_4/main/php_version.h

Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS   2011-12-08 07:15:44 UTC (rev 320631)
+++ php/php-src/branches/PHP_5_4/NEWS   2011-12-08 07:17:27 UTC (rev 320632)
@@ -1,5 +1,7 @@
 PHPNEWS
 |||
+?? Dec 2011, PHP 5.4.0 RC4
+
 08 Dec 2011, PHP 5.4.0 RC3
 - Core:
   . Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).

Modified: php/php-src/branches/PHP_5_4/configure.in
===
--- php/php-src/branches/PHP_5_4/configure.in   2011-12-08 07:15:44 UTC (rev 
320631)
+++ php/php-src/branches/PHP_5_4/configure.in   2011-12-08 07:17:27 UTC (rev 
320632)
@@ -120,7 +120,7 @@
 PHP_MAJOR_VERSION=5
 PHP_MINOR_VERSION=4
 PHP_RELEASE_VERSION=0
-PHP_EXTRA_VERSION=RC3
+PHP_EXTRA_VERSION=RC4-dev
 
PHP_VERSION=$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION
 PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 
100 + [$]PHP_RELEASE_VERSION`


Modified: php/php-src/branches/PHP_5_4/main/php_version.h
===
--- php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-08 07:15:44 UTC 
(rev 320631)
+++ php/php-src/branches/PHP_5_4/main/php_version.h 2011-12-08 07:17:27 UTC 
(rev 320632)
@@ -3,6 +3,6 @@
 #define PHP_MAJOR_VERSION 5
 #define PHP_MINOR_VERSION 4
 #define PHP_RELEASE_VERSION 0
-#define PHP_EXTRA_VERSION RC3
-#define PHP_VERSION 5.4.0RC3
+#define PHP_EXTRA_VERSION RC4-dev
+#define PHP_VERSION 5.4.0RC4-dev
 #define PHP_VERSION_ID 50400

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

  1   2   3   >