Hello community,
here is the log from the commit of package php5
checked in at Fri Feb 2 15:07:28 CET 2007.
--------
--- php5/php5.changes 2007-01-26 11:11:37.000000000 +0100
+++ /mounts/work_src_done/STABLE/php5/php5.changes 2007-01-30 11:16:26.000000000 +0100
@@ -1,0 +2,23 @@
+Tue Jan 30 11:08:09 CET 2007 - anosek@suse.cz
+
+- synced with BuildService
+ * file "session_mm_apache2handler0.sem" written at boot
+ [#229200] (php5-config.patch)
+ * for certain functionality php5-exif requires php5-mbstring
+ * php5-ldap requires php5-openssl
+ * remove LDAP_DEPRECATED from CFLAGS, module already
+ takes care of this.
+ * patch potential HTTP_SESSION_VARS et all hijack when
+ register_globals is On users from suhosin extension are
+ not affected.(php5-session-rgon-hijack.patch)
+ * on 10.2 and up php5-devel should require pcre-devel
+ sqlite-devel sqlite2-devel
+ * php5-devel is mostly useless without autoconf automake libtool
+ bison make gcc.
+ * added patches: phpbug-39350.patch
+ oldhat-phpinputdata-secfix.patch
+ ze2-fixes.patch
+ filter.patch
+ ext-lib64again.patch
+
+-------------------------------------------------------------------
New:
----
php5-ext-lib64again.patch
php5-filter.patch
php5-oldhat-phpinputdata-secfix.patch
php5-phpbug-39350.patch
php5-session-rgon-hijack.patch
php5-ze2-fixes.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ php5.spec ++++++
--- /var/tmp/diff_new_pack.WA3383/_old 2007-02-02 15:06:55.000000000 +0100
+++ /var/tmp/diff_new_pack.WA3383/_new 2007-02-02 15:06:55.000000000 +0100
@@ -51,7 +51,6 @@
%define peardir %{_datadir}/%{pkg_name}/PEAR
%define cgi_dir /srv/www/cgi-bin
%define php_sysconf %{_sysconfdir}/%{pkg_name}
-%define safemode_dir %{_libdir}/%{pkg_name}/bin
%define _x11prefix %(xft-config --prefix)
########################################
# apache macros
@@ -65,7 +64,7 @@
###
###
Version: 5.2.0
-Release: 25
+Release: 26
License: Other uncritical OpenSource License
Group: Productivity/Networking/Web/Servers
Provides: php zend php-xml php-spl php-simplexml php-session php-pcre php-date php-reflection php-filter
@@ -87,13 +86,24 @@
Patch4: php5-php-config.patch
#home made hack to really build against libedit
Patch5: php5-really-with-libedit.patch
-Patch6: php5-5.2.0-curl-cvs-fix.patch
%if %{with_suhosin_patch}
-Patch7: suhosin-patch-5.2.0-%{suhosin_patch_version}.patch.gz
-Patch8: suhosin-patch-fixes.patch
+Patch6: suhosin-patch-5.2.0-%{suhosin_patch_version}.patch.gz
+Patch7: suhosin-patch-fixes.patch
%endif
-Patch9: php-%{version}-save_path-secfix.patch
-Patch10: php5-5.2.0-strcmp.patch
+Patch8: php5-phpbug-39350.patch
+# the following gotcha,well known since 2004,was recently fixed.
+# see http://blog.php-security.org/archives/45-PHP-5.2.0-and-allow_url_include.htm...
+Patch9: php5-oldhat-phpinputdata-secfix.patch
+# see phpbug#39320 and
+Patch10: php5-ze2-fixes.patch
+# see http://news.php.net/php.internals/26171 and 39358 and.. (pending bug number)
+Patch11: php5-filter.patch
+Patch12: php5-session-rgon-hijack.patch
+# it still forget lib64..
+Patch13: php5-ext-lib64again.patch
+Patch14: php5-5.2.0-curl-cvs-fix.patch
+Patch15: php5-5.2.0-strcmp.patch
+Patch16: php-%{version}-save_path-secfix.patch
URL: http://www.php.net
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Icon: php5.xpm
@@ -118,7 +128,10 @@
Provides: php-devel pecl
Summary: Include files of PHP5
Group: Development/Libraries/C and C++
-Requires: %{name} = %{version}
+Requires: %{name} = %{version} autoconf automake libtool bison make gcc
+%if 0%{?suse_version} > 1010
+Requires: pcre-devel sqlite-devel sqlite2-devel
+%endif
Conflicts: php4-devel
%description devel
@@ -344,7 +357,7 @@
Provides: php-exif
Summary: PHP5 Extension Module
Group: Productivity/Networking/Web/Servers
-Requires: %{name} = %{version}
+Requires: %{name} = %{version} %{name}-mbstring = %{version}
%description exif
PHP functions for extracting EXIF (metadata from images) information
@@ -361,7 +374,7 @@
Provides: php-ftp
Summary: PHP5 Extension Module
Group: Productivity/Networking/Web/Servers
-Requires: %{name} = %{version} php5-openssl = %{version}
+Requires: %{name} = %{version} %{name}-openssl = %{version}
%description ftp
PHP functions for access to file servers speaking the File Transfer
@@ -497,7 +510,7 @@
Provides: php-ldap
Summary: PHP5 Extension Module
Group: Productivity/Networking/Web/Servers
-Requires: %{name} = %{version}
+Requires: %{name} = %{version} %{name}-openssl = %{version}
%description ldap
PHP interface to Lightweight Directory Access Protocol (LDAP).
@@ -1051,13 +1064,19 @@
%patch3 -p1
%patch4
%patch5
-%patch6
%if %{with_suhosin_patch}
-%patch7 -p1
-%patch8
+%patch6 -p1
+%patch7
%endif
+%patch8
%patch9
%patch10
+%patch11
+%patch12
+%patch13
+%patch14
+%patch15
+%patch16
# we build three SAPI
mkdir -p build-apache2
mkdir -p build-fastcgi/sapi/cgi/libfcgi
@@ -1075,19 +1094,24 @@
done
%build
+#get rid of bundled libraries which are not used in 10.2 and later
+%if 0%{?suse_version} > 1010
+%{__rm} -rf ext/pcre/pcrelib ext/pdo_sqlite/sqlite
+%endif
# regenerate configure etc.
# workaround: suhosin-patch updates timestamp of configure, confusing buildconf
rm configure
./buildconf --force
# export flags
-CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -D_GNU_SOURCE -DLDAP_DEPRECATED"
-CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -D_GNU_SOURCE -DLDAP_DEPRECATED"
+CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -D_GNU_SOURCE -pipe"
+CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -D_GNU_SOURCE -pipe"
%if 0%{?suse_version} > 1000
CFLAGS="$CFLAGS -fstack-protector"
CXXFLAGS="$CFLAGS -fstack-protector"
%endif
export CFLAGS
export CXXFLAGS
+export NO_INTERACTION=true
# where to install extensions
EXTENSION_DIR=%{extension_dir}
export EXTENSION_DIR
@@ -1107,9 +1131,7 @@
--sysconfdir=%{php_sysconf}/$sapi \
--with-config-file-path=%{php_sysconf}/$sapi \
--with-config-file-scan-dir=%{php_sysconf}/conf.d \
- --with-exec-dir=%{safemode_dir} \
--enable-libxml \
- --enable-filter \
--enable-session \
--with-mm \
%if 0%{?suse_version} > 1010
@@ -1120,10 +1142,13 @@
--enable-xml \
--enable-simplexml \
--enable-spl \
+ --enable-filter \
--disable-debug \
--enable-memory-limit \
--enable-inline-optimization \
--disable-rpath \
+ --disable-static \
+ --program-suffix=5 \
"$@"
# Some modules are builtin, reasons:
# - libxml can not be shared (and is needed by PEAR)
@@ -1132,7 +1157,7 @@
# - session need to be builtin, otherwise sqlite and other session engines fail
# - pcre is needed for PEAR
# - filter is builtin due security reasons
- make %{?jobs:-j%jobs PHP_PEAR_PHP_BIN=%{_bindir}/%{pkg_name}}
+ %{__make} %{?jobs:-j%jobs PHP_PEAR_PHP_BIN=%{_bindir}/%{pkg_name}}
popd
}
# perform all builds
@@ -1204,7 +1229,7 @@
--with-ncurses=shared \
--with-unixODBC=shared,%{_usr} \
--with-openssl=shared \
- --with-pgsql=shared \
+ --with-pgsql=shared,%{_usr} \
%if %{with_spell}
--with-pspell=shared \
%endif
@@ -1251,7 +1276,7 @@
Install()
{
pushd build-$1
- make install INSTALL_ROOT=$RPM_BUILD_ROOT PHP_PEAR_PHP_BIN=%{_bindir}/%{pkg_name}
+ %{__make} install INSTALL_ROOT=$RPM_BUILD_ROOT PHP_PEAR_PHP_BIN=%{_bindir}/%{pkg_name}
popd
}
# do the actual installation
@@ -1298,20 +1323,19 @@
install -m 644 php-suse-addons/sysconfig.apache2 $RPM_BUILD_ROOT/%{apache2_sysconfdir}/conf.d/%{pkg_name}.conf
# rename to php5
pushd $RPM_BUILD_ROOT%{cgi_dir}
-mv php php5
-rm php-config phpize
+#mv php php5
+rm php-config5 phpize5
popd
pushd $RPM_BUILD_ROOT/%{_bindir}
-mv php php5
+#mv php php5
mv pear pear5
+mv pecl pecl5
popd
-pushd $RPM_BUILD_ROOT/%{_mandir}/man1
-mv php.1 php5.1
-popd
+#pushd $RPM_BUILD_ROOT/%{_mandir}/man1
+#mv php.1 php5.1
+#popd
# directory for sessions
install -d $RPM_BUILD_ROOT/var/lib/%{pkg_name}
-# directory for safe mode
-install -d $RPM_BUILD_ROOT/%{safemode_dir}
# documentation
mv sapi/cli/README README.CLI
mv sapi/cgi/README.FastCGI README.FastCGI
@@ -1339,6 +1363,29 @@
update-alternatives --remove pear %{_bindir}/pear5
fi
+%post devel
+#phpize
+test -L ${RPM_BUILD_ROOT}%{_bindir}/phpize || rm -f ${RPM_BUILD_ROOT}%{_bindir}/phpize
+update-alternatives --install %{_bindir}/phpize phpize %{_bindir}/phpize5 5 \
+ --slave %{_mandir}/man1/phpize.1.gz phpize.1 %{_mandir}/man1/phpize5.1.gz
+update-alternatives --auto phpize
+#php-config
+test -L ${RPM_BUILD_ROOT}%{_bindir}/php-config || rm -f ${RPM_BUILD_ROOT}%{_bindir}/php-config
+update-alternatives --install %{_bindir}/php-config php-config %{_bindir}/php-config5 5 \
+ --slave %{_mandir}/man1/phpize.1.gz php-config.1 %{_mandir}/man1/php-config5.1.gz
+update-alternatives --auto php-config
+#pecl
+test -L ${RPM_BUILD_ROOT}%{_bindir}/pecl || rm -f ${RPM_BUILD_ROOT}%{_bindir}/pecl
+update-alternatives --install %{_bindir}/pecl pecl %{_bindir}/pecl5 5
+update-alternatives --auto pecl
+
+%preun devel
+if [ $1 -eq 0 ]; then
+ update-alternatives --remove phpize %{_bindir}/phpize5
+ update-alternatives --remove pecl %{_bindir}/pecl5
+ update-alternatives --remove php-config %{_bindir}/php-config5
+fi
+
%post -n apache2-mod_php5
if a2enmod -q php4 && ! a2enmod -q php5; then
a2dismod php4
@@ -1358,7 +1405,7 @@
%config(noreplace) %{php_sysconf}/cli/php.ini
%{_bindir}/%{pkg_name}
%dir %{_libdir}/%{pkg_name}
-%dir %{safemode_dir}
+#%dir %{safemode_dir}
%dir %{extension_dir}
%dir %{_datadir}/%{pkg_name}
%attr(0755, wwwrun, root) %dir /var/lib/%{pkg_name}
@@ -1366,9 +1413,9 @@
%files devel
%defattr(-, root, root)
%{_includedir}/%{pkg_name}
-%{_bindir}/phpize
-%{_bindir}/php-config
-%{_bindir}/pecl
+%{_bindir}/phpize5
+%{_bindir}/php-config5
+%{_bindir}/pecl5
%{_datadir}/%{pkg_name}/build
%files pear
@@ -1644,6 +1691,26 @@
%config(noreplace) %{php_sysconf}/conf.d/zlib.ini
%changelog -n php5
+* Tue Jan 30 2007 - anosek@suse.cz
+- synced with BuildService
+ * file "session_mm_apache2handler0.sem" written at boot
+ [#229200] (php5-config.patch)
+ * for certain functionality php5-exif requires php5-mbstring
+ * php5-ldap requires php5-openssl
+ * remove LDAP_DEPRECATED from CFLAGS, module already
+ takes care of this.
+ * patch potential HTTP_SESSION_VARS et all hijack when
+ register_globals is On users from suhosin extension are
+ not affected.(php5-session-rgon-hijack.patch)
+ * on 10.2 and up php5-devel should require pcre-devel
+ sqlite-devel sqlite2-devel
+ * php5-devel is mostly useless without autoconf automake libtool
+ bison make gcc.
+ * added patches: phpbug-39350.patch
+ oldhat-phpinputdata-secfix.patch
+ ze2-fixes.patch
+ filter.patch
+ ext-lib64again.patch
* Fri Jan 26 2007 - mmarek@suse.cz
- fixed string comparison in xmlrpc module (strcmp.patch)
- allways apply %%patch9
++++++ php5-config.patch ++++++
--- /var/tmp/diff_new_pack.WA3383/_old 2007-02-02 15:06:56.000000000 +0100
+++ /var/tmp/diff_new_pack.WA3383/_new 2007-02-02 15:06:56.000000000 +0100
@@ -4,7 +4,7 @@
retrieving revision 1.179.2.11.2.12
diff -u -r1.179.2.11.2.12 php.ini-recommended
--- php.ini-recommended 14 Oct 2006 15:06:11 -0000 1.179.2.11.2.12
-+++ php.ini-recommended 8 Nov 2006 04:34:06 -0000
++++ php.ini-recommended 3 Jan 2007 07:44:13 -0000
@@ -390,7 +390,7 @@
; Disable the inclusion of HTML tags in error messages.
@@ -272,6 +272,15 @@
[Session]
; Handler used to store/retrieve data.
+@@ -966,7 +807,7 @@
+ ;
+ ; where MODE is the octal representation of the mode. Note that this
+ ; does not overwrite the process's umask.
+-;session.save_path = "/tmp"
++session.save_path = "/var/lib/php5"
+
+ ; Whether to use cookies.
+ session.use_cookies = 1
@@ -975,7 +816,7 @@
; This option enables administrators to make their users invulnerable to
++++++ php5-ext-lib64again.patch ++++++
Index: ext/mcrypt/config.m4
===================================================================
RCS file: /repository/php-src/ext/mcrypt/config.m4,v
retrieving revision 1.31
diff -u -r1.31 config.m4
--- ext/mcrypt/config.m4 29 May 2005 23:16:41 -0000 1.31
+++ ext/mcrypt/config.m4 23 Dec 2006 03:26:31 -0000
@@ -45,13 +45,13 @@
],[
AC_MSG_ERROR([Sorry, I was not able to diagnose which libmcrypt version you have installed.])
],[
- -L$MCRYPT_DIR/lib
+ -L$MCRYPT_DIR/$PHP_LIBDIR
])
],[
- -L$MCRYPT_DIR/lib -lltdl
+ -L$MCRYPT_DIR/$PHP_LIBDIR -lltdl
])
- PHP_ADD_LIBRARY_WITH_PATH(mcrypt, $MCRYPT_DIR/lib, MCRYPT_SHARED_LIBADD)
+ PHP_ADD_LIBRARY_WITH_PATH(mcrypt, $MCRYPT_DIR/$PHP_LIBDIR, MCRYPT_SHARED_LIBADD)
PHP_ADD_INCLUDE($MCRYPT_DIR/include)
PHP_SUBST(MCRYPT_SHARED_LIBADD)
Index: ext/mhash/config.m4
===================================================================
RCS file: /repository/php-src/ext/mhash/config.m4,v
retrieving revision 1.15
diff -u -r1.15 config.m4
--- ext/mhash/config.m4 29 May 2005 23:16:41 -0000 1.15
+++ ext/mhash/config.m4 23 Dec 2006 03:26:31 -0000
@@ -15,7 +15,7 @@
fi
PHP_ADD_INCLUDE($MHASH_DIR/include)
- PHP_ADD_LIBRARY_WITH_PATH(mhash, $MHASH_DIR/lib, MHASH_SHARED_LIBADD)
+ PHP_ADD_LIBRARY_WITH_PATH(mhash, $MHASH_DIR/$PHP_LIBDIR, MHASH_SHARED_LIBADD)
PHP_NEW_EXTENSION(mhash, mhash.c, $ext_shared)
PHP_SUBST(MHASH_SHARED_LIBADD)
Index: ext/pdo_sqlite/config.m4
===================================================================
RCS file: /repository/php-src/ext/pdo_sqlite/config.m4,v
retrieving revision 1.26.2.9.2.2
diff -u -r1.26.2.9.2.2 config.m4
--- ext/pdo_sqlite/config.m4 9 Sep 2006 21:14:05 -0000 1.26.2.9.2.2
+++ ext/pdo_sqlite/config.m4 23 Dec 2006 03:26:31 -0000
@@ -54,12 +54,12 @@
PHP_CHECK_LIBRARY($LIBNAME,$LIBSYMBOL,
[
- PHP_ADD_LIBRARY_WITH_PATH($LIBNAME, $PDO_SQLITE_DIR/lib, PDO_SQLITE_SHARED_LIBADD)
+ PHP_ADD_LIBRARY_WITH_PATH($LIBNAME, $PDO_SQLITE_DIR/$PHP_LIBDIR, PDO_SQLITE_SHARED_LIBADD)
AC_DEFINE(HAVE_PDO_SQLITELIB,1,[ ])
],[
AC_MSG_ERROR([wrong sqlite lib version or lib not found])
],[
- -L$PDO_SQLITE_DIR/lib -lm
+ -L$PDO_SQLITE_DIR/$PHP_LIBDIR -lm
])
PHP_CHECK_LIBRARY(sqlite3,sqlite3_key,[
AC_DEFINE(HAVE_SQLITE3_KEY,1, [have commercial sqlite3 with crypto support])
Index: ext/tidy/config.m4
===================================================================
RCS file: /repository/php-src/ext/tidy/config.m4,v
retrieving revision 1.5
diff -u -r1.5 config.m4
--- ext/tidy/config.m4 29 May 2005 23:16:45 -0000 1.5
+++ ext/tidy/config.m4 23 Dec 2006 03:26:36 -0000
@@ -27,7 +27,7 @@
AC_MSG_ERROR(Cannot find libtidy)
fi
- TIDY_LIBDIR=$TIDY_DIR/lib
+ TIDY_LIBDIR=$TIDY_DIR/$PHP_LIBDIR
PHP_ADD_LIBRARY_WITH_PATH(tidy, $TIDY_LIBDIR, TIDY_SHARED_LIBADD)
PHP_ADD_INCLUDE($TIDY_INCDIR)
++++++ php5-filter.patch ++++++
Index: ext/filter/callback_filter.c
===================================================================
RCS file: /repository/php-src/ext/filter/callback_filter.c,v
retrieving revision 1.9.2.1
retrieving revision 1.9.2.2
diff -u -r1.9.2.1 -r1.9.2.2
--- ext/filter/callback_filter.c 19 Jul 2006 08:35:55 -0000 1.9.2.1
+++ ext/filter/callback_filter.c 3 Nov 2006 13:53:24 -0000 1.9.2.2
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: callback_filter.c,v 1.9.2.1 2006/07/19 08:35:55 tony2001 Exp $ */
+/* $Id: callback_filter.c,v 1.9.2.2 2006/11/03 13:53:24 iliaa Exp $ */
#include "php_filter.h"
@@ -39,9 +39,10 @@
status = call_user_function_ex(EG(function_table), NULL, option_array, &retval_ptr, 1, args, 0, NULL TSRMLS_CC);
if (status == SUCCESS && retval_ptr != NULL) {
- zval_dtor(value);
- *value = *retval_ptr;
- zval_copy_ctor(value);
+ if (retval_ptr != value) {
+ zval_dtor(value);
+ COPY_PZVAL_TO_ZVAL(*value, retval_ptr);
+ }
} else {
zval_dtor(value);
Z_TYPE_P(value) = IS_NULL;
Index: ext/filter/config.m4
===================================================================
RCS file: /repository/php-src/ext/filter/config.m4,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- ext/filter/config.m4 14 Jan 2006 15:04:12 -0000 1.6
+++ ext/filter/config.m4 3 Nov 2006 20:08:38 -0000 1.6.2.1
@@ -1,4 +1,4 @@
-dnl $Id: config.m4,v 1.6 2006/01/14 15:04:12 sniper Exp $
+dnl $Id: config.m4,v 1.6.2.1 2006/11/03 20:08:38 iliaa Exp $
dnl config.m4 for input filtering extension
PHP_ARG_ENABLE(filter, whether to enable input filter support,
@@ -91,5 +91,5 @@
PHP_NEW_EXTENSION(filter, filter.c sanitizing_filters.c logical_filters.c callback_filter.c, $ext_shared)
PHP_SUBST(FILTER_SHARED_LIBADD)
- PHP_INSTALL_HEADERS([$ext_srcdir/php_filter.h])
+ PHP_INSTALL_HEADERS([ext/filter/php_filter.h])
fi
Index: sapi/apache2handler/sapi_apache2.c
===================================================================
RCS file: /repository/php-src/sapi/apache2handler/sapi_apache2.c,v
retrieving revision 1.57.2.10.2.6
retrieving revision 1.57.2.10.2.7
diff -u -r1.57.2.10.2.6 -r1.57.2.10.2.7
--- sapi/apache2handler/sapi_apache2.c 10 Aug 2006 13:43:18 -0000 1.57.2.10.2.6
+++ sapi/apache2handler/sapi_apache2.c 3 Nov 2006 13:51:47 -0000 1.57.2.10.2.7
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: sapi_apache2.c,v 1.57.2.10.2.6 2006/08/10 13:43:18 tony2001 Exp $ */
+/* $Id: sapi_apache2.c,v 1.57.2.10.2.7 2006/11/03 13:51:47 iliaa Exp $ */
#define ZEND_INCLUDE_FULL_WINDOWS_HEADERS
@@ -232,13 +232,20 @@
php_struct *ctx = SG(server_context);
const apr_array_header_t *arr = apr_table_elts(ctx->r->subprocess_env);
char *key, *val;
+ int new_val_len;
APR_ARRAY_FOREACH_OPEN(arr, key, val)
- if (!val) val = "";
- php_register_variable(key, val, track_vars_array TSRMLS_CC);
+ if (!val) {
+ val = "";
+ }
+ if (sapi_module.input_filter(PARSE_SERVER, key, &val, strlen(val), &new_val_len TSRMLS_CC)) {
+ php_register_variable_safe(key, val, new_val_len, track_vars_array TSRMLS_CC);
+ }
APR_ARRAY_FOREACH_CLOSE()
- php_register_variable("PHP_SELF", ctx->r->uri, track_vars_array TSRMLS_CC);
+ if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &ctx->r->uri, strlen(ctx->r->uri), &new_val_len TSRMLS_CC)) {
+ php_register_variable_safe("PHP_SELF", ctx->r->uri, new_val_len, track_vars_array TSRMLS_CC);
+ }
}
static void
Index: sapi/cgi/cgi_main.c
===================================================================
RCS file: /repository/php-src/sapi/cgi/cgi_main.c,v
retrieving revision 1.267.2.15.2.13
retrieving revision 1.267.2.15.2.15
diff -u -r1.267.2.15.2.13 -r1.267.2.15.2.15
--- sapi/cgi/cgi_main.c 23 Sep 2006 12:27:40 -0000 1.267.2.15.2.13
+++ sapi/cgi/cgi_main.c 3 Nov 2006 16:40:52 -0000 1.267.2.15.2.15
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: cgi_main.c,v 1.267.2.15.2.13 2006/09/23 12:27:40 tony2001 Exp $ */
+/* $Id: cgi_main.c,v 1.267.2.15.2.15 2006/11/03 16:40:52 pajoye Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -490,7 +490,10 @@
zend_hash_get_current_key_ex(&request->env, &var, &var_len, &idx, 0, &pos) == HASH_KEY_IS_STRING &&
zend_hash_get_current_data_ex(&request->env, (void **) &val, &pos) == SUCCESS;
zend_hash_move_forward_ex(&request->env, &pos)) {
- php_register_variable(var, *val, array_ptr TSRMLS_CC);
+ int new_val_len;
+ if (sapi_module.input_filter(PARSE_SERVER, var, val, strlen(*val), &new_val_len TSRMLS_CC)) {
+ php_register_variable_safe(var, *val, new_val_len, array_ptr TSRMLS_CC);
+ }
}
PG(magic_quotes_gpc) = magic_quotes_gpc;
}
@@ -499,12 +502,16 @@
static void sapi_cgi_register_variables(zval *track_vars_array TSRMLS_DC)
{
+ int new_val_len;
+ char *val = SG(request_info).request_uri ? SG(request_info).request_uri : "";
/* In CGI mode, we consider the environment to be a part of the server
* variables
*/
php_import_environment_variables(track_vars_array TSRMLS_CC);
/* Build the special-case PHP_SELF variable for the CGI version */
- php_register_variable("PHP_SELF", (SG(request_info).request_uri ? SG(request_info).request_uri : ""), track_vars_array TSRMLS_CC);
+ if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &val, strlen(val), &new_val_len TSRMLS_CC)) {
+ php_register_variable_safe("PHP_SELF", val, new_val_len, track_vars_array TSRMLS_CC);
+ }
}
static void sapi_cgi_log_message(char *message)
++++++ php5-oldhat-phpinputdata-secfix.patch ++++++
Index: main/streams/memory.c
===================================================================
RCS file: /repository/php-src/main/streams/memory.c,v
retrieving revision 1.8.2.6.2.8
retrieving revision 1.8.2.6.2.9
diff -u -r1.8.2.6.2.8 -r1.8.2.6.2.9
--- main/streams/memory.c 29 Jun 2006 14:40:49 -0000 1.8.2.6.2.8
+++ main/streams/memory.c 4 Nov 2006 20:43:28 -0000 1.8.2.6.2.9
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: memory.c,v 1.8.2.6.2.8 2006/06/29 14:40:49 bjori Exp $ */
+/* $Id: memory.c,v 1.8.2.6.2.9 2006/11/04 20:43:28 rasmus Exp $ */
#define _GNU_SOURCE
#include "php.h"
@@ -708,7 +708,7 @@
php_stream_wrapper php_stream_rfc2397_wrapper = {
&php_stream_rfc2397_wops,
NULL,
- 0, /* is_url */
+ 1, /* is_url */
};
/*
Index: ext/standard/php_fopen_wrapper.c
===================================================================
RCS file: /repository/php-src/ext/standard/php_fopen_wrapper.c,v
retrieving revision 1.45.2.4.2.2
retrieving revision 1.45.2.4.2.4
diff -u -r1.45.2.4.2.2 -r1.45.2.4.2.4
--- ext/standard/php_fopen_wrapper.c 5 Jul 2006 17:38:14 -0000 1.45.2.4.2.2
+++ ext/standard/php_fopen_wrapper.c 5 Nov 2006 20:08:58 -0000 1.45.2.4.2.4
@@ -17,7 +17,7 @@
| Hartmut Holzgraefe |
+----------------------------------------------------------------------+
*/
-/* $Id: php_fopen_wrapper.c,v 1.45.2.4.2.2 2006/07/05 17:38:14 iliaa Exp $ */
+/* $Id: php_fopen_wrapper.c,v 1.45.2.4.2.4 2006/11/05 20:08:58 rasmus Exp $ */
#include
#include
@@ -187,15 +187,57 @@
}
if (!strcasecmp(path, "input")) {
+ if ((options & STREAM_OPEN_FOR_INCLUDE) && !PG(allow_url_include) ) {
+ if (options & REPORT_ERRORS) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL file-access is disabled in the server configuration");
+ }
+ return NULL;
+ }
return php_stream_alloc(&php_stream_input_ops, ecalloc(1, sizeof(off_t)), 0, "rb");
- }
+ }
if (!strcasecmp(path, "stdin")) {
- fd = !strcmp(sapi_module.name, "cli") ? STDIN_FILENO : dup(STDIN_FILENO);
+ if ((options & STREAM_OPEN_FOR_INCLUDE) && !PG(allow_url_include) ) {
+ if (options & REPORT_ERRORS) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "URL file-access is disabled in the server configuration");
+ }
+ return NULL;
+ }
+ if (!strcmp(sapi_module.name, "cli")) {
+ static int cli_in = 0;
+ fd = STDIN_FILENO;
+ if (cli_in) {
+ fd = dup(fd);
+ } else {
+ cli_in = 1;
+ }
+ } else {
+ fd = dup(STDIN_FILENO);
+ }
} else if (!strcasecmp(path, "stdout")) {
- fd = !strcmp(sapi_module.name, "cli") ? STDOUT_FILENO : dup(STDOUT_FILENO);
+ if (!strcmp(sapi_module.name, "cli")) {
+ static int cli_out = 0;
+ fd = STDOUT_FILENO;
+ if (cli_out++) {
+ fd = dup(fd);
+ } else {
+ cli_out = 1;
+ }
+ } else {
+ fd = dup(STDOUT_FILENO);
+ }
} else if (!strcasecmp(path, "stderr")) {
- fd = !strcmp(sapi_module.name, "cli") ? STDERR_FILENO : dup(STDERR_FILENO);
+ if (!strcmp(sapi_module.name, "cli")) {
+ static int cli_err = 0;
+ fd = STDERR_FILENO;
+ if (cli_err++) {
+ fd = dup(fd);
+ } else {
+ cli_err = 1;
+ }
+ } else {
+ fd = dup(STDERR_FILENO);
+ }
} else if (!strncasecmp(path, "filter/", 7)) {
/* Save time/memory when chain isn't specified */
if (strchr(mode, 'r') || strchr(mode, '+')) {
++++++ php5-phpbug-39350.patch ++++++
Index: ext/standard/string.c
===================================================================
RCS file: /repository/php-src/ext/standard/string.c,v
retrieving revision 1.445.2.14.2.27
retrieving revision 1.445.2.14.2.28
diff -u -r1.445.2.14.2.27 -r1.445.2.14.2.28
--- ext/standard/string.c 11 Oct 2006 14:19:55 -0000 1.445.2.14.2.27
+++ ext/standard/string.c 6 Nov 2006 17:21:05 -0000 1.445.2.14.2.28
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: string.c,v 1.445.2.14.2.27 2006/10/11 14:19:55 iliaa Exp $ */
+/* $Id: string.c,v 1.445.2.14.2.28 2006/11/06 17:21:05 iliaa Exp $ */
/* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */
@@ -955,7 +955,12 @@
}
smart_str_0(&implstr);
- RETURN_STRINGL(implstr.c, implstr.len, 0);
+ if (implstr.len) {
+ RETURN_STRINGL(implstr.c, implstr.len, 0);
+ } else {
+ smart_str_free(&implstr);
+ RETURN_EMPTY_STRING();
+ }
}
/* }}} */
++++++ php5-session-rgon-hijack.patch ++++++
Index: ext/session/mod_files.c
===================================================================
RCS file: /repository/php-src/ext/session/mod_files.c,v
retrieving revision 1.100.2.3.2.2
retrieving revision 1.100.2.3.2.3
diff -u -r1.100.2.3.2.2 -r1.100.2.3.2.3
--- ext/session/mod_files.c 8 Aug 2006 14:54:49 -0000 1.100.2.3.2.2
+++ ext/session/mod_files.c 1 Jan 2007 09:36:05 -0000 1.100.2.3.2.3
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_files.c,v 1.100.2.3.2.2 2006/08/08 14:54:49 iliaa Exp $ */
+/* $Id: mod_files.c,v 1.100.2.3.2.3 2007/01/01 09:36:05 sebastian Exp $ */
#include "php.h"
Index: ext/session/mod_files.h
===================================================================
RCS file: /repository/php-src/ext/session/mod_files.h,v
retrieving revision 1.11.2.1
retrieving revision 1.11.2.1.2.1
diff -u -r1.11.2.1 -r1.11.2.1.2.1
--- ext/session/mod_files.h 1 Jan 2006 12:50:12 -0000 1.11.2.1
+++ ext/session/mod_files.h 1 Jan 2007 09:36:05 -0000 1.11.2.1.2.1
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_files.h,v 1.11.2.1 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: mod_files.h,v 1.11.2.1.2.1 2007/01/01 09:36:05 sebastian Exp $ */
#ifndef MOD_FILES_H
#define MOD_FILES_H
Index: ext/session/mod_files.sh
===================================================================
RCS file: /repository/php-src/ext/session/mod_files.sh,v
retrieving revision 1.2
retrieving revision 1.2.4.1
diff -u -r1.2 -r1.2.4.1
--- ext/session/mod_files.sh 20 Jun 2005 13:37:32 -0000 1.2
+++ ext/session/mod_files.sh 3 Nov 2006 13:19:07 -0000 1.2.4.1
@@ -20,5 +20,5 @@
for i in $hash_chars; do
newpath="$1/$i"
mkdir $newpath || exit 1
- sh $0 $newpath `expr $2 - 1 $3`
+ sh $0 $newpath `expr $2 - 1` $3
done
Index: ext/session/mod_mm.c
===================================================================
RCS file: /repository/php-src/ext/session/mod_mm.c,v
retrieving revision 1.46.2.1
retrieving revision 1.46.2.1.2.1
diff -u -r1.46.2.1 -r1.46.2.1.2.1
--- ext/session/mod_mm.c 1 Jan 2006 12:50:12 -0000 1.46.2.1
+++ ext/session/mod_mm.c 1 Jan 2007 09:36:05 -0000 1.46.2.1.2.1
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_mm.c,v 1.46.2.1 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: mod_mm.c,v 1.46.2.1.2.1 2007/01/01 09:36:05 sebastian Exp $ */
#include "php.h"
Index: ext/session/mod_mm.h
===================================================================
RCS file: /repository/php-src/ext/session/mod_mm.h,v
retrieving revision 1.12.2.1
retrieving revision 1.12.2.1.2.1
diff -u -r1.12.2.1 -r1.12.2.1.2.1
--- ext/session/mod_mm.h 1 Jan 2006 12:50:12 -0000 1.12.2.1
+++ ext/session/mod_mm.h 1 Jan 2007 09:36:05 -0000 1.12.2.1.2.1
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_mm.h,v 1.12.2.1 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: mod_mm.h,v 1.12.2.1.2.1 2007/01/01 09:36:05 sebastian Exp $ */
#ifndef MOD_MM_H
#define MOD_MM_H
Index: ext/session/mod_user.c
===================================================================
RCS file: /repository/php-src/ext/session/mod_user.c,v
retrieving revision 1.29.2.1
retrieving revision 1.29.2.1.2.1
diff -u -r1.29.2.1 -r1.29.2.1.2.1
--- ext/session/mod_user.c 1 Jan 2006 12:50:12 -0000 1.29.2.1
+++ ext/session/mod_user.c 1 Jan 2007 09:36:05 -0000 1.29.2.1.2.1
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_user.c,v 1.29.2.1 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: mod_user.c,v 1.29.2.1.2.1 2007/01/01 09:36:05 sebastian Exp $ */
#include "php.h"
#include "php_session.h"
Index: ext/session/mod_user.h
===================================================================
RCS file: /repository/php-src/ext/session/mod_user.h,v
retrieving revision 1.14.2.1
retrieving revision 1.14.2.1.2.1
diff -u -r1.14.2.1 -r1.14.2.1.2.1
--- ext/session/mod_user.h 1 Jan 2006 12:50:12 -0000 1.14.2.1
+++ ext/session/mod_user.h 1 Jan 2007 09:36:05 -0000 1.14.2.1.2.1
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_user.h,v 1.14.2.1 2006/01/01 12:50:12 sniper Exp $ */
+/* $Id: mod_user.h,v 1.14.2.1.2.1 2007/01/01 09:36:05 sebastian Exp $ */
#ifndef MOD_USER_H
#define MOD_USER_H
Index: ext/session/php_session.h
===================================================================
RCS file: /repository/php-src/ext/session/php_session.h,v
retrieving revision 1.101.2.2.2.3
retrieving revision 1.101.2.2.2.4
diff -u -r1.101.2.2.2.3 -r1.101.2.2.2.4
--- ext/session/php_session.h 6 Oct 2006 21:11:36 -0000 1.101.2.2.2.3
+++ ext/session/php_session.h 1 Jan 2007 09:36:05 -0000 1.101.2.2.2.4
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_session.h,v 1.101.2.2.2.3 2006/10/06 21:11:36 iliaa Exp $ */
+/* $Id: php_session.h,v 1.101.2.2.2.4 2007/01/01 09:36:05 sebastian Exp $ */
#ifndef PHP_SESSION_H
#define PHP_SESSION_H
Index: ext/session/session.c
===================================================================
RCS file: /repository/php-src/ext/session/session.c,v
retrieving revision 1.417.2.8.2.16
retrieving revision 1.417.2.8.2.24
diff -u -r1.417.2.8.2.16 -r1.417.2.8.2.24
--- ext/session/session.c 6 Oct 2006 21:11:36 -0000 1.417.2.8.2.16
+++ ext/session/session.c 1 Jan 2007 09:36:06 -0000 1.417.2.8.2.24
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2006 The PHP Group |
+ | Copyright (c) 1997-2007 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: session.c,v 1.417.2.8.2.16 2006/10/06 21:11:36 iliaa Exp $ */
+/* $Id: session.c,v 1.417.2.8.2.24 2007/01/01 09:36:06 sebastian Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -153,13 +153,17 @@
if (stage == PHP_INI_STAGE_RUNTIME) {
char *p;
+ if (memchr(new_value, '\0', new_value_length) != NULL) {
+ return FAILURE;
+ }
+
if ((p = zend_memrchr(new_value, ';', new_value_length))) {
p++;
} else {
p = new_value;
}
- if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+ if (PG(safe_mode) && (!php_checkuid(p, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
return FAILURE;
}
@@ -272,7 +276,7 @@
static void php_rinit_session_globals(TSRMLS_D);
static void php_rshutdown_session_globals(TSRMLS_D);
-static zend_bool php_session_destroy(TSRMLS_D);
+static int php_session_destroy(TSRMLS_D);
zend_module_entry session_module_entry = {
STANDARD_MODULE_HEADER,
@@ -465,13 +469,26 @@
PHP_VAR_UNSERIALIZE_INIT(var_hash);
for (p = val; p < endptr; ) {
+ zval **tmp;
namelen = *p & (~PS_BIN_UNDEF);
+
+ if (namelen > PS_BIN_MAX || (p + namelen) >= endptr) {
+ return FAILURE;
+ }
+
has_value = *p & PS_BIN_UNDEF ? 0 : 1;
name = estrndup(p + 1, namelen);
-
+
p += namelen + 1;
-
+
+ if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) {
+ if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) {
+ efree(name);
+ continue;
+ }
+ }
+
if (has_value) {
ALLOC_INIT_ZVAL(current);
if (php_var_unserialize(¤t, (const unsigned char **) &p, (const unsigned char *) endptr, &var_hash TSRMLS_CC)) {
@@ -537,6 +554,7 @@
p = val;
while (p < endptr) {
+ zval **tmp;
q = p;
while (*q != PS_DELIMITER)
if (++q >= endptr) goto break_outer_loop;
@@ -551,17 +569,23 @@
namelen = q - p;
name = estrndup(p, namelen);
q++;
-
+
+ if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) {
+ if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) {
+ goto skip;
+ }
+ }
+
if (has_value) {
ALLOC_INIT_ZVAL(current);
if (php_var_unserialize(¤t, (const unsigned char **) &q, (const unsigned char *) endptr, &var_hash TSRMLS_CC)) {
- php_set_session_var(name, namelen, current, &var_hash TSRMLS_CC);
+ php_set_session_var(name, namelen, current, &var_hash TSRMLS_CC);
}
zval_ptr_dtor(¤t);
}
PS_ADD_VARL(name, namelen);
+skip:
efree(name);
-
p = q;
}
break_outer_loop:
@@ -579,16 +603,20 @@
zend_delete_global_variable("HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS")-1 TSRMLS_CC);
zend_delete_global_variable("_SESSION", sizeof("_SESSION")-1 TSRMLS_CC);
+ if (PS(http_session_vars)) {
+ zval_ptr_dtor(&PS(http_session_vars));
+ }
+
MAKE_STD_ZVAL(session_vars);
array_init(session_vars);
PS(http_session_vars) = session_vars;
if (PG(register_long_arrays)) {
- ZEND_SET_GLOBAL_VAR_WITH_LENGTH("HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS"), PS(http_session_vars), 2, 1);
- ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"), PS(http_session_vars), 2, 1);
+ ZEND_SET_GLOBAL_VAR_WITH_LENGTH("HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS"), PS(http_session_vars), 3, 1);
+ ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"), PS(http_session_vars), 3, 1);
}
else {
- ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"), PS(http_session_vars), 1, 0);
+ ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"), PS(http_session_vars), 2, 1);
}
}
@@ -700,7 +728,7 @@
buf = emalloc(100);
/* maximum 15+19+19+10 bytes */
- sprintf(buf, "%.15s%ld%ld%0.8f", remote_addr ? remote_addr : "",
+ sprintf(buf, "%.15s%ld%ld%0.8F", remote_addr ? remote_addr : "",
tv.tv_sec, (long int)tv.tv_usec, php_combined_lcg(TSRMLS_C) * 10);
switch (PS(hash_func)) {
@@ -1300,9 +1328,9 @@
}
}
-static zend_bool php_session_destroy(TSRMLS_D)
+static int php_session_destroy(TSRMLS_D)
{
- zend_bool retval = SUCCESS;
+ int retval = SUCCESS;
if (PS(session_status) != php_session_active) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Trying to destroy uninitialized session");
@@ -1528,7 +1556,7 @@
zend_bool del_ses = 0;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|b", &del_ses) == FAILURE) {
- WRONG_PARAM_COUNT;
+ return;
}
if (SG(headers_sent)) {
@@ -1824,6 +1852,10 @@
static void php_rshutdown_session_globals(TSRMLS_D)
{
+ if (PS(http_session_vars)) {
+ zval_ptr_dtor(&PS(http_session_vars));
+ PS(http_session_vars) = NULL;
+ }
if (PS(mod_data)) {
zend_try {
PS(mod)->s_close(&PS(mod_data) TSRMLS_CC);
++++++ php5-ze2-fixes.patch ++++++
Index: Zend/zend.c
===================================================================
RCS file: /repository/ZendEngine2/zend.c,v
retrieving revision 1.308.2.12.2.22
retrieving revision 1.308.2.12.2.24
diff -u -r1.308.2.12.2.22 -r1.308.2.12.2.24
--- Zend/zend.c 16 Oct 2006 11:13:08 -0000 1.308.2.12.2.22
+++ Zend/zend.c 8 Nov 2006 11:04:27 -0000 1.308.2.12.2.24
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: zend.c,v 1.308.2.12.2.22 2006/10/16 11:13:08 dmitry Exp $ */
+/* $Id: zend.c,v 1.308.2.12.2.24 2006/11/08 11:04:27 dmitry Exp $ */
#include "zend.h"
#include "zend_extensions.h"
@@ -131,9 +131,9 @@
if (is_object) {
char *prop_name, *class_name;
- zend_unmangle_property_name(string_key, str_len-1, &class_name, &prop_name);
+ int mangled = zend_unmangle_property_name(string_key, str_len-1, &class_name, &prop_name);
ZEND_PUTS_EX(prop_name);
- if (class_name) {
+ if (class_name && mangled == SUCCESS) {
if (class_name[0]=='*') {
ZEND_PUTS_EX(":protected");
} else {
@@ -522,8 +522,9 @@
static void zend_new_thread_end_handler(THREAD_T thread_id TSRMLS_DC)
{
- zend_copy_ini_directives(TSRMLS_C);
- zend_ini_refresh_caches(ZEND_INI_STAGE_STARTUP TSRMLS_CC);
+ if (zend_copy_ini_directives(TSRMLS_C) == SUCCESS) {
+ zend_ini_refresh_caches(ZEND_INI_STAGE_STARTUP TSRMLS_CC);
+ }
}
#endif
@@ -700,7 +701,7 @@
free(EG(zend_constants));
executor_globals_ctor(executor_globals, tsrm_ls);
global_persistent_list = &EG(persistent_list);
- zend_new_thread_end_handler(tsrm_thread_id() TSRMLS_CC);
+ zend_copy_ini_directives(TSRMLS_C);
}
#endif
Index: Zend/zend_execute.c
===================================================================
RCS file: /repository/ZendEngine2/zend_execute.c,v
retrieving revision 1.716.2.12.2.12
retrieving revision 1.716.2.12.2.13
diff -u -r1.716.2.12.2.12 -r1.716.2.12.2.13
--- Zend/zend_execute.c 2 Oct 2006 11:09:52 -0000 1.716.2.12.2.12
+++ Zend/zend_execute.c 7 Nov 2006 20:23:30 -0000 1.716.2.12.2.13
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: zend_execute.c,v 1.716.2.12.2.12 2006/10/02 11:09:52 tony2001 Exp $ */
+/* $Id: zend_execute.c,v 1.716.2.12.2.13 2006/11/07 20:23:30 iliaa Exp $ */
#define ZEND_INTENSIVE_DEBUGGING 0
@@ -411,11 +411,7 @@
*variable_ptr_ptr = value_ptr;
value_ptr->refcount++;
- variable_ptr->refcount--;
- if (variable_ptr->refcount==0) {
- zendi_zval_dtor(*variable_ptr);
- FREE_ZVAL(variable_ptr);
- }
+ zval_ptr_dtor(&variable_ptr);
} else if (!variable_ptr->is_ref) {
if (variable_ptr_ptr == value_ptr_ptr) {
SEPARATE_ZVAL(variable_ptr_ptr);
Index: Zend/zend_hash.c
===================================================================
RCS file: /repository/ZendEngine2/zend_hash.c,v
retrieving revision 1.121.2.4.2.1
retrieving revision 1.121.2.4.2.3
diff -u -r1.121.2.4.2.1 -r1.121.2.4.2.3
--- Zend/zend_hash.c 24 Aug 2006 09:42:35 -0000 1.121.2.4.2.1
+++ Zend/zend_hash.c 8 Nov 2006 16:02:03 -0000 1.121.2.4.2.3
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: zend_hash.c,v 1.121.2.4.2.1 2006/08/24 09:42:35 dmitry Exp $ */
+/* $Id: zend_hash.c,v 1.121.2.4.2.3 2006/11/08 16:02:03 dmitry Exp $ */
#include "zend.h"
@@ -647,12 +647,15 @@
SET_INCONSISTENT(HT_DESTROYED);
}
-/* This is used to selectively delete certain entries from a hashtable.
- * destruct() receives the data and decides if the entry should be deleted
- * or not
+/* This is used to recurse elements and selectively delete certain entries
+ * from a hashtable. apply_func() receives the data and decides if the entry
+ * should be deleted or recursion should be stopped. The following three
+ * return codes are possible:
+ * ZEND_HASH_APPLY_KEEP - continue
+ * ZEND_HASH_APPLY_STOP - stop iteration
+ * ZEND_HASH_APPLY_REMOVE - delete the element, combineable with the former
*/
-
ZEND_API void zend_hash_apply(HashTable *ht, apply_func_t apply_func TSRMLS_DC)
{
Bucket *p;
@@ -662,11 +665,16 @@
HASH_PROTECT_RECURSION(ht);
p = ht->pListHead;
while (p != NULL) {
- if (apply_func(p->pData TSRMLS_CC)) {
+ int result = apply_func(p->pData TSRMLS_CC);
+
+ if (result & ZEND_HASH_APPLY_REMOVE) {
p = zend_hash_apply_deleter(ht, p);
} else {
p = p->pListNext;
}
+ if (result & ZEND_HASH_APPLY_STOP) {
+ break;
+ }
}
HASH_UNPROTECT_RECURSION(ht);
}
@@ -681,17 +689,22 @@
HASH_PROTECT_RECURSION(ht);
p = ht->pListHead;
while (p != NULL) {
- if (apply_func(p->pData, argument TSRMLS_CC)) {
+ int result = apply_func(p->pData, argument TSRMLS_CC);
+
+ if (result & ZEND_HASH_APPLY_REMOVE) {
p = zend_hash_apply_deleter(ht, p);
} else {
p = p->pListNext;
}
+ if (result & ZEND_HASH_APPLY_STOP) {
+ break;
+ }
}
HASH_UNPROTECT_RECURSION(ht);
}
-ZEND_API void zend_hash_apply_with_arguments(HashTable *ht, apply_func_args_t destruct, int num_args, ...)
+ZEND_API void zend_hash_apply_with_arguments(HashTable *ht, apply_func_args_t apply_func, int num_args, ...)
{
Bucket *p;
va_list args;
@@ -703,15 +716,21 @@
p = ht->pListHead;
while (p != NULL) {
+ int result;
va_start(args, num_args);
hash_key.arKey = p->arKey;
hash_key.nKeyLength = p->nKeyLength;
hash_key.h = p->h;
- if (destruct(p->pData, num_args, args, &hash_key)) {
+ result = apply_func(p->pData, num_args, args, &hash_key);
+
+ if (result & ZEND_HASH_APPLY_REMOVE) {
p = zend_hash_apply_deleter(ht, p);
} else {
p = p->pListNext;
}
+ if (result & ZEND_HASH_APPLY_STOP) {
+ break;
+ }
va_end(args);
}
@@ -754,7 +773,7 @@
p = source->pListHead;
while (p) {
if (p->nKeyLength) {
- zend_hash_update(target, p->arKey, p->nKeyLength, p->pData, size, &new_entry);
+ zend_hash_quick_update(target, p->arKey, p->nKeyLength, p->h, p->pData, size, &new_entry);
} else {
zend_hash_index_update(target, p->h, p->pData, size, &new_entry);
}
@@ -779,7 +798,7 @@
p = source->pListHead;
while (p) {
if (p->nKeyLength>0) {
- if (_zend_hash_add_or_update(target, p->arKey, p->nKeyLength, p->pData, size, &t, mode ZEND_FILE_LINE_RELAY_CC)==SUCCESS && pCopyConstructor) {
+ if (_zend_hash_quick_add_or_update(target, p->arKey, p->nKeyLength, p->h, p->pData, size, &t, mode ZEND_FILE_LINE_RELAY_CC)==SUCCESS && pCopyConstructor) {
pCopyConstructor(t);
}
} else {
Index: Zend/zend_ini.c
===================================================================
RCS file: /repository/ZendEngine2/zend_ini.c,v
retrieving revision 1.39.2.2.2.3
retrieving revision 1.39.2.2.2.4
diff -u -r1.39.2.2.2.3 -r1.39.2.2.2.4
--- Zend/zend_ini.c 6 Sep 2006 08:54:44 -0000 1.39.2.2.2.3
+++ Zend/zend_ini.c 8 Nov 2006 11:04:27 -0000 1.39.2.2.2.4
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: zend_ini.c,v 1.39.2.2.2.3 2006/09/06 08:54:44 dmitry Exp $ */
+/* $Id: zend_ini.c,v 1.39.2.2.2.4 2006/11/08 11:04:27 dmitry Exp $ */
#include "zend.h"
#include "zend_qsort.h"
@@ -126,7 +126,6 @@
return FAILURE;
}
zend_hash_copy(EG(ini_directives), registered_zend_ini_directives, NULL, &ini_entry, sizeof(zend_ini_entry));
- zend_ini_refresh_caches(ZEND_INI_STAGE_STARTUP TSRMLS_CC);
return SUCCESS;
}
#endif
@@ -214,6 +213,7 @@
}
+#ifdef ZTS
static int zend_ini_refresh_cache(zend_ini_entry *p, int stage TSRMLS_DC)
{
if (p->on_modify) {
@@ -227,6 +227,7 @@
{
zend_hash_apply_with_argument(EG(ini_directives), (apply_func_arg_t) zend_ini_refresh_cache, (void *)(long) stage TSRMLS_CC);
}
+#endif
ZEND_API int zend_alter_ini_entry(char *name, uint name_length, char *new_value, uint new_value_length, int modify_type, int stage)
Index: Zend/zend_object_handlers.c
===================================================================
RCS file: /repository/ZendEngine2/zend_object_handlers.c,v
retrieving revision 1.135.2.6.2.15
retrieving revision 1.135.2.6.2.16
diff -u -r1.135.2.6.2.15 -r1.135.2.6.2.16
--- Zend/zend_object_handlers.c 12 Sep 2006 11:01:16 -0000 1.135.2.6.2.15
+++ Zend/zend_object_handlers.c 8 Nov 2006 13:38:28 -0000 1.135.2.6.2.16
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: zend_object_handlers.c,v 1.135.2.6.2.15 2006/09/12 11:01:16 dmitry Exp $ */
+/* $Id: zend_object_handlers.c,v 1.135.2.6.2.16 2006/11/08 13:38:28 dmitry Exp $ */
#include "zend.h"
#include "zend_globals.h"
@@ -469,6 +469,19 @@
/* Undo PZVAL_LOCK() */
retval->refcount--;
+ if ((type == BP_VAR_W || type == BP_VAR_RW || type == BP_VAR_UNSET) && retval->refcount > 0) {
+ zval *tmp = retval;
+
+ ALLOC_ZVAL(retval);
+ *retval = *tmp;
+ zval_copy_ctor(retval);
+ retval->is_ref = 0;
+ retval->refcount = 0;
+ if (Z_TYPE_P(retval) != IS_OBJECT) {
+ zend_error(E_NOTICE, "Indirect modification of overloaded element of %s has no effect", ce->name);
+ }
+ }
+
return retval;
} else {
zend_error(E_ERROR, "Cannot use object of type %s as array", ce->name);
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org