Hello community, here is the log from the commit of package php5 checked in at Mon May 28 15:04:23 CEST 2007. -------- --- php5/php5.changes 2007-05-04 13:16:54.000000000 +0200 +++ /mounts/work_src_done/STABLE/php5/php5.changes 2007-05-28 10:15:08.000000000 +0200 @@ -1,0 +2,56 @@ +Mon May 21 12:00:45 CEST 2007 - mmarek@suse.cz + +- fixed the dba extension adding -ldb-4.x to global LDFLAGS, + causing unnecessary dependency in /usr/bin/php5 + [http://bugs.php.net/bug.php?id=41455] + +------------------------------------------------------------------- +Sat May 19 22:59:37 UTC 2007 - judas_iscariote@shorewall.net + +- updated suhosin to version 0.9.20, security fix + bugfixes +see http://www.hardened-php.net/suhosin/changelog.html for more detail. + +------------------------------------------------------------------- +Mon May 14 03:13:01 UTC 2007 - judas_iscariote@shorewall.net + +- fix devel package, in the reality PHP does not currenly require expat. + headers provides a expat compatibility layer but it is no longer in use + by our packages as libxml2 is always prefered, (and HAVE_LIBEXPAT is not defined) + +------------------------------------------------------------------- +Fri May 11 13:22:29 UTC 2007 - judas_iscariote@shorewall.net + +- update php5-test-fixes fixing another bug in zend_compile.c +- use rpm macros in the spec file +- when removing apache2-mod_php5, unload it from apache first. +- when updating apache2-mod_php5 restart apache with restart on update macro. + +------------------------------------------------------------------- +Sun May 6 21:49:54 UTC 2007 - judas_iscariote@shorewall.net + +- HTTP_RAW_POST_DATA superglobal broken (php5-phpbug-41293.patch) +- better fix for MOPB 41. + +------------------------------------------------------------------- +Sat May 5 00:59:25 UTC 2007 - judas_iscariote@shorewall.net + +- remove --enable-memory-limit configure flag, it disappeared in 5.2.1, + nowdays memory_limit is always enabled. + +------------------------------------------------------------------- +Fri May 4 09:58:35 UTC 2007 - judas_iscariote@shorewall.net + +- add php5-test-fixes.patch fixing a test case that wont pass on i586 +as well a real fix for Zend/tests/bug41117_1.phpt problem, that was commited +after the release was done. there is another test case that fails in 10.2 +ext/pcre/tests/bug40195.phpt but this is not a PHP problem but a bug in PCRE. + +- added missing fix for PMOPB-45-2007 PHP ext/filter Email Validation Vulnerability (minor) + +------------------------------------------------------------------- +Fri May 4 05:58:13 UTC 2007 - judas_iscariote@shorewall.net + +- php5-devel package now requires pcre-devel for > 10.1 as 5.2.2 installs + php_pcre.h header that needs it. + +------------------------------------------------------------------- Old: ---- suhosin-0.9.19.tgz New: ---- get_ini_settings.php php5-avoid-libdb-dependency.patch php5-MOPB-41-betterfix.patch php5-phpbug-41293.patch php5-PMOPB-45-2007.patch php5-test-fixes.patch suhosin-0.9.20.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ php5.spec ++++++ --- /var/tmp/diff_new_pack.W23404/_old 2007-05-28 15:03:54.000000000 +0200 +++ /var/tmp/diff_new_pack.W23404/_new 2007-05-28 15:03:54.000000000 +0200 @@ -11,7 +11,7 @@ # norootforbuild Name: php5 -%define suhosin_version 0.9.19 +%define suhosin_version 0.9.20 %define suhosin_patch_version 0.9.6.2 %define with_suhosin_patch 1 %define pkg_name php5 @@ -22,7 +22,7 @@ %else BuildRequires: krb5-devel %endif -BuildRequires: apache2-devel bison curl-devel db-devel gmp-devel gtk-devel imap imap-devel libmcrypt-devel libtidy-devel libtiff-devel libxslt-devel mhash-devel mm-devel mysql-devel net-snmp-devel openldap2 openldap2-devel orbit-devel pam-devel pkgconfig postfix postgresql-devel qt3-devel tcpd-devel unixODBC-devel update-alternatives zip +BuildRequires: apache2-devel bison curl-devel db-devel gmp-devel gtk-devel imap imap-devel libmcrypt-devel libtidy-devel libtiff-devel libxslt-devel mhash-devel mm-devel mysql-devel ncurses-devel net-snmp-devel openldap2 openldap2-devel orbit-devel pam-devel pkgconfig postfix postgresql-devel qt3-devel tcpd-devel unixODBC-devel update-alternatives zip %if %{with_spell} BuildRequires: aspell-devel %endif @@ -58,7 +58,7 @@ ######################################## # apache macros ######################################## -%define apxs2 /usr/sbin/apxs2 +%define apxs2 %{_sbindir}/apxs2 %define apache2_mmn %(MMN=$(%{apxs2} -q LIBEXECDIR)_MMN; test -x $MMN && $MMN) %define apache2_libexecdir %(%{apxs2} -q LIBEXECDIR) %define apache2_sysconfdir %(%{apxs2} -q SYSCONFDIR) @@ -67,14 +67,15 @@ ### ### Version: 5.2.2 -Release: 2 -License: Other uncritical OpenSource License +Release: 13 +License: Other uncritical OpenSource License, Other License(s), see package Group: Productivity/Networking/Web/Servers Provides: php zend php-xml php-spl php-simplexml php-session php-pcre php-date php-reflection php-filter +Provides: php-dbx php-dio php-fam php-filepro php-yp Autoreqprov: on PreReq: update-alternatives #extensions that are no longer here -Obsoletes: php5-dbx php5-dio php5-fam php5-filepro php5-yp +Obsoletes: php-dbx php-dio php-fam php-filepro php-yp Source0: php-%{version}.tar.bz2 Source1: php-suse-addons.tar.bz2 Source2: suhosin-%{suhosin_version}.tgz @@ -93,6 +94,15 @@ Patch8: php5-really-norpath.patch # compiler warnings Patch9: php5-warnings.patch +#wrong test case and post release fix for one. +Patch10: php5-test-fixes.patch +#HTTP_RAW_POST_DATA broked. +Patch11: php5-phpbug-41293.patch +# /usr/bin/php5 linked against libdb +Patch12: php5-avoid-libdb-dependency.patch +#please use patch30 and up for security fixes +Patch30: php5-PMOPB-45-2007.patch +Patch31: php5-MOPB-41-betterfix.patch URL: http://www.php.net BuildRoot: %{_tmppath}/%{name}-%{version}-build Icon: php5.xpm @@ -118,9 +128,13 @@ Summary: Include files of PHP5 Group: Development/Libraries/C and C++ #this is required by the installed development headers -Requires: %{name} = %{version} glibc-devel libxml2-devel libexpat-devel +Requires: %{name} = %{version} glibc-devel libxml2-devel #this is needed for "pecl" functionality Requires: autoconf automake libtool +# 5.2.2 or later installs php_pcre.h that requires pcre-devel +%if 0%{?suse_version} > 1010 +Requires: pcre-devel +%endif Conflicts: php4-devel %description devel @@ -567,7 +581,7 @@ Summary: PHP5 Extension Module Group: Productivity/Networking/Web/Servers Requires: %{name} = %{version} %{name}-pdo = %{version} -Obsoletes: %{name}-mysqli < 5.2.0 +Obsoletes: %{name}-mysqli < %{version} %description mysql PHP functions for access to MySQL database servers. @@ -1063,9 +1077,9 @@ %prep %setup -q -n php-%{version} -a 1 -tar xf %{S:2} -C ext -mv ext/suhosin-%{suhosin_version} ext/suhosin -cp %{S:4} pear/README.SUSE +%{__tar} xf %{S:2} -C ext +%{__mv} ext/suhosin-%{suhosin_version} ext/suhosin +%{__cp} %{S:4} pear/README.SUSE %patch1 %patch2 %patch3 -p1 @@ -1076,16 +1090,22 @@ %endif %patch8 -p1 %patch9 +%patch10 +%patch11 +%patch12 +#security fixes +%patch30 +%patch31 # we build three SAPI -mkdir -p build-apache2 -mkdir -p build-fastcgi/sapi/cgi/libfcgi -mkdir -p build-cli/ext/sqlite/libsqlite/src/ +%{__mkdir} -p build-apache2 +%{__mkdir} -p build-fastcgi/sapi/cgi/libfcgi +%{__mkdir} -p build-cli/ext/sqlite/libsqlite/src/ # THis happends only with bison 1.875 %if 0%{?suse_version} < 1010 # our bison seems to generate wrong parser, so use the pregenerated ones... for sapi in apache2 fastcgi cli ; do - mkdir build-$sapi/Zend - cp \ + %{__mkdir} build-$sapi/Zend + %{__cp} \ Zend/zend_language_scanner.c \ Zend/zend_language_parser.h \ Zend/zend_language_parser.c \ @@ -1096,9 +1116,10 @@ %endif %build +#find %{_libdir} -name "*.la" | xargs grep 'dependency_libs=''' # Force use of system libtool(when newer than the included) %if 0%{?suse_version} > 1000 -libtoolize --force --copy +%{__libtoolize} --force --copy cat `aclocal --print-ac-dir`/libtool.m4 > build/libtool.m4 %endif #get rid of bundled libraries which are not used in 10.2 and later @@ -1107,7 +1128,7 @@ %endif # regenerate configure etc. # workaround: suhosin-patch updates timestamp of configure, confusing buildconf -rm configure +%{__rm} configure ./buildconf --force # export flags CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -D_GNU_SOURCE -pipe" @@ -1151,7 +1172,6 @@ --enable-spl \ --enable-filter \ --disable-debug \ - --enable-memory-limit \ --enable-inline-optimization \ --disable-rpath \ --disable-static \ @@ -1284,9 +1304,9 @@ # Run tests, using the CLI SAPI export NO_INTERACTION=1 REPORT_EXIT_STATUS=1 MALLOC_CHECK_=2 LANG=POSIX LC_ALL=POSIX unset TZ -make test +%{__make} test set +x -for f in `find .. -name \*.diff -type f -print`; do +for f in `find .. -name "*.diff" -type f -print`; do echo "TEST FAILURE: $f --" cat "$f" echo "-- $f result ends." @@ -1305,20 +1325,20 @@ # do the actual installation Install apache2 #need it for yast module -mv %{buildroot}%{apache2_libexecdir}/libphp5.so %{buildroot}%{apache2_libexecdir}/mod_php5.so +%{__mv} %{buildroot}%{apache2_libexecdir}/libphp5.so %{buildroot}%{apache2_libexecdir}/mod_php5.so Install fastcgi Install cli # generate php.ini from php.ini-recommendedt: -install -d -m 755 %{buildroot}/%{php_sysconf}/conf.d -install -d -m 755 %{buildroot}/%{php_sysconf}/apache2 -install -d -m 755 %{buildroot}/%{php_sysconf}/cli -install -d -m 755 %{buildroot}/%{php_sysconf}/fastcgi -sed "s=@extdir@=%{extension_dir}=" php.ini-recommended \ +%{__install} -d -m 755 %{buildroot}/%{php_sysconf}/conf.d +%{__install} -d -m 755 %{buildroot}/%{php_sysconf}/apache2 +%{__install} -d -m 755 %{buildroot}/%{php_sysconf}/cli +%{__install} -d -m 755 %{buildroot}/%{php_sysconf}/fastcgi +%{__sed} "s=@extdir@=%{extension_dir}=" php.ini-recommended \ > %{buildroot}/%{php_sysconf}/apache2/php.ini -sed "s=@extdir@=%{extension_dir}=" php.ini-recommended \ +%{__sed} "s=@extdir@=%{extension_dir}=" php.ini-recommended \ | sed -r 's/^(html_errors|implicit_flush|max_execution_time|register_argc_argv)/;\1/' \ > %{buildroot}/%{php_sysconf}/cli/php.ini -sed "s=@extdir@=%{extension_dir}=" php.ini-recommended \ +%{__sed} "s=@extdir@=%{extension_dir}=" php.ini-recommended \ > %{buildroot}/%{php_sysconf}/fastcgi/php.ini # prepare configuration files for each extension extern_modules="" @@ -1336,34 +1356,34 @@ echo "extension=$ext.so" >> %{buildroot}/%{php_sysconf}/conf.d/$ext.ini done #suhosin configuration -install -m 644 ext/suhosin/suhosin.ini %{buildroot}/%{php_sysconf}/conf.d/suhosin.ini +%{__install} -m 644 ext/suhosin/suhosin.ini %{buildroot}/%{php_sysconf}/conf.d/suhosin.ini # list of builtin modules builtin_modules=`./build-cli/sapi/cli/php -m | egrep -v '^(\[.*)?$' | sort | tr '\n' ' '` # update readme -sed "s=@EXTERN_MODULES@=$extern_modules=;s=@BUILTIN_MODULES@=$builtin_modules=" php-suse-addons/README.SUSE > README.SUSE +%{__sed} "s=@EXTERN_MODULES@=$extern_modules=;s=@BUILTIN_MODULES@=$builtin_modules=" php-suse-addons/README.SUSE > README.SUSE # apache configuration -mkdir -p %{buildroot}%{apache2_sysconfdir}/conf.d -install -m 644 php-suse-addons/sysconfig.apache2 %{buildroot}/%{apache2_sysconfdir}/conf.d/%{pkg_name}.conf +%{__mkdir} -p %{buildroot}%{apache2_sysconfdir}/conf.d +%{__install} -m 644 php-suse-addons/sysconfig.apache2 %{buildroot}/%{apache2_sysconfdir}/conf.d/%{pkg_name}.conf # rename to php5 pushd %{buildroot}%{cgi_dir} -#mv php php5 -rm php-config5 phpize5 +#%{__mv} php php5 +%{__rm} php-config5 phpize5 popd pushd %{buildroot}/%{_bindir} -#mv php php5 -mv pear pear5 -mv pecl pecl5 +#%{__mv} php php5 +%{__mv} pear pear5 +%{__mv} pecl pecl5 popd #pushd %{buildroot}/%{_mandir}/man1 -#mv php.1 php5.1 +#%{__mv} php.1 php5.1 #popd # directory for sessions -install -d %{buildroot}/var/lib/%{pkg_name} +%{__install} -d %{buildroot}/var/lib/%{pkg_name} # documentation -mv sapi/cli/README README.CLI -mv sapi/cgi/README.FastCGI README.FastCGI -rm -rf %{buildroot}/{.channels,.depdb*,.filemap,.lock,usr/bin/peardev} -install -d -m 0755 %{buildroot}/%{peardir}/test +%{__mv} sapi/cli/README README.CLI +%{__mv} sapi/cgi/README.FastCGI README.FastCGI +%{__rm} -rf %{buildroot}/{.channels,.depdb*,.filemap,.lock,usr/bin/peardev} +%{__install} -d -m 0755 %{buildroot}/%{peardir}/test %post update-alternatives --install %{_bindir}/php php %{_bindir}/php5 5 \ @@ -1414,6 +1434,20 @@ fi fi +%preun -n apache2-mod_php5 +if [ "$1" = "0" ] +then + if [ -x /usr/sbin/a2enmod ] + then + if a2enmod -q php5; then + a2dismod php5 + fi + fi +fi + +%postun -n apache2-mod_php5 +%restart_on_update apache2 + %clean rm -rf %{buildroot} @@ -1718,8 +1752,39 @@ %config(noreplace) %{php_sysconf}/conf.d/zlib.ini %changelog +* Mon May 21 2007 - mmarek@suse.cz +- fixed the dba extension adding -ldb-4.x to global LDFLAGS, + causing unnecessary dependency in /usr/bin/php5 + [http://bugs.php.net/bug.php?id=41455] +* Sat May 19 2007 - judas_iscariote@shorewall.net +- updated suhosin to version 0.9.20, security fix + bugfixes + see http://www.hardened-php.net/suhosin/changelog.html for more detail. +* Mon May 14 2007 - judas_iscariote@shorewall.net +- fix devel package, in the reality PHP does not currenly require expat. + headers provides a expat compatibility layer but it is no longer in use + by our packages as libxml2 is always prefered, (and HAVE_LIBEXPAT is not defined) +* Fri May 11 2007 - judas_iscariote@shorewall.net +- update php5-test-fixes fixing another bug in zend_compile.c +- use rpm macros in the spec file +- when removing apache2-mod_php5, unload it from apache first. +- when updating apache2-mod_php5 restart apache with restart on update macro. +* Sun May 06 2007 - judas_iscariote@shorewall.net +- HTTP_RAW_POST_DATA superglobal broken (php5-phpbug-41293.patch) +- better fix for MOPB 41. +* Sat May 05 2007 - judas_iscariote@shorewall.net +- remove --enable-memory-limit configure flag, it disappeared in 5.2.1, + nowdays memory_limit is always enabled. * Fri May 04 2007 - prusnak@suse.cz - changed expat to libexpat-devel in Requires of devel subpackage +* Fri May 04 2007 - judas_iscariote@shorewall.net +- add php5-test-fixes.patch fixing a test case that wont pass on i586 + as well a real fix for Zend/tests/bug41117_1.phpt problem, that was commited + after the release was done. there is another test case that fails in 10.2 + ext/pcre/tests/bug40195.phpt but this is not a PHP problem but a bug in PCRE. +- added missing fix for PMOPB-45-2007 PHP ext/filter Email Validation Vulnerability (minor) +* Fri May 04 2007 - judas_iscariote@shorewall.net +- php5-devel package now requires pcre-devel for > 10.1 as 5.2.2 installs + php_pcre.h header that needs it. * Thu May 03 2007 - mmarek@suse.cz - fixed some new compiler warnings * Thu May 03 2007 - judas_iscariote@shorewall.net ++++++ php5-avoid-libdb-dependency.patch ++++++ breaking out of the for loop right after the link test leaves $LIBS and $LDFLAGS with their temporary values --- ext/dba/config.m4.orig +++ ext/dba/config.m4 @@ -172,6 +172,7 @@ dnl parameters(version, library list, fu AC_DEFUN([PHP_DBA_DB_CHECK],[ for LIB in $2; do if test -f $THIS_PREFIX/$PHP_LIBDIR/lib$LIB.a || test -f $THIS_PREFIX/$PHP_LIBDIR/lib$LIB.$SHLIB_SUFFIX_NAME; then + unset PHP_DBA_DB_CHECK_found_it PHP_TEMP_LDFLAGS(-L$THIS_PREFIX/$PHP_LIBDIR, -l$LIB,[ AC_TRY_LINK([ #include "$THIS_INCLUDE" @@ -185,10 +186,14 @@ AC_DEFUN([PHP_DBA_DB_CHECK],[ #endif ],[ THIS_LIBS=$LIB - break + PHP_DBA_DB_CHECK_found_it=1 ]) ]) ]) + if test -n "$PHP_DBA_DB_CHECK_found_it"; then + unset PHP_DBA_DB_CHECK_found_it + break + fi fi done if test -z "$THIS_LIBS"; then ++++++ php5-MOPB-41-betterfix.patch ++++++ Index: ext/sqlite/sess_sqlite.c =================================================================== RCS file: /repository/php-src/ext/sqlite/sess_sqlite.c,v retrieving revision 1.18.2.1.2.1 retrieving revision 1.18.2.1.2.2 diff -u -r1.18.2.1.2.1 -r1.18.2.1.2.2 --- ext/sqlite/sess_sqlite.c 1 Jan 2007 09:36:07 -0000 1.18.2.1.2.1 +++ ext/sqlite/sess_sqlite.c 5 May 2007 15:36:15 -0000 1.18.2.1.2.2 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: sess_sqlite.c,v 1.18.2.1.2.1 2007/01/01 09:36:07 sebastian Exp $ */ +/* $Id: sess_sqlite.c,v 1.18.2.1.2.2 2007/05/05 15:36:15 iliaa Exp $ */ #include "php.h" @@ -110,9 +110,13 @@ case SQLITE_ROW: if (rowdata[0] != NULL) { *vallen = strlen(rowdata[0]); - *val = emalloc(*vallen); - *vallen = sqlite_decode_binary(rowdata[0], *val); - (*val)[*vallen] = '\0'; + if (*vallen) { + *val = emalloc(*vallen); + *vallen = sqlite_decode_binary(rowdata[0], *val); + (*val)[*vallen] = '\0'; + } else { + *val = STR_EMPTY_ALLOC(); + } } break; default: Index: ext/sqlite/sqlite.c =================================================================== RCS file: /repository/php-src/ext/sqlite/sqlite.c,v retrieving revision 1.166.2.13.2.7 retrieving revision 1.166.2.13.2.8 diff -u -r1.166.2.13.2.7 -r1.166.2.13.2.8 --- ext/sqlite/sqlite.c 6 Mar 2007 02:17:13 -0000 1.166.2.13.2.7 +++ ext/sqlite/sqlite.c 5 May 2007 15:36:15 -0000 1.166.2.13.2.8 @@ -17,7 +17,7 @@ | Marcus Boerger <helly@php.net> | +----------------------------------------------------------------------+ - $Id: sqlite.c,v 1.166.2.13.2.7 2007/03/06 02:17:13 stas Exp $ + $Id: sqlite.c,v 1.166.2.13.2.8 2007/05/05 15:36:15 iliaa Exp $ */ #ifdef HAVE_CONFIG_H @@ -73,7 +73,7 @@ extern int sqlite_decode_binary(const unsigned char *in, unsigned char *out); #define php_sqlite_encode_binary(in, n, out) sqlite_encode_binary((const unsigned char *)in, n, (unsigned char *)out) -#define php_sqlite_decode_binary(in, out) sqlite_decode_binary((const unsigned char *)in, (unsigned char *)out) +#define php_sqlite_decode_binary(in, out) in && *in ? sqlite_decode_binary((const unsigned char *)in, (unsigned char *)out) : 0 static int sqlite_count_elements(zval *object, long *count TSRMLS_DC); @@ -1133,7 +1133,7 @@ { php_info_print_table_start(); php_info_print_table_header(2, "SQLite support", "enabled"); - php_info_print_table_row(2, "PECL Module version", PHP_SQLITE_MODULE_VERSION " $Id: sqlite.c,v 1.166.2.13.2.7 2007/03/06 02:17:13 stas Exp $"); + php_info_print_table_row(2, "PECL Module version", PHP_SQLITE_MODULE_VERSION " $Id: sqlite.c,v 1.166.2.13.2.8 2007/05/05 15:36:15 iliaa Exp $"); php_info_print_table_row(2, "SQLite Library", sqlite_libversion()); php_info_print_table_row(2, "SQLite Encoding", sqlite_libencoding()); php_info_print_table_end(); ++++++ php5-phpbug-41293.patch ++++++ Index: main/php_content_types.c =================================================================== RCS file: /repository/php-src/main/php_content_types.c,v retrieving revision 1.32.2.1.2.2 retrieving revision 1.32.2.1.2.4 diff -u -r1.32.2.1.2.2 -r1.32.2.1.2.4 --- main/php_content_types.c 1 Apr 2007 19:09:36 -0000 1.32.2.1.2.2 +++ main/php_content_types.c 7 May 2007 23:27:59 -0000 1.32.2.1.2.4 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_content_types.c,v 1.32.2.1.2.2 2007/04/01 19:09:36 iliaa Exp $ */ +/* $Id: php_content_types.c,v 1.32.2.1.2.4 2007/05/07 23:27:59 iliaa Exp $ */ #include "php.h" #include "SAPI.h" @@ -37,21 +37,21 @@ */ SAPI_API SAPI_POST_READER_FUNC(php_default_post_reader) { - char *data = NULL; - int length = 0; + char *data; + int length; /* $HTTP_RAW_POST_DATA registration */ - if(!strcmp(SG(request_info).request_method, "POST")) { - if(NULL == SG(request_info).post_entry && SG(request_info).post_data) { + if (!strcmp(SG(request_info).request_method, "POST")) { + if (NULL == SG(request_info).post_entry) { /* no post handler registered, so we just swallow the data */ sapi_read_standard_form_data(TSRMLS_C); + } + + /* For unknown content types we create HTTP_RAW_POST_DATA even if always_populate_raw_post_data off, + * this is in-effecient, but we need to keep doing it for BC reasons (for now) */ + if ((PG(always_populate_raw_post_data) || NULL == SG(request_info).post_entry) && SG(request_info).post_data) { length = SG(request_info).post_data_length; data = estrndup(SG(request_info).post_data, length); - } else if(PG(always_populate_raw_post_data) && SG(request_info).post_data) { - length = SG(request_info).post_data_length; - data = estrndup(SG(request_info).post_data, length); - } - if(data) { SET_VAR_STRINGL("HTTP_RAW_POST_DATA", data, length); } } @@ -62,11 +62,10 @@ in the long run post handlers should be changed to not touch request_info.post_data for memory preservation reasons */ - if(SG(request_info).post_data) { + if (SG(request_info).post_data) { SG(request_info).raw_post_data = estrndup(SG(request_info).post_data, SG(request_info).post_data_length); SG(request_info).raw_post_data_length = SG(request_info).post_data_length; } - } /* }}} */ ++++++ php5-PMOPB-45-2007.patch ++++++ Index: ext/filter/logical_filters.c =================================================================== RCS file: /repository/php-src/ext/filter/logical_filters.c,v retrieving revision 1.1.2.21 retrieving revision 1.1.2.22 diff -u -r1.1.2.21 -r1.1.2.22 --- ext/filter/logical_filters.c 1 Jan 2007 09:36:00 -0000 1.1.2.21 +++ ext/filter/logical_filters.c 3 May 2007 23:38:27 -0000 1.1.2.22 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: logical_filters.c,v 1.1.2.21 2007/01/01 09:36:00 sebastian Exp $ */ +/* $Id: logical_filters.c,v 1.1.2.22 2007/05/03 23:38:27 iliaa Exp $ */ #include "php_filter.h" #include "filter_private.h" @@ -469,7 +469,7 @@ void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ - const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/"; + const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D"; pcre *re = NULL; pcre_extra *pcre_extra = NULL; ++++++ php5-test-fixes.patch ++++++ Index: Zend/zend_compile.c =================================================================== RCS file: /repository/ZendEngine2/zend_compile.c,v retrieving revision 1.647.2.27.2.37 diff -u -r1.647.2.27.2.37 zend_compile.c --- Zend/zend_compile.c 2 May 2007 17:24:15 -0000 1.647.2.27.2.37 +++ Zend/zend_compile.c 11 May 2007 12:59:33 -0000 @@ -1265,9 +1268,18 @@ void zend_do_receive_arg(zend_uchar op, znode *var, znode *offset, znode *initialization, znode *class_type, znode *varname, zend_uchar pass_by_reference TSRMLS_DC) { - zend_op *opline = get_next_op(CG(active_op_array) TSRMLS_CC); + zend_op *opline; zend_arg_info *cur_arg_info; + if (CG(active_op_array)->scope && + ((CG(active_op_array)->fn_flags & ZEND_ACC_STATIC) == 0) && + (Z_TYPE(varname->u.constant) == IS_STRING) && + (Z_STRLEN(varname->u.constant) == sizeof("this")-1) && + (memcmp(Z_STRVAL(varname->u.constant), "this", sizeof("this")) == 0)) { + zend_error(E_COMPILE_ERROR, "Cannot re-assign $this"); + } + + opline = get_next_op(CG(active_op_array) TSRMLS_CC); CG(active_op_array)->num_args++; opline->opcode = op; opline->result = *var; @@ -3801,7 +3813,11 @@ /* Change "write context" into "read context" */ fetch->extended_value = 0; /* reset ZEND_FE_RESET_VARIABLE */ while (fetch != end) { - (--fetch)->opcode -= 3; /* FETCH_W -> FETCH_R */ + --fetch; + if (fetch->opcode == ZEND_FETCH_DIM_W && fetch->op2.op_type == IS_UNUSED) { + zend_error(E_COMPILE_ERROR, "Cannot use [] for reading"); + } + fetch->opcode -= 3; /* FETCH_W -> FETCH_R */ } /* prevent double SWITCH_FREE */ zend_stack_top(&CG(foreach_copy_stack), (void **) &foreach_copy); Index: Zend/tests/double_to_string.phpt =================================================================== RCS file: /repository/ZendEngine2/tests/double_to_string.phpt,v retrieving revision 1.1.2.4 retrieving revision 1.1.2.5 diff -u -r1.1.2.4 -r1.1.2.5 --- Zend/tests/double_to_string.phpt 26 Apr 2007 23:29:34 -0000 1.1.2.4 +++ Zend/tests/double_to_string.phpt 4 May 2007 08:27:33 -0000 1.1.2.5 @@ -36,7 +36,7 @@ string(7) "2.9E+17" string(7) "2.9E+14" string(14) "29000000000000" -string(14) "29000000000000" +string(%d) "2%s" string(14) "29000000000001" string(13) "29000.7123123" string(15) "239234242.71231" ++++++ suhosin-0.9.19.tgz -> suhosin-0.9.20.tgz ++++++ ++++ 26781 lines of diff (skipped) ++++++ suhosin-patch-5.2.2-0.9.6.2.patch.gz ++++++ +++ empty output from diff against suhosin-patch-5.2.2-0.9.6.2.patch.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org