diff options
51 files changed, 6017 insertions, 2086 deletions
@@ -1,221 +1,440 @@ -# Generated by mksrcinfo v8 -# Sun Jul 15 14:55:50 UTC 2018 +# Generated by makepkg 6.0.2 +# Wed Feb 22 16:30:15 UTC 2023 pkgbase = php53 - pkgdesc = A general-purpose scripting language that is especially suited to web development + pkgdesc = PHP 5.3.29 compiled as to not conflict with mainline php pkgver = 5.3.29 - pkgrel = 9 - url = http://php.net - arch = i686 + pkgrel = 18 + url = http://www.php.net arch = x86_64 license = PHP + checkdepends = procps-ng + checkdepends = smtp-forwarder + makedepends = acl + makedepends = libtool + makedepends = autoconf + makedepends = automake + makedepends = patchelf + makedepends = gawk + makedepends = sed + makedepends = bash + makedepends = python + makedepends = libxml2 + makedepends = pam + makedepends = krb5 + makedepends = zlib + makedepends = libedit + makedepends = smtp-forwarder + makedepends = pcre makedepends = apache - makedepends = c-client + makedepends = ncurses + makedepends = libxcrypt + makedepends = systemd + makedepends = systemd-libs + makedepends = coreutils + makedepends = findutils + makedepends = autoconf2.13 + makedepends = libxslt + makedepends = e2fsprogs + makedepends = openssl-1.0 + makedepends = db5.3 makedepends = postgresql-libs - makedepends = libldap - makedepends = smtp-forwarder - makedepends = sqlite makedepends = unixodbc - makedepends = net-snmp + makedepends = libfbclient + makedepends = libfbclient + makedepends = freetds + makedepends = sqlite + makedepends = gd + makedepends = tidy + makedepends = gmp makedepends = libzip + makedepends = recode + makedepends = aspell makedepends = enchant - makedepends = file - makedepends = freetds - makedepends = libmcrypt - makedepends = tidyhtml + makedepends = libvoikko + makedepends = hspell + makedepends = hunspell + makedepends = nuspell makedepends = aspell - makedepends = libltdl - makedepends = libpng - makedepends = libjpeg - makedepends = freetype2 - makedepends = icu makedepends = curl - makedepends = libxslt - makedepends = openssl-1.0 - makedepends = db - makedepends = gmp - makedepends = systemd - source = http://php.net/distributions/php-5.3.29.tar.xz - source = https://distfiles.macports.org/php5/suhosin-patch-5.3.9-0.9.10.patch.gz - source = php.ini.patch - source = apache.conf - source = php-fpm.conf.in.patch - source = logrotate.d.php-fpm - source = php-fpm.service - source = php-fpm.tmpfiles - source = suhosin.patch - source = CVE-2014-3587.patch - source = CVE-2014-3597.patch - source = CVE-2014-3668.patch - source = CVE-2014-3669.patch - source = CVE-2014-3670.patch - source = curl_embedded_null.patch - source = CVE-2014-8142.patch - source = CVE-2015-0231.patch - source = CVE-2014-9705.patch - source = CVE-2015-0273.patch - source = CVE-2015-2301.patch - source = CVE-2015-2305.patch - source = CVE-2015-2783.patch - source = CVE-2015-2787.patch - source = CVE-2015-3330.patch - source = CVE-2015-3329.patch - sha1sums = 8772d7419511f9f066fb17929194b5492680ec9b - sha1sums = 7b9ef5c3e0831154df0d6290aba0989ca90138ed - sha1sums = b42a385359f5d033748d4d8f44a9f7a0469f628a - sha1sums = 82776db01f70b9186ba455de22eb06fe193f1d30 - sha1sums = 2247fb95547feefdc898fc2c01bae1817ec2dc2a - sha1sums = ce75999f51fa780c68e1575cca1d660ea60a5e64 - sha1sums = 2a3607973db41aa08f7aba11057218e2d88732b7 - sha1sums = 3c011681562bb620b1717b3829cb354461dd94d5 - sha1sums = 4d9fea0b7ab856c59ddbf722fe6c95b8e479af9b - sha1sums = b5caa85fd1b76a3ece056ab5441852330989640b - sha1sums = 9f2aa7c2514cb66204f9f5c3dc5f8ebdda238c78 - sha1sums = 4672c18ece397b2f99ad0c992f61220e210b2dc1 - sha1sums = 454e96af5cab1f649fceca61c0afb46ae73179f5 - sha1sums = 2f368143bcdaae4659a65103ffdeb71cac12c5cf - sha1sums = ede78d11b7d4d6c304253bfd358607e160a3918a - sha1sums = e97ea93d37ffbf6c3025281202d2e807facb4e7e - sha1sums = 0ab48f282d62058318d08c44607aac89912f78d6 - sha1sums = b535103d79ba9791c22a841d5d72497dec3dd93d - sha1sums = 7cb38769807eb7d35ff7f3eaf1cce408d8ad2676 - sha1sums = 066fe3a84e1aabaf45afe26470cd769b9e3ab79a - sha1sums = 4968abe76ab18c15f85111b3e78dba0059f948ce - sha1sums = 18e3f12ad04adf4cc59aa5862628ab0d032c76ef - sha1sums = 4d9551ec6c2462cde45d0e556edf6d9e792c15b4 - sha1sums = 248dc92602721c193f3906f3eb7d98cd5499ba40 - sha1sums = 40fc97494110e9b312ea0f5bade8aa0b7043f40e + makedepends = net-snmp + makedepends = libsasl + makedepends = libldap + makedepends = c-client + makedepends = pam + makedepends = libmcrypt + options = !lto + source = make-tests.patch + source = pear-config-patcher.php + source = php-makefile-patcher.php + source = php-apache.conf + source = https://php.net/distributions/php-5.3.29.tar.bz2 + source = https://github.com/unicode-org/icu/releases/download/release-64-1/icu4c-64_1-src.tgz + source = php53-phar-names.patch + source = openssl-1.0.patch + source = openssl-sslv3.patch + source = openssl-sslv3-consts.patch + source = dba-5.3-support.patch + source = cve-php5.3.patch + source = mpm-apache.patch + source = fpm-numeric-uid-gid.patch + source = fpm-reload-sighup.patch + source = mysql-socket-php5.3.patch + source = php-enchant-php5.3.patch + source = php-enchant-depr.patch + source = recode-php5.3.patch + source = php-mysqlnd-charsets.patch + source = php-mysqlnd.patch + source = php-tests.patch + source = debian-php-5.3.29.patch + source = php-phpinfo.patch + sha256sums = e6b8530d747000eebb0089249ec70a3b14add7b501337046700544883f62b17b + sha256sums = 0b7e98dca9c996ec10cb9b3f6296bb7547c68797fd5f35006fdfd3e97700672d + sha256sums = ba72fc64f77822755a469314160d5889d5298f4eb5758dd7939dac9b811afe52 + sha256sums = 6d0ad9becb5470ce8e5929d7d45660b0f32579038978496317544c5310281a91 + sha256sums = c4e1cf6972b2a9c7f2777a18497d83bf713cdbecabb65d3ff62ba441aebb0091 + sha256sums = 92f1b7b9d51b396679c17f35a2112423361b8da3c1b9de00aa94fd768ae296e6 + sha256sums = 5cac358527fa9f6cb8b7f22e34b86ef98453d8d3b45a83e745683fecc0fcf9a3 + sha256sums = 8a5e1a2a563c38f237b0ed735918ecf82c30edd3f7beae5d99be041585901d27 + sha256sums = e49744c78d6413ab6e93e3786d70c2d1cbdbb62e5bcfdb85c05efcf16fecfb96 + sha256sums = aecd8dff7022e956718407a5b98dec19acdceef08b0a58e7266b483bc3845de6 + sha256sums = d2f6f8e71c99247c798451a56d5b3e0817d404dfc41175b2e9735e38ecfaa6d6 + sha256sums = 72a94ccc694657b3d52ce9da537e3f9d4ac7aee4970e916c88f6a8af2bc5cc0e + sha256sums = de279c546cfe5de88ae3dc7b169be963b6f367361821ca1b415b9b04973781a5 + sha256sums = d175f0c14fdb22855090c93f76e18f04320d7bf15afc057ffde947f9bb361242 + sha256sums = f5ae925036744a5e88cea2698879aea0498e1e23aee7801923d90f16be383908 + sha256sums = 12f4e3aeab72e7d24221c07b64106c496c2e300518682bd301351dc9fa6ab3cf + sha256sums = 52c5a93fb03fa8f3f99438eb803b3182766ee04e0e6b76f00b0bc848d03ff6a6 + sha256sums = 3049b76460c65a70017ba2aac8f8c45725df2bbea458a96ec7164db63639e87f + sha256sums = c9f3b0dff07a7e9688f60b92a2a15817bd7cd59a8c5278cae629d856be66de5c + sha256sums = c9b3c4153596b605a41456e8242d98e474be6391d6fb4b6ce70a21c4c23b5203 + sha256sums = 7e59ff3e1669d55f2a26ccdd748bfed6bbfd85d5d9206c1241cfd4443994f42c + sha256sums = 616ec8aa12070fb058be511abdae703a62d1c99387dd6d2a7bb47cb1b5bbda5f + sha256sums = 576d301ad50cf71782773f970b418ec9a569e8e4fccb2ae982895f3553309794 + sha256sums = 558e780e93dfa861a366c49b4d156d8fc43f17898f001ae6033ec63c33d5d41c pkgname = php53 - pkgdesc = An HTML-embedded scripting language - Legacy 5.3 version + pkgdesc = PHP. A general-purpose scripting language that is especially suited to web development + depends = zlib depends = pcre + depends = libedit + backup = etc/php53/php.ini + +pkgname = php53-cli + pkgdesc = cli (command-line executable) version for php53 + depends = php53=5.3.29 depends = libxml2 - depends = curl - depends = libzip - depends = openssl-1.0 - provides = php=5.3.29 + depends = pcre2 + depends = libedit backup = etc/php53/php.ini pkgname = php53-cgi - pkgdesc = CGI and FCGI SAPI for PHP - depends = php53 - provides = php-cgi=5.3.29 - -pkgname = php53-apache - pkgdesc = Apache SAPI for PHP - install = php-apache.install - depends = php53 - depends = apache - provides = php-apache=5.3.29 - backup = etc/httpd/conf/extra/php53_module.conf + pkgdesc = CGI and FCGI SAPI for php53 + depends = php53=5.3.29 + depends = libxml2 + depends = pcre2 + depends = libedit + backup = etc/php53/php.ini pkgname = php53-fpm - pkgdesc = FastCGI Process Manager for PHP + pkgdesc = FastCGI Process Manager for php53 install = php-fpm.install - depends = php53 - depends = systemd - provides = php-fpm=5.3.29 + depends = php53=5.3.29 + depends = systemd-libs + depends = acl + depends = libxml2 + depends = pcre2 + depends = libedit + options = !emptydirs backup = etc/php53/php-fpm.conf + backup = etc/php53/php-fpm.d/www.conf + backup = etc/php53/php.ini pkgname = php53-embed - pkgdesc = Embedded PHP SAPI library - depends = php53 - provides = php-embed=5.3.29 + pkgdesc = Embedded PHP SAPI library for php53 + depends = php53=5.3.29 + depends = ncurses + depends = systemd-libs + depends = libxcrypt + depends = acl + depends = ncurses + depends = libxml2 + depends = pcre2 + depends = libedit + options = !emptydirs + backup = etc/php53/php.ini -pkgname = php53-dblib - pkgdesc = dblib module for PHP - depends = php53 - provides = php-dblib=5.3.29 +pkgname = php53-apache + pkgdesc = Apache SAPI for php53 + depends = php53=5.3.29 + depends = apache + depends = libxml2 + depends = pcre2 + depends = libedit + depends = libxcrypt + depends = ncurses + backup = etc/httpd/conf/extra/ + backup = etc/php53/php.ini + +pkgname = php53-litespeed + pkgdesc = LiteSpeed SAPI for php53 + depends = php53=5.3.29 + depends = libxml2 + depends = pcre2 + depends = libedit + backup = etc/php53/php.ini pkgname = php53-pear - pkgdesc = PHP Extension and Application Repository - depends = php53 - provides = php-pear=5.3.29 - backup = etc/php53/pear.conf + pkgdesc = PHP Extension and Application Repository (PEAR) for php53 + depends = php53=5.3.29 + depends = php53-xml=5.3.29 + depends = php53-cli=5.3.29 + depends = php53-phar=5.3.29 -pkgname = php53-enchant - pkgdesc = enchant module for PHP - depends = php53 - depends = enchant - provides = php-enchant=5.3.29 +pkgname = php53-pecl + pkgdesc = PHP Extension Community Library (PECL) for php53 + depends = php53-pear=5.3.29 + +pkgname = php53-xml + pkgdesc = xml modules for php53 + depends = php53=5.3.29 + depends = libxml2 + +pkgname = php53-xsl + pkgdesc = xsl module for php53 + depends = php53-xml=5.3.29 + depends = php53-dom=5.3.29 + depends = libxslt + +pkgname = php53-xmlreader + pkgdesc = xmlreader module for php53 + depends = php53-xml=5.3.29 + +pkgname = php53-xmlwriter + pkgdesc = xmlwriter module for php53 + depends = php53-xml=5.3.29 + +pkgname = php53-wddx + pkgdesc = wddx module for php53 + depends = php53-xml=5.3.29 + +pkgname = php53-dom + pkgdesc = dom module for php53 + depends = php53-xml=5.3.29 + +pkgname = php53-simplexml + pkgdesc = simplexml module for php53 + depends = php53-xml=5.3.29 + +pkgname = php53-mysql + pkgdesc = MySQL modules for php53 + depends = php53=5.3.29 + +pkgname = php53-phar + pkgdesc = phar module for php53 + depends = php53=5.3.29 + +pkgname = php53-pcntl + pkgdesc = pcntl module for php53 + depends = php53=5.3.29 + +pkgname = php53-posix + pkgdesc = posix module for php53 + depends = php53=5.3.29 + +pkgname = php53-shmop + pkgdesc = shmop module for php53 + depends = php53=5.3.29 + +pkgname = php53-sockets + pkgdesc = sockets module for php53 + depends = php53=5.3.29 + +pkgname = php53-sysvmsg + pkgdesc = sysvmsg module for php53 + depends = php53=5.3.29 + +pkgname = php53-sysvsem + pkgdesc = sysvsem module for php53 + depends = php53=5.3.29 + +pkgname = php53-sysvshm + pkgdesc = sysvshm module for php53 + depends = php53=5.3.29 + +pkgname = php53-tokenizer + pkgdesc = tokenizer module for php53 + depends = php53=5.3.29 + +pkgname = php53-dba + pkgdesc = dba module for php53 + depends = php53=5.3.29 + depends = db5.3 + +pkgname = php53-pgsql + pkgdesc = PostgreSQL modules for php53 + depends = php53=5.3.29 + depends = postgresql-libs + +pkgname = php53-odbc + pkgdesc = ODBC modules for php53 + depends = php53=5.3.29 + depends = unixodbc + +pkgname = php53-firebird + pkgdesc = pdo_firebird module for php53 + depends = php53=5.3.29 + depends = libfbclient + +pkgname = php53-interbase + pkgdesc = interbase module for php53 + depends = php53=5.3.29 + depends = libfbclient + +pkgname = php53-dblib + pkgdesc = pdo_dblib module for php53 + depends = php53=5.3.29 + depends = freetds + +pkgname = php53-sqlite + pkgdesc = sqlite module for php53 + depends = php53=5.3.29 + depends = sqlite + +pkgname = php53-mssql + pkgdesc = mssql module for php53 + depends = php53=5.3.29 + depends = freetds pkgname = php53-gd - pkgdesc = gd module for PHP - depends = php53 + pkgdesc = gd module for php53 + depends = php53=5.3.29 + depends = gd + depends = libxpm depends = libpng depends = libjpeg - depends = freetype2 - provides = php-gd=5.3.29 -pkgname = php53-imap - pkgdesc = imap module for PHP - depends = php53 - depends = c-client - provides = php-imap=5.3.29 +pkgname = php53-exif + pkgdesc = exif module for php53 + depends = php53=5.3.29 -pkgname = php53-intl - pkgdesc = intl module for PHP - depends = php53 - depends = icu - provides = php-intl=5.3.29 +pkgname = php53-tidy + pkgdesc = tidy module for php53 + depends = php53=5.3.29 + depends = tidy -pkgname = php53-ldap - pkgdesc = ldap module for PHP - depends = php53 - depends = libldap - provides = php53-ldap=5.3.29 +pkgname = php53-iconv + pkgdesc = iconv module for php53 + depends = php53=5.3.29 -pkgname = php53-mcrypt - pkgdesc = mcrypt module for PHP - depends = php53 - depends = libmcrypt - depends = libltdl - provides = php-mcrypt=5.3.29 +pkgname = php53-xmlrpc + pkgdesc = xmlrpc module for php53 + depends = php53=5.3.29 + depends = libxml2 -pkgname = php53-mssql - pkgdesc = mssql module for PHP +pkgname = php53-bcmath + pkgdesc = bcmath module for php53 depends = php53 - depends = freetds - provides = php-mssql=5.3.29 -pkgname = php53-odbc - pkgdesc = ODBC modules for PHP - depends = php53 - depends = unixodbc - provides = php-odbc=5.3.29 +pkgname = php53-gmp + pkgdesc = gmp module for php53 + depends = php53=5.3.29 + depends = gmp -pkgname = php53-pgsql - pkgdesc = PostgreSQL modules for PHP - depends = php53 - depends = postgresql-libs - provides = php-pgsql=5.3.29 +pkgname = php53-zip + pkgdesc = zip module for php53 + depends = php53=5.3.29 + depends = libzip + +pkgname = php53-bz2 + pkgdesc = bz2 module for php53 + depends = php53=5.3.29 + depends = bzip2 + +pkgname = php53-json + pkgdesc = json module for php53 + depends = php53=5.3.29 + +pkgname = php53-fileinfo + pkgdesc = fileinfo module for php53 + depends = php53=5.3.29 + +pkgname = php53-ctype + pkgdesc = ctype module for php53 + depends = php53=5.3.29 + +pkgname = php53-recode + pkgdesc = recode module for php53 + depends = php53=5.3.29 + depends = recode + +pkgname = php53-mbstring + pkgdesc = mbstring module for php53 + depends = php53=5.3.29 pkgname = php53-pspell - pkgdesc = pspell module for PHP - depends = php53 + pkgdesc = pspell module for php53 + depends = php53=5.3.29 + depends = aspell + +pkgname = php53-enchant + pkgdesc = enchant module for php53 + depends = php53=5.3.29 + depends = enchant + depends = libvoikko + depends = hspell + depends = hunspell + depends = nuspell depends = aspell - provides = php-pspell=5.3.29 + +pkgname = php53-intl + pkgdesc = intl module for php53 + depends = php53=5.3.29 + +pkgname = php53-calendar + pkgdesc = calendar module for php53 + depends = php53=5.3.29 + +pkgname = php53-gettext + pkgdesc = gettext module for php53 + depends = php53=5.3.29 + +pkgname = php53-soap + pkgdesc = soap module for php53 + depends = php53=5.3.29 + depends = libxml2 + +pkgname = php53-ftp + pkgdesc = FTP module for php53 + depends = php53=5.3.29 + depends = openssl-1.0 + +pkgname = php53-curl + pkgdesc = curl module for php53 + depends = php53=5.3.29 + depends = curl pkgname = php53-snmp - pkgdesc = snmp module for PHP - depends = php53 + pkgdesc = snmp module for php53 + depends = php53=5.3.29 depends = net-snmp - provides = php-snmp=5.3.29 - -pkgname = php53-sqlite - pkgdesc = sqlite module for PHP - depends = php53 - depends = sqlite - provides = php-sqlite=5.3.29 + depends = openssl-1.0 -pkgname = php53-tidy - pkgdesc = tidy module for PHP - depends = php53 - depends = tidyhtml - provides = php-tidy=5.3.29 +pkgname = php53-ldap + pkgdesc = ldap module for php53 + depends = php53=5.3.29 + depends = libldap + depends = libsasl -pkgname = php53-xsl - pkgdesc = xsl module for PHP - depends = php53 - depends = libxslt - provides = php-xsl=5.3.29 +pkgname = php53-imap + pkgdesc = imap module for php53 + depends = php53=5.3.29 + depends = pam + depends = krb5 + depends = c-client + depends = libxcrypt + depends = openssl-1.0 +pkgname = php53-mcrypt + pkgdesc = mcrypt module for php53 + depends = php53=5.3.29 + depends = libmcrypt diff --git a/.gitignore b/.gitignore index 8c9416775e88..bc1e7c0346b1 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,6 @@ *.gz src/ pkg/ +*.tar.* +*.t?z diff --git a/CVE-2014-3587.patch b/CVE-2014-3587.patch deleted file mode 100644 index ae21e3904887..000000000000 --- a/CVE-2014-3587.patch +++ /dev/null @@ -1,18 +0,0 @@ -From 7ba1409a1aee5925180de546057ddd84ff267947 Mon Sep 17 00:00:00 2001 -From: Remi Collet <rcollet@redhat.com> -Date: Thu, 14 Aug 2014 17:19:03 -0700 -Subject: [PATCH] Fix bug #67716 - Segfault in cdf.c - -Index: b/ext/fileinfo/libmagic/cdf.c -=================================================================== ---- a/ext/fileinfo/libmagic/cdf.c -+++ b/ext/fileinfo/libmagic/cdf.c -@@ -759,7 +759,7 @@ - for (i = 0; i < sh.sh_properties; i++) { - q = (const uint32_t *)((const char *)p + - CDF_TOLE4(p[(i << 1) + 1])) - 2; -- if (q > e) { -+ if (q < p || q > e) { - DPRINTF(("Ran of the end %p > %p\n", q, e)); - goto out; - } diff --git a/CVE-2014-3597.patch b/CVE-2014-3597.patch deleted file mode 100644 index 08ab95c2c56e..000000000000 --- a/CVE-2014-3597.patch +++ /dev/null @@ -1,266 +0,0 @@ -Origin: https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05 -From: Remi Collet -Subject: Fixed Sec Bug #67717 segfault in dns_get_record CVE-2014-3597 - ---- - ext/standard/dns.c | 84 +++++++++++++++++++++++++++++++++++++---------------- - 1 file changed, 60 insertions(+), 24 deletions(-) - -Index: b/ext/standard/dns.c -=================================================================== ---- a/ext/standard/dns.c -+++ b/ext/standard/dns.c -@@ -412,8 +412,14 @@ - - #if HAVE_FULL_DNS_FUNCS - -+#define CHECKCP(n) do { \ -+ if (cp + n > end) { \ -+ return NULL; \ -+ } \ -+} while (0) -+ - /* {{{ php_parserr */ --static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int store, zval **subarray) -+static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_to_fetch, int store, zval **subarray) - { - u_short type, class, dlen; - u_long ttl; -@@ -425,16 +431,18 @@ - - *subarray = NULL; - -- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, sizeof(name) - 2); -+ n = dn_expand(answer->qb2, end, cp, name, sizeof(name) - 2); - if (n < 0) { - return NULL; - } - cp += n; - -+ CHECKCP(10); - GETSHORT(type, cp); - GETSHORT(class, cp); - GETLONG(ttl, cp); - GETSHORT(dlen, cp); -+ CHECKCP(dlen); - if (type_to_fetch != T_ANY && type != type_to_fetch) { - cp += dlen; - return cp; -@@ -451,12 +459,14 @@ - add_assoc_string(*subarray, "host", name, 1); - switch (type) { - case DNS_T_A: -+ CHECKCP(4); - add_assoc_string(*subarray, "type", "A", 1); - snprintf(name, sizeof(name), "%d.%d.%d.%d", cp[0], cp[1], cp[2], cp[3]); - add_assoc_string(*subarray, "ip", name, 1); - cp += dlen; - break; - case DNS_T_MX: -+ CHECKCP(2); - add_assoc_string(*subarray, "type", "MX", 1); - GETSHORT(n, cp); - add_assoc_long(*subarray, "pri", n); -@@ -475,7 +485,7 @@ - if (type == DNS_T_PTR) { - add_assoc_string(*subarray, "type", "PTR", 1); - } -- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); -+ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); - if (n < 0) { - return NULL; - } -@@ -485,18 +495,22 @@ - case DNS_T_HINFO: - /* See RFC 1010 for values */ - add_assoc_string(*subarray, "type", "HINFO", 1); -+ CHECKCP(1); - n = *cp & 0xFF; - cp++; -+ CHECKCP(n); - add_assoc_stringl(*subarray, "cpu", (char*)cp, n, 1); - cp += n; -+ CHECKCP(1); - n = *cp & 0xFF; - cp++; -+ CHECKCP(n); - add_assoc_stringl(*subarray, "os", (char*)cp, n, 1); - cp += n; - break; - case DNS_T_TXT: - { -- int ll = 0; -+ int l1 = 0, l2 = 0; - zval *entries = NULL; - - add_assoc_string(*subarray, "type", "TXT", 1); -@@ -505,37 +519,41 @@ - MAKE_STD_ZVAL(entries); - array_init(entries); - -- while (ll < dlen) { -- n = cp[ll]; -- if ((ll + n) >= dlen) { -+ while (l1 < dlen) { -+ n = cp[l1]; -+ if ((l1 + n) >= dlen) { - // Invalid chunk length, truncate -- n = dlen - (ll + 1); -+ n = dlen - (l1 + 1); -+ } -+ if (n) { -+ memcpy(tp + l2 , cp + l1 + 1, n); -+ add_next_index_stringl(entries, cp + l1 + 1, n, 1); - } -- memcpy(tp + ll , cp + ll + 1, n); -- add_next_index_stringl(entries, cp + ll + 1, n, 1); -- ll = ll + n + 1; -+ l1 = l1 + n + 1; -+ l2 = l2 + n; - } -- tp[dlen] = '\0'; -+ tp[l2] = '\0'; - cp += dlen; - -- add_assoc_stringl(*subarray, "txt", tp, dlen - 1, 0); -+ add_assoc_stringl(*subarray, "txt", tp, l2, 0); - add_assoc_zval(*subarray, "entries", entries); - } - break; - case DNS_T_SOA: - add_assoc_string(*subarray, "type", "SOA", 1); -- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) -2); -+ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) -2); - if (n < 0) { - return NULL; - } - cp += n; - add_assoc_string(*subarray, "mname", name, 1); -- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) -2); -+ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) -2); - if (n < 0) { - return NULL; - } - cp += n; - add_assoc_string(*subarray, "rname", name, 1); -+ CHECKCP(5*4); - GETLONG(n, cp); - add_assoc_long(*subarray, "serial", n); - GETLONG(n, cp); -@@ -549,6 +567,7 @@ - break; - case DNS_T_AAAA: - tp = (u_char*)name; -+ CHECKCP(8*2); - for(i=0; i < 8; i++) { - GETSHORT(s, cp); - if (s != 0) { -@@ -583,6 +602,7 @@ - case DNS_T_A6: - p = cp; - add_assoc_string(*subarray, "type", "A6", 1); -+ CHECKCP(1); - n = ((int)cp[0]) & 0xFF; - cp++; - add_assoc_long(*subarray, "masklen", n); -@@ -618,6 +638,7 @@ - cp++; - } - for (i = (n + 8) / 16; i < 8; i++) { -+ CHECKCP(2); - GETSHORT(s, cp); - if (s != 0) { - if (tp > (u_char *)name) { -@@ -647,7 +668,7 @@ - tp[0] = '\0'; - add_assoc_string(*subarray, "ipv6", name, 1); - if (cp < p + dlen) { -- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); -+ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); - if (n < 0) { - return NULL; - } -@@ -656,6 +677,7 @@ - } - break; - case DNS_T_SRV: -+ CHECKCP(3*2); - add_assoc_string(*subarray, "type", "SRV", 1); - GETSHORT(n, cp); - add_assoc_long(*subarray, "pri", n); -@@ -663,7 +685,7 @@ - add_assoc_long(*subarray, "weight", n); - GETSHORT(n, cp); - add_assoc_long(*subarray, "port", n); -- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); -+ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); - if (n < 0) { - return NULL; - } -@@ -671,21 +693,35 @@ - add_assoc_string(*subarray, "target", name, 1); - break; - case DNS_T_NAPTR: -+ CHECKCP(2*2); - add_assoc_string(*subarray, "type", "NAPTR", 1); - GETSHORT(n, cp); - add_assoc_long(*subarray, "order", n); - GETSHORT(n, cp); - add_assoc_long(*subarray, "pref", n); -+ -+ CHECKCP(1); - n = (cp[0] & 0xFF); -- add_assoc_stringl(*subarray, "flags", (char*)++cp, n, 1); -+ cp++; -+ CHECKCP(n); -+ add_assoc_stringl(*subarray, "flags", (char*)cp, n, 1); - cp += n; -+ -+ CHECKCP(1); - n = (cp[0] & 0xFF); -- add_assoc_stringl(*subarray, "services", (char*)++cp, n, 1); -+ cp++; -+ CHECKCP(n); -+ add_assoc_stringl(*subarray, "services", (char*)cp, n, 1); - cp += n; -+ -+ CHECKCP(1); - n = (cp[0] & 0xFF); -- add_assoc_stringl(*subarray, "regex", (char*)++cp, n, 1); -+ cp++; -+ CHECKCP(n); -+ add_assoc_stringl(*subarray, "regex", (char*)cp, n, 1); - cp += n; -- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); -+ -+ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); - if (n < 0) { - return NULL; - } -@@ -852,7 +888,7 @@ - while (an-- && cp && cp < end) { - zval *retval; - -- cp = php_parserr(cp, &answer, type_to_fetch, store_results, &retval); -+ cp = php_parserr(cp, end, &answer, type_to_fetch, store_results, &retval); - if (retval != NULL && store_results) { - add_next_index_zval(return_value, retval); - } -@@ -865,7 +901,7 @@ - while (ns-- > 0 && cp && cp < end) { - zval *retval = NULL; - -- cp = php_parserr(cp, &answer, DNS_T_ANY, authns != NULL, &retval); -+ cp = php_parserr(cp, end, &answer, DNS_T_ANY, authns != NULL, &retval); - if (retval != NULL) { - add_next_index_zval(authns, retval); - } -@@ -877,7 +913,7 @@ - while (ar-- > 0 && cp && cp < end) { - zval *retval = NULL; - -- cp = php_parserr(cp, &answer, DNS_T_ANY, 1, &retval); -+ cp = php_parserr(cp, end, &answer, DNS_T_ANY, 1, &retval); - if (retval != NULL) { - add_next_index_zval(addtl, retval); - } diff --git a/CVE-2014-3668.patch b/CVE-2014-3668.patch deleted file mode 100644 index c2f622fcd8ee..000000000000 --- a/CVE-2014-3668.patch +++ /dev/null @@ -1,117 +0,0 @@ -From 44035de79f5b9646064d9bdd0329a946b0c5372a Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Sun, 28 Sep 2014 17:33:44 -0700 -Subject: [PATCH] Fix bug #68027 - fix date parsing in XMLRPC lib - ---- - ext/xmlrpc/libxmlrpc/xmlrpc.c | 13 ++++++++----- - ext/xmlrpc/tests/bug68027.phpt | 44 ++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 52 insertions(+), 5 deletions(-) - create mode 100644 ext/xmlrpc/tests/bug68027.phpt - -diff --git a/ext/xmlrpc/libxmlrpc/xmlrpc.c b/ext/xmlrpc/libxmlrpc/xmlrpc.c -index ce70c2a..b766a54 100644 ---- a/ext/xmlrpc/libxmlrpc/xmlrpc.c -+++ b/ext/xmlrpc/libxmlrpc/xmlrpc.c -@@ -219,16 +219,19 @@ static int date_from_ISO8601 (const char *text, time_t * value) { - n = 10; - tm.tm_mon = 0; - for(i = 0; i < 2; i++) { -- XMLRPC_IS_NUMBER(text[i]) -+ XMLRPC_IS_NUMBER(text[i+4]) - tm.tm_mon += (text[i+4]-'0')*n; - n /= 10; - } - tm.tm_mon --; -+ if(tm.tm_mon < 0 || tm.tm_mon > 11) { -+ return -1; -+ } - - n = 10; - tm.tm_mday = 0; - for(i = 0; i < 2; i++) { -- XMLRPC_IS_NUMBER(text[i]) -+ XMLRPC_IS_NUMBER(text[i+6]) - tm.tm_mday += (text[i+6]-'0')*n; - n /= 10; - } -@@ -236,7 +239,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) { - n = 10; - tm.tm_hour = 0; - for(i = 0; i < 2; i++) { -- XMLRPC_IS_NUMBER(text[i]) -+ XMLRPC_IS_NUMBER(text[i+9]) - tm.tm_hour += (text[i+9]-'0')*n; - n /= 10; - } -@@ -244,7 +247,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) { - n = 10; - tm.tm_min = 0; - for(i = 0; i < 2; i++) { -- XMLRPC_IS_NUMBER(text[i]) -+ XMLRPC_IS_NUMBER(text[i+12]) - tm.tm_min += (text[i+12]-'0')*n; - n /= 10; - } -@@ -252,7 +255,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) { - n = 10; - tm.tm_sec = 0; - for(i = 0; i < 2; i++) { -- XMLRPC_IS_NUMBER(text[i]) -+ XMLRPC_IS_NUMBER(text[i+15]) - tm.tm_sec += (text[i+15]-'0')*n; - n /= 10; - } -diff --git a/ext/xmlrpc/tests/bug68027.phpt b/ext/xmlrpc/tests/bug68027.phpt -new file mode 100644 -index 0000000..a5c96f1 ---- /dev/null -+++ b/ext/xmlrpc/tests/bug68027.phpt -@@ -0,0 +1,44 @@ -+--TEST-- -+Bug #68027 (buffer overflow in mkgmtime() function) -+--SKIPIF-- -+<?php -+if (!extension_loaded("xmlrpc")) print "skip"; -+?> -+--FILE-- -+<?php -+ -+$d = '6-01-01 20:00:00'; -+xmlrpc_set_type($d, 'datetime'); -+var_dump($d); -+$datetime = "2001-0-08T21:46:40-0400"; -+$obj = xmlrpc_decode("<?xml version=\"1.0\"?><methodResponse><params><param><value><dateTime.iso8601>$datetime</dateTime.iso8601></value></param></params></methodResponse>"); -+print_r($obj); -+ -+$datetime = "34770-0-08T21:46:40-0400"; -+$obj = xmlrpc_decode("<?xml version=\"1.0\"?><methodResponse><params><param><value><dateTime.iso8601>$datetime</dateTime.iso8601></value></param></params></methodResponse>"); -+print_r($obj); -+ -+echo "Done\n"; -+?> -+--EXPECTF-- -+object(stdClass)#1 (3) { -+ ["scalar"]=> -+ string(16) "6-01-01 20:00:00" -+ ["xmlrpc_type"]=> -+ string(8) "datetime" -+ ["timestamp"]=> -+ int(%d) -+} -+stdClass Object -+( -+ [scalar] => 2001-0-08T21:46:40-0400 -+ [xmlrpc_type] => datetime -+ [timestamp] => %s -+) -+stdClass Object -+( -+ [scalar] => 34770-0-08T21:46:40-0400 -+ [xmlrpc_type] => datetime -+ [timestamp] => %d -+) -+Done --- -2.1.0 - diff --git a/CVE-2014-3669.patch b/CVE-2014-3669.patch deleted file mode 100644 index 5266f37dbcd8..000000000000 --- a/CVE-2014-3669.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 9aa90145239bae82d2af0a99fdae4ab27eb5f4f2 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Sun, 28 Sep 2014 14:19:31 -0700 -Subject: [PATCH] Fixed bug #68044: Integer overflow in unserialize() (32-bits - only) - ---- - ext/standard/tests/serialize/bug68044.phpt | 12 ++++++++++++ - ext/standard/var_unserializer.c | 4 ++-- - ext/standard/var_unserializer.re | 2 +- - 3 files changed, 15 insertions(+), 3 deletions(-) - create mode 100644 ext/standard/tests/serialize/bug68044.phpt - -Index: php5-5.3.10/ext/standard/tests/serialize/bug68044.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/standard/tests/serialize/bug68044.phpt 2014-10-28 10:47:49.392858855 -0400 -@@ -0,0 +1,12 @@ -+--TEST-- -+Bug #68044 Integer overflow in unserialize() (32-bits only) -+--FILE-- -+<?php -+ echo unserialize('C:3:"XYZ":18446744075857035259:{}'); -+?> -+===DONE== -+--EXPECTF-- -+Warning: Insufficient data for unserializing - %d required, 1 present in %s/bug68044.php on line 2 -+ -+Notice: unserialize(): Error at offset 32 of 33 bytes in %s/bug68044.php on line 2 -+===DONE== -Index: php5-5.3.10/ext/standard/var_unserializer.c -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.c 2014-10-28 10:47:49.392858855 -0400 -+++ php5-5.3.10/ext/standard/var_unserializer.c 2014-10-28 10:47:49.392858855 -0400 -@@ -333,7 +333,7 @@ - - (*p) += 2; - -- if (datalen < 0 || (*p) + datalen >= max) { -+ if (datalen < 0 || (max - (*p)) <= datalen) { - zend_error(E_WARNING, "Insufficient data for unserializing - %ld required, %ld present", datalen, (long)(max - (*p))); - return 0; - } -Index: php5-5.3.10/ext/standard/var_unserializer.re -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.re 2014-10-28 10:47:49.392858855 -0400 -+++ php5-5.3.10/ext/standard/var_unserializer.re 2014-10-28 10:47:49.392858855 -0400 -@@ -339,7 +339,7 @@ - - (*p) += 2; - -- if (datalen < 0 || (*p) + datalen >= max) { -+ if (datalen < 0 || (max - (*p)) <= datalen) { - zend_error(E_WARNING, "Insufficient data for unserializing - %ld required, %ld present", datalen, (long)(max - (*p))); - return 0; - } diff --git a/CVE-2014-3670.patch b/CVE-2014-3670.patch deleted file mode 100644 index bdba3b0ddd12..000000000000 --- a/CVE-2014-3670.patch +++ /dev/null @@ -1,40 +0,0 @@ -From ddb207e7fa2e9adeba021a1303c3781efda5409b Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Sun, 28 Sep 2014 16:57:42 -0700 -Subject: [PATCH] Fix bug #68113 (Heap corruption in exif_thumbnail()) - ---- - create mode 100755 ext/exif/tests/bug68113.jpg - create mode 100644 ext/exif/tests/bug68113.phpt - -From ddb207e7fa2e9adeba021a1303c3781efda5409b Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Sun, 28 Sep 2014 16:57:42 -0700 -Subject: [PATCH] Fix bug #68113 (Heap corruption in exif_thumbnail()) - ---- - ext/exif/exif.c | 4 ++-- - ext/exif/tests/bug68113.jpg | Bin 0 -> 368 bytes - ext/exif/tests/bug68113.phpt | 17 +++++++++++++++++ - 3 files changed, 19 insertions(+), 2 deletions(-) - create mode 100755 ext/exif/tests/bug68113.jpg - create mode 100644 ext/exif/tests/bug68113.phpt - -Index: php5-5.3.10/ext/exif/exif.c -=================================================================== ---- php5-5.3.10.orig/ext/exif/exif.c 2014-10-28 10:48:06.317008432 -0400 -+++ php5-5.3.10/ext/exif/exif.c 2014-10-28 10:48:06.317008432 -0400 -@@ -2446,11 +2446,11 @@ - data_ptr += 8; - break; - case TAG_FMT_SINGLE: -- memmove(data_ptr, &info_data->value.f, byte_count); -+ memmove(data_ptr, &info_value->f, 4); - data_ptr += 4; - break; - case TAG_FMT_DOUBLE: -- memmove(data_ptr, &info_data->value.d, byte_count); -+ memmove(data_ptr, &info_value->d, 8); - data_ptr += 8; - break; - } diff --git a/CVE-2014-8142.patch b/CVE-2014-8142.patch deleted file mode 100644 index c4ebeb55b69c..000000000000 --- a/CVE-2014-8142.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 630f9c33c23639de85c3fd306b209b538b73b4c9 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Thu, 11 Dec 2014 19:28:32 -0800 -Subject: [PATCH] Fix bug #68594 - Use after free vulnerability in - unserialize() - ---- - NEWS | 2 + - ext/standard/tests/serialize/bug68594.phpt | 23 ++++++++++ - ext/standard/var_unserializer.c | 68 ++++++++++++++++-------------- - ext/standard/var_unserializer.re | 3 ++ - 4 files changed, 64 insertions(+), 32 deletions(-) - create mode 100644 ext/standard/tests/serialize/bug68594.phpt - -Index: php5-5.3.10/ext/standard/tests/serialize/bug68594.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/standard/tests/serialize/bug68594.phpt 2015-02-13 11:27:34.753347966 -0500 -@@ -0,0 +1,23 @@ -+--TEST-- -+Bug #68545 Use after free vulnerability in unserialize() -+--FILE-- -+<?php -+for ($i=4; $i<100; $i++) { -+ $m = new StdClass(); -+ -+ $u = array(1); -+ -+ $m->aaa = array(1,2,&$u,4,5); -+ $m->bbb = 1; -+ $m->ccc = &$u; -+ $m->ddd = str_repeat("A", $i); -+ -+ $z = serialize($m); -+ $z = str_replace("bbb", "aaa", $z); -+ $y = unserialize($z); -+ $z = serialize($y); -+} -+?> -+===DONE=== -+--EXPECTF-- -+===DONE=== -Index: php5-5.3.10/ext/standard/var_unserializer.c -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.c 2015-02-13 11:27:34.793348294 -0500 -+++ php5-5.3.10/ext/standard/var_unserializer.c 2015-02-13 11:27:34.753347966 -0500 -@@ -298,6 +298,9 @@ - } else { - /* object properties should include no integers */ - convert_to_string(key); -+ if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { -+ var_push_dtor(var_hash, old_data); -+ } - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, - sizeof data, NULL); - } -Index: php5-5.3.10/ext/standard/var_unserializer.re -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.re 2015-02-13 11:27:34.793348294 -0500 -+++ php5-5.3.10/ext/standard/var_unserializer.re 2015-02-13 11:27:34.753347966 -0500 -@@ -304,6 +304,9 @@ - } else { - /* object properties should include no integers */ - convert_to_string(key); -+ if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { -+ var_push_dtor(var_hash, old_data); -+ } - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, - sizeof data, NULL); - } diff --git a/CVE-2014-9705.patch b/CVE-2014-9705.patch deleted file mode 100644 index 12f834b8c2da..000000000000 --- a/CVE-2014-9705.patch +++ /dev/null @@ -1,46 +0,0 @@ -From bdfe457a2c1b47209e32783b3a6447e81baf179a Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Mon, 16 Feb 2015 06:50:10 +0100 -Subject: [PATCH] Port for for bug #68552 - ---- - NEWS | 6 ++++++ - ext/enchant/enchant.c | 7 +++---- - 2 files changed, 9 insertions(+), 4 deletions(-) - -Index: php5-5.3.10/ext/enchant/enchant.c -=================================================================== ---- php5-5.3.10.orig/ext/enchant/enchant.c 2015-03-16 13:42:36.063819735 -0400 -+++ php5-5.3.10/ext/enchant/enchant.c 2015-03-16 13:42:36.059819705 -0400 -@@ -545,13 +545,12 @@ - - d = enchant_broker_request_dict(pbroker->pbroker, (const char *)tag); - if (d) { -+ pos = pbroker->dictcnt++; - if (pbroker->dictcnt) { - pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt); -- pos = pbroker->dictcnt++; - } else { - pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *)); - pos = 0; -- pbroker->dictcnt++; - } - - dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict)); -@@ -606,14 +605,14 @@ - - d = enchant_broker_request_pwl_dict(pbroker->pbroker, (const char *)pwl); - if (d) { -+ pos = pbroker->dictcnt++; - if (pbroker->dictcnt) { -- pos = pbroker->dictcnt++; - pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt); - } else { - pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *)); - pos = 0; -- pbroker->dictcnt++; - } -+ - dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict)); - dict->id = pos; - dict->pbroker = pbroker; diff --git a/CVE-2015-0231.patch b/CVE-2015-0231.patch deleted file mode 100644 index 99b15d19e3ec..000000000000 --- a/CVE-2015-0231.patch +++ /dev/null @@ -1,70 +0,0 @@ -From b585a3aed7880a5fa5c18e2b838fc96f40e075bd Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Thu, 1 Jan 2015 16:19:05 -0800 -Subject: [PATCH] Fix for bug #68710 (Use After Free Vulnerability in PHP's - unserialize()) - ---- - NEWS | 4 ++++ - ext/standard/tests/strings/bug68710.phpt | 25 +++++++++++++++++++++++++ - ext/standard/var_unserializer.c | 4 ++-- - ext/standard/var_unserializer.re | 2 +- - 4 files changed, 32 insertions(+), 3 deletions(-) - create mode 100644 ext/standard/tests/strings/bug68710.phpt - -Index: php5-5.3.10/ext/standard/tests/strings/bug68710.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/standard/tests/strings/bug68710.phpt 2015-02-13 11:36:32.969760122 -0500 -@@ -0,0 +1,25 @@ -+--TEST-- -+Bug #68710 Use after free vulnerability in unserialize() (bypassing the -+CVE-2014-8142 fix) -+--FILE-- -+<?php -+for ($i=4; $i<100; $i++) { -+ $m = new StdClass(); -+ -+ $u = array(1); -+ -+ $m->aaa = array(1,2,&$u,4,5); -+ $m->bbb = 1; -+ $m->ccc = &$u; -+ $m->ddd = str_repeat("A", $i); -+ -+ $z = serialize($m); -+ $z = str_replace("aaa", "123", $z); -+ $z = str_replace("bbb", "123", $z); -+ $y = unserialize($z); -+ $z = serialize($y); -+} -+?> -+===DONE=== -+--EXPECTF-- -+===DONE=== -Index: php5-5.3.10/ext/standard/var_unserializer.c -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.c 2015-02-13 11:36:33.009760449 -0500 -+++ php5-5.3.10/ext/standard/var_unserializer.c 2015-02-13 11:36:32.969760122 -0500 -@@ -298,7 +298,7 @@ - } else { - /* object properties should include no integers */ - convert_to_string(key); -- if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { -+ if (zend_hash_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { - var_push_dtor(var_hash, old_data); - } - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, -Index: php5-5.3.10/ext/standard/var_unserializer.re -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.re 2015-02-13 11:36:33.009760449 -0500 -+++ php5-5.3.10/ext/standard/var_unserializer.re 2015-02-13 11:36:32.969760122 -0500 -@@ -304,7 +304,7 @@ - } else { - /* object properties should include no integers */ - convert_to_string(key); -- if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { -+ if (zend_hash_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { - var_push_dtor(var_hash, old_data); - } - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, diff --git a/CVE-2015-0273.patch b/CVE-2015-0273.patch deleted file mode 100644 index cd4768be2c53..000000000000 --- a/CVE-2015-0273.patch +++ /dev/null @@ -1,182 +0,0 @@ -Backport of: - -From 7b1898183032eeabc64a086ff040af991cebcd93 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Sat, 31 Jan 2015 22:40:08 -0800 -Subject: [PATCH] Fix bug #68942 (Use after free vulnerability in unserialize() - with DateTimeZone) - -and: - -From 8d199c7c4f93ebe5b9293096143d7007a6ad13a4 Mon Sep 17 00:00:00 2001 -From: Anatol Belski <ab@php.net> -Date: Tue, 19 Mar 2013 21:19:55 +0100 -Subject: [PATCH] Backported fix for bug #62852 - -Index: php5-5.3.10/ext/date/php_date.c -=================================================================== ---- php5-5.3.10.orig/ext/date/php_date.c 2015-03-16 16:51:20.694390712 -0400 -+++ php5-5.3.10/ext/date/php_date.c 2015-03-16 16:53:43.635562605 -0400 -@@ -2539,26 +2539,23 @@ - timelib_tzinfo *tzi; - php_timezone_obj *tzobj; - -- if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS) { -- convert_to_string(*z_date); -- if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS) { -- convert_to_long(*z_timezone_type); -- if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS) { -- convert_to_string(*z_timezone); -+ if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS && Z_TYPE_PP(z_date) == IS_STRING) { -+ if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS && Z_TYPE_PP(z_timezone_type) == IS_LONG) { -+ if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS && Z_TYPE_PP(z_timezone) == IS_STRING) { - - switch (Z_LVAL_PP(z_timezone_type)) { - case TIMELIB_ZONETYPE_OFFSET: - case TIMELIB_ZONETYPE_ABBR: { - char *tmp = emalloc(Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 2); -+ int ret; - snprintf(tmp, Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 2, "%s %s", Z_STRVAL_PP(z_date), Z_STRVAL_PP(z_timezone)); -- php_date_initialize(*dateobj, tmp, Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 1, NULL, NULL, 0 TSRMLS_CC); -+ ret = php_date_initialize(*dateobj, tmp, Z_STRLEN_PP(z_date) + Z_STRLEN_PP(z_timezone) + 1, NULL, NULL, 0 TSRMLS_CC); - efree(tmp); -- return 1; -+ return 1 == ret; - } - -- case TIMELIB_ZONETYPE_ID: -- convert_to_string(*z_timezone); -- -+ case TIMELIB_ZONETYPE_ID: { -+ int ret; - tzi = php_date_parse_tzfile(Z_STRVAL_PP(z_timezone), DATE_TIMEZONEDB TSRMLS_CC); - - ALLOC_INIT_ZVAL(tmp_obj); -@@ -2567,9 +2564,10 @@ - tzobj->tzi.tz = tzi; - tzobj->initialized = 1; - -- php_date_initialize(*dateobj, Z_STRVAL_PP(z_date), Z_STRLEN_PP(z_date), NULL, tmp_obj, 0 TSRMLS_CC); -+ ret = php_date_initialize(*dateobj, Z_STRVAL_PP(z_date), Z_STRLEN_PP(z_date), NULL, tmp_obj, 0 TSRMLS_CC); - zval_ptr_dtor(&tmp_obj); -- return 1; -+ return 1 == ret; -+ } - } - } - } -@@ -2593,7 +2591,9 @@ - - php_date_instantiate(date_ce_date, return_value TSRMLS_CC); - dateobj = (php_date_obj *) zend_object_store_get_object(return_value TSRMLS_CC); -- php_date_initialize_from_hash(&return_value, &dateobj, myht TSRMLS_CC); -+ if (!php_date_initialize_from_hash(&return_value, &dateobj, myht TSRMLS_CC)) { -+ php_error(E_ERROR, "Invalid serialization data for DateTime object"); -+ } - } - /* }}} */ - -@@ -2609,7 +2609,9 @@ - - myht = Z_OBJPROP_P(object); - -- php_date_initialize_from_hash(&return_value, &dateobj, myht TSRMLS_CC); -+ if (!php_date_initialize_from_hash(&return_value, &dateobj, myht TSRMLS_CC)) { -+ php_error(E_ERROR, "Invalid serialization data for DateTime object"); -+ } - } - /* }}} */ - -Index: php5-5.3.10/ext/date/tests/bug68942_2.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/date/tests/bug68942_2.phpt 2015-03-16 16:51:20.690390678 -0400 -@@ -0,0 +1,9 @@ -+--TEST-- -+Bug #68942 (Use after free vulnerability in unserialize() with DateTime). -+--FILE-- -+<?php -+$data = unserialize('a:2:{i:0;O:8:"DateTime":3:{s:4:"date";s:26:"2000-01-01 00:00:00.000000";s:13:"timezone_type";a:2:{i:0;i:1;i:1;i:2;}s:8:"timezone";s:1:"A";}i:1;R:5;}'); -+var_dump($data); -+?> -+--EXPECTF-- -+Fatal error: Invalid serialization data for DateTime object in %s/bug68942_2.php on line %d -Index: php5-5.3.10/ext/date/tests/bug62852.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/date/tests/bug62852.phpt 2015-03-16 16:55:12.372289384 -0400 -@@ -0,0 +1,14 @@ -+--TEST-- -+Bug #62852 (Unserialize invalid DateTime causes crash), variation 1 -+--INI-- -+date.timezone=GMT -+--FILE-- -+<?php -+$s1 = 'O:8:"DateTime":3:{s:4:"date";s:20:"10007-06-07 03:51:49";s:13:"timezone_type";i:3;s:8:"timezone";s:3:"UTC";}'; -+ -+try { -+ unserialize( $s1 ); -+} catch ( Exception $e ) {} -+ -+--EXPECTF-- -+Fatal error: Invalid serialization data for DateTime object in %sbug62852.php on line %d -Index: php5-5.3.10/ext/date/tests/bug62852_var2.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/date/tests/bug62852_var2.phpt 2015-03-16 16:52:15.814842786 -0400 -@@ -0,0 +1,25 @@ -+--TEST-- -+Bug #62852 (Unserialize invalid DateTime causes crash), variation 2 -+--INI-- -+date.timezone=GMT -+--FILE-- -+<?php -+$s2 = 'O:3:"Foo":3:{s:4:"date";s:20:"10007-06-07 03:51:49";s:13:"timezone_type";i:3;s:8:"timezone";s:3:"UTC";}'; -+ -+global $foo; -+ -+class Foo extends DateTime { -+ function __wakeup() { -+ global $foo; -+ $foo = $this; -+ parent::__wakeup(); -+ } -+} -+ -+try { -+ unserialize( $s2 ); -+} catch ( Exception $e ) {} -+var_dump( $foo ); -+ -+--EXPECTF-- -+Fatal error: Invalid serialization data for DateTime object in %sbug62852_var2.php on line %d -Index: php5-5.3.10/ext/date/tests/bug62852_var3.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/date/tests/bug62852_var3.phpt 2015-03-16 16:52:15.814842786 -0400 -@@ -0,0 +1,25 @@ -+--TEST-- -+Bug #62852 (Unserialize invalid DateTime causes crash), variation 3 -+--INI-- -+date.timezone=GMT -+--FILE-- -+<?php -+$s2 = 'O:3:"Foo":3:{s:4:"date";s:19:"0000-00-00 00:00:00";s:13:"timezone_type";i:0;s:8:"timezone";s:3:"UTC";}'; -+ -+global $foo; -+ -+class Foo extends DateTime { -+ function __wakeup() { -+ global $foo; -+ $foo = $this; -+ parent::__wakeup(); -+ } -+} -+ -+try { -+ unserialize( $s2 ); -+} catch ( Exception $e ) {} -+var_dump( $foo ); -+ -+--EXPECTF-- -+Fatal error: Invalid serialization data for DateTime object in %sbug62852_var3.php on line %d diff --git a/CVE-2015-2301.patch b/CVE-2015-2301.patch deleted file mode 100644 index bdeceaa67b24..000000000000 --- a/CVE-2015-2301.patch +++ /dev/null @@ -1,24 +0,0 @@ -From b2cf3f064b8f5efef89bb084521b61318c71781b Mon Sep 17 00:00:00 2001 -From: Xinchen Hui <laruence@php.net> -Date: Thu, 29 Jan 2015 00:00:09 +0800 -Subject: [PATCH] Fixed bug #68901 (use after free) - ---- - NEWS | 3 +++ - ext/phar/phar_object.c | 2 +- - 2 files changed, 4 insertions(+), 1 deletion(-) - -Index: php5-5.3.10/ext/phar/phar_object.c -=================================================================== ---- php5-5.3.10.orig/ext/phar/phar_object.c 2015-03-16 13:56:47.878348393 -0400 -+++ php5-5.3.10/ext/phar/phar_object.c 2015-03-16 13:56:47.826347993 -0400 -@@ -2320,8 +2320,8 @@ - } - its_ok: - if (SUCCESS == php_stream_stat_path(newpath, &ssb)) { -- efree(oldpath); - zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "phar \"%s\" exists and must be unlinked prior to conversion", newpath); -+ efree(oldpath); - return NULL; - } - if (!phar->is_data) { diff --git a/CVE-2015-2305.patch b/CVE-2015-2305.patch deleted file mode 100644 index e3309f408271..000000000000 --- a/CVE-2015-2305.patch +++ /dev/null @@ -1,35 +0,0 @@ -From fb04dcf6dbb48aecd8d2dc986806cb58c8ae5282 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Tue, 17 Mar 2015 17:04:57 -0700 -Subject: [PATCH] Fix bug #69248 - heap overflow vulnerability in regcomp.c - -Merged from https://github.com/garyhouston/regex/commit/70bc2965604b6b8aaf260049e64c708dddf85334 ---- - NEWS | 3 +++ - ext/ereg/regex/regcomp.c | 10 +++++++++- - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/ext/ereg/regex/regcomp.c b/ext/ereg/regex/regcomp.c -index 156eee9..f4bfc1c 100644 ---- a/ext/ereg/regex/regcomp.c -+++ b/ext/ereg/regex/regcomp.c -@@ -117,7 +117,15 @@ int cflags; - (NC-1)*sizeof(cat_t)); - if (g == NULL) - return(REG_ESPACE); -- p->ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */ -+ { -+ /* Patched for CERT Vulnerability Note VU#695940, Feb 2015. */ -+ size_t new_ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */ -+ if (new_ssize < len || new_ssize > LONG_MAX / sizeof(sop)) { -+ free((char *) g); -+ return REG_INVARG; -+ } -+ p->ssize = new_ssize; -+ } - p->strip = (sop *)malloc(p->ssize * sizeof(sop)); - p->slen = 0; - if (p->strip == NULL) { --- -2.1.4 - diff --git a/CVE-2015-2783.patch b/CVE-2015-2783.patch deleted file mode 100644 index 29ad5f707876..000000000000 --- a/CVE-2015-2783.patch +++ /dev/null @@ -1,180 +0,0 @@ -Description: fix buffer overflow in unserialize when parsing Phar -Origin: upstream, http://git.php.net/?p=php-src.git;a=commit;h=9faaee66fa493372c7340b1ab05f8fd115131a42 -Origin: upstream, http://git.php.net/?p=php-src.git;a=commit;h=12d3bdee3dfa6605024a72080d8a17c165c5ed24 -Bug: https://bugs.php.net/bug.php?id=69324 - -Index: php5-5.3.10/ext/phar/phar.c -=================================================================== ---- php5-5.3.10.orig/ext/phar/phar.c 2015-04-17 06:24:19.250127940 -0400 -+++ php5-5.3.10/ext/phar/phar.c 2015-04-17 06:24:19.246127904 -0400 -@@ -600,52 +600,41 @@ - * - * Meta-data is in this format: - * [len32][data...] -- * -+ * - * data is the serialized zval - */ --int phar_parse_metadata(char **buffer, zval **metadata, int zip_metadata_len TSRMLS_DC) /* {{{ */ -+int phar_parse_metadata(char **buffer, zval **metadata, php_uint32 zip_metadata_len TSRMLS_DC) /* {{{ */ - { -- const unsigned char *p; -- php_uint32 buf_len; - php_unserialize_data_t var_hash; - -- if (!zip_metadata_len) { -- PHAR_GET_32(*buffer, buf_len); -- } else { -- buf_len = zip_metadata_len; -- } -- -- if (buf_len) { -+ if (zip_metadata_len) { -+ const unsigned char *p, *p_buff = estrndup(*buffer, zip_metadata_len); -+ p = p_buff; - ALLOC_ZVAL(*metadata); - INIT_ZVAL(**metadata); -- p = (const unsigned char*) *buffer; - PHP_VAR_UNSERIALIZE_INIT(var_hash); - -- if (!php_var_unserialize(metadata, &p, p + buf_len, &var_hash TSRMLS_CC)) { -+ if (!php_var_unserialize(metadata, &p, p + zip_metadata_len, &var_hash TSRMLS_CC)) { -+ efree(p_buff); - PHP_VAR_UNSERIALIZE_DESTROY(var_hash); - zval_ptr_dtor(metadata); - *metadata = NULL; - return FAILURE; - } -- -+ efree(p_buff); - PHP_VAR_UNSERIALIZE_DESTROY(var_hash); - - if (PHAR_G(persist)) { - /* lazy init metadata */ - zval_ptr_dtor(metadata); -- *metadata = (zval *) pemalloc(buf_len, 1); -- memcpy(*metadata, *buffer, buf_len); -- *buffer += buf_len; -+ *metadata = (zval *) pemalloc(zip_metadata_len, 1); -+ memcpy(*metadata, *buffer, zip_metadata_len); - return SUCCESS; - } - } else { - *metadata = NULL; - } - -- if (!zip_metadata_len) { -- *buffer += buf_len; -- } -- - return SUCCESS; - } - /* }}}*/ -@@ -655,7 +644,7 @@ - * - * Parse a new one and add it to the cache, returning either SUCCESS or - * FAILURE, and setting pphar to the pointer to the manifest entry -- * -+ * - * This is used by phar_open_from_filename to process the manifest, but can be called - * directly. - */ -@@ -666,6 +655,7 @@ - phar_entry_info entry; - php_uint32 manifest_len, manifest_count, manifest_flags, manifest_index, tmp_len, sig_flags; - php_uint16 manifest_ver; -+ php_uint32 len; - long offset; - int sig_len, register_alias = 0, temp_alias = 0; - char *signature = NULL; -@@ -1031,16 +1021,21 @@ - mydata->is_persistent = PHAR_G(persist); - - /* check whether we have meta data, zero check works regardless of byte order */ -+ PHAR_GET_32(buffer, len); - if (mydata->is_persistent) { -- PHAR_GET_32(buffer, mydata->metadata_len); -- if (phar_parse_metadata(&buffer, &mydata->metadata, mydata->metadata_len TSRMLS_CC) == FAILURE) { -- MAPPHAR_FAIL("unable to read phar metadata in .phar file \"%s\""); -- } -- } else { -- if (phar_parse_metadata(&buffer, &mydata->metadata, 0 TSRMLS_CC) == FAILURE) { -- MAPPHAR_FAIL("unable to read phar metadata in .phar file \"%s\""); -+ mydata->metadata_len = len; -+ if(!len) { -+ /* FIXME: not sure why this is needed but removing it breaks tests */ -+ PHAR_GET_32(buffer, len); - } - } -+ if(len > endbuffer - buffer) { -+ MAPPHAR_FAIL("internal corruption of phar \"%s\" (trying to read past buffer end)"); -+ } -+ if (phar_parse_metadata(&buffer, &mydata->metadata, len TSRMLS_CC) == FAILURE) { -+ MAPPHAR_FAIL("unable to read phar metadata in .phar file \"%s\""); -+ } -+ buffer += len; - - /* set up our manifest */ - zend_hash_init(&mydata->manifest, manifest_count, -@@ -1075,7 +1070,7 @@ - entry.manifest_pos = manifest_index; - } - -- if (buffer + entry.filename_len + 20 > endbuffer) { -+ if (entry.filename_len + 20 > endbuffer - buffer) { - MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest entry)"); - } - -@@ -1111,19 +1106,20 @@ - entry.flags |= PHAR_ENT_PERM_DEF_DIR; - } - -+ PHAR_GET_32(buffer, len); - if (entry.is_persistent) { -- PHAR_GET_32(buffer, entry.metadata_len); -- if (!entry.metadata_len) buffer -= 4; -- if (phar_parse_metadata(&buffer, &entry.metadata, entry.metadata_len TSRMLS_CC) == FAILURE) { -- pefree(entry.filename, entry.is_persistent); -- MAPPHAR_FAIL("unable to read file metadata in .phar file \"%s\""); -- } -+ entry.metadata_len = len; - } else { -- if (phar_parse_metadata(&buffer, &entry.metadata, 0 TSRMLS_CC) == FAILURE) { -- pefree(entry.filename, entry.is_persistent); -- MAPPHAR_FAIL("unable to read file metadata in .phar file \"%s\""); -- } -+ entry.metadata_len = 0; - } -+ if (len > endbuffer - buffer) { -+ MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest entry)"); -+ } -+ if (phar_parse_metadata(&buffer, &entry.metadata, len TSRMLS_CC) == FAILURE) { -+ pefree(entry.filename, entry.is_persistent); -+ MAPPHAR_FAIL("unable to read file metadata in .phar file \"%s\""); -+ } -+ buffer += len; - - entry.offset = entry.offset_abs = offset; - offset += entry.compressed_filesize; -@@ -2243,7 +2239,7 @@ - - /** - * Process a phar stream name, ensuring we can handle any of: -- * -+ * - * - whatever.phar - * - whatever.phar.gz - * - whatever.phar.bz2 -Index: php5-5.3.10/ext/phar/phar_internal.h -=================================================================== ---- php5-5.3.10.orig/ext/phar/phar_internal.h 2015-04-17 06:24:19.250127940 -0400 -+++ php5-5.3.10/ext/phar/phar_internal.h 2015-04-17 06:24:19.250127940 -0400 -@@ -654,7 +654,7 @@ - char *phar_find_in_include_path(char *file, int file_len, phar_archive_data **pphar TSRMLS_DC); - char *phar_fix_filepath(char *path, int *new_len, int use_cwd TSRMLS_DC); - phar_entry_info * phar_open_jit(phar_archive_data *phar, phar_entry_info *entry, char **error TSRMLS_DC); --int phar_parse_metadata(char **buffer, zval **metadata, int zip_metadata_len TSRMLS_DC); -+int phar_parse_metadata(char **buffer, zval **metadata, php_uint32 zip_metadata_len TSRMLS_DC); - void destroy_phar_manifest_entry(void *pDest); - int phar_seek_efp(phar_entry_info *entry, off_t offset, int whence, off_t position, int follow_links TSRMLS_DC); - php_stream *phar_get_efp(phar_entry_info *entry, int follow_links TSRMLS_DC); diff --git a/CVE-2015-2787.patch b/CVE-2015-2787.patch deleted file mode 100644 index 141c56a879b1..000000000000 --- a/CVE-2015-2787.patch +++ /dev/null @@ -1,29 +0,0 @@ -Description: fix arbitrary code exection via process_nested_data use-after-free -Origin: backport, https://github.com/php/php-src/commit/780222f97f47644a6a118ada86a269a96a1e8134 -Origin: backport, https://github.com/php/php-src/commit/d76b293ac71aa5bd4e9a433192afef6e0dd5a4ee -Bug: https://bugs.php.net/bug.php?id=68976 - -Index: php5-5.3.10/ext/standard/var_unserializer.c -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.c 2015-04-17 06:24:38.154295164 -0400 -+++ php5-5.3.10/ext/standard/var_unserializer.c 2015-04-17 06:24:38.154295164 -0400 -@@ -304,6 +304,7 @@ - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, - sizeof data, NULL); - } -+ var_push_dtor(var_hash, &data); - - zval_dtor(key); - FREE_ZVAL(key); -Index: php5-5.3.10/ext/standard/var_unserializer.re -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.re 2015-04-17 06:24:38.154295164 -0400 -+++ php5-5.3.10/ext/standard/var_unserializer.re 2015-04-17 06:24:38.154295164 -0400 -@@ -310,6 +310,7 @@ - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, - sizeof data, NULL); - } -+ var_push_dtor(var_hash, &data); - - zval_dtor(key); - FREE_ZVAL(key); diff --git a/CVE-2015-3329.patch b/CVE-2015-3329.patch deleted file mode 100644 index b1660fc2b11f..000000000000 --- a/CVE-2015-3329.patch +++ /dev/null @@ -1,35 +0,0 @@ -From f59b67ae50064560d7bfcdb0d6a8ab284179053c Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Tue, 14 Apr 2015 00:03:50 -0700 -Subject: [PATCH] Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in - phar_set_inode) - ---- - ext/phar/phar_internal.h | 9 ++++++--- - ext/phar/tests/bug69441.phar | Bin 0 -> 5780 bytes - ext/phar/tests/bug69441.phpt | 21 +++++++++++++++++++++ - 3 files changed, 27 insertions(+), 3 deletions(-) - create mode 100644 ext/phar/tests/bug69441.phar - create mode 100644 ext/phar/tests/bug69441.phpt - -Index: php5-5.3.10/ext/phar/phar_internal.h -=================================================================== ---- php5-5.3.10.orig/ext/phar/phar_internal.h 2015-04-17 06:25:17.074639244 -0400 -+++ php5-5.3.10/ext/phar/phar_internal.h 2015-04-17 06:25:17.070639210 -0400 -@@ -618,10 +618,13 @@ - { - char tmp[MAXPATHLEN]; - int tmp_len; -+ size_t len; - -- tmp_len = entry->filename_len + entry->phar->fname_len; -- memcpy(tmp, entry->phar->fname, entry->phar->fname_len); -- memcpy(tmp + entry->phar->fname_len, entry->filename, entry->filename_len); -+ tmp_len = MIN(MAXPATHLEN, entry->filename_len + entry->phar->fname_len); -+ len = MIN(entry->phar->fname_len, tmp_len); -+ memcpy(tmp, entry->phar->fname, len); -+ len = MIN(tmp_len - len, entry->filename_len); -+ memcpy(tmp + entry->phar->fname_len, entry->filename, len); - entry->inode = (unsigned short)zend_get_hash_value(tmp, tmp_len); - } - /* }}} */ diff --git a/CVE-2015-3330.patch b/CVE-2015-3330.patch deleted file mode 100644 index 8ca82f13c410..000000000000 --- a/CVE-2015-3330.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 809610f5ea38a83b284e1125d1fff129bdd615e7 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Sat, 4 Apr 2015 15:03:46 -0700 -Subject: [PATCH] Fix bug #68486 and bug #69218 (segfault in apache2handler - with apache 2.4) - ---- - sapi/apache2handler/sapi_apache2.c | 1 + - 1 file changed, 1 insertion(+) - -Index: php5-5.3.10/sapi/apache2handler/sapi_apache2.c -=================================================================== ---- php5-5.3.10.orig/sapi/apache2handler/sapi_apache2.c 2015-04-17 06:25:08.218560975 -0400 -+++ php5-5.3.10/sapi/apache2handler/sapi_apache2.c 2015-04-17 06:25:08.214560939 -0400 -@@ -708,6 +708,7 @@ - } zend_end_try(); - } - apr_brigade_cleanup(brigade); -+ apr_pool_cleanup_run(r->pool, (void *)&SG(server_context), php_server_context_cleanup); - } else { - ctx->r = parent_req; - } @@ -1,514 +1,1563 @@ -# $Id$ -# Maintainer: Volkan Gümüs <hallo@f1-computer.de> -# Contributor: Felix Yan <felixonmars@archlinux.org> -# Contributor: Pierre Schmitz <pierre@archlinux.de> - -pkgbase=php53 -_pkgbase=${pkgbase%53} -pkgname=("${pkgbase}" - "${pkgbase}-cgi" - "${pkgbase}-apache" - "${pkgbase}-fpm" - "${pkgbase}-embed" - "${pkgbase}-dblib" - "${pkgbase}-pear" - "${pkgbase}-enchant" - "${pkgbase}-gd" - "${pkgbase}-imap" - "${pkgbase}-intl" - "${pkgbase}-ldap" - "${pkgbase}-mcrypt" - "${pkgbase}-mssql" - "${pkgbase}-odbc" - "${pkgbase}-pgsql" - "${pkgbase}-pspell" - "${pkgbase}-snmp" - "${pkgbase}-sqlite" - "${pkgbase}-tidy" - "${pkgbase}-xsl") -pkgver=5.3.29 -_suhosinver=5.3.9-0.9.10 -pkgrel=9 -pkgdesc="A general-purpose scripting language that is especially suited to web development" -arch=('i686' 'x86_64') +############################################################################### +# Generated by arch-phpbs: https://github.com/lamskoy/arch-phpbs +# +# Maintaining/co-maintaining on AUR: php81 php80 php74 php73 php72 php71 php70 php55 php54 php53 +# +# Thanks to: +# +# AUR php80 Co-maintainer: Timo Sarawinski +# AUR php70 and php71 Co-maintainer: William Gathoye <william@gathoye.be> +# AUR php74 Co-maintainer: Tomasz Gruszka <tompear79@gmail.com> +# AUR php73 Co-maintainer: Matt Harrison <matt@harrison.us.com> +# AUR php73 Contirubutor: Pierre Schmitz <pierre@archlinux.de> +# AUR php55 Original maintainer: Raphaël Doursenaud <rdoursenaud@gmail.com> +# AUR php53 Original maintainer: Felix Yan <felixonmars@archlinux.org> +############################################################################### +_phpbase="53" +_suffix="" +pkgver="5.3.29" +pkgrel="18" +pkgbase="php53" +pkgdesc="PHP 5.3.29 compiled as to not conflict with mainline php" +_cppflags=" -DU_USING_ICU_NAMESPACE=1 -DOPENSSL_NO_SSL3=1 -DOPENSSL_NO_SSL2=1 -DU_DEFINE_FALSE_AND_TRUE=1 " +_build_apache_cfg="etc/httpd/conf/extra" +_build_bundled_gd="1" +_build_conf_d="etc/php53/conf.d" +_build_forced_openssl_11="0" +_build_fpm_name="php-fpm53" +_build_fpm_service_name="php53-fpm" +_build_icu_src_dir="icu/source" +_build_ini_per_sapi="0" +_build_mysql_socket="/run/mysqld/mysqld.sock" +_build_openssl_v10_patch="1" +_build_openssl_v11_patch="0" +_build_per_sapi="1" +_build_phpdbg="0" +_build_sapi_ini_apache="etc/php53" +_build_sapi_ini_cgi="etc/php53" +_build_sapi_ini_cli="etc/php53" +_build_sapi_ini_embed="etc/php53" +_build_sapi_ini_fpm="etc/php53" +_build_sapi_ini_litespeed="etc/php53" +_build_sapi_ini_phpdbg="etc/php53" +_build_sapi_litespeed="--with-litespeed" +_build_shared_gd="1" +_build_shared_json="1" +_build_shared_libedit="0" +_build_shared_mysqlnd="1" +_build_shared_openssl="0" +_build_shared_pdo="0" +_build_system_timezonedb="0" +_build_update_sqlite="0" +_build_uses_argon="0" +_build_uses_lmdb="0" +_build_with_custom_icu="1" +_pkgver_icu="64-1" +_priority_default="20" +_priority_dom="16" +_priority_json="15" +_priority_mysqlnd="10" +_priority_opcache="10" +_priority_openssl="05" +_priority_pdo="10" +_priority_xml="15" +_suffix="" +_suffix_so="5" +pkgname=( + "php53" + "php53-cli" + "php53-cgi" + "php53-fpm" + "php53-embed" + "php53-apache" + "php53-litespeed" + "php53-pear" + "php53-pecl" + "php53-xml" + "php53-xsl" + "php53-xmlreader" + "php53-xmlwriter" + "php53-wddx" + "php53-dom" + "php53-simplexml" + "php53-mysql" + "php53-phar" + "php53-pcntl" + "php53-posix" + "php53-shmop" + "php53-sockets" + "php53-sysvmsg" + "php53-sysvsem" + "php53-sysvshm" + "php53-tokenizer" + "php53-dba" + "php53-pgsql" + "php53-odbc" + "php53-firebird" + "php53-interbase" + "php53-dblib" + "php53-sqlite" + "php53-mssql" + "php53-gd" + "php53-exif" + "php53-tidy" + "php53-iconv" + "php53-xmlrpc" + "php53-bcmath" + "php53-gmp" + "php53-zip" + "php53-bz2" + "php53-json" + "php53-fileinfo" + "php53-ctype" + "php53-recode" + "php53-mbstring" + "php53-pspell" + "php53-enchant" + "php53-intl" + "php53-calendar" + "php53-gettext" + "php53-soap" + "php53-ftp" + "php53-curl" + "php53-snmp" + "php53-ldap" + "php53-imap" + "php53-mcrypt" +) +source=( + "make-tests.patch" + "pear-config-patcher.php" + "php-makefile-patcher.php" + "php-apache.conf" + "https://php.net/distributions/php-${pkgver}.tar.bz2" + "https://github.com/unicode-org/icu/releases/download/release-${_pkgver_icu}/icu4c-${_pkgver_icu/-/_}-src.tgz" + "php53-phar-names.patch" + "openssl-1.0.patch" + "openssl-sslv3.patch" + "openssl-sslv3-consts.patch" + "dba-5.3-support.patch" + "cve-php5.3.patch" + "mpm-apache.patch" + "fpm-numeric-uid-gid.patch" + "fpm-reload-sighup.patch" + "mysql-socket-php5.3.patch" + "php-enchant-php5.3.patch" + "php-enchant-depr.patch" + "recode-php5.3.patch" + "php-mysqlnd-charsets.patch" + "php-mysqlnd.patch" + "php-tests.patch" + "debian-php-5.3.29.patch" + "php-phpinfo.patch" +) +depends=( +) +makedepends=( + "acl" + "libtool" + "autoconf" + "automake" + "patchelf" + "gawk" + "sed" + "bash" + "python" + "libxml2" + "pam" + "krb5" + "zlib" + "libedit" + "smtp-forwarder" + "pcre" + "apache" + "ncurses" + "libxcrypt" + "systemd" + "systemd-libs" + "coreutils" + "findutils" + "autoconf2.13" + "libxslt" + "e2fsprogs" + "openssl-1.0" + "db5.3" + "postgresql-libs" + "unixodbc" + "libfbclient" + "libfbclient" + "freetds" + "sqlite" + "gd" + "tidy" + "gmp" + "libzip" + "recode" + "aspell" + "enchant" + "libvoikko" + "hspell" + "hunspell" + "nuspell" + "aspell" + "curl" + "net-snmp" + "libsasl" + "libldap" + "c-client" + "pam" + "libmcrypt" +) +arch=( +) +_patches=( + "php53-phar-names.patch" + "openssl-1.0.patch" + "openssl-sslv3.patch" + "openssl-sslv3-consts.patch" + "dba-5.3-support.patch" + "cve-php5.3.patch" + "mpm-apache.patch" + "fpm-numeric-uid-gid.patch" + "fpm-reload-sighup.patch" + "mysql-socket-php5.3.patch" + "php-enchant-php5.3.patch" + "php-enchant-depr.patch" + "recode-php5.3.patch" + "php-mysqlnd-charsets.patch" + "php-mysqlnd.patch" + "php-tests.patch" + "debian-php-5.3.29.patch" + "php-phpinfo.patch" +) +_sapi_depends=( + "libxml2" + "pcre2" + "libedit" +) +_ext_depends_snmp=( + "php53=5.3.29" + "net-snmp" + "openssl-1.0" +) +_ext_depends_ftp=( + "php53=5.3.29" + "openssl-1.0" +) +_ext_depends_intl=( + "php53=5.3.29" +) +_ext_depends_imap=( + "php53=5.3.29" + "pam" + "krb5" + "c-client" + "libxcrypt" + "openssl-1.0" +) +_ext_depends_gd=( + "php53=5.3.29" + "gd" + "libxpm" + "libpng" + "libjpeg" +) +_ext_depends_mysql=( + "php53=5.3.29" +) +_ext_depends_dba=( + "php53=5.3.29" + "db5.3" +) +_ext_depends_odbc=( + "php53=5.3.29" + "unixodbc" +) +_ext_depends_pgsql=( + "php53=5.3.29" + "postgresql-libs" +) +_ext_depends_firebird=( + "php53=5.3.29" + "libfbclient" +) +_ext_depends_sqlite=( + "php53=5.3.29" + "sqlite" +) +_ext_depends_mbstring=( + "php53=5.3.29" +) +_ext_depends_openssl=( + "php53=5.3.29" + "krb5" + "e2fsprogs" + "openssl-1.0" +) +_phpconfig="\ + --prefix=/usr \ + --sbindir=/usr/bin \ + --localstatedir=/var \ + --with-layout=GNU \ + --disable-debug \ + --mandir=/usr/share/man \ + --srcdir=../php-${pkgver} \ + --libdir=/usr/lib/php${_phpbase}${_suffix} \ + --datadir=/usr/share/php${_phpbase}${_suffix} \ + --program-suffix=${_phpbase}${_suffix} \ + --with-config-file-scan-dir=/${_build_conf_d} \ + --enable-filter \ + --with-pear \ + --enable-session \ + --with-mhash=/usr \ + --with-kerberos \ + --with-mysql-sock=${_build_mysql_socket} \ + --enable-mysqlnd-compression-support \ + --with-zlib-dir=/usr \ + --enable-libxml \ + --with-pcre-regex=/usr \ + --with-openssl=/usr \ + --enable-pdo \ + --with-libedit \ + --enable-zend-multibyte" +_phpextensions="\ + --enable-xml=shared \ + --with-xsl=shared \ + --enable-xmlreader=shared \ + --enable-xmlwriter=shared \ + --enable-wddx=shared \ + --enable-dom=shared \ + --enable-simplexml=shared \ + --enable-mysqlnd=shared \ + --with-mysql=shared,mysqlnd \ + --with-mysqli=shared,mysqlnd \ + --with-pdo-mysql=shared,mysqlnd \ + --enable-phar=shared \ + --enable-pcntl=shared \ + --enable-posix=shared \ + --enable-shmop=shared \ + --enable-sockets=shared \ + --enable-sysvmsg=shared \ + --enable-sysvsem=shared \ + --enable-sysvshm=shared \ + --enable-tokenizer=shared + --enable-dba=shared \ + --with-db4=/usr \ + --without-gdbm \ + --with-cdb \ + --with-pgsql=shared,/usr \ + --with-pdo-pgsql=shared,/usr \ + --with-unixODBC=shared,/usr \ + --with-pdo-odbc=shared,unixODBC,/usr \ + --with-pdo-firebird=shared,/usr \ + --with-interbase=shared,/usr \ + --with-pdo-dblib=shared,/usr \ + --with-pdo-sqlite=shared,/usr \ + --with-sqlite3=shared,/usr \ + --with-mssql=shared,/usr \ + --with-gd=shared \ + --enable-gd-native-ttf + --with-webp-dir=/usr \ + --with-jpeg-dir=/usr \ + --with-png-dir=/usr \ + --with-xpm-dir=/usr \ + --with-freetype-dir=/usr \ + --enable-exif=shared \ + --with-tidy=shared,/usr \ + --with-iconv=shared \ + --with-xmlrpc=shared \ + --enable-bcmath=shared \ + --with-gmp=shared,/usr \ + --enable-zip=shared \ + --with-bz2=shared,/usr \ + --enable-json=shared \ + --enable-fileinfo=shared \ + --enable-ctype=shared \ + --with-recode=shared \ + --enable-mbstring=shared \ + --enable-mbregex \ + --enable-mbregex-backtrack \ + --with-pspell=shared,/usr \ + --with-enchant=shared,/usr \ + --enable-intl=shared \ + --enable-calendar=shared \ + --with-gettext=shared,/usr \ + --enable-soap=shared \ + --enable-ftp=shared \ + --with-curl=shared,/usr \ + --with-snmp=shared,/usr \ + --with-ldap=shared,/usr \ + --with-ldap-sasl=/usr \ + --with-imap=shared,/usr \ + --with-imap-ssl=yes \ + --with-mcrypt=shared" +_phpextensions_fpm="\ + --with-fpm-user=http \ + --with-fpm-group=http" + + +options=('!lto') +arch=("$CARCH") +checkdepends=('procps-ng' 'smtp-forwarder') license=('PHP') -url='http://php.net' -makedepends=('apache' 'c-client' 'postgresql-libs' 'libldap' 'smtp-forwarder' - 'sqlite' 'unixodbc' 'net-snmp' 'libzip' 'enchant' 'file' 'freetds' - 'libmcrypt' 'tidyhtml' 'aspell' 'libltdl' 'libpng' 'libjpeg' 'freetype2' 'icu' - 'curl' 'libxslt' 'openssl-1.0' 'db' 'gmp' 'systemd') - -source=("http://php.net/distributions/${_pkgbase}-${pkgver}.tar.xz" - "https://distfiles.macports.org/php5/suhosin-patch-${_suhosinver}.patch.gz" - 'php.ini.patch' 'apache.conf' 'php-fpm.conf.in.patch' - 'logrotate.d.php-fpm' 'php-fpm.service' 'php-fpm.tmpfiles' - 'suhosin.patch' - 'CVE-2014-3587.patch' 'CVE-2014-3597.patch' 'CVE-2014-3668.patch' - 'CVE-2014-3669.patch' 'CVE-2014-3670.patch' 'curl_embedded_null.patch' - 'CVE-2014-8142.patch' 'CVE-2015-0231.patch' 'CVE-2014-9705.patch' - 'CVE-2015-0273.patch' 'CVE-2015-2301.patch' 'CVE-2015-2305.patch' - 'CVE-2015-2783.patch' 'CVE-2015-2787.patch' 'CVE-2015-3330.patch' - 'CVE-2015-3329.patch') -sha1sums=('8772d7419511f9f066fb17929194b5492680ec9b' - '7b9ef5c3e0831154df0d6290aba0989ca90138ed' - 'b42a385359f5d033748d4d8f44a9f7a0469f628a' - '82776db01f70b9186ba455de22eb06fe193f1d30' - '2247fb95547feefdc898fc2c01bae1817ec2dc2a' - 'ce75999f51fa780c68e1575cca1d660ea60a5e64' - '2a3607973db41aa08f7aba11057218e2d88732b7' - '3c011681562bb620b1717b3829cb354461dd94d5' - '4d9fea0b7ab856c59ddbf722fe6c95b8e479af9b' - 'b5caa85fd1b76a3ece056ab5441852330989640b' - '9f2aa7c2514cb66204f9f5c3dc5f8ebdda238c78' - '4672c18ece397b2f99ad0c992f61220e210b2dc1' - '454e96af5cab1f649fceca61c0afb46ae73179f5' - '2f368143bcdaae4659a65103ffdeb71cac12c5cf' - 'ede78d11b7d4d6c304253bfd358607e160a3918a' - 'e97ea93d37ffbf6c3025281202d2e807facb4e7e' - '0ab48f282d62058318d08c44607aac89912f78d6' - 'b535103d79ba9791c22a841d5d72497dec3dd93d' - '7cb38769807eb7d35ff7f3eaf1cce408d8ad2676' - '066fe3a84e1aabaf45afe26470cd769b9e3ab79a' - '4968abe76ab18c15f85111b3e78dba0059f948ce' - '18e3f12ad04adf4cc59aa5862628ab0d032c76ef' - '4d9551ec6c2462cde45d0e556edf6d9e792c15b4' - '248dc92602721c193f3906f3eb7d98cd5499ba40' - '40fc97494110e9b312ea0f5bade8aa0b7043f40e') +url='http://www.php.net' + +################################################################################ +# Prepare it +################################################################################ prepare() { - cd ${srcdir} - - msg "Fix the suhosin patch" - patch -l -i suhosin.patch - sed -i 's/1997-2004/1997-2014/g' suhosin-patch-${_suhosinver}.patch - sed -i 's/1997-2012/1997-2014/g' suhosin-patch-${_suhosinver}.patch - - cd ${srcdir}/${_pkgbase}-${pkgver} - - # TODO: some doesn't apply - msg "Applying security patches (from Ubuntu)" - # patch -p1 -i ../CVE-2014-3587.patch - # patch -p1 -i ../CVE-2014-3597.patch - patch -p1 -i ../CVE-2014-3668.patch - patch -p1 -i ../CVE-2014-3669.patch - patch -p1 -i ../CVE-2014-3670.patch - patch -p1 -i ../curl_embedded_null.patch - patch -p1 -i ../CVE-2014-8142.patch - patch -p1 -i ../CVE-2015-0231.patch - patch -p1 -i ../CVE-2014-9705.patch - # patch -p1 -i ../CVE-2015-0273.patch - patch -p1 -i ../CVE-2015-2301.patch - patch -p1 -i ../CVE-2015-2305.patch - patch -p1 -i ../CVE-2015-2783.patch - patch -p1 -i ../CVE-2015-2787.patch - patch -p1 -i ../CVE-2015-3330.patch - patch -p1 -i ../CVE-2015-3329.patch - - msg "Applying suhosin patch" - patch -F3 -p1 -i ${srcdir}/suhosin-patch-${_suhosinver}.patch - - msg "Adjust paths" - patch -p0 -i ${srcdir}/php.ini.patch - patch -p0 -i ${srcdir}/php-fpm.conf.in.patch - # Just because our Apache 2.4 is configured with a threaded MPM by default does not mean we want to build a ZTS PHP. - # Let's supress this behaviour and build a SAPI that works fine with the prefork MPM. - sed '/APACHE_THREADED_MPM=/d' -i sapi/apache2handler/config.m4 -i configure - - # Allow php-tidy to compile with tidy-html5 - sed 's/buffio\.h/tidybuffio\.h/' -i ext/tidy/tidy.c - - msg "Enchant 2 fixes" - sed -i -e 's|include/enchant|include/enchant-2|' -e 's|-lenchant|-lenchant-2|' configure - - msg "ICU fixes" - sed -i '/U_NAMESPACE_END/a using namespace icu;' ext/intl/msgformat/msgformat_helpers.cpp + pushd "php-${pkgver}" + + echo "[SED] scripts/phpize.in" + sed -E "s|(includedir[\t ]*=.*/php)|\1${_phpbase}${_suffix}|g" \ + -i scripts/phpize.in + + echo "[SED] scripts/phpize.m4" + sed -e "s|\[php-config\]|\[php-config${_phpbase}${_suffix}\]|g" \ + -e "s|\(PHP_ARG_WITH(\[php-config\)${_phpbase}${_suffix}\]|\1]|g" \ + -e "s|php-config, no|php-config${_phpbase}${_suffix}, no|g" \ + -i "scripts/phpize.m4" + + echo "[SED] scripts/Makefile.frag" + sed -E "s|(phpincludedir[\t ]*=.*/php)|\1${_phpbase}${_suffix}|g" \ + -i scripts/Makefile.frag + + echo "[SED] scripts/php-config.in" + sed -E "s|(include_dir[\t ]*=.*php)|\1${_phpbase}${_suffix}|g" \ + -i scripts/php-config.in + + echo "[SED] sapi/apache2handler/config.m4" + sed -e '/APACHE_THREADED_MPM=/d' \ + -i sapi/apache2handler/config.m4 + + echo "[SED] sapi/fpm/Makefile.frag" + # sed -e 's#php-fpm\$(program_suffix)#php\$(program_suffix)-fpm#' + sed -e 's/.conf.default/.conf/g' \ + -i sapi/fpm/Makefile.frag + + echo "[SED] sapi/fpm/php-fpm.service.in" + sed -E "s|ExecStart[\s]?=[\s]?@([a-zA-Z_]+)@/php-fpm|ExecStart=@\1@/${_build_fpm_name}|g; \ + s|PIDFile[\s]?=[\s]?@([a-zA-Z_]+)@/run/php-fpm.pid|PIDFile=/run/${_build_fpm_service_name}/php-fpm.pid|g" \ + -i sapi/fpm/php-fpm.service.in + + local _check_files=("sapi/fpm/www.conf.in" "sapi/fpm/php-fpm.conf.in"); + for file_conf in "${_check_files[@]}"; do + if [[ ! -f $file_conf ]]; then + continue; + fi + echo "[SED] ${file_conf}" + sed -e "s#^listen =.*#listen = /run/${_build_fpm_service_name}/php-fpm.sock#" \ + -e "s#run/php-fpm.pid#/run/${_build_fpm_service_name}/php-fpm.pid#" \ + -e 's#^;*[ \t]*listen.owner =#listen.owner =#' \ + -e 's#^;*[ \t]*listen.group =#listen.group =#' \ + -e 's#^;*[ \t]*error_log =.*#error_log = syslog#' \ + -e 's#^;*[ \t]*chdir =.*#;chdir = /srv/http#' \ + -i "${file_conf}" + done + + echo "[SED] php.ini-production" + sed -e 's#^;*[ \t]*extension_dir[\t ]*=.*/.*$#extension_dir = "___EXTENSIONDIR___"#' \ + -e "s#___EXTENSIONDIR___#/usr/lib/${pkgbase}/modules#g" \ + -e "s#^;*[ \t]*extension=#;extension=#g" \ + -e "s#^;*[ \t]*session.save_path[\t ]*=.*#session.save_path=___SESSIONS___#g" \ + -e "s#___SESSIONS___#/var/lib/${pkgbase}/sessions#g" \ + -i php.ini-production + + for patch_name in "${_patches[@]}"; do + echo "[PATCH] Applying source patch ${patch_name}"; + patch -p1 -i "../${patch_name}" + done + + if ((_phpbase <= 53)); then + PHP_AUTOCONF="/usr/bin/autoconf-2.13" ./buildconf --force + else + ./buildconf --force + fi + rm -f tests/output/stream_isatty_*.phpt + rm -f Zend/tests/arginfo_zpp_mismatch*.phpt + rm -f Zend/tests/bug79919.phpt + popd +} + +_build_sapi() { + _sapi="${1}" + _commands="${2}" + if (( _sapi == "cli" )); then + if [[ ! -d "build-${_sapi}" ]]; then + mkdir "build-${_sapi}" + fi + pushd "build-${_sapi}" + if [[ -L configure ]]; then + rm configure + fi + ln -s "../php-${pkgver}/configure" + popd + else + cp -Ta "build-cli" "build-${_sapi}" + fi + + pushd "build-${_sapi}" + ./configure ${_phpconfig} ${_commands} + patch -p1 -i "${srcdir}/make-tests.patch" + + if (($_sapi != "cli")); then + make clean + fi + if ((! _build_with_custom_icu)); then + sed -i -e 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' \ + -e 's|^runpath_var=LD_RUN_PATH|runpath_var=LIBTOOL_IS_BROKED|g' \ + libtool + fi + make + popd } +################################################################################ +# BUILD them all +################################################################################ build() { - local _phpconfig="--srcdir=../${_pkgbase}-${pkgver} \ - --prefix=/usr \ - --sysconfdir=/etc/${pkgbase} \ - --localstatedir=/var \ - --libdir=/usr/lib/${pkgbase} \ - --datadir=/usr/share/${pkgbase} \ - --program-suffix=${pkgbase#php} \ - --with-layout=GNU \ - --with-config-file-path=/etc/${pkgbase} \ - --with-config-file-scan-dir=/etc/${pkgbase}/conf.d \ - --enable-inline-optimization \ - --disable-debug \ - --disable-rpath \ - --disable-static \ - --enable-shared \ - --mandir=/usr/share/man \ - --without-pear \ - " - - local _phpextensions="--enable-bcmath=shared \ - --enable-calendar=shared \ - --enable-dba=shared \ - --enable-exif=shared \ - --enable-ftp=shared \ - --enable-gd-native-ttf \ - --enable-intl=shared \ - --enable-json=shared \ - --enable-mbregex \ - --enable-mbstring \ - --enable-pdo \ - --enable-phar=shared \ - --enable-posix=shared \ - --enable-session \ - --enable-shmop=shared \ - --enable-soap=shared \ - --enable-sockets=shared \ - --enable-sqlite-utf8 \ - --enable-sysvmsg=shared \ - --enable-sysvsem=shared \ - --enable-sysvshm=shared \ - --enable-xml \ - --enable-zip=shared \ - --with-bz2=shared \ - --with-curl=shared \ - --with-enchant=shared,/usr \ - --with-freetype-dir=shared,/usr \ - --with-gd=shared \ - --with-gdbm=shared \ - --with-gettext=shared \ - --with-gmp=shared \ - --with-iconv=shared \ - --with-icu-dir=/usr \ - --with-imap-ssl=shared,/usr \ - --with-imap=shared,/usr \ - --with-kerberos=/usr \ - --with-jpeg-dir=shared,/usr \ - --with-ldap=shared \ - --with-ldap-sasl \ - --with-mcrypt=shared \ - --with-mhash \ - --with-mssql=shared \ - --with-mysql-sock=/run/mysqld/mysqld.sock \ - --with-mysql=shared,mysqlnd \ - --with-mysqli=shared,mysqlnd \ - --with-openssl=shared \ - --with-pcre-regex=/usr \ - --with-pdo-dblib=shared,/usr \ - --with-pdo-mysql=shared,mysqlnd \ - --with-pdo-odbc=shared,unixODBC,/usr \ - --with-pdo-pgsql=shared \ - --with-pdo-sqlite=shared,/usr \ - --with-pgsql=shared \ - --with-png-dir=shared,/usr \ - --with-pspell=shared \ - --with-regex=php \ - --with-snmp=shared \ - --with-sqlite3=shared,/usr \ - --with-sqlite=shared \ - --with-tidy=shared \ - --with-unixODBC=shared,/usr \ - --with-xmlrpc=shared \ - --with-xsl=shared \ - --with-zlib \ - --without-db2 \ - --without-db3 \ - " - - export EXTENSION_DIR=/usr/lib/${pkgbase}/modules - export PEAR_INSTALLDIR=/usr/share/${pkgbase}/pear - export PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig - - cd ${srcdir}/${_pkgbase}-${pkgver} - - # -D_FORTIFY_SOURCE=2 will generate a warning, which will fail the configure script - unset CPPFLAGS - # To workaround c-client linking problem - export IMAP_SHARED_LIBADD="-lssl" - - # php - mkdir -p ${srcdir}/build-php - cd ${srcdir}/build-php - ln -sf ../${_pkgbase}-${pkgver}/configure - ./configure ${_phpconfig} \ - --disable-cgi \ - --with-readline \ - --enable-pcntl \ - ${_phpextensions} - sed -i '/^IMAP_SHARED_LIBADD =/ s#-lssl -lcrypto#-Wl,/usr/lib/libssl.so -Wl,/usr/lib/libcrypto.so#' Makefile - make - - # cgi and fcgi - # reuse the previous run; this will save us a lot of time - cp -Ta ${srcdir}/build-php ${srcdir}/build-cgi - cd ${srcdir}/build-cgi - ./configure ${_phpconfig} \ - --disable-cli \ - --enable-cgi \ - ${_phpextensions} - make - - # apache - cp -Ta ${srcdir}/build-php ${srcdir}/build-apache - cd ${srcdir}/build-apache - ./configure ${_phpconfig} \ - --disable-cli \ - --with-apxs2 \ - ${_phpextensions} - make - - # fpm - cp -Ta ${srcdir}/build-php ${srcdir}/build-fpm - cd ${srcdir}/build-fpm - ./configure ${_phpconfig} \ - --disable-cli \ - --enable-fpm \ - --with-fpm-user=http \ - --with-fpm-group=http \ - ${_phpextensions} - make - - # embed - cp -Ta ${srcdir}/build-php ${srcdir}/build-embed - cd ${srcdir}/build-embed - ./configure ${_phpconfig} \ - --disable-cli \ - --enable-embed=shared \ - ${_phpextensions} - make - - # pear - sed -i 's#@$(top_builddir)/sapi/cli/php $(PEAR_INSTALL_FLAGS) pear/install-pear-nozlib.phar -d#@$(top_builddir)/sapi/cli/php $(PEAR_INSTALL_FLAGS) pear/install-pear-nozlib.phar -p $(bindir)/php$(program_suffix) -d#' ${srcdir}/php-${pkgver}/pear/Makefile.frag - cp -Ta ${srcdir}/build-php ${srcdir}/build-pear - cd ${srcdir}/build-pear - ./configure ${_phpconfig} \ - --disable-cgi \ - --with-readline \ - --enable-pcntl \ - --with-pear \ - ${_phpextensions} - make + export EXTENSION_DIR="/usr/lib/${pkgbase}/modules" + if ((_build_openssl_v10_patch)); then + export PHP_OPENSSL_DIR="/usr/lib/openssl-1.0" + export PKG_CONFIG_PATH="/usr/lib/openssl-1.0/pkgconfig" + elif ((_build_forced_openssl_11)); then + export PHP_OPENSSL_DIR="/usr/lib/openssl-1.1" + export PKG_CONFIG_PATH="/usr/lib/openssl-1.1/pkgconfig" + fi + if [[ ! -z "${_cppflags}" ]]; then + CPPFLAGS+=" $_cppflags " + fi + if ((_build_with_custom_icu )); then + local _php5_icu_first="${srcdir}/${_build_icu_src_dir}/php${_phpbase}${suffix}-icu${_pkgver_icu}" + LDFLAGS+="-Wl,-rpath=$ORIGIN/usr/lib/${pkgbase}/icu${_pkgver_icu}/lib" + _phpextensions+=" --with-icu-dir=${_php5_icu_first} " + if [[ ! -d $_php5_icu_first ]]; then + mkdir -p "${_php5_icu_first}" + fi + pushd "${_build_icu_src_dir}" + ./configure --prefix="${_php5_icu_first}" \ + --sysconfdir="${_php5_icu_first}/etc" \ + --mandir="${_php5_icu_first}/share/man" \ + --sbindir="${_php5_icu_first}/bin" \ + --libdir="${_php5_icu_first}/lib" \ + --includedir="${_php5_icu_first}/include" \ + --disable-tests \ + --disable-debug + make -j$(nproc) + make install + ./configure --prefix="/usr/lib/${pkgbase}/icu${_pkgver_icu}" \ + --sysconfdir="/usr/lib/${pkgbase}/icu${_pkgver_icu}/etc" \ + --mandir="/usr/lib/${pkgbase}/icu${_pkgver_icu}/share/man" \ + --sbindir="/usr/lib/${pkgbase}/icu${_pkgver_icu}/bin" \ + --libdir="/usr/lib/${pkgbase}/icu${_pkgver_icu}/lib" \ + --includedir="/usr/lib/${pkgbase}/icu${_pkgver_icu}/include" \ + --disable-tests \ + --disable-debug + make -j$(nproc) + popd + fi + + if ((_build_ini_per_sapi || _build_per_sapi)); then + + # CLI + _cli_addons='' + if (( ! _build_per_sapi )); then + # CGI enabled here only for tests passing, then overriden later by cgi build + _cli_addons+=" --enable-cgi " + fi + _build_sapi "cli" "\ + --sysconfdir=/${_build_sapi_ini_cli} \ + --with-config-file-path=/${_build_sapi_ini_cli} \ + --enable-cli \ + ${_phpextensions} \ + ${_cli_addons} \ + --disable-fpm \ + --disable-embed \ + --disable-phpdbg \ + " + + # phpdbg + if ((_build_phpdbg)); then + _sapi="phpdbg" + _build_sapi "phpdbg" "\ + --sysconfdir=/${_build_sapi_ini_phpdbg} \ + --with-config-file-path=/${_build_sapi_ini_phpdbg} \ + --disable-all \ + --enable-phpdbg \ + --disable-cgi \ + --disable-cli \ + --disable-fpm \ + --disable-embed \ + " + fi + + # embed + _build_sapi "embed" "\ + --sysconfdir=/${_build_sapi_ini_embed} \ + --with-config-file-path=/${_build_sapi_ini_embed} \ + --disable-all \ + --enable-embed=shared \ + --disable-cgi \ + --disable-cli \ + --disable-fpm \ + --disable-phpdbg \ + " + + # cgi + _build_sapi "cgi" "\ + --sysconfdir=/${_build_sapi_ini_cgi} \ + --with-config-file-path=/${_build_sapi_ini_cgi} \ + --disable-all \ + --enable-cgi \ + --disable-cli \ + --disable-fpm \ + --disable-embed \ + --disable-phpdbg \ + " + + # litespeed + _cflags="${CFLAGS}" + export CFLAGS="${CFLAGS} -Wno-error=format-security" + _build_sapi "litespeed" "\ + --sysconfdir=/${_build_sapi_ini_litespeed} \ + --with-config-file-path=/${_build_sapi_ini_litespeed} \ + --disable-all \ + --disable-cgi \ + --disable-cli \ + --disable-fpm \ + --disable-embed \ + --disable-phpdbg \ + ${_build_sapi_litespeed} \ + " + export CFLAGS="${_cflags}" + + # fpm + _build_sapi "fpm" "\ + --sysconfdir=/${_build_sapi_ini_fpm} \ + --with-config-file-path=/${_build_sapi_ini_fpm} \ + --disable-all \ + --enable-fpm \ + ${_phpextensions_fpm} \ + --disable-cli \ + --disable-cgi \ + --disable-embed \ + --disable-phpdbg \ + " + else + + # CLI + if ((_build_phpdbg)); then + _cli_addons+=" --enable-phpdbg " + fi + _build_sapi "cli" "\ + --sysconfdir=/${_build_sapi_ini_cli} \ + --with-config-file-path=/${_build_sapi_ini_cli} \ + --enable-cli \ + ${_phpextensions} \ + ${_cli_addons} \ + --enable-fpm \ + --enable-cgi \ + --enable-embed=shared \ + --enable-fpm \ + ${_phpextensions_fpm} \ + ${_build_sapi_litespeed} \ + " + fi + + # apache + _build_sapi "apache" "\ + --disable-all \ + --disable-cli \ + --disable-cgi \ + --disable-fpm \ + --disable-embed \ + --disable-phpdbg \ + --with-apxs2 \ + --sysconfdir=/${_build_sapi_ini_apache} \ + --with-config-file-path=/${_build_sapi_ini_apache} \ + " + +} + +check() { + pushd "build-cli" + # Check if sendmail was configured correctly (FS#47600) + export REPORT_EXIT_STATUS=1 + export NO_INTERACTION=1 + export SKIP_ONLINE_TESTS=1 + export SKIP_SLOW_TESTS=1 + export TESTS='tests Zend' + if ((_phpbase > 73)); then + export TEST_PHP_ARGS="-j$(nproc)" + fi + # Patch tests to run PHP modules in needed order + sapi/cli/php -n ../php-makefile-patcher.php Makefile + make test + popd +} + +################################################################################ +# Custom code +################################################################################ +_install_module_ini() { + local extension=$(echo "${1}" | sed 's/\.so//') + local priority="${_priority_default}" + case "${extension}" in + "json") + priority="${_priority_json}" + ;; + "xml") + priority="${_priority_xml}" + ;; + "openssl") + priority="${_priority_openssl}" + ;; + "mysqlnd") + priority="${_priority_mysqlnd}" + ;; + "pdo") + priority="${_priority_pdo}" + ;; + "opcache") + priority="${_priority_opcache}" + ;; + "dom") + priority="${_priority_dom}" + ;; + esac + local extension_type="extension" + case "${extension}" in + "opcache" | "xdebug") + extension_type="zend_extension" + ;; + "recode") + extension_type=";extension" + ;; + esac + + if [[ ! -d "${pkgdir}/${_build_conf_d}" ]]; then + mkdir -p "${pkgdir}/${_build_conf_d}" + fi + echo "${extension_type}=${extension}.so" > "${pkgdir}/${_build_conf_d}/${priority}-${extension}.ini" + chmod 0644 "$pkgdir/${_build_conf_d}/${priority}-${extension}.ini" + _last_priority=${priority} + _last_extension=${extension} } +_install_module() { + if [[ -f "build-cli/modules/${1}.so" ]]; then + install -D -m755 "build-cli/modules/${1}.so" "${pkgdir}/usr/lib/${pkgbase}/modules/${1}.so"; + _install_module_ini "${1}" + else + echo "[DEBUG]: Install_module can't find ${1}.so, skipped" + fi +} + +############################################################################### +# PHP: SAPI's +############################################################################### + +# Main package package_php53() { - pkgdesc='An HTML-embedded scripting language - Legacy 5.3 version' - depends=('pcre' 'libxml2' 'curl' 'libzip' 'openssl-1.0') - backup=("etc/${pkgbase}/php.ini") - provides=("${_pkgbase}=$pkgver") + # Binary names + pkgdesc='PHP. A general-purpose scripting language that is especially suited to web development' + depends=('zlib' 'pcre' 'libedit') + if ((_build_with_custom_icu)); then + pushd "${_build_icu_src_dir}" + make DESTDIR="${pkgdir}" install + popd + pushd "${pkgdir}/usr/lib/${pkgbase}/icu${_pkgver_icu}" + rm -rf bin include share + popd + fi + + # Install session dir + install -d -m1733 "${pkgdir}/var/lib/${pkgbase}/sessions" + + # conf.d dir with shared modules + install -d -m755 "${pkgdir}/${_build_conf_d}/" + + pushd "build-cli" + make -j1 INSTALL_ROOT=${pkgdir} install-{modules,build,headers,programs} + # Cleanup for CGI" + rm -rf "${pkgdir}/usr/bin/${pkgbase}-cgi" + popd + + pushd "${pkgdir}/usr/lib/${pkgbase}/modules/" + # remove static modules + rm -f *.a + # remove modules provided by subpackages + rm -f {enchant,imap,intl,pspell,snmp,tidy,curl,ldap,bz2,bcmath,soap,zip,gmp,dba,opcache,json,gd,mcrypt,sodium,recode}.so + rm -f {pdo_dblib,mssql}.so + rm -f {dom,simplexml,xml,xmlreader,xmlwriter,xsl,wddx,xmlrpc}.so + rm -f {pgsql,pdo_pgsql}.so + rm -f {odbc,pdo_odbc}.so + rm -f {pdo_sqlite,sqlite3}.so + rm -f {pdo_firebird.so,interbase.so} + rm -f {mysqli,pdo_mysql,mysqlnd,mysql}.so + rm -f {openssl,ffi,pcntl,ftp,calendar,ctype,fileinfo,iconv,mbstring,exif,pdo,phar,posix,shmop}.so + rm -f {sockets,tokenizer,gettext,sysvmsg,sysvsem,sysvshm}.so + popd + pushd build-cli + if (( ! _build_ini_per_sapi )); then + backup=("${_build_sapi_ini_cli}/php.ini") + install -d -m755 "${pkgdir}/${_build_sapi_ini_cli}" + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_cli}/php.ini" + fi + popd +} - cd ${srcdir}/build-php - make -j1 INSTALL_ROOT=${pkgdir} install +# Cli + phar +package_php53-cli() { + _sapi="cli" + pkgdesc="cli (command-line executable) version for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + depends+=("${_sapi_depends[@]}") + pushd "build-${_sapi}" + make -j1 INSTALL_ROOT="${pkgdir}" install-cli + make -j1 INSTALL_ROOT="${pkgdir}" install-pharcmd + if ((_build_ini_per_sapi)); then + backup=("${_build_sapi_ini_cli}/php.ini") + install -d -m755 "${pkgdir}/${_build_sapi_ini_cli}" + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_cli}/php.ini" + fi + # Cleanup for CGI + rm -rf "${pkgdir}/usr/bin/${pkgbase}-cgi" + popd +} +# End cli - # install php.ini - install -D -m644 ${srcdir}/${_pkgbase}-${pkgver}/php.ini-production ${pkgdir}/etc/${pkgbase}/php.ini - install -d -m755 ${pkgdir}/etc/${pkgbase}/conf.d/ +# CGI +package_php53-cgi() { + _sapi="cgi" + pkgdesc="CGI and FCGI SAPI for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + depends+=("${_sapi_depends[@]}") + if ((_build_ini_per_sapi || _build_per_sapi)); then + pushd "build-${_sapi}" + else + pushd "build-cli" + fi + if ((_build_ini_per_sapi)); then + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_cgi}/php.ini" + backup=("${_build_sapi_ini_cgi}/php.ini") + fi + case "${_phpbase}" in + 53 | 54) + install -D -m755 sapi/cgi/php-cgi "${pkgdir}/usr/bin/${pkgbase}-cgi" + ;; + *) + make -j1 INSTALL_ROOT="${pkgdir}" install-cgi + ;; + esac + popd +} +# CGI end - # remove static modules - rm -f ${pkgdir}/usr/lib/${pkgbase}/modules/*.a - # remove modules provided by sub packages - rm -f ${pkgdir}/usr/lib/${pkgbase}/modules/{enchant,gd,imap,intl,ldap,mcrypt,mssql,odbc,pdo_odbc,pgsql,pdo_pgsql,pspell,snmp,sqlite3,pdo_sqlite,tidy,xsl,pdo_dblib}.so +# Apache +package_php53-apache() { + _sapi="apache" + _build_mod_php_so="libphp${_suffix_so}.so" + _build_mod_php_module="php_module${_suffix_so}" + _build_build_php_script_name="php${_suffix_so}-script" + _apache_module_conf="${pkgbase}-module.conf" + pkgdesc="Apache SAPI for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'apache') + depends+=("${_sapi_depends[@]}") + depends+=('libxcrypt'); + depends+=('ncurses'); + backup=("${_build_apache_cfg}/${_apache_module_conf}") + echo "# End of LoadModule in httpd.conf - see ArchWiki Apache HTTP Server" + echo "LoadModule ${_build_mod_php_module} modules/lib${pkgbase}.so" + echo "AddHandler ${_build_php_script_name} .php" + echo "# End of Include List" + echo "Include conf/extra/${_apache_module_conf}" + + pushd "build-${_sapi}" + if ((_build_ini_per_sapi)); then + backup+=("${_build_sapi_ini_apache}/php.ini") + install -d -m755 "${pkgdir}/${_build_sapi_ini_apache}" + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_apache}/php.ini" + fi + install -D -m755 "libs/${_build_mod_php_so}" "${pkgdir}/usr/lib/httpd/modules/lib${pkgbase}.so" + patchelf --set-soname \ + "lib${pkgbase}.so" \ + "${pkgdir}/usr/lib/httpd/modules/lib${pkgbase}.so" + popd + + install -D -m644 "php-apache.conf" "${pkgdir}/${_build_apache_cfg}/${_apache_module_conf}" + echo "[SED] ${pkgdir}/${_build_apache_cfg}/${_apache_module_conf}" + sed -e "s#@MODULE@#${_build_mod_php_module}#" \ + -i "${pkgdir}/${_build_apache_cfg}/${_apache_module_conf}" +} +# Apache end - # remove empty directory - rmdir ${pkgdir}/usr/include/php/include +# FPM +package_php53-fpm() { + _sapi="fpm" + install="php-fpm.install" + pkgdesc="FastCGI Process Manager for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'systemd-libs' 'acl') + depends+=("${_sapi_depends[@]}") + backup=("${_build_sapi_ini_fpm}/php-fpm.conf") + if ((_phpbase >= 70)); then + backup+=("${_build_sapi_ini_fpm}/php-fpm.d/www.conf") + fi + options=('!emptydirs') + if ((_build_ini_per_sapi || _build_per_sapi)); then + pushd "build-${_sapi}" + else + pushd "build-cli" + fi + if ((_build_ini_per_sapi)); then + backup+=("${_build_sapi_ini_fpm}/php.ini") + install -d -m755 "${pkgdir}/${_build_sapi_ini_fpm}/" + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_fpm}/php.ini" + fi + make -j1 INSTALL_ROOT="${pkgdir}" install-fpm + install -D -m644 "sapi/fpm/php-fpm.service" "${pkgdir}/usr/lib/systemd/system/${_build_fpm_service_name}.service" + echo "d /run/${_build_fpm_service_name} 755 root root" > php-fpm.tmpfiles + install -D -m644 "php-fpm.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/${_build_fpm_service_name}.conf" + popd +} +# FPM end - # move include directory - mv ${pkgdir}/usr/include/php ${pkgdir}/usr/include/${pkgbase} +# embed sapi +package_php53-embed() { + _sapi="embed" + pkgdesc="Embedded PHP SAPI library for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'ncurses' 'systemd-libs' 'libxcrypt' 'acl' 'ncurses') + depends+=("${_sapi_depends[@]}") + options=('!emptydirs') + if ((_build_ini_per_sapi || _build_per_sapi)); then + pushd "build-${_sapi}" + else + pushd "build-cli" + fi + install -d -m755 "${pkgdir}/${_build_sapi_ini_embed}" + if ((_build_ini_per_sapi)); then + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_embed}/php.ini" + backup=("${_build_sapi_ini_embed}/php.ini") + fi + make -j1 INSTALL_ROOT="${pkgdir}" PHP_SAPI=embed install-sapi + mv "${pkgdir}/usr/lib/libphp${_suffix_so}.so" "${pkgdir}/usr/lib/lib${pkgbase}.so" + popd + patchelf --set-soname "lib${pkgbase}.so" "${pkgdir}/usr/lib/lib${pkgbase}.so" +} +# embed sapi end + +# phpdbg sapi +package_php53-phpdbg() { + _sapi="phpdbg" + options=('!emptydirs') + pkgdesc="Interactive PHP debugger for ${pkgbase} ($_sapi)" + depends=("${pkgbase}=${pkgver}") + depends+=("${_sapi_depends[@]}") + if ((_build_ini_per_sapi || _build_per_sapi)); then + pushd "build-${_sapi}" + else + pushd "build-cli" + fi + if ((_build_ini_per_sapi)); then + backup=("${_build_sapi_ini_phpdbg}/php.ini") + install -d -m755 "${pkgdir}/${_build_sapi_ini_phpdbg}" + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_phpdbg}/php.ini" + fi + make -j1 INSTALL_ROOT="${pkgdir}" "install-${_sapi}" + popd +} +# phpdbg sapi end + +# litespeed sapi +package_php53-litespeed() { + _sapi="litespeed" + pkgdesc="LiteSpeed SAPI for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + depends+=("${_sapi_depends[@]}") + if ((_build_ini_per_sapi || _build_per_sapi)); then + pushd "build-${_sapi}" + else + pushd "build-cli" + fi + if ((_build_ini_per_sapi)); then + install -D -m644 "../php-${pkgver}/php.ini-production" "${pkgdir}/${_build_sapi_ini_cgi}/php.ini" + backup=("${_build_sapi_ini_cgi}/php.ini") + fi + case "${_phpbase}" in + *) + install -D -m755 sapi/litespeed/php "${pkgdir}/usr/bin/ls${pkgbase}" + ;; + esac + popd +} +# litespeed sapi end - # fix phar symlink - rm ${pkgdir}/usr/bin/phar - ln -sf phar.${pkgbase/php/phar} ${pkgdir}/usr/bin/${pkgbase/php/phar} +############################################################################### +# PEAR + PECL +############################################################################### - # rename executables - mv ${pkgdir}/usr/bin/phar.{phar,${pkgbase/php/phar}} +# PEAR +package_php53-pear() { + pkgdesc="PHP Extension and Application Repository (PEAR) for ${pkgbase}" + depends=( + "${pkgbase}=${pkgver}" + "php${_phpbase}-xml${_suffix}=${pkgver}" + "php${_phpbase}-cli${_suffix}=${pkgver}" + "php${_phpbase}-phar${_suffix}=${pkgver}" + ) + #backup=("${_build_sapi_ini_cli}/pear.conf") + install -d "${pkgdir}/usr/share/${pkgbase}/pear/htdocs" + install -d "${pkgdir}/usr/share/${pkgbase}/pear/data" + install -d "${pkgdir}/usr/share/${pkgbase}/pear/doc" + install -d "${pkgdir}/usr/share/${pkgbase}/pear/test" + install -d "${pkgdir}/usr/share/${pkgbase}/pear/cfg" + install -d "${pkgdir}/var/lib/${pkgbase}/pear/cache" + install -d "${pkgdir}/var/lib/${pkgbase}/pear/metadata" + install -d "${pkgdir}/var/lib/${pkgbase}/pear/download" + install -d "${pkgdir}/var/lib/${pkgbase}/pear/temp" + export PHP_PEAR_SYSCONF_DIR="${_build_sapi_ini_cli}" + pushd build-cli + + cp "${srcdir}/php-${pkgver}/pear/install-pear-nozlib.phar" "pear/install-pear-nozlib.phar" + + INSTALL_ROOT="${pkgdir}/" ./sapi/cli/php -n \ + -d extension=modules/xml.so \ + -d extension=modules/phar.so \ + -d date.timezone=UTC -d memory_limit=64M -d short_open_tag=0 -d safe_mode=0 \ + -d 'error_reporting=E_ALL&~E_DEPRECATED' -d detect_unicode=0 "pear/install-pear-nozlib.phar" \ + -ds "${_phpbase}${_suffix}" \ + --php "/usr/bin/${pkgbase}" \ + --bin "/usr/bin" \ + --man "/usr/share/man" \ + --dir "/usr/share/${pkgbase}/pear" \ + --data "/usr/share/${pkgbase}/pear/data" \ + --doc "/usr/share/${pkgbase}/pear/doc" \ + --test "/usr/share/${pkgbase}/pear/test" \ + --www "/usr/share/${pkgbase}/pear/htdocs" \ + --config "/usr/share/${pkgbase}/pear/cfg" \ + --force + # fix pear.conf with unserialize + # first arg: path to pear.conf + # second arg: PEAR base /var path + ./sapi/cli/php -n ../pear-config-patcher.php \ + "${pkgdir}/${_build_sapi_ini_cli}/pear.conf" \ + "/var/lib/${pkgbase}/pear" + popd + # remove unneeded files + rm -rf "${pkgdir}"/.{channels,depdb,depdblock,filemap,lock,registry} + #rename binaries + for i in pear peardev pecl; do + _target="${pkgbase/php/$i}" + # fix hardcoded paths + sed "s|PHP=php|PHP=\"/usr/bin/${pkgbase}\"|g; s|\"/usr/bin/php\"|\"/usr/bin/${pkgbase}\"|g; s| -n | |g" \ + -i "${pkgdir}/usr/bin/${i}" + if [[ "$i" == "pecl" ]]; then + echo "Moving ${pkgdir}/usr/bin/${i} => ${srcdir}/${pkgbase}-pecl-bin/" + mkdir -p "${srcdir}/${pkgbase}-pecl-bin/" + mv "${pkgdir}/usr/bin/pecl" "${srcdir}/${pkgbase}-pecl-bin/" + else + echo "Moving ${pkgdir}/usr/bin/${i} => ${pkgdir}/usr/bin/${_target}" + mv "${pkgdir}/usr/bin/${i}" "${pkgdir}/usr/bin/${_target}" + fi + done +} +# PEAR end + +# PECL +package_php53-pecl() { + pkgdesc="PHP Extension Community Library (PECL) for ${pkgbase}" + depends=("php${_phpbase}-pear${_suffix}=${pkgver}") + _target="${pkgbase/php/pecl}" + install -D -m755 "${srcdir}/${pkgbase}-pecl-bin/pecl" "${pkgdir}/usr/bin/${_target}" +} +# PECL end - # fix paths in executables - sed -i "/^includedir=/c \includedir=/usr/include/${pkgbase}" ${pkgdir}/usr/bin/${pkgbase/php/phpize} - sed -i "/^include_dir=/c \include_dir=/usr/include/${pkgbase}" ${pkgdir}/usr/bin/${pkgbase/php/php-config} +############################################################################### +# PHP Modules: First need +############################################################################### - # make phpize use php-config53 - sed -i "/^\[ --with-php-config=/c \[ --with-php-config=PATH Path to php-config [${pkgbase/php/php-config}]], ${pkgbase/php/php-config}, no)" ${pkgdir}/usr/lib/${pkgbase}/build/phpize.m4 +# OpenSSL +package_php53-openssl() { + pkgdesc="OpenSSL module for ${pkgbase}" + depends=("${_ext_depends_openssl[@]}") + _install_module openssl } -package_php53-cgi() { - pkgdesc='CGI and FCGI SAPI for PHP' - depends=("${pkgbase}") - provides=("${_pkgbase}-cgi=$pkgver") +# Json +package_php53-json() { + pkgdesc="json module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module json +} - install -D -m755 ${srcdir}/build-cgi/sapi/cgi/php-cgi ${pkgdir}/usr/bin/${pkgbase}-cgi +# pdo +package_php53-pdo() { + pkgdesc="pdo module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module pdo } -package_php53-apache() { - pkgdesc='Apache SAPI for PHP' - depends=("${pkgbase}" 'apache') - provides=("${_pkgbase}-apache=$pkgver") - backup=("etc/httpd/conf/extra/${pkgbase}_module.conf") - install='php-apache.install' - install -D -m755 ${srcdir}/build-apache/libs/libphp5.so ${pkgdir}/usr/lib/httpd/modules/lib${pkgbase}.so - install -D -m644 ${srcdir}/apache.conf ${pkgdir}/etc/httpd/conf/extra/${pkgbase}_module.conf +# mbstring +package_php53-mbstring() { + pkgdesc="mbstring module for ${pkgbase}" + depends=("${_ext_depends_mbstring[@]}") + _install_module mbstring } -package_php53-fpm() { - pkgdesc='FastCGI Process Manager for PHP' - depends=("${pkgbase}" 'systemd') - provides=("${_pkgbase}-fpm=$pkgver") - backup=("etc/${pkgbase}/php-fpm.conf") - install='php-fpm.install' - install -d -m755 ${pkgdir}/usr/bin - install -D -m755 ${srcdir}/build-fpm/sapi/fpm/php-fpm ${pkgdir}/usr/bin/${pkgbase}-fpm +# phar +package_php53-phar() { + pkgdesc="phar module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module phar +} - install -D -m644 ${srcdir}/build-fpm/sapi/fpm/php-fpm.8 ${pkgdir}/usr/share/man/man8/${pkgbase}-fpm.8 - install -D -m644 ${srcdir}/build-fpm/sapi/fpm/php-fpm.conf ${pkgdir}/etc/${pkgbase}/php-fpm.conf - install -d -m755 ${pkgdir}/etc/${pkgbase}/fpm.d - install -D -m644 ${srcdir}/php-fpm.tmpfiles ${pkgdir}/usr/lib/tmpfiles.d/${pkgbase}-fpm.conf - install -D -m644 ${srcdir}/php-fpm.service ${pkgdir}/usr/lib/systemd/system/${pkgbase}-fpm.service +############################################################################### +# PHP modules: XML +############################################################################### - install -d -m755 ${pkgdir}/etc/logrotate.d - install -D -m644 ${srcdir}/logrotate.d.php-fpm ${pkgdir}/etc/logrotate.d/${pkgbase}-fpm +# XML modules combined package +package_php53-xml() { + pkgdesc="xml modules for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libxml2') + _install_module xml } -package_php53-embed() { - pkgdesc='Embedded PHP SAPI library' - depends=("${pkgbase}") - provides=("${_pkgbase}-embed=$pkgver") +package_php53-wddx() { + pkgdesc="wddx module for ${pkgbase}" + depends=("php${_phpbase}-xml${_suffix}=${pkgver}") + _install_module wddx +} - install -D -m755 ${srcdir}/build-embed/libs/libphp5.so ${pkgdir}/usr/lib/libphp53.so - install -D -m644 ${srcdir}/${_pkgbase}-${pkgver}/sapi/embed/php_embed.h ${pkgdir}/usr/include/${pkgbase}/sapi/embed/php_embed.h +package_php53-simplexml() { + pkgdesc="simplexml module for ${pkgbase}" + depends=("php${_phpbase}-xml${_suffix}=${pkgver}") + _install_module simplexml } -package_php53-dblib() { - pkgdesc='dblib module for PHP' - depends=("${pkgbase}") - provides=("${_pkgbase}-dblib=$pkgver") +package_php53-dom() { + pkgdesc="dom module for ${pkgbase}" + depends=("php${_phpbase}-xml${_suffix}=${pkgver}") + _install_module dom +} - install -D -m755 ${srcdir}/build-php/modules/pdo_dblib.so ${pkgdir}/usr/lib/${pkgbase}/modules/pdo_dblib.so +package_php53-xmlreader() { + pkgdesc="xmlreader module for ${pkgbase}" + depends=("php${_phpbase}-xml${_suffix}=${pkgver}") + _install_module xmlreader } -package_php53-pear() { - pkgdesc='PHP Extension and Application Repository' - depends=("${pkgbase}") - provides=("${_pkgbase}-pear=$pkgver") - backup=("etc/${pkgbase}/pear.conf") +package_php53-xmlwriter() { + pkgdesc="xmlwriter module for ${pkgbase}" + depends=("php${_phpbase}-xml${_suffix}=${pkgver}") + _install_module xmlwriter +} - cd ${srcdir}/build-pear - make -j1 install-pear INSTALL_ROOT=${pkgdir} - rm -rf ${pkgdir}{/usr/share/${pkgbase}/pear,}/.{channels,depdb,depdblock,filemap,lock,registry} +# Tidy +package_php53-tidy() { + pkgdesc="tidy module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'tidy') + _install_module tidy +} - mv ${pkgdir}/usr/bin/{pear,${pkgbase/php/pear}} - mv ${pkgdir}/usr/bin/{peardev,${pkgbase/php/peardev}} - mv ${pkgdir}/usr/bin/{pecl,${pkgbase/php/pecl}} +# XSL +package_php53-xsl() { + pkgdesc="xsl module for ${pkgbase}" + depends=("php${_phpbase}-xml${_suffix}=${pkgver}" "php${_phpbase}-dom${_suffix}=${pkgver}") + depends+=('libxslt') + _install_module xsl } -package_php53-enchant() { - pkgdesc='enchant module for PHP' - depends=("${pkgbase}" 'enchant') - provides=("${_pkgbase}-enchant=$pkgver") +############################################################################### +# PHP modules: Databases +############################################################################### + +# MySQL +package_php53-mysql() { + pkgdesc="MySQL modules for ${pkgbase}" + depends=("${_ext_depends_mysql[@]}") + _install_module mysqlnd + _install_module mysql + _install_module mysqli + _install_module pdo_mysql +} - install -D -m755 ${srcdir}/build-php/modules/enchant.so ${pkgdir}/usr/lib/${pkgbase}/modules/enchant.so +# pdo_sqlite + sqlite3 +package_php53-sqlite() { + pkgdesc="sqlite module for ${pkgbase}" + depends=("${_ext_depends_sqlite[@]}") + _install_module sqlite3 + _install_module pdo_sqlite } -package_php53-gd() { - pkgdesc='gd module for PHP' - depends=("${pkgbase}" 'libpng' 'libjpeg' 'freetype2') - provides=("${_pkgbase}-gd=$pkgver") +# ODBC +package_php53-odbc() { + pkgdesc="ODBC modules for ${pkgbase}" + depends=("${_ext_depends_odbc[@]}") + _install_module odbc + _install_module pdo_odbc +} - install -D -m755 ${srcdir}/build-php/modules/gd.so ${pkgdir}/usr/lib/${pkgbase}/modules/gd.so +# PostgreSQL +package_php53-pgsql() { + pkgdesc="PostgreSQL modules for ${pkgbase}" + depends=("${_ext_depends_pgsql[@]}") + _install_module pgsql + _install_module pdo_pgsql } -package_php53-imap() { - pkgdesc='imap module for PHP' - depends=("${pkgbase}" 'c-client') - provides=("${_pkgbase}-imap=$pkgver") +# interbase +package_php53-interbase() { + pkgdesc="interbase module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" "libfbclient") + _install_module interbase +} + +# firebird +package_php53-firebird() { + pkgdesc="pdo_firebird module for ${pkgbase}" + depends=("${_ext_depends_firebird[@]}") + _install_module pdo_firebird +} - install -D -m755 ${srcdir}/build-php/modules/imap.so ${pkgdir}/usr/lib/${pkgbase}/modules/imap.so +# pdo_dblib +package_php53-dblib() { + depends=("${pkgbase}=${pkgver}" 'freetds') + pkgdesc="pdo_dblib module for ${pkgbase}" + _install_module pdo_dblib } +# mssql +package_php53-mssql() { + depends=("${pkgbase}=${pkgver}" 'freetds') + pkgdesc="mssql module for ${pkgbase}" + _install_module mssql +} + +# Dba +package_php53-dba() { + pkgdesc="dba module for ${pkgbase}" + depends=("${_ext_depends_dba[@]}") + _install_module dba +} + +############################################################################### +# PHP Modules: internationalization, text, datetime +############################################################################### + +# Intl package_php53-intl() { - pkgdesc='intl module for PHP' - depends=("${pkgbase}" 'icu') - provides=("${_pkgbase}-intl=$pkgver") + pkgdesc="intl module for ${pkgbase}" + depends=("${_ext_depends_intl[@]}") + if ((_build_with_custom_icu)); then + # Patch to proper path inside intl.so + patchelf --set-rpath "/usr/lib/${pkgbase}/icu${_pkgver_icu}/lib" "build-cli/modules/intl.so" + fi + _install_module intl +} - install -D -m755 ${srcdir}/build-php/modules/intl.so ${pkgdir}/usr/lib/${pkgbase}/modules/intl.so +# Recode +package_php53-recode() { + pkgdesc="recode module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'recode') + _install_module recode } -package_php53-ldap() { - pkgdesc='ldap module for PHP' - depends=("${pkgbase}" 'libldap') - provides=("${pkgbase}-ldap=$pkgver") +# gettext +package_php53-gettext() { + pkgdesc="gettext module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module gettext +} - install -D -m755 ${srcdir}/build-php/modules/ldap.so ${pkgdir}/usr/lib/${pkgbase}/modules/ldap.so +# iconv +package_php53-iconv() { + pkgdesc="iconv module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module iconv } -package_php53-mcrypt() { - pkgdesc='mcrypt module for PHP' - depends=("${pkgbase}" 'libmcrypt' 'libltdl') - provides=("${_pkgbase}-mcrypt=$pkgver") +# calendar +package_php53-calendar() { + pkgdesc="calendar module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module calendar +} + + +############################################################################### +# PHP Modules: multimedia +############################################################################### - install -D -m755 ${srcdir}/build-php/modules/mcrypt.so ${pkgdir}/usr/lib/${pkgbase}/modules/mcrypt.so +# GD +package_php53-gd() { + pkgdesc="gd module for ${pkgbase}" + depends=("${_ext_depends_gd[@]}") + _install_module gd } -package_php53-mssql() { - pkgdesc='mssql module for PHP' - depends=("${pkgbase}" 'freetds') - provides=("${_pkgbase}-mssql=$pkgver") +# exif +package_php53-exif() { + pkgdesc="exif module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module exif +} - install -D -m755 ${srcdir}/build-php/modules/mssql.so ${pkgdir}/usr/lib/${pkgbase}/modules/mssql.so +# fileinfo +package_php53-fileinfo() { + pkgdesc="fileinfo module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module fileinfo } -package_php53-odbc() { - pkgdesc='ODBC modules for PHP' - depends=("${pkgbase}" 'unixodbc') - provides=("${_pkgbase}-odbc=$pkgver") - install -D -m755 ${srcdir}/build-php/modules/odbc.so ${pkgdir}/usr/lib/${pkgbase}/modules/odbc.so - install -D -m755 ${srcdir}/build-php/modules/pdo_odbc.so ${pkgdir}/usr/lib/${pkgbase}/modules/pdo_odbc.so +############################################################################### +# PHP modules: math +############################################################################### + +# bcmath +package_php53-bcmath() { + pkgdesc="bcmath module for ${pkgbase}" + depends=("${pkgbase}") + _install_module bcmath } -package_php53-pgsql() { - pkgdesc='PostgreSQL modules for PHP' - depends=("${pkgbase}" 'postgresql-libs') - provides=("${_pkgbase}-pgsql=$pkgver") +# gmp +package_php53-gmp() { + pkgdesc="gmp module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'gmp') + _install_module gmp +} + +############################################################################### +# PHP modules: spell checking +############################################################################### - install -D -m755 ${srcdir}/build-php/modules/pgsql.so ${pkgdir}/usr/lib/${pkgbase}/modules/pgsql.so - install -D -m755 ${srcdir}/build-php/modules/pdo_pgsql.so ${pkgdir}/usr/lib/${pkgbase}/modules/pdo_pgsql.so +# Enchant +package_php53-enchant() { + pkgdesc="enchant module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'enchant' 'libvoikko' 'hspell' 'hunspell' 'nuspell' 'aspell') + _install_module enchant } +# Pspell package_php53-pspell() { - pkgdesc='pspell module for PHP' - depends=("${pkgbase}" 'aspell') - provides=("${_pkgbase}-pspell=$pkgver") + pkgdesc="pspell module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'aspell') + _install_module pspell +} - install -D -m755 ${srcdir}/build-php/modules/pspell.so ${pkgdir}/usr/lib/${pkgbase}/modules/pspell.so +############################################################################### +# PHP modules: compression +############################################################################### + +# bz2 +package_php53-bz2() { + pkgdesc="bz2 module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'bzip2') + _install_module bz2 } +# Zip +package_php53-zip() { + pkgdesc="zip module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libzip') + _install_module zip +} + +############################################################################### +# PHP modules: network client/servers +############################################################################### + +# curl +package_php53-curl() { + pkgdesc="curl module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" "curl") + _install_module curl +} + +# SOAP +package_php53-soap() { + pkgdesc="soap module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libxml2') + _install_module soap +} + +# FTP +package_php53-ftp() { + pkgdesc="FTP module for ${pkgbase}" + depends=("${_ext_depends_ftp[@]}") + _install_module ftp +} + +# ldap +package_php53-ldap() { + pkgdesc="ldap module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libldap' 'libsasl') + _install_module ldap +} + +# SNMP package_php53-snmp() { - pkgdesc='snmp module for PHP' - depends=("${pkgbase}" 'net-snmp') - provides=("${_pkgbase}-snmp=$pkgver") + pkgdesc="snmp module for ${pkgbase}" + depends=("${_ext_depends_snmp[@]}") + _install_module snmp +} - install -D -m755 ${srcdir}/build-php/modules/snmp.so ${pkgdir}/usr/lib/${pkgbase}/modules/snmp.so +# XML-RPC +package_php53-xmlrpc() { + pkgdesc="xmlrpc module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libxml2') + _install_module xmlrpc } -package_php53-sqlite() { - pkgdesc='sqlite module for PHP' - depends=("${pkgbase}" 'sqlite') - provides=("${_pkgbase}-sqlite=$pkgver") +# Imap +package_php53-imap() { + pkgdesc="imap module for ${pkgbase}" + depends=("${_ext_depends_imap[@]}") + _install_module imap +} - install -D -m755 ${srcdir}/build-php/modules/sqlite3.so ${pkgdir}/usr/lib/${pkgbase}/modules/sqlite3.so - install -D -m755 ${srcdir}/build-php/modules/pdo_sqlite.so ${pkgdir}/usr/lib/${pkgbase}/modules/pdo_sqlite.so +# sockets +package_php53-sockets() { + pkgdesc="sockets module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module sockets } -package_php53-tidy() { - pkgdesc='tidy module for PHP' - depends=("${pkgbase}" 'tidyhtml') - provides=("${_pkgbase}-tidy=$pkgver") +############################################################################### +# PHP Modules: cryptography +############################################################################### - install -D -m755 ${srcdir}/build-php/modules/tidy.so ${pkgdir}/usr/lib/${pkgbase}/modules/tidy.so +# Sodium +package_php53-sodium() { + pkgdesc="sodium (libsodium) module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" "libsodium") + _install_module sodium } -package_php53-xsl() { - pkgdesc='xsl module for PHP' - depends=("${pkgbase}" 'libxslt') - provides=("${_pkgbase}-xsl=$pkgver") +# Mcrypt +package_php53-mcrypt() { + pkgdesc="mcrypt module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libmcrypt') + _install_module mcrypt +} + + +############################################################################### +# PHP Zend modules: opcache/jit +############################################################################### + +# Opcache +package_php53-opcache() { + pkgdesc="opcache zend module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module opcache +} + +############################################################################### +# PHP posix, pcntl, shmop and System V modules +############################################################################### + +# posix +package_php53-posix() { + pkgdesc="posix module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module posix +} + +# pcntl +package_php53-pcntl() { + pkgdesc="pcntl module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module pcntl +} + +# shmop +package_php53-shmop() { + pkgdesc="shmop module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module shmop +} - install -D -m755 ${srcdir}/build-php/modules/xsl.so ${pkgdir}/usr/lib/${pkgbase}/modules/xsl.so +# sysvmsg +package_php53-sysvmsg() { + pkgdesc="sysvmsg module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module sysvmsg } + +# sysvsem +package_php53-sysvsem() { + pkgdesc="sysvsem module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module sysvsem +} + +# sysvshm +package_php53-sysvshm() { + pkgdesc="sysvshm module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module sysvshm +} + +############################################################################### +# PHP Misc modules +############################################################################### + +# Ffi +package_php53-ffi() { + pkgdesc="ffi module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libffi') + _install_module ffi +} + +# ctype +package_php53-ctype() { + pkgdesc="ctype module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module ctype +} + +# tokenizer +package_php53-tokenizer() { + pkgdesc="tokenizer module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}") + _install_module tokenizer +} + +# libedit/readline +package_php53-readline() { + pkgdesc="readline (libedit version) module for ${pkgbase}" + depends=("${pkgbase}=${pkgver}" 'libedit') + _install_module readline +} + + +sha256sums=('e6b8530d747000eebb0089249ec70a3b14add7b501337046700544883f62b17b' + '0b7e98dca9c996ec10cb9b3f6296bb7547c68797fd5f35006fdfd3e97700672d' + 'ba72fc64f77822755a469314160d5889d5298f4eb5758dd7939dac9b811afe52' + '6d0ad9becb5470ce8e5929d7d45660b0f32579038978496317544c5310281a91' + 'c4e1cf6972b2a9c7f2777a18497d83bf713cdbecabb65d3ff62ba441aebb0091' + '92f1b7b9d51b396679c17f35a2112423361b8da3c1b9de00aa94fd768ae296e6' + '5cac358527fa9f6cb8b7f22e34b86ef98453d8d3b45a83e745683fecc0fcf9a3' + '8a5e1a2a563c38f237b0ed735918ecf82c30edd3f7beae5d99be041585901d27' + 'e49744c78d6413ab6e93e3786d70c2d1cbdbb62e5bcfdb85c05efcf16fecfb96' + 'aecd8dff7022e956718407a5b98dec19acdceef08b0a58e7266b483bc3845de6' + 'd2f6f8e71c99247c798451a56d5b3e0817d404dfc41175b2e9735e38ecfaa6d6' + '72a94ccc694657b3d52ce9da537e3f9d4ac7aee4970e916c88f6a8af2bc5cc0e' + 'de279c546cfe5de88ae3dc7b169be963b6f367361821ca1b415b9b04973781a5' + 'd175f0c14fdb22855090c93f76e18f04320d7bf15afc057ffde947f9bb361242' + 'f5ae925036744a5e88cea2698879aea0498e1e23aee7801923d90f16be383908' + '12f4e3aeab72e7d24221c07b64106c496c2e300518682bd301351dc9fa6ab3cf' + '52c5a93fb03fa8f3f99438eb803b3182766ee04e0e6b76f00b0bc848d03ff6a6' + '3049b76460c65a70017ba2aac8f8c45725df2bbea458a96ec7164db63639e87f' + 'c9f3b0dff07a7e9688f60b92a2a15817bd7cd59a8c5278cae629d856be66de5c' + 'c9b3c4153596b605a41456e8242d98e474be6391d6fb4b6ce70a21c4c23b5203' + '7e59ff3e1669d55f2a26ccdd748bfed6bbfd85d5d9206c1241cfd4443994f42c' + '616ec8aa12070fb058be511abdae703a62d1c99387dd6d2a7bb47cb1b5bbda5f' + '576d301ad50cf71782773f970b418ec9a569e8e4fccb2ae982895f3553309794' + '558e780e93dfa861a366c49b4d156d8fc43f17898f001ae6033ec63c33d5d41c') diff --git a/apache.conf b/apache.conf deleted file mode 100644 index c3ca0aad509e..000000000000 --- a/apache.conf +++ /dev/null @@ -1,13 +0,0 @@ -# Required modules: dir_module, php5_module - -<IfModule dir_module> - <IfModule php5_module> - DirectoryIndex index.php index.html - <FilesMatch "\.php$"> - SetHandler application/x-httpd-php - </FilesMatch> - <FilesMatch "\.phps$"> - SetHandler application/x-httpd-php-source - </FilesMatch> - </IfModule> -</IfModule> diff --git a/curl_embedded_null.patch b/curl_embedded_null.patch deleted file mode 100644 index eca9b1d1c39e..000000000000 --- a/curl_embedded_null.patch +++ /dev/null @@ -1,43 +0,0 @@ -Description: fix local file disclosure via curl NULL byte injection -Origin: backport, http://git.php.net/?p=php-src.git;a=commit;h=ab0939e5e5449cba04b02fff3a5595f725bce0a0 -Bug: https://bugs.php.net/bug.php?id=68089 - -Index: php5-5.3.10/ext/curl/interface.c -=================================================================== ---- php5-5.3.10.orig/ext/curl/interface.c 2014-10-28 14:54:02.671549358 -0400 -+++ php5-5.3.10/ext/curl/interface.c 2014-10-28 14:54:49.427898135 -0400 -@@ -172,6 +172,11 @@ - #endif - TSRMLS_FETCH(); - -+ if (strlen(url) != len) { -+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Curl option contains invalid characters (\\0)"); -+ return 0; -+ } -+ - /* Disable file:// if open_basedir or safe_mode are used */ - if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) { - #if LIBCURL_VERSION_NUM >= 0x071304 -Index: php5-5.3.10/ext/curl/tests/bug68089.phpt -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ php5-5.3.10/ext/curl/tests/bug68089.phpt 2014-10-28 14:54:02.667549328 -0400 -@@ -0,0 +1,18 @@ -+--TEST-- -+Bug #68089 (NULL byte injection - cURL lib) -+--SKIPIF-- -+<?php -+include 'skipif.inc'; -+ -+?> -+--FILE-- -+<?php -+$url = "file:///etc/passwd\0http://google.com"; -+$ch = curl_init(); -+var_dump(curl_setopt($ch, CURLOPT_URL, $url)); -+?> -+Done -+--EXPECTF-- -+Warning: curl_setopt(): Curl option contains invalid characters (\0) in %s/bug68089.php on line 4 -+bool(false) -+Done diff --git a/cve-php5.3.patch b/cve-php5.3.patch new file mode 100644 index 000000000000..5f8ff7b66a99 --- /dev/null +++ b/cve-php5.3.patch @@ -0,0 +1,842 @@ +--- a/ext/fileinfo/libmagic/cdf.c ++++ b/ext/fileinfo/libmagic/cdf.c +@@ -820,7 +820,7 @@ + q = (const uint8_t *)(const void *) + ((const char *)(const void *)p + ofs + - 2 * sizeof(uint32_t)); +- if (q > e) { ++ if (q < p || q > e) { + DPRINTF(("Ran of the end %p > %p\n", q, e)); + goto out; + } +--- a/ext/standard/dns.c ++++ b/ext/standard/dns.c +@@ -412,8 +412,14 @@ + + #if HAVE_FULL_DNS_FUNCS + ++#define CHECKCP(n) do { \ ++ if (cp + n > end) { \ ++ return NULL; \ ++ } \ ++} while (0) ++ + /* {{{ php_parserr */ +-static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int store, zval **subarray) ++static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_to_fetch, int store, zval **subarray) + { + u_short type, class, dlen; + u_long ttl; +@@ -425,16 +431,18 @@ + + *subarray = NULL; + +- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, sizeof(name) - 2); ++ n = dn_expand(answer->qb2, end, cp, name, sizeof(name) - 2); + if (n < 0) { + return NULL; + } + cp += n; + ++ CHECKCP(10); + GETSHORT(type, cp); + GETSHORT(class, cp); + GETLONG(ttl, cp); + GETSHORT(dlen, cp); ++ CHECKCP(dlen); + if (type_to_fetch != T_ANY && type != type_to_fetch) { + cp += dlen; + return cp; +@@ -451,12 +459,14 @@ + add_assoc_string(*subarray, "host", name, 1); + switch (type) { + case DNS_T_A: ++ CHECKCP(4); + add_assoc_string(*subarray, "type", "A", 1); + snprintf(name, sizeof(name), "%d.%d.%d.%d", cp[0], cp[1], cp[2], cp[3]); + add_assoc_string(*subarray, "ip", name, 1); + cp += dlen; + break; + case DNS_T_MX: ++ CHECKCP(2); + add_assoc_string(*subarray, "type", "MX", 1); + GETSHORT(n, cp); + add_assoc_long(*subarray, "pri", n); +@@ -475,7 +485,7 @@ + if (type == DNS_T_PTR) { + add_assoc_string(*subarray, "type", "PTR", 1); + } +- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); ++ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); + if (n < 0) { + return NULL; + } +@@ -485,18 +495,22 @@ + case DNS_T_HINFO: + /* See RFC 1010 for values */ + add_assoc_string(*subarray, "type", "HINFO", 1); ++ CHECKCP(1); + n = *cp & 0xFF; + cp++; ++ CHECKCP(n); + add_assoc_stringl(*subarray, "cpu", (char*)cp, n, 1); + cp += n; ++ CHECKCP(1); + n = *cp & 0xFF; + cp++; ++ CHECKCP(n); + add_assoc_stringl(*subarray, "os", (char*)cp, n, 1); + cp += n; + break; + case DNS_T_TXT: + { +- int ll = 0; ++ int l1 = 0, l2 = 0; + zval *entries = NULL; + + add_assoc_string(*subarray, "type", "TXT", 1); +@@ -505,37 +519,41 @@ + MAKE_STD_ZVAL(entries); + array_init(entries); + +- while (ll < dlen) { +- n = cp[ll]; +- if ((ll + n) >= dlen) { ++ while (l1 < dlen) { ++ n = cp[l1]; ++ if ((l1 + n) >= dlen) { + // Invalid chunk length, truncate +- n = dlen - (ll + 1); ++ n = dlen - (l1 + 1); + } +- memcpy(tp + ll , cp + ll + 1, n); +- add_next_index_stringl(entries, cp + ll + 1, n, 1); +- ll = ll + n + 1; ++ if (n) { ++ memcpy(tp + l2 , cp + l1 + 1, n); ++ add_next_index_stringl(entries, cp + l1 + 1, n, 1); ++ } ++ l1 = l1 + n + 1; ++ l2 = l2 + n; + } +- tp[dlen] = '\0'; ++ tp[l2] = '\0'; + cp += dlen; + +- add_assoc_stringl(*subarray, "txt", tp, (dlen>0)?dlen - 1:0, 0); ++ add_assoc_stringl(*subarray, "txt", tp, l2, 0); + add_assoc_zval(*subarray, "entries", entries); + } + break; + case DNS_T_SOA: + add_assoc_string(*subarray, "type", "SOA", 1); +- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) -2); ++ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) -2); + if (n < 0) { + return NULL; + } + cp += n; + add_assoc_string(*subarray, "mname", name, 1); +- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) -2); ++ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) -2); + if (n < 0) { + return NULL; + } + cp += n; + add_assoc_string(*subarray, "rname", name, 1); ++ CHECKCP(5*4); + GETLONG(n, cp); + add_assoc_long(*subarray, "serial", n); + GETLONG(n, cp); +@@ -549,6 +567,7 @@ + break; + case DNS_T_AAAA: + tp = (u_char*)name; ++ CHECKCP(8*2); + for(i=0; i < 8; i++) { + GETSHORT(s, cp); + if (s != 0) { +@@ -583,6 +602,7 @@ + case DNS_T_A6: + p = cp; + add_assoc_string(*subarray, "type", "A6", 1); ++ CHECKCP(1); + n = ((int)cp[0]) & 0xFF; + cp++; + add_assoc_long(*subarray, "masklen", n); +@@ -618,6 +638,7 @@ + cp++; + } + for (i = (n + 8) / 16; i < 8; i++) { ++ CHECKCP(2); + GETSHORT(s, cp); + if (s != 0) { + if (tp > (u_char *)name) { +@@ -647,7 +668,7 @@ + tp[0] = '\0'; + add_assoc_string(*subarray, "ipv6", name, 1); + if (cp < p + dlen) { +- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); ++ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); + if (n < 0) { + return NULL; + } +@@ -656,6 +677,7 @@ + } + break; + case DNS_T_SRV: ++ CHECKCP(3*2); + add_assoc_string(*subarray, "type", "SRV", 1); + GETSHORT(n, cp); + add_assoc_long(*subarray, "pri", n); +@@ -663,7 +685,7 @@ + add_assoc_long(*subarray, "weight", n); + GETSHORT(n, cp); + add_assoc_long(*subarray, "port", n); +- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); ++ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); + if (n < 0) { + return NULL; + } +@@ -671,21 +693,35 @@ + add_assoc_string(*subarray, "target", name, 1); + break; + case DNS_T_NAPTR: ++ CHECKCP(2*2); + add_assoc_string(*subarray, "type", "NAPTR", 1); + GETSHORT(n, cp); + add_assoc_long(*subarray, "order", n); + GETSHORT(n, cp); + add_assoc_long(*subarray, "pref", n); ++ ++ CHECKCP(1); + n = (cp[0] & 0xFF); +- add_assoc_stringl(*subarray, "flags", (char*)++cp, n, 1); ++ cp++; ++ CHECKCP(n); ++ add_assoc_stringl(*subarray, "flags", (char*)cp, n, 1); + cp += n; ++ ++ CHECKCP(1); + n = (cp[0] & 0xFF); +- add_assoc_stringl(*subarray, "services", (char*)++cp, n, 1); ++ cp++; ++ CHECKCP(n); ++ add_assoc_stringl(*subarray, "services", (char*)cp, n, 1); + cp += n; ++ ++ CHECKCP(1); + n = (cp[0] & 0xFF); +- add_assoc_stringl(*subarray, "regex", (char*)++cp, n, 1); ++ cp++; ++ CHECKCP(n); ++ add_assoc_stringl(*subarray, "regex", (char*)cp, n, 1); + cp += n; +- n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); ++ ++ n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); + if (n < 0) { + return NULL; + } +@@ -852,7 +888,7 @@ + while (an-- && cp && cp < end) { + zval *retval; + +- cp = php_parserr(cp, &answer, type_to_fetch, store_results, &retval); ++ cp = php_parserr(cp, end, &answer, type_to_fetch, store_results, &retval); + if (retval != NULL && store_results) { + add_next_index_zval(return_value, retval); + } +@@ -865,7 +901,7 @@ + while (ns-- > 0 && cp && cp < end) { + zval *retval = NULL; + +- cp = php_parserr(cp, &answer, DNS_T_ANY, authns != NULL, &retval); ++ cp = php_parserr(cp, end, &answer, DNS_T_ANY, authns != NULL, &retval); + if (retval != NULL) { + add_next_index_zval(authns, retval); + } +@@ -877,7 +913,7 @@ + while (ar-- > 0 && cp && cp < end) { + zval *retval = NULL; + +- cp = php_parserr(cp, &answer, DNS_T_ANY, 1, &retval); ++ cp = php_parserr(cp, end, &answer, DNS_T_ANY, 1, &retval); + if (retval != NULL) { + add_next_index_zval(addtl, retval); + } +diff --git a/ext/xmlrpc/libxmlrpc/xmlrpc.c b/ext/xmlrpc/libxmlrpc/xmlrpc.c +index ce70c2a..b766a54 100644 +--- a/ext/xmlrpc/libxmlrpc/xmlrpc.c ++++ b/ext/xmlrpc/libxmlrpc/xmlrpc.c +@@ -219,16 +219,19 @@ + n = 10; + tm.tm_mon = 0; + for(i = 0; i < 2; i++) { +- XMLRPC_IS_NUMBER(text[i]) ++ XMLRPC_IS_NUMBER(text[i+4]) + tm.tm_mon += (text[i+4]-'0')*n; + n /= 10; + } + tm.tm_mon --; ++ if(tm.tm_mon < 0 || tm.tm_mon > 11) { ++ return -1; ++ } + + n = 10; + tm.tm_mday = 0; + for(i = 0; i < 2; i++) { +- XMLRPC_IS_NUMBER(text[i]) ++ XMLRPC_IS_NUMBER(text[i+6]) + tm.tm_mday += (text[i+6]-'0')*n; + n /= 10; + } +@@ -236,7 +239,7 @@ + n = 10; + tm.tm_hour = 0; + for(i = 0; i < 2; i++) { +- XMLRPC_IS_NUMBER(text[i]) ++ XMLRPC_IS_NUMBER(text[i+9]) + tm.tm_hour += (text[i+9]-'0')*n; + n /= 10; + } +@@ -244,7 +247,7 @@ + n = 10; + tm.tm_min = 0; + for(i = 0; i < 2; i++) { +- XMLRPC_IS_NUMBER(text[i]) ++ XMLRPC_IS_NUMBER(text[i+12]) + tm.tm_min += (text[i+12]-'0')*n; + n /= 10; + } +@@ -252,7 +255,7 @@ + n = 10; + tm.tm_sec = 0; + for(i = 0; i < 2; i++) { +- XMLRPC_IS_NUMBER(text[i]) ++ XMLRPC_IS_NUMBER(text[i+15]) + tm.tm_sec += (text[i+15]-'0')*n; + n /= 10; + } +--- /dev/null ++++ b/ext/xmlrpc/tests/bug68027.phpt +@@ -0,0 +1,44 @@ ++--TEST-- ++Bug #68027 (buffer overflow in mkgmtime() function) ++--SKIPIF-- ++<?php ++if (!extension_loaded("xmlrpc")) print "skip"; ++?> ++--FILE-- ++<?php ++ ++$d = '6-01-01 20:00:00'; ++xmlrpc_set_type($d, 'datetime'); ++var_dump($d); ++$datetime = "2001-0-08T21:46:40-0400"; ++$obj = xmlrpc_decode("<?xml version=\"1.0\"?><methodResponse><params><param><value><dateTime.iso8601>$datetime</dateTime.iso8601></value></param></params></methodResponse>"); ++print_r($obj); ++ ++$datetime = "34770-0-08T21:46:40-0400"; ++$obj = xmlrpc_decode("<?xml version=\"1.0\"?><methodResponse><params><param><value><dateTime.iso8601>$datetime</dateTime.iso8601></value></param></params></methodResponse>"); ++print_r($obj); ++ ++echo "Done\n"; ++?> ++--EXPECTF-- ++object(stdClass)#1 (3) { ++ ["scalar"]=> ++ string(16) "6-01-01 20:00:00" ++ ["xmlrpc_type"]=> ++ string(8) "datetime" ++ ["timestamp"]=> ++ int(%d) ++} ++stdClass Object ++( ++ [scalar] => 2001-0-08T21:46:40-0400 ++ [xmlrpc_type] => datetime ++ [timestamp] => %s ++) ++stdClass Object ++( ++ [scalar] => 34770-0-08T21:46:40-0400 ++ [xmlrpc_type] => datetime ++ [timestamp] => %d ++) ++Done +--- /dev/null ++++ php5-5.3.10/ext/standard/tests/serialize/bug68044.phpt +@@ -0,0 +1,12 @@ ++--TEST-- ++Bug #68044 Integer overflow in unserialize() (32-bits only) ++--FILE-- ++<?php ++ echo unserialize('C:3:"XYZ":18446744075857035259:{}'); ++?> ++===DONE== ++--EXPECTF-- ++Warning: Insufficient data for unserializing - %d required, 1 present in %s/bug68044.php on line 2 ++ ++Notice: unserialize(): Error at offset 32 of 33 bytes in %s/bug68044.php on line 2 ++===DONE== +--- php5-5.3.10.orig/ext/standard/var_unserializer.c ++++ php5-5.3.10/ext/standard/var_unserializer.c +@@ -333,7 +333,7 @@ + + (*p) += 2; + +- if (datalen < 0 || (*p) + datalen >= max) { ++ if (datalen < 0 || (max - (*p)) <= datalen) { + zend_error(E_WARNING, "Insufficient data for unserializing - %ld required, %ld present", datalen, (long)(max - (*p))); + return 0; + } +--- php5-5.3.10.orig/ext/standard/var_unserializer.re ++++ php5-5.3.10/ext/standard/var_unserializer.re +@@ -339,7 +339,7 @@ + + (*p) += 2; + +- if (datalen < 0 || (*p) + datalen >= max) { ++ if (datalen < 0 || (max - (*p)) <= datalen) { + zend_error(E_WARNING, "Insufficient data for unserializing - %ld required, %ld present", datalen, (long)(max - (*p))); + return 0; + } +--- php5-5.3.10.orig/ext/exif/exif.c ++++ php5-5.3.10/ext/exif/exif.c +@@ -2446,11 +2446,11 @@ + data_ptr += 8; + break; + case TAG_FMT_SINGLE: +- memmove(data_ptr, &info_data->value.f, byte_count); ++ memmove(data_ptr, &info_value->f, 4); + data_ptr += 4; + break; + case TAG_FMT_DOUBLE: +- memmove(data_ptr, &info_data->value.d, byte_count); ++ memmove(data_ptr, &info_value->d, 8); + data_ptr += 8; + break; + } +--- /dev/null ++++ php5-5.3.10/ext/standard/tests/serialize/bug68594.phpt +@@ -0,0 +1,23 @@ ++--TEST-- ++Bug #68545 Use after free vulnerability in unserialize() ++--FILE-- ++<?php ++for ($i=4; $i<100; $i++) { ++ $m = new StdClass(); ++ ++ $u = array(1); ++ ++ $m->aaa = array(1,2,&$u,4,5); ++ $m->bbb = 1; ++ $m->ccc = &$u; ++ $m->ddd = str_repeat("A", $i); ++ ++ $z = serialize($m); ++ $z = str_replace("bbb", "aaa", $z); ++ $y = unserialize($z); ++ $z = serialize($y); ++} ++?> ++===DONE=== ++--EXPECTF-- ++===DONE=== +--- php5-5.3.10.orig/ext/standard/var_unserializer.c ++++ php5-5.3.10/ext/standard/var_unserializer.c +@@ -298,6 +298,9 @@ + } else { + /* object properties should include no integers */ + convert_to_string(key); ++ if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { ++ var_push_dtor(var_hash, old_data); ++ } + zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, + sizeof data, NULL); + } +--- php5-5.3.10.orig/ext/standard/var_unserializer.re ++++ php5-5.3.10/ext/standard/var_unserializer.re +@@ -304,6 +304,9 @@ + } else { + /* object properties should include no integers */ + convert_to_string(key); ++ if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { ++ var_push_dtor(var_hash, old_data); ++ } + zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, + sizeof data, NULL); + } +--- php5-5.3.10.orig/ext/enchant/enchant.c ++++ php5-5.3.10/ext/enchant/enchant.c +@@ -545,13 +545,12 @@ + + d = enchant_broker_request_dict(pbroker->pbroker, (const char *)tag); + if (d) { ++ pos = pbroker->dictcnt++; + if (pbroker->dictcnt) { + pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt); +- pos = pbroker->dictcnt++; + } else { + pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *)); + pos = 0; +- pbroker->dictcnt++; + } + + dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict)); +@@ -606,14 +605,14 @@ + + d = enchant_broker_request_pwl_dict(pbroker->pbroker, (const char *)pwl); + if (d) { ++ pos = pbroker->dictcnt++; + if (pbroker->dictcnt) { +- pos = pbroker->dictcnt++; + pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt); + } else { + pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *)); + pos = 0; +- pbroker->dictcnt++; + } ++ + dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict)); + dict->id = pos; + dict->pbroker = pbroker; +--- /dev/null ++++ php5-5.3.10/ext/standard/tests/strings/bug68710.phpt +@@ -0,0 +1,25 @@ ++--TEST-- ++Bug #68710 Use after free vulnerability in unserialize() (bypassing the ++CVE-2014-8142 fix) ++--FILE-- ++<?php ++for ($i=4; $i<100; $i++) { ++ $m = new StdClass(); ++ ++ $u = array(1); ++ ++ $m->aaa = array(1,2,&$u,4,5); ++ $m->bbb = 1; ++ $m->ccc = &$u; ++ $m->ddd = str_repeat("A", $i); ++ ++ $z = serialize($m); ++ $z = str_replace("aaa", "123", $z); ++ $z = str_replace("bbb", "123", $z); ++ $y = unserialize($z); ++ $z = serialize($y); ++} ++?> ++===DONE=== ++--EXPECTF-- ++===DONE=== +--- php5-5.3.10.orig/ext/standard/var_unserializer.c ++++ php5-5.3.10/ext/standard/var_unserializer.c +@@ -298,7 +298,7 @@ + } else { + /* object properties should include no integers */ + convert_to_string(key); +- if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { ++ if (zend_hash_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { + var_push_dtor(var_hash, old_data); + } + zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, +--- php5-5.3.10.orig/ext/standard/var_unserializer.re ++++ php5-5.3.10/ext/standard/var_unserializer.re +@@ -304,7 +304,7 @@ + } else { + /* object properties should include no integers */ + convert_to_string(key); +- if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { ++ if (zend_hash_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { + var_push_dtor(var_hash, old_data); + } + zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, +--- php5-5.3.10.orig/ext/phar/phar_object.c ++++ php5-5.3.10/ext/phar/phar_object.c +@@ -2320,8 +2320,8 @@ + } + its_ok: + if (SUCCESS == php_stream_stat_path(newpath, &ssb)) { +- efree(oldpath); + zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "phar \"%s\" exists and must be unlinked prior to conversion", newpath); ++ efree(oldpath); + return NULL; + } + if (!phar->is_data) { +diff --git a/ext/ereg/regex/regcomp.c b/ext/ereg/regex/regcomp.c +index 156eee9..f4bfc1c 100644 +--- a/ext/ereg/regex/regcomp.c ++++ b/ext/ereg/regex/regcomp.c +@@ -117,7 +117,15 @@ + (NC-1)*sizeof(cat_t)); + if (g == NULL) + return(REG_ESPACE); +- p->ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */ ++ { ++ /* Patched for CERT Vulnerability Note VU#695940, Feb 2015. */ ++ size_t new_ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */ ++ if (new_ssize < len || new_ssize > LONG_MAX / sizeof(sop)) { ++ free((char *) g); ++ return REG_INVARG; ++ } ++ p->ssize = new_ssize; ++ } + p->strip = (sop *)malloc(p->ssize * sizeof(sop)); + p->slen = 0; + if (p->strip == NULL) { +--- php5-5.3.10.orig/ext/phar/phar.c ++++ php5-5.3.10/ext/phar/phar.c +@@ -600,52 +600,41 @@ + * + * Meta-data is in this format: + * [len32][data...] +- * ++ * + * data is the serialized zval + */ +-int phar_parse_metadata(char **buffer, zval **metadata, int zip_metadata_len TSRMLS_DC) /* {{{ */ ++int phar_parse_metadata(char **buffer, zval **metadata, php_uint32 zip_metadata_len TSRMLS_DC) /* {{{ */ + { +- const unsigned char *p; +- php_uint32 buf_len; + php_unserialize_data_t var_hash; + +- if (!zip_metadata_len) { +- PHAR_GET_32(*buffer, buf_len); +- } else { +- buf_len = zip_metadata_len; +- } +- +- if (buf_len) { ++ if (zip_metadata_len) { ++ const unsigned char *p, *p_buff = estrndup(*buffer, zip_metadata_len); ++ p = p_buff; + ALLOC_ZVAL(*metadata); + INIT_ZVAL(**metadata); +- p = (const unsigned char*) *buffer; + PHP_VAR_UNSERIALIZE_INIT(var_hash); + +- if (!php_var_unserialize(metadata, &p, p + buf_len, &var_hash TSRMLS_CC)) { ++ if (!php_var_unserialize(metadata, &p, p + zip_metadata_len, &var_hash TSRMLS_CC)) { ++ efree(p_buff); + PHP_VAR_UNSERIALIZE_DESTROY(var_hash); + zval_ptr_dtor(metadata); + *metadata = NULL; + return FAILURE; + } +- ++ efree(p_buff); + PHP_VAR_UNSERIALIZE_DESTROY(var_hash); + + if (PHAR_G(persist)) { + /* lazy init metadata */ + zval_ptr_dtor(metadata); +- *metadata = (zval *) pemalloc(buf_len, 1); +- memcpy(*metadata, *buffer, buf_len); +- *buffer += buf_len; ++ *metadata = (zval *) pemalloc(zip_metadata_len, 1); ++ memcpy(*metadata, *buffer, zip_metadata_len); + return SUCCESS; + } + } else { + *metadata = NULL; + } + +- if (!zip_metadata_len) { +- *buffer += buf_len; +- } +- + return SUCCESS; + } + /* }}}*/ +@@ -655,7 +644,7 @@ + * + * Parse a new one and add it to the cache, returning either SUCCESS or + * FAILURE, and setting pphar to the pointer to the manifest entry +- * ++ * + * This is used by phar_open_from_filename to process the manifest, but can be called + * directly. + */ +@@ -666,6 +655,7 @@ + phar_entry_info entry; + php_uint32 manifest_len, manifest_count, manifest_flags, manifest_index, tmp_len, sig_flags; + php_uint16 manifest_ver; ++ php_uint32 len; + long offset; + int sig_len, register_alias = 0, temp_alias = 0; + char *signature = NULL; +@@ -1031,16 +1021,21 @@ + mydata->is_persistent = PHAR_G(persist); + + /* check whether we have meta data, zero check works regardless of byte order */ ++ PHAR_GET_32(buffer, len); + if (mydata->is_persistent) { +- PHAR_GET_32(buffer, mydata->metadata_len); +- if (phar_parse_metadata(&buffer, &mydata->metadata, mydata->metadata_len TSRMLS_CC) == FAILURE) { +- MAPPHAR_FAIL("unable to read phar metadata in .phar file \"%s\""); +- } +- } else { +- if (phar_parse_metadata(&buffer, &mydata->metadata, 0 TSRMLS_CC) == FAILURE) { +- MAPPHAR_FAIL("unable to read phar metadata in .phar file \"%s\""); ++ mydata->metadata_len = len; ++ if(!len) { ++ /* FIXME: not sure why this is needed but removing it breaks tests */ ++ PHAR_GET_32(buffer, len); + } + } ++ if(len > endbuffer - buffer) { ++ MAPPHAR_FAIL("internal corruption of phar \"%s\" (trying to read past buffer end)"); ++ } ++ if (phar_parse_metadata(&buffer, &mydata->metadata, len TSRMLS_CC) == FAILURE) { ++ MAPPHAR_FAIL("unable to read phar metadata in .phar file \"%s\""); ++ } ++ buffer += len; + + /* set up our manifest */ + zend_hash_init(&mydata->manifest, manifest_count, +@@ -1075,7 +1070,7 @@ + entry.manifest_pos = manifest_index; + } + +- if (buffer + entry.filename_len + 20 > endbuffer) { ++ if (entry.filename_len + 20 > endbuffer - buffer) { + MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest entry)"); + } + +@@ -1111,19 +1106,20 @@ + entry.flags |= PHAR_ENT_PERM_DEF_DIR; + } + ++ PHAR_GET_32(buffer, len); + if (entry.is_persistent) { +- PHAR_GET_32(buffer, entry.metadata_len); +- if (!entry.metadata_len) buffer -= 4; +- if (phar_parse_metadata(&buffer, &entry.metadata, entry.metadata_len TSRMLS_CC) == FAILURE) { +- pefree(entry.filename, entry.is_persistent); +- MAPPHAR_FAIL("unable to read file metadata in .phar file \"%s\""); +- } ++ entry.metadata_len = len; + } else { +- if (phar_parse_metadata(&buffer, &entry.metadata, 0 TSRMLS_CC) == FAILURE) { +- pefree(entry.filename, entry.is_persistent); +- MAPPHAR_FAIL("unable to read file metadata in .phar file \"%s\""); +- } ++ entry.metadata_len = 0; + } ++ if (len > endbuffer - buffer) { ++ MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest entry)"); ++ } ++ if (phar_parse_metadata(&buffer, &entry.metadata, len TSRMLS_CC) == FAILURE) { ++ pefree(entry.filename, entry.is_persistent); ++ MAPPHAR_FAIL("unable to read file metadata in .phar file \"%s\""); ++ } ++ buffer += len; + + entry.offset = entry.offset_abs = offset; + offset += entry.compressed_filesize; +@@ -2243,7 +2239,7 @@ + + /** + * Process a phar stream name, ensuring we can handle any of: +- * ++ * + * - whatever.phar + * - whatever.phar.gz + * - whatever.phar.bz2 +--- php5-5.3.10.orig/ext/phar/phar_internal.h ++++ php5-5.3.10/ext/phar/phar_internal.h +@@ -654,7 +654,7 @@ + char *phar_find_in_include_path(char *file, int file_len, phar_archive_data **pphar TSRMLS_DC); + char *phar_fix_filepath(char *path, int *new_len, int use_cwd TSRMLS_DC); + phar_entry_info * phar_open_jit(phar_archive_data *phar, phar_entry_info *entry, char **error TSRMLS_DC); +-int phar_parse_metadata(char **buffer, zval **metadata, int zip_metadata_len TSRMLS_DC); ++int phar_parse_metadata(char **buffer, zval **metadata, php_uint32 zip_metadata_len TSRMLS_DC); + void destroy_phar_manifest_entry(void *pDest); + int phar_seek_efp(phar_entry_info *entry, off_t offset, int whence, off_t position, int follow_links TSRMLS_DC); + php_stream *phar_get_efp(phar_entry_info *entry, int follow_links TSRMLS_DC); +--- php5-5.3.10.orig/ext/standard/var_unserializer.c ++++ php5-5.3.10/ext/standard/var_unserializer.c +@@ -304,6 +304,7 @@ + zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, + sizeof data, NULL); + } ++ var_push_dtor(var_hash, &data); + + zval_dtor(key); + FREE_ZVAL(key); +--- php5-5.3.10.orig/ext/standard/var_unserializer.re ++++ php5-5.3.10/ext/standard/var_unserializer.re +@@ -310,6 +310,7 @@ + zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, + sizeof data, NULL); + } ++ var_push_dtor(var_hash, &data); + + zval_dtor(key); + FREE_ZVAL(key); +--- php5-5.3.10.orig/ext/phar/phar_internal.h ++++ php5-5.3.10/ext/phar/phar_internal.h +@@ -618,10 +618,13 @@ + { + char tmp[MAXPATHLEN]; + int tmp_len; ++ size_t len; + +- tmp_len = entry->filename_len + entry->phar->fname_len; +- memcpy(tmp, entry->phar->fname, entry->phar->fname_len); +- memcpy(tmp + entry->phar->fname_len, entry->filename, entry->filename_len); ++ tmp_len = MIN(MAXPATHLEN, entry->filename_len + entry->phar->fname_len); ++ len = MIN(entry->phar->fname_len, tmp_len); ++ memcpy(tmp, entry->phar->fname, len); ++ len = MIN(tmp_len - len, entry->filename_len); ++ memcpy(tmp + entry->phar->fname_len, entry->filename, len); + entry->inode = (unsigned short)zend_get_hash_value(tmp, tmp_len); + } + /* }}} */ +--- php5-5.3.10.orig/sapi/apache2handler/sapi_apache2.c ++++ php5-5.3.10/sapi/apache2handler/sapi_apache2.c +@@ -708,6 +708,7 @@ + } zend_end_try(); + } + apr_brigade_cleanup(brigade); ++ apr_pool_cleanup_run(r->pool, (void *)&SG(server_context), php_server_context_cleanup); + } else { + ctx->r = parent_req; + } +--- php5-5.3.10.orig/ext/curl/interface.c ++++ php5-5.3.10/ext/curl/interface.c +@@ -172,6 +172,11 @@ + #endif + TSRMLS_FETCH(); + ++ if (strlen(url) != len) { ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Curl option contains invalid characters (\\0)"); ++ return 0; ++ } ++ + /* Disable file:// if open_basedir or safe_mode are used */ + if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) { + #if LIBCURL_VERSION_NUM >= 0x071304 +--- /dev/null ++++ php5-5.3.10/ext/curl/tests/bug68089.phpt +@@ -0,0 +1,18 @@ ++--TEST-- ++Bug #68089 (NULL byte injection - cURL lib) ++--SKIPIF-- ++<?php ++include 'skipif.inc'; ++ ++?> ++--FILE-- ++<?php ++$url = "file:///etc/passwd\0http://google.com"; ++$ch = curl_init(); ++var_dump(curl_setopt($ch, CURLOPT_URL, $url)); ++?> ++Done ++--EXPECTF-- ++Warning: curl_setopt(): Curl option contains invalid characters (\0) in %s/bug68089.php on line 4 ++bool(false) ++Done diff --git a/dba-5.3-support.patch b/dba-5.3-support.patch new file mode 100644 index 000000000000..df1adf5533b9 --- /dev/null +++ b/dba-5.3-support.patch @@ -0,0 +1,22 @@ +--- a/ext/dba/config.m4 ++++ a/ext/dba/config.m4 +@@ -320,6 +320,10 @@ + THIS_PREFIX=$i + THIS_INCLUDE=$i/db4/db.h + break ++ elif test -f "$i/include/db5.3/db.h"; then ++ THIS_PREFIX=$i ++ THIS_INCLUDE=$i/include/db5.3/db.h ++ break + elif test -f "$i/include/db5.1/db.h"; then + THIS_PREFIX=$i + THIS_INCLUDE=$i/include/db5.1/db.h +@@ -362,7 +366,7 @@ + break + fi + done +- PHP_DBA_DB_CHECK(4, db-5.1 db-5.0 db-4.8 db-4.7 db-4.6 db-4.5 db-4.4 db-4.3 db-4.2 db-4.1 db-4.0 db-4 db4 db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) ++ PHP_DBA_DB_CHECK(4, db-5.3 db-5.1 db-5.0 db-4.8 db-4.7 db-4.6 db-4.5 db-4.4 db-4.3 db-4.2 db-4.1 db-4.0 db-4 db4 db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) + fi + PHP_DBA_STD_RESULT(db4,Berkeley DB4) + diff --git a/debian-php-5.3.29.patch b/debian-php-5.3.29.patch new file mode 100644 index 000000000000..1c1820958909 --- /dev/null +++ b/debian-php-5.3.29.patch @@ -0,0 +1,2703 @@ + +diff --git a/ext/standard/proc_open.c b/ext/standard/proc_open.c +index ac4f5b7..1e99293 100644 +--- a/ext/standard/proc_open.c ++++ b/ext/standard/proc_open.c +@@ -62,7 +62,7 @@ + * */ + #ifdef PHP_CAN_SUPPORT_PROC_OPEN + +-#if 0 && HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT && HAVE_SYS_IOCTL_H && HAVE_TERMIOS_H ++#if HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT && HAVE_SYS_IOCTL_H && HAVE_TERMIOS_H + # include <sys/ioctl.h> + # include <termios.h> + # define PHP_CAN_DO_PTS 1 +diff --git a/php.ini-development b/php.ini-development +index c8399c4..d7103b2 100644 +--- a/php.ini-development ++++ b/php.ini-development +@@ -295,6 +295,12 @@ + ; and below. This directive makes most sense if used in a per-directory + ; or per-virtualhost web server configuration file. + ; http://php.net/open-basedir ++ ++; NOTE: this is considered a "broken" security measure. ++; Applications relying on this feature will not receive full ++; support by the security team. For more information please ++; see /usr/share/doc/php-common/README.Debian.security ++; + ;open_basedir = + + ; This directive allows you to disable certain functions for security reasons. +diff --git a/ext/mysql/config.m4 b/ext/mysql/config.m4 +index fd7f52e..999c47b 100644 +--- a/ext/mysql/config.m4 ++++ b/ext/mysql/config.m4 +@@ -77,7 +77,7 @@ + Note that the MySQL client library is not bundled anymore!]) + fi + +- if test "$enable_maintainer_zts" = "yes"; then ++ if true || test "$enable_maintainer_zts" = "yes"; then + MYSQL_LIBNAME=mysqlclient_r + else + MYSQL_LIBNAME=mysqlclient +diff --git a/ext/mysqli/config.m4 b/ext/mysqli/config.m4 +index f6c86e7..9192600 100644 +--- a/ext/mysqli/config.m4 ++++ b/ext/mysqli/config.m4 +@@ -26,7 +26,7 @@ + MYSQL_LIB_CFG='--libmysqld-libs' + dnl mysqlnd doesn't support embedded, so we have to add some extra stuff + mysqli_extra_sources="mysqli_embedded.c" +- elif test "$enable_maintainer_zts" = "yes"; then ++ elif true || test "$enable_maintainer_zts" = "yes"; then + MYSQL_LIB_CFG='--libs_r' + MYSQL_LIB_NAME='mysqlclient_r' + else +diff --git a/ext/pdo_mysql/config.m4 b/ext/pdo_mysql/config.m4 +index f237f41..3483cca 100755 +--- a/ext/pdo_mysql/config.m4 ++++ b/ext/pdo_mysql/config.m4 +@@ -55,7 +55,7 @@ + if test "x$SED" = "x"; then + AC_PATH_PROG(SED, sed) + fi +- if test "$enable_maintainer_zts" = "yes"; then ++ if true || test "$enable_maintainer_zts" = "yes"; then + PDO_MYSQL_LIBNAME=mysqlclient_r + PDO_MYSQL_LIBS=`$PDO_MYSQL_CONFIG --libs_r | $SED -e "s/'//g"` + else +--- /dev/null ++++ b/tests/func/null-new_val.phpt +@@ -0,0 +1,10 @@ ++--TEST-- ++ini_restore strcmp NULL new_val ++--FILE-- ++<?php ++ ++ini_set('error_log','ini_set_works'); ++ini_restore('error_log'); ++ ++?> ++--EXPECT-- +diff --git a/build/build.mk b/build/build.mk +index 3eb2616..98e55ea 100644 +--- a/build/build.mk ++++ b/build/build.mk +@@ -63,6 +63,5 @@ + @if (test ! -f '.git/info/exclude' || grep -s "git-ls-files" .git/info/exclude); then \ + (echo "Rebuild .git/info/exclude" && echo '*.o' > .git/info/exclude && git svn propget svn:ignore | grep -v config.nice >> .git/info/exclude); \ + fi; \ +- git clean -X -f -d; + + .PHONY: $(ALWAYS) snapshot +diff --git a/ext/dba/config.m4 b/ext/dba/config.m4 +index 1e8d51b..d2e6fd9 100644 +diff --git a/sapi/fpm/php-fpm.8.in b/sapi/fpm/php-fpm.8.in +index cb1224e..794f508 100644 +--- a/sapi/fpm/php-fpm.8.in ++++ b/sapi/fpm/php-fpm.8.in +@@ -139,22 +139,8 @@ + .TP + .B php.ini + The standard php configuration file. +-.SH EXAMPLES +-For any unix systems which use init.d for their main process manager, you should use the init script provided to start and stop the php-fpm daemon. +-.P +-.PD 1 +-.RS +-sudo /etc/init.d/php-fpm start +-.RE +-.TP +-For any unix systems which use systemd for their main process manager, you should use the unit file provided to start and stop the php-fpm daemon. +-.P +-.PD 1 +-.RS +-sudo systemctl start php-fpm.service +-.RE +-.TP +-If your installation has no appropriate init script, launch php-fpm with no arguments. It will launch as a daemon (background process) by default. The file @php_fpm_localstatedir@/run/php-fpm.pid determines whether php-fpm is already up and running. Once started, php-fpm then responds to several POSIX signals: ++.SH SIGNAL ++Once started, php-fpm then responds to several POSIX signals: + .P + .PD 0 + .RS +@@ -168,10 +154,6 @@ + .RE + .PD 1 + .P +-.SH TIPS +-The PHP-FPM CGI daemon will work well with most popular webservers, including Apache2, lighttpd and nginx. +-.PD 1 +-.P + .SH SEE ALSO + The PHP-FPM website: + .PD 0 +diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c +index f472bad..9805bfc 100644 +--- a/main/streams/plain_wrapper.c ++++ b/main/streams/plain_wrapper.c +@@ -656,7 +656,13 @@ + + switch (value) { + case PHP_STREAM_MMAP_SUPPORTED: +- return fd == -1 ? PHP_STREAM_OPTION_RETURN_ERR : PHP_STREAM_OPTION_RETURN_OK; ++ if (fd == -1) ++ return PHP_STREAM_OPTION_RETURN_ERR; ++ /* Don't mmap large files */ ++ do_fstat(data, 1); ++ if (data->sb.st_size > 4 * 1024 * 1024) ++ return PHP_STREAM_OPTION_RETURN_ERR; ++ return PHP_STREAM_OPTION_RETURN_OK; + + case PHP_STREAM_MMAP_MAP_RANGE: + do_fstat(data, 1); +diff --git a/ext/dba/dba.c b/ext/dba/dba.c +index cf9674a..7554203 100644 +--- a/ext/dba/dba.c ++++ b/ext/dba/dba.c +@@ -930,7 +930,7 @@ + } + } + +- if (error || hptr->open(info, &error TSRMLS_CC) != SUCCESS) { ++ if (error || (hptr->open)(info, &error TSRMLS_CC) != SUCCESS) { + dba_close(info TSRMLS_CC); + php_error_docref2(NULL TSRMLS_CC, Z_STRVAL_PP(args[0]), Z_STRVAL_PP(args[1]), E_WARNING, "Driver initialization failed for handler: %s%s%s", hptr->name, error?": ":"", error?error:""); + FREENOW; +diff --git a/ext/dba/dba_db3.c b/ext/dba/dba_db3.c +index 2d0ad86..ddb2440 100644 +--- a/ext/dba/dba_db3.c ++++ b/ext/dba/dba_db3.c +@@ -91,7 +91,7 @@ + + if ((err=db_create(&dbp, NULL, 0)) == 0) { + dbp->set_errcall(dbp, php_dba_db3_errcall_fcn); +- if ((err=dbp->open(dbp, info->path, NULL, type, gmode, filemode)) == 0) { ++ if ((err=(dbp->open)(dbp, info->path, NULL, type, gmode, filemode)) == 0) { + dba_db3_data *data; + + data = pemalloc(sizeof(*data), info->flags&DBA_PERSISTENT); +diff --git a/ext/dba/dba_db4.c b/ext/dba/dba_db4.c +index 2dfb33a..1aac4cc 100644 +--- a/ext/dba/dba_db4.c ++++ b/ext/dba/dba_db4.c +@@ -126,9 +126,9 @@ + dbp->set_errcall(dbp, php_dba_db4_errcall_fcn); + if ( + #if (DB_VERSION_MAJOR > 4 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1)) +- (err=dbp->open(dbp, 0, info->path, NULL, type, gmode, filemode)) == 0) { ++ (err=(dbp->open)(dbp, 0, info->path, NULL, type, gmode, filemode)) == 0) { + #else +- (err=dbp->open(dbp, info->path, NULL, type, gmode, filemode)) == 0) { ++ (err=(dbp->open)(dbp, info->path, NULL, type, gmode, filemode)) == 0) { + #endif + dba_db4_data *data; + +diff --git a/ext/standard/tests/strings/setlocale_variation2.phpt b/ext/standard/tests/strings/setlocale_variation2.phpt +index 5ebdfe8..cadf7a3 100644 +--- a/ext/standard/tests/strings/setlocale_variation2.phpt ++++ b/ext/standard/tests/strings/setlocale_variation2.phpt +@@ -55,6 +55,7 @@ + //try different locale names + $failure_locale = array(); + $success_count = 0; ++$expected = 0; + + echo "-- Test setlocale() with all available locale in the system --\n"; + // gather all locales installed in the system(stored $all_system_locales), +@@ -64,6 +65,10 @@ + if(setlocale(LC_ALL,$value )){ + $success_count++; + } ++ else if ($value == 'no_NO.ISO-8859-1') { ++ // ignore this one, see rhbz #971416 ++ $expected++; ++ } + else{ + //failure values are put in to an array $failure_locale + $failure_locale[] = $value; +@@ -72,11 +77,11 @@ + + echo "No of locales found on the machine = ".count($all_system_locales)."\n"; + echo "No of setlocale() success = ".$success_count."\n"; +-echo "Expected no of failures = 0\n"; ++echo "Expected no of failures = $expected\n"; + echo "Test "; + // check if there were any failure of setlocale() function earlier, if any + // failure then dump the list of failing locales +-if($success_count != count($all_system_locales)){ ++if(($success_count + $expected) != count($all_system_locales)){ + echo "FAILED\n"; + echo "Names of locale() for which setlocale() failed ...\n"; + var_dump($failure_locale); +@@ -92,6 +97,6 @@ + -- Test setlocale() with all available locale in the system -- + No of locales found on the machine = %d + No of setlocale() success = %d +-Expected no of failures = 0 ++Expected no of failures = %d + Test PASSED + Done +diff --git a/Zend/zend_strtod.c b/Zend/zend_strtod.c +index e74cf0e..7ec0366 100644 +--- a/Zend/zend_strtod.c ++++ b/Zend/zend_strtod.c +@@ -152,14 +152,25 @@ + #define IEEE_LITTLE_ENDIAN + #endif + +-#if defined(__arm__) && !defined(__VFP_FP__) +-/* +- * * Although the CPU is little endian the FP has different +- * * byte and word endianness. The byte order is still little endian +- * * but the word order is big endian. +- * */ +-#define IEEE_BIG_ENDIAN ++#if defined(__arm__) || defined(__thumb__) ++/* ARM traditionally used big-endian words; and within those words the ++ byte ordering was big or little endian depending upon the target. ++ Modern floating-point formats are naturally ordered; in this case ++ __VFP_FP__ will be defined, even if soft-float. */ + #undef IEEE_LITTLE_ENDIAN ++#undef IEEE_BIG_ENDIAN ++#if defined(__VFP_FP__) || defined(__MAVERICK__) ++# ifdef __ARMEL__ ++# define IEEE_LITTLE_ENDIAN ++# else ++# define IEEE_BIG_ENDIAN ++# endif ++#else ++# define IEEE_BIG_ENDIAN ++# ifdef __ARMEL__ ++# define IEEE_BYTES_LITTLE_ENDIAN ++# endif ++#endif + #endif + + #ifdef __vax__ +@@ -287,7 +298,7 @@ + * An alternative that might be better on some machines is + * #define Storeinc(a,b,c) (*a++ = b << 16 | c & 0xffff) + */ +-#if defined(IEEE_LITTLE_ENDIAN) + defined(VAX) + defined(__arm__) ++#if defined(IEEE_LITTLE_ENDIAN) + defined(VAX) + defined(IEEE_BYTES_LITTLE_ENDIAN) + #define Storeinc(a,b,c) (((unsigned short *)a)[1] = (unsigned short)b, \ + ((unsigned short *)a)[0] = (unsigned short)c, a++) + #else +diff --git a/ext/mssql/php_mssql.c b/ext/mssql/php_mssql.c +index 66497f1..6196690 100644 +--- a/ext/mssql/php_mssql.c ++++ b/ext/mssql/php_mssql.c +@@ -178,6 +178,38 @@ + PHP_FE(mssql_execute, arginfo_mssql_execute) + PHP_FE(mssql_free_statement, arginfo_mssql_free_statement) + PHP_FE(mssql_guid_string, arginfo_mssql_guid_string) ++#if !defined(PHP_WIN32) && !defined(HAVE_SYBASE_CT) ++ PHP_FALIAS(sybase_connect, mssql_connect, arginfo_mssql_connect) ++ PHP_FALIAS(sybase_pconnect, mssql_pconnect, arginfo_mssql_connect) ++ PHP_FALIAS(sybase_close, mssql_close, arginfo_mssql_close) ++ PHP_FALIAS(sybase_select_db, mssql_select_db, arginfo_mssql_select_db) ++ PHP_FALIAS(sybase_query, mssql_query, arginfo_mssql_query) ++ PHP_FALIAS(sybase_fetch_batch, mssql_fetch_batch, arginfo_mssql_fetch_batch) ++ PHP_FALIAS(sybase_affected_rows, mssql_rows_affected, arginfo_mssql_rows_affected) ++ PHP_FALIAS(sybase_free_result, mssql_free_result, arginfo_mssql_fetch_batch) ++ PHP_FALIAS(sybase_get_last_message, mssql_get_last_message, arginfo_mssql_get_last_message) ++ PHP_FALIAS(sybase_num_rows, mssql_num_rows, arginfo_mssql_fetch_batch) ++ PHP_FALIAS(sybase_num_fields, mssql_num_fields, arginfo_mssql_fetch_batch) ++ PHP_FALIAS(sybase_fetch_field, mssql_fetch_field, arginfo_mssql_fetch_field) ++ PHP_FALIAS(sybase_fetch_row, mssql_fetch_row, arginfo_mssql_fetch_batch) ++ PHP_FALIAS(sybase_fetch_array, mssql_fetch_array, arginfo_mssql_fetch_array) ++ PHP_FALIAS(sybase_fetch_assoc, mssql_fetch_assoc, arginfo_mssql_fetch_assoc) ++ PHP_FALIAS(sybase_fetch_object, mssql_fetch_object, arginfo_mssql_fetch_batch) ++ PHP_FALIAS(sybase_field_length, mssql_field_length, arginfo_mssql_field_length) ++ PHP_FALIAS(sybase_field_name, mssql_field_name, arginfo_mssql_field_length) ++ PHP_FALIAS(sybase_field_type, mssql_field_type, arginfo_mssql_field_length) ++ PHP_FALIAS(sybase_data_seek, mssql_data_seek, arginfo_mssql_data_seek) ++ PHP_FALIAS(sybase_field_seek, mssql_field_seek, arginfo_mssql_fetch_field) ++ PHP_FALIAS(sybase_result, mssql_result, arginfo_mssql_result) ++ PHP_FALIAS(sybase_next_result, mssql_next_result, arginfo_mssql_fetch_assoc) ++ PHP_FALIAS(sybase_min_error_severity, mssql_min_error_severity, arginfo_mssql_min_error_severity) ++ PHP_FALIAS(sybase_min_message_severity, mssql_min_message_severity, arginfo_mssql_min_error_severity) ++ PHP_FALIAS(sybase_init, mssql_init, arginfo_mssql_init) ++ PHP_FALIAS(sybase_bind, mssql_bind, arginfo_mssql_bind) ++ PHP_FALIAS(sybase_execute, mssql_execute, arginfo_mssql_execute) ++ PHP_FALIAS(sybase_free_statement, mssql_free_statement, arginfo_mssql_free_statement) ++ PHP_FALIAS(sybase_guid_string, mssql_guid_string, arginfo_mssql_guid_string) ++#endif + PHP_FE_END + }; + /* }}} */ +diff --git a/Zend/zend.h b/Zend/zend.h +index 35fa013..3d93018 100644 +--- a/Zend/zend.h ++++ b/Zend/zend.h +@@ -90,11 +90,11 @@ + # endif + + # if defined(RTLD_GROUP) && defined(RTLD_WORLD) && defined(RTLD_PARENT) +-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT) ++# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT) + # elif defined(RTLD_DEEPBIND) +-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_DEEPBIND) ++# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_DEEPBIND) + # else +-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL) ++# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL) + # endif + # define DL_UNLOAD dlclose + # if defined(DLSYM_NEEDS_UNDERSCORE) +diff --git a/sapi/apache2handler/config.m4 b/sapi/apache2handler/config.m4 +index f170ea9..3b280dd 100644 +--- a/sapi/apache2handler/config.m4 ++++ b/sapi/apache2handler/config.m4 +@@ -69,7 +69,7 @@ + \$(mkinstalldirs) '$APXS_SYSCONFDIR' && \ + $APXS -S LIBEXECDIR='$APXS_LIBEXECDIR' \ + -S SYSCONFDIR='$APXS_SYSCONFDIR' \ +- -i -a -n php5" ++ -i -n php5" + fi + + case $host_alias in +diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c +index 2d3ba60..679d417 100644 +--- a/ext/mysql/php_mysql.c ++++ b/ext/mysql/php_mysql.c +@@ -735,13 +735,13 @@ + E_DEPRECATED, + "The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead"); + +-#if !defined(MYSQL_USE_MYSQLND) +- if ((MYSQL_VERSION_ID / 100) != (mysql_get_client_version() / 100)) { +- php_error_docref(NULL TSRMLS_CC, E_WARNING, +- "Headers and client library minor version mismatch. Headers:%d Library:%ld", +- MYSQL_VERSION_ID, mysql_get_client_version()); +- } +-#endif ++/* #if !defined(MYSQL_USE_MYSQLND) */ ++/* if ((MYSQL_VERSION_ID / 100) != (mysql_get_client_version() / 100)) { */ ++/* php_error_docref(NULL TSRMLS_CC, E_WARNING, */ ++/* "Headers and client library minor version mismatch. Headers:%d Library:%ld", */ ++/* MYSQL_VERSION_ID, mysql_get_client_version()); */ ++/* } */ ++/* #endif */ + + connect_timeout = MySG(connect_timeout); + +diff --git a/ext/mysqli/mysqli_nonapi.c b/ext/mysqli/mysqli_nonapi.c +index f1e805c..9ebdca1 100644 +--- a/ext/mysqli/mysqli_nonapi.c ++++ b/ext/mysqli/mysqli_nonapi.c +@@ -74,13 +74,13 @@ + zend_bool self_alloced = 0; + + +-#if !defined(MYSQL_USE_MYSQLND) +- if ((MYSQL_VERSION_ID / 100) != (mysql_get_client_version() / 100)) { +- php_error_docref(NULL TSRMLS_CC, E_WARNING, +- "Headers and client library minor version mismatch. Headers:%d Library:%ld", +- MYSQL_VERSION_ID, mysql_get_client_version()); +- } +-#endif ++/* #if !defined(MYSQL_USE_MYSQLND) */ ++/* if ((MYSQL_VERSION_ID / 100) != (mysql_get_client_version() / 100)) { */ ++/* php_error_docref(NULL TSRMLS_CC, E_WARNING, */ ++/* "Headers and client library minor version mismatch. Headers:%d Library:%ld", */ ++/* MYSQL_VERSION_ID, mysql_get_client_version()); */ ++/* } */ ++/* #endif */ + + if (getThis() && !ZEND_NUM_ARGS() && in_ctor) { + php_mysqli_init(INTERNAL_FUNCTION_PARAM_PASSTHRU); +diff --git a/ext/tidy/tidy.c b/ext/tidy/tidy.c +index 57f050b..4af30f2 100644 +--- a/ext/tidy/tidy.c ++++ b/ext/tidy/tidy.c +@@ -31,7 +31,7 @@ + #include "ext/standard/info.h" + + #include "tidy.h" +-#include "buffio.h" ++#include "tidybuffio.h" + + /* compatibility with older versions of libtidy */ + #ifndef TIDY_CALL +diff --git a/Zend/zend_gc.c b/Zend/zend_gc.c +index e72655c..e7c5098 100644 +--- a/Zend/zend_gc.c ++++ b/Zend/zend_gc.c +@@ -310,16 +310,25 @@ + } + } + while (p != NULL) { +- pz = *(zval**)p->pData; +- if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { +- pz->refcount__gc++; +- } +- if (GC_ZVAL_GET_COLOR(pz) != GC_BLACK) { +- if (p->pListNext == NULL) { +- goto tail_call; ++ if (p->pData != NULL) { ++ pz = *(zval**)p->pData; ++ if (pz != NULL) { ++ if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { ++ pz->refcount__gc++; ++ } ++ if (GC_ZVAL_GET_COLOR(pz) != GC_BLACK) { ++ if (p->pListNext == NULL) { ++ goto tail_call; ++ } else { ++ zval_scan_black(pz TSRMLS_CC); ++ } ++ } + } else { +- zval_scan_black(pz TSRMLS_CC); ++ /* Now this is really odd ... we've got a p->pData which references a NULL pointer */ + } ++ } else { ++ /* shall we log something when encountering a p->pData == NULL */ ++ + } + p = p->pListNext; + } +@@ -353,12 +362,20 @@ + } + p = props->pListHead; + while (p != NULL) { +- pz = *(zval**)p->pData; +- if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { +- pz->refcount__gc++; +- } +- if (GC_ZVAL_GET_COLOR(pz) != GC_BLACK) { +- zval_scan_black(pz TSRMLS_CC); ++ if (p->pData != NULL) { ++ pz = *(zval**)p->pData; ++ if (pz != NULL) { ++ if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { ++ pz->refcount__gc++; ++ } ++ if (GC_ZVAL_GET_COLOR(pz) != GC_BLACK) { ++ zval_scan_black(pz TSRMLS_CC); ++ } ++ } else { ++ /* pz is NULL - maybe there should be some logging? */ ++ } ++ } else { ++ /* p->pData is NULL - maybe there should be some logging? */ + } + p = p->pListNext; + } +@@ -417,14 +434,23 @@ + } + } + while (p != NULL) { +- pz = *(zval**)p->pData; +- if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { +- pz->refcount__gc--; +- } +- if (p->pListNext == NULL) { +- goto tail_call; ++ if (p->pData != NULL) { ++ pz = *(zval**)p->pData; ++ if (pz != NULL) { ++ if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { ++ pz->refcount__gc--; ++ } ++ if (p->pListNext == NULL) { ++ goto tail_call; ++ } else { ++ zval_mark_grey(pz TSRMLS_CC); ++ } ++ } else { ++ /* Now this is odd - we have a valid pz and a pData which is NULL */ ++ ++ } + } else { +- zval_mark_grey(pz TSRMLS_CC); ++ /* Some logging maybe? p->pData is NULL */ + } + p = p->pListNext; + } +@@ -459,11 +485,19 @@ + } + p = props->pListHead; + while (p != NULL) { +- pz = *(zval**)p->pData; +- if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { +- pz->refcount__gc--; ++ if (p->pData != NULL) { ++ pz = *(zval**)p->pData; ++ if (pz != NULL) { ++ if (Z_TYPE_P(pz) != IS_ARRAY || Z_ARRVAL_P(pz) != &EG(symbol_table)) { ++ pz->refcount__gc--; ++ } ++ zval_mark_grey(pz TSRMLS_CC); ++ } else { ++ /* TODO: Some logging maybe? */ ++ } ++ } else { ++ /* TODO: Some logging maybe? */ + } +- zval_mark_grey(pz TSRMLS_CC); + p = p->pListNext; + } + } +diff --git a/ext/phar/phar.c b/ext/phar/phar.c +index 6e5cec2..850a6e6 100644 +--- a/ext/phar/phar.c ++++ b/ext/phar/phar.c +@@ -1385,6 +1385,9 @@ + /* set up our manifest */ + mydata = ecalloc(1, sizeof(phar_archive_data)); + mydata->fname = expand_filepath(fname, NULL TSRMLS_CC); ++ if (mydata->fname == NULL) { ++ return FAILURE; ++ } + fname_len = strlen(mydata->fname); + #ifdef PHP_WIN32 + phar_unixify_path_separators(mydata->fname, fname_len); +--- /dev/null ++++ b/ext/phar/tests/bug77396.phpt +@@ -0,0 +1,15 @@ ++--TEST-- ++Bug #77396 Relative filename exceeding maximum path length causes null pointer dereference. ++--SKIPIF-- ++<?php if (!extension_loaded("phar")) die("skip"); ?> ++--FILE-- ++<?php ++$path = '../' . str_repeat("x", PHP_MAXPATHLEN) . '.tar'; ++$phar = new PharData($path); ++?> ++--EXPECTF-- ++Fatal error: Uncaught UnexpectedValueException: Phar creation or opening failed in %s/bug77396.php:%d ++Stack trace: ++#0 %s/bug77396.php(%d): PharData->__construct(%s) ++#1 {main} ++ thrown in %s/bug77396.php on line %d +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index cad29b7..47055a1 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -3577,10 +3577,10 @@ + tag_table_type tag_table = exif_get_tag_table(section_index); + + if (ImageInfo->ifd_nesting_level > MAX_IFD_NESTING_LEVEL) { +- return FALSE; +- } ++ return FALSE; ++ } + +- if (ImageInfo->FileSize >= dir_offset+2) { ++ if (ImageInfo->FileSize >= 2 && ImageInfo->FileSize - 2 >= dir_offset) { + sn = exif_file_sections_add(ImageInfo, M_PSEUDO, 2, NULL); + #ifdef EXIF_DEBUG + exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, 2); +@@ -3588,8 +3588,8 @@ + php_stream_seek(ImageInfo->infile, dir_offset, SEEK_SET); /* we do not know the order of sections */ + php_stream_read(ImageInfo->infile, (char*)ImageInfo->file.list[sn].data, 2); + num_entries = php_ifd_get16u(ImageInfo->file.list[sn].data, ImageInfo->motorola_intel); +- dir_size = 2/*num dir entries*/ +12/*length of entry*/*num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/; +- if (ImageInfo->FileSize >= dir_offset+dir_size) { ++ dir_size = 2/*num dir entries*/ +12/*length of entry*/*(size_t)num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/; ++ if (ImageInfo->FileSize >= dir_size && ImageInfo->FileSize - dir_size >= dir_offset) { + #ifdef EXIF_DEBUG + exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X), IFD entries(%d)", ImageInfo->FileSize, dir_offset+2, dir_size-2, num_entries); + #endif +@@ -3672,9 +3672,9 @@ + } + } + } +- if (ImageInfo->FileSize >= dir_offset + ImageInfo->file.list[sn].size) { ++ if (ImageInfo->FileSize >= ImageInfo->file.list[sn].size && ImageInfo->FileSize - ImageInfo->file.list[sn].size >= dir_offset) { + if (ifd_size > dir_size) { +- if (dir_offset + ifd_size > ImageInfo->FileSize) { ++ if (ImageInfo->FileSize < ifd_size || dir_offset > ImageInfo->FileSize - ifd_size) { + exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Error in TIFF: filesize(x%04X) less than size of IFD(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, ifd_size); + return FALSE; + } +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index 47055a1..5497068 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -3519,7 +3519,7 @@ + return FALSE; + marker = c; + length = php_jpg_get16(data+pos); +- if (pos+length>=ImageInfo->Thumbnail.size) { ++ if (length > ImageInfo->Thumbnail.size || pos >= ImageInfo->Thumbnail.size - length) { + return FALSE; + } + #ifdef EXIF_DEBUG +@@ -3540,6 +3540,10 @@ + case M_SOF14: + case M_SOF15: + /* handle SOFn block */ ++ if (length < 8 || ImageInfo->Thumbnail.size - 8 < pos) { ++ /* exif_process_SOFn needs 8 bytes */ ++ return FALSE; ++ } + exif_process_SOFn(data+pos, marker, &sof_info); + ImageInfo->Thumbnail.height = sof_info.height; + ImageInfo->Thumbnail.width = sof_info.width; +@@ -4183,7 +4187,9 @@ + ZVAL_STRINGL(return_value, ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size, 1); + if (arg_c >= 3) { + if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) { +- exif_scan_thumbnail(&ImageInfo TSRMLS_CC); ++ if (!exif_scan_thumbnail(&ImageInfo TSRMLS_CC)) { ++ ImageInfo.Thumbnail.width = ImageInfo.Thumbnail.height = 0; ++ } + } + zval_dtor(p_width); + zval_dtor(p_height); +--- /dev/null ++++ b/ext/exif/tests/bug77540.jpg +@@ -0,0 +1 @@ ++ÿØá +\ No newline at end of file +--- /dev/null ++++ b/ext/exif/tests/bug77540.phpt +@@ -0,0 +1,16 @@ ++--TEST-- ++Bug 77540 (Invalid Read on exif_process_SOFn) ++--SKIPIF-- ++<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?> ++--FILE-- ++<?php ++$width = $height = 42; ++$s = exif_thumbnail(__DIR__."/bug77540.jpg", $width, $height); ++echo "Width ".$width."\n"; ++echo "Height ".$height."\n"; ++?> ++DONE ++--EXPECTF-- ++Width 0 ++Height 0 ++DONE +\ No newline at end of file +diff --git a/ext/phar/tar.c b/ext/phar/tar.c +index 898ff85..7ad95eb 100644 +--- a/ext/phar/tar.c ++++ b/ext/phar/tar.c +@@ -765,7 +765,12 @@ + header.typeflag = entry->tar_type; + + if (entry->link) { +- strncpy(header.linkname, entry->link, strlen(entry->link)); ++ if (strlcpy(header.linkname, entry->link, sizeof(header.linkname)) >= sizeof(header.linkname)) { ++ if (fp->error) { ++ spprintf(fp->error, 4096, "tar-based phar \"%s\" cannot be created, link \"%s\" is too long for format", entry->phar->fname, entry->link); ++ } ++ return ZEND_HASH_APPLY_STOP; ++ } + } + + strncpy(header.magic, "ustar", sizeof("ustar")-1); +diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c +index 9805bfc..a5a09e2 100644 +--- a/main/streams/plain_wrapper.c ++++ b/main/streams/plain_wrapper.c +@@ -1132,34 +1132,50 @@ + # ifdef EXDEV + if (errno == EXDEV) { + struct stat sb; ++# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE) ++ /* not sure what to do in ZTS case, umask is not thread-safe */ ++ int oldmask = umask(077); ++# endif ++ int success = 0; + if (php_copy_file(url_from, url_to TSRMLS_CC) == SUCCESS) { + if (VCWD_STAT(url_from, &sb) == 0) { ++ success = 1; + # if !defined(TSRM_WIN32) && !defined(NETWARE) +- if (VCWD_CHMOD(url_to, sb.st_mode)) { ++ /* ++ * Try to set user and permission info on the target. ++ * If we're not root, then some of these may fail. ++ * We try chown first, to set proper group info, relying ++ * on the system environment to have proper umask to not allow ++ * access to the file in the meantime. ++ */ ++ if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) { ++ php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); + if (errno == EPERM) { +- php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); +- VCWD_UNLINK(url_from); +- return 1; ++ success = 0; + } +- php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); +- return 0; + } +- if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) { +- if (errno == EPERM) { ++ if (success) { ++ if (VCWD_CHMOD(url_to, sb.st_mode)) { + php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); +- VCWD_UNLINK(url_from); +- return 1; ++ if (errno == EPERM) { ++ success = 0; ++ } + } +- php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); +- return 0; + } + # endif +- VCWD_UNLINK(url_from); +- return 1; ++ if (success) { ++ VCWD_UNLINK(url_from); ++ } ++ } else { ++ php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); + } ++ } else { ++ php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); + } +- php_error_docref2(NULL TSRMLS_CC, url_from, url_to, E_WARNING, "%s", strerror(errno)); +- return 0; ++# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE) ++ umask(oldmask); ++# endif ++ return success; + } + # endif + #endif +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index ce8db17..4350124 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -2812,6 +2812,10 @@ + exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 2 + 0x%04X*12 = 0x%04X > 0x%04X", NumDirEntries, 2+NumDirEntries*12, value_len); + return FALSE; + } ++ if ((dir_start - value_ptr) > value_len - (2+NumDirEntries*12)) { ++ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 0x%04X > 0x%04X", (dir_start - value_ptr) + (2+NumDirEntries*12), value_len); ++ return FALSE; ++ } + + for (de=0;de<NumDirEntries;de++) { + if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de, +--- /dev/null ++++ b/ext/exif/tests/bug77753.phpt +@@ -0,0 +1,16 @@ ++--TEST-- ++Bug #77753 (Heap-buffer-overflow in php_ifd_get32s) ++--SKIPIF-- ++<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?> ++--FILE-- ++<?php ++var_dump(exif_read_data(__DIR__."/bug77753.tiff")); ++?> ++DONE ++--EXPECTF-- ++%A ++Warning: exif_read_data(bug77753.tiff): Illegal IFD size: 0x006A > 0x0065 in %sbug77753.php on line %d ++ ++Warning: exif_read_data(bug77753.tiff): Invalid TIFF file in %sbug77753.php on line %d ++bool(false) ++DONE +\ No newline at end of file +--- /dev/null ++++ b/ext/exif/tests/bug77753.tiff +@@ -0,0 +1 @@ ++II* +\ No newline at end of file +diff --git a/ext/pdo_pgsql/tests/bug48764.phpt b/ext/pdo_pgsql/tests/bug48764.phpt +index 83fa565..14c1f68 100644 +--- a/ext/pdo_pgsql/tests/bug48764.phpt ++++ b/ext/pdo_pgsql/tests/bug48764.phpt +@@ -12,7 +12,7 @@ + $client_version = $db->getAttribute(PDO::ATTR_CLIENT_VERSION); + $server_version = $db->getAttribute(PDO::ATTR_SERVER_VERSION); + +-if (version_compare($server_version, '7.4', '<') || version_compare($client_version, '7.4', '<')) { ++if (version_compare($server_version, '7.4', '<') || version_compare($client_version, '7.4', '<') || version_compare($server_version, '10', '>=')) { + die('skip'); + } + +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -2901,7 +2901,7 @@ + offset_base is ImageInfo->file.list[sn].data-dir_offset + dir_entry - offset_base is dir_offset+2+i*12 + */ +- if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base)) { ++ if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base) || dir_entry <= offset_base) { + /* It is important to check for IMAGE_FILETYPE_TIFF + * JPEG does not use absolute pointers instead its pointers are + * relative to the start of the TIFF header in APP1 section. */ +diff --git a/ext/gd/libgd/xbm.c b/ext/gd/libgd/xbm.c +index 503ac82..99931a5 100644 +--- a/ext/gd/libgd/xbm.c ++++ b/ext/gd/libgd/xbm.c +@@ -135,7 +135,11 @@ + } + h[3] = ch; + } +- sscanf(h, "%x", &b); ++ if (sscanf(h, "%x", &b) != 1) { ++ php_gd_error("invalid XBM"); ++ gdImageDestroy(im); ++ return 0; ++ } + for (bit = 1; bit <= max_bit; bit = bit << 1) { + gdImageSetPixel(im, x++, y, (b & bit) ? 1 : 0); + if (x == im->sx) { +--- /dev/null ++++ b/ext/gd/tests/bug77973.phpt +@@ -0,0 +1,26 @@ ++--TEST-- ++Bug #77973 (Uninitialized read in gdImageCreateFromXbm) ++--SKIPIF-- ++<?php ++if (!extension_loaded('gd')) die("skip gd extension not available"); ++if (!function_exists('imagecreatefromxbm')) die("skip imagecreatefromxbm not available"); ++?> ++--FILE-- ++<?php ++$contents = hex2bin("23646566696e6520776964746820320a23646566696e652068656967687420320a737461746963206368617220626974735b5d203d7b0a7a7a787a7a"); ++$filepath = __DIR__ . '/bug77973.xbm'; ++file_put_contents($filepath, $contents); ++$im = imagecreatefromxbm($filepath); ++var_dump($im); ++?> ++===DONE=== ++--EXPECTF-- ++Warning: imagecreatefromxbm(): invalid XBM in %s on line %d ++ ++Warning: imagecreatefromxbm(): '%s' is not a valid XBM file in %s on line %d ++bool(false) ++===DONE=== ++--CLEAN-- ++<?php ++unlink(__DIR__ . '/bug77973.xbm'); ++?> +diff --git a/ext/iconv/iconv.c b/ext/iconv/iconv.c +index 335dbd1..bbc4b0f 100644 +--- a/ext/iconv/iconv.c ++++ b/ext/iconv/iconv.c +@@ -1645,7 +1645,9 @@ + * we can do at this point. */ + if (*(p1 + 1) == '=') { + ++p1; +- --str_left; ++ if (str_left > 1) { ++ --str_left; ++ } + } + + err = _php_iconv_appendl(pretval, encoded_word, (size_t)((p1 + 1) - encoded_word), cd_pl); +--- /dev/null ++++ b/ext/iconv/tests/bug78069.data +@@ -0,0 +1 @@ ++SuLt; 0Jpaa +\ No newline at end of file +--- /dev/null ++++ b/ext/iconv/tests/bug78069.phpt +@@ -0,0 +1,15 @@ ++--TEST-- ++Bug #78069 (Out-of-bounds read in iconv.c:_php_iconv_mime_decode() due to integer overflow) ++--SKIPIF-- ++<?php ++if (!extension_loaded('iconv')) die('skip ext/iconv required'); ++?> ++--FILE-- ++<?php ++$hdr = iconv_mime_decode_headers(file_get_contents(__DIR__ . "/bug78069.data"),2); ++var_dump(count($hdr)); ++?> ++DONE ++--EXPECT-- ++int(1) ++DONE +\ No newline at end of file +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index 15e091b..b6c3177 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -3536,6 +3536,8 @@ + if (c == 0xFF) + return FALSE; + marker = c; ++ if (pos>=ImageInfo->Thumbnail.size) ++ return FALSE; + length = php_jpg_get16(data+pos); + if (length > ImageInfo->Thumbnail.size || pos >= ImageInfo->Thumbnail.size - length) { + return FALSE; +--- /dev/null ++++ b/ext/exif/tests/bug77988.jpg +@@ -0,0 +1 @@ ++ÿØ0 +\ No newline at end of file +--- /dev/null ++++ b/ext/exif/tests/bug77988.phpt +@@ -0,0 +1,11 @@ ++--TEST-- ++Bug #77988 (heap-buffer-overflow on php_jpg_get16) ++--SKIPIF-- ++<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?> ++--FILE-- ++<?php ++exif_read_data(__DIR__."/bug77988.jpg", 'COMMENT', FALSE, TRUE); ++?> ++DONE ++--EXPECTF-- ++DONE +\ No newline at end of file +diff --git a/ext/sqlite3/sqlite3.c b/ext/sqlite3/sqlite3.c +index 761b777..7bf873f 100644 +--- a/ext/sqlite3/sqlite3.c ++++ b/ext/sqlite3/sqlite3.c +@@ -2062,6 +2062,15 @@ + } + #endif + ++ if (strncmp(arg3, "file:", 5) == 0) { ++ /* starts with "file:" */ ++ if (!arg3[5]) { ++ return SQLITE_DENY; ++ } ++ if (php_check_open_basedir(arg3 + 5 TSRMLS_CC)) { ++ return SQLITE_DENY; ++ } ++ } + if (php_check_open_basedir(arg3 TSRMLS_CC)) { + return SQLITE_DENY; + } +diff --git a/run-tests.php b/run-tests.php +index 0949d50..7dab5ab 100755 +--- a/run-tests.php ++++ b/run-tests.php +@@ -1553,6 +1553,11 @@ + $info = " (warn: $m[1])"; + } + } ++ ++ if (!strncasecmp('xfail', ltrim($output), 5)) { ++ // Pretend we have an XFAIL section ++ $section_text['XFAIL'] = trim(substr(ltrim($output), 5)); ++ } + } + } + +diff --git a/ext/phar/tests/phar_bz2.phpt b/ext/phar/tests/phar_bz2.phpt +index 0e6e3ec..106fa89 100644 +--- a/ext/phar/tests/phar_bz2.phpt ++++ b/ext/phar/tests/phar_bz2.phpt +@@ -5,6 +5,7 @@ + if (!extension_loaded("phar")) die("skip"); + if (!extension_loaded("spl")) die("skip SPL not available"); + if (!extension_loaded("bz2")) die("skip bz2 not available"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); + ?> + --INI-- + phar.readonly=0 +diff --git a/ext/phar/tests/phar_gzip.phpt b/ext/phar/tests/phar_gzip.phpt +index c722834..19d5606 100644 +--- a/ext/phar/tests/phar_gzip.phpt ++++ b/ext/phar/tests/phar_gzip.phpt +@@ -7,6 +7,7 @@ + if (!extension_loaded("spl")) die("skip SPL not available"); + if (!extension_loaded("zlib")) die("skip zlib not available"); + if (version_compare(phpversion(), '5.2.6', '<')) die("skip zlib is buggy in PHP < 5.2.6"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); + ?> + --INI-- + phar.readonly=0 +diff --git a/ext/phar/tests/tar/rename.phpt b/ext/phar/tests/tar/rename.phpt +index 96588a6..9b2b4f4 100644 +--- a/ext/phar/tests/tar/rename.phpt ++++ b/ext/phar/tests/tar/rename.phpt +@@ -1,7 +1,10 @@ + --TEST-- + Phar: rename test tar-based + --SKIPIF-- +-<?php if (!extension_loaded("phar")) die("skip"); ?> ++<?php ++if (!extension_loaded("phar")) die("skip"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); ++?> + --INI-- + phar.readonly=0 + phar.require_hash=0 +diff --git a/ext/phar/tests/tar/rename_dir.phpt b/ext/phar/tests/tar/rename_dir.phpt +index 0b95789..4ca8ceb 100644 +--- a/ext/phar/tests/tar/rename_dir.phpt ++++ b/ext/phar/tests/tar/rename_dir.phpt +@@ -1,7 +1,10 @@ + --TEST-- + Phar: rename_dir test tar-based + --SKIPIF-- +-<?php if (!extension_loaded("phar")) die("skip"); ?> ++<?php ++if (!extension_loaded("phar")) die("skip"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); ++?> + --INI-- + phar.readonly=0 + phar.require_hash=0 +diff --git a/ext/phar/tests/tar/rmdir.phpt b/ext/phar/tests/tar/rmdir.phpt +index be03782..6cb5eab 100644 +--- a/ext/phar/tests/tar/rmdir.phpt ++++ b/ext/phar/tests/tar/rmdir.phpt +@@ -1,7 +1,10 @@ + --TEST-- + Phar: rmdir test tar-based + --SKIPIF-- +-<?php if (!extension_loaded("phar")) die("skip"); ?> ++<?php ++if (!extension_loaded("phar")) die("skip"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); ++?> + --INI-- + phar.readonly=0 + phar.require_hash=0 +diff --git a/ext/phar/tests/tar/tar_gzip.phpt b/ext/phar/tests/tar/tar_gzip.phpt +index d44e1b1..a13a80a 100644 +--- a/ext/phar/tests/tar/tar_gzip.phpt ++++ b/ext/phar/tests/tar/tar_gzip.phpt +@@ -7,6 +7,7 @@ + if (!extension_loaded("spl")) die("skip SPL not available"); + if (!extension_loaded("zlib")) die("skip zlib not available"); + if (version_compare(phpversion(), '5.2.6', '<')) die("skip zlib is buggy in PHP < 5.2.6"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); + ?> + --INI-- + phar.readonly=0 +diff --git a/ext/phar/tests/zip/rename.phpt b/ext/phar/tests/zip/rename.phpt +index 9b1f5c9..776bcae 100644 +--- a/ext/phar/tests/zip/rename.phpt ++++ b/ext/phar/tests/zip/rename.phpt +@@ -1,7 +1,10 @@ + --TEST-- + Phar: rename test zip-based + --SKIPIF-- +-<?php if (!extension_loaded("phar")) die("skip"); ?> ++<?php ++if (!extension_loaded("phar")) die("skip"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); ++?> + --INI-- + phar.readonly=0 + phar.require_hash=0 +diff --git a/ext/phar/tests/zip/rename_dir.phpt b/ext/phar/tests/zip/rename_dir.phpt +index bb03c7f..3452f8f 100644 +--- a/ext/phar/tests/zip/rename_dir.phpt ++++ b/ext/phar/tests/zip/rename_dir.phpt +@@ -1,7 +1,10 @@ + --TEST-- + Phar: rename_dir test zip-based + --SKIPIF-- +-<?php if (!extension_loaded("phar")) die("skip"); ?> ++<?php ++if (!extension_loaded("phar")) die("skip"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); ++?> + --INI-- + phar.readonly=0 + phar.require_hash=0 +diff --git a/ext/phar/tests/zip/rmdir.phpt b/ext/phar/tests/zip/rmdir.phpt +index c7ef9da..7d062d5 100644 +--- a/ext/phar/tests/zip/rmdir.phpt ++++ b/ext/phar/tests/zip/rmdir.phpt +@@ -1,7 +1,10 @@ + --TEST-- + Phar: rmdir test zip-based + --SKIPIF-- +-<?php if (!extension_loaded("phar")) die("skip"); ?> ++<?php ++if (!extension_loaded("phar")) die("skip"); ++if (phpversion() < "7.0.0" && extension_loaded('Zend OPcache') && ini_get('opcache.enable_cli')==1) die("xfail for PHP version lower than 7 when OPcache enabled"); ++?> + --INI-- + phar.readonly=0 + phar.require_hash=0 +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index b6c3177..a5fa0b8 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -3508,7 +3508,7 @@ + size_t length=2, pos=0; + jpeg_sof_info sof_info; + +- if (!data) { ++ if (!data || ImageInfo->Thumbnail.size < 4) { + return FALSE; /* nothing to do here */ + } + if (memcmp(data, "\xFF\xD8\xFF", 3)) { +--- /dev/null ++++ b/ext/exif/tests/bug78222.jpg +@@ -0,0 +1 @@ ++ÿØá +\ No newline at end of file +--- /dev/null ++++ b/ext/exif/tests/bug78222.phpt +@@ -0,0 +1,11 @@ ++--TEST-- ++Bug #78222 (heap-buffer-overflow on exif_scan_thumbnail) ++--SKIPIF-- ++<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?> ++--FILE-- ++<?php ++exif_read_data(__DIR__."/bug78222.jpg", 'THUMBNAIL', FALSE, TRUE); ++?> ++DONE ++--EXPECTF-- ++DONE +\ No newline at end of file +diff --git a/ext/mbstring/oniguruma/regext.c b/ext/mbstring/oniguruma/regext.c +index b1b957b..b108e63 100644 +--- a/ext/mbstring/oniguruma/regext.c ++++ b/ext/mbstring/oniguruma/regext.c +@@ -29,6 +29,7 @@ + + #include "regint.h" + ++#if 0 + static void + conv_ext0be32(const UChar* s, const UChar* end, UChar* conv) + { +@@ -158,6 +159,7 @@ + + return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } ++#endif + + extern int + onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end, +@@ -169,9 +171,7 @@ + if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL; + + if (ci->pattern_enc != ci->target_enc) { +- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end, +- &cpat, &cpat_end); +- if (r) return r; ++ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } + else { + cpat = (UChar* )pattern; +diff --git a/ext/pdo_mysql/tests/pdo_mysql_exec.phpt b/ext/pdo_mysql/tests/pdo_mysql_exec.phpt +index acd9090..9830737 100644 +--- a/ext/pdo_mysql/tests/pdo_mysql_exec.phpt ++++ b/ext/pdo_mysql/tests/pdo_mysql_exec.phpt +@@ -75,7 +75,7 @@ + exec_and_count(19, $db, 'CREATE PROCEDURE p(OUT ver_param VARCHAR(255)) BEGIN SELECT VERSION() INTO ver_param; END;', 0); + // we got this far without problems. If there's an issue from now on, its a failure + $ignore_exception = false; +- exec_and_count(20, $db, 'CALL p(@version)', 0); ++ exec_and_count(20, $db, 'CALL p(@version)', 1); + $stmt = $db->query('SELECT @version AS p_version'); + $tmp = $stmt->fetchAll(PDO::FETCH_ASSOC); + if (count($tmp) > 1 || !isset($tmp[0]['p_version'])) { +diff --git a/ext/pdo_mysql/tests/pdo_mysql_stmt_getcolumnmeta.phpt b/ext/pdo_mysql/tests/pdo_mysql_stmt_getcolumnmeta.phpt +index d2097f1..a217127 100644 +--- a/ext/pdo_mysql/tests/pdo_mysql_stmt_getcolumnmeta.phpt ++++ b/ext/pdo_mysql/tests/pdo_mysql_stmt_getcolumnmeta.phpt +@@ -162,37 +162,37 @@ + test_meta($db, 100, 'INT', -2147483648, 'LONG', ($is_mysqlnd) ? PDO::PARAM_INT : PDO::PARAM_STR); + test_meta($db, 110, 'INT UNSIGNED', 4294967295, 'LONG', ($is_mysqlnd) ? PDO::PARAM_INT : PDO::PARAM_STR); + +- test_meta($db, 120, 'BIGINT', -9223372036854775808, 'LONGLONG', ($is_mysqlnd) ? ((PHP_INT_SIZE == 4) ? PDO::PARAM_STR : PDO::PARAM_INT) : PDO::PARAM_STR); +- test_meta($db, 130, 'BIGINT UNSIGNED', 18446744073709551615, 'LONGLONG', ($is_mysqlnd) ? ((PHP_INT_SIZE == 4) ? PDO::PARAM_STR : PDO::PARAM_INT) : PDO::PARAM_STR); ++ test_meta($db, 120, 'BIGINT', '-9223372036854775808', 'LONGLONG', ($is_mysqlnd) ? ((PHP_INT_SIZE == 4) ? PDO::PARAM_STR : PDO::PARAM_INT) : PDO::PARAM_STR); ++ test_meta($db, 130, 'BIGINT UNSIGNED', '18446744073709551615', 'LONGLONG', ($is_mysqlnd) ? ((PHP_INT_SIZE == 4) ? PDO::PARAM_STR : PDO::PARAM_INT) : PDO::PARAM_STR); + + test_meta($db, 130, 'REAL', -1.01, ($real_as_float) ? 'FLOAT' : 'DOUBLE', PDO::PARAM_STR); + test_meta($db, 140, 'REAL UNSIGNED', 1.01, ($real_as_float) ? 'FLOAT' : 'DOUBLE', PDO::PARAM_STR); +- test_meta($db, 150, 'REAL ZEROFILL', -1.01, ($real_as_float) ? 'FLOAT' : 'DOUBLE', PDO::PARAM_STR); ++ test_meta($db, 150, 'REAL ZEROFILL', 1.01, ($real_as_float) ? 'FLOAT' : 'DOUBLE', PDO::PARAM_STR); + test_meta($db, 160, 'REAL UNSIGNED ZEROFILL', 1.01, ($real_as_float) ? 'FLOAT' : 'DOUBLE', PDO::PARAM_STR); + + test_meta($db, 170, 'DOUBLE', -1.01, 'DOUBLE', PDO::PARAM_STR); + test_meta($db, 180, 'DOUBLE UNSIGNED', 1.01, 'DOUBLE', PDO::PARAM_STR); +- test_meta($db, 190, 'DOUBLE ZEROFILL', -1.01, 'DOUBLE', PDO::PARAM_STR); ++ test_meta($db, 190, 'DOUBLE ZEROFILL', 1.01, 'DOUBLE', PDO::PARAM_STR); + test_meta($db, 200, 'DOUBLE UNSIGNED ZEROFILL', 1.01, 'DOUBLE', PDO::PARAM_STR); + + test_meta($db, 210, 'FLOAT', -1.01, 'FLOAT', PDO::PARAM_STR); + test_meta($db, 220, 'FLOAT UNSIGNED', 1.01, 'FLOAT', PDO::PARAM_STR); +- test_meta($db, 230, 'FLOAT ZEROFILL', -1.01, 'FLOAT', PDO::PARAM_STR); ++ test_meta($db, 230, 'FLOAT ZEROFILL', 1.01, 'FLOAT', PDO::PARAM_STR); + test_meta($db, 240, 'FLOAT UNSIGNED ZEROFILL', 1.01, 'FLOAT', PDO::PARAM_STR); + + test_meta($db, 250, 'DECIMAL', -1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); + test_meta($db, 260, 'DECIMAL UNSIGNED', 1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); +- test_meta($db, 270, 'DECIMAL ZEROFILL', -1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); ++ test_meta($db, 270, 'DECIMAL ZEROFILL', 1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); + test_meta($db, 280, 'DECIMAL UNSIGNED ZEROFILL', 1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); + + test_meta($db, 290, 'NUMERIC', -1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); + test_meta($db, 300, 'NUMERIC UNSIGNED', 1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); +- test_meta($db, 310, 'NUMERIC ZEROFILL', -1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); ++ test_meta($db, 310, 'NUMERIC ZEROFILL', 1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); + test_meta($db, 320, 'NUMERIC UNSIGNED ZEROFILL', 1.01, array('DECIMAL', 'NEWDECIMAL'), PDO::PARAM_STR); + + test_meta($db, 330, 'DATE', '2008-04-23', array('DATE', 'NEWDATE'), PDO::PARAM_STR); + test_meta($db, 340, 'TIME', '14:37:00', 'TIME', PDO::PARAM_STR); +- test_meta($db, 350, 'TIMESTAMP', time(), 'TIMESTAMP', PDO::PARAM_STR); ++ test_meta($db, 350, 'TIMESTAMP', '2008-03-23 14:38:00', 'TIMESTAMP', PDO::PARAM_STR); + test_meta($db, 360, 'DATETIME', '2008-03-23 14:38:00', 'DATETIME', PDO::PARAM_STR); + test_meta($db, 370, 'YEAR', '2008', 'YEAR', ($is_mysqlnd) ? PDO::PARAM_INT : PDO::PARAM_STR); + +diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c +index 0848fd8..c4bb370 100644 +--- a/sapi/fpm/fpm/fpm_main.c ++++ b/sapi/fpm/fpm/fpm_main.c +@@ -1245,8 +1245,8 @@ + path_info = script_path_translated + ptlen; + tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0)); + } else { +- path_info = env_path_info ? env_path_info + pilen - slen : NULL; +- tflag = (orig_path_info != path_info); ++ path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL; ++ tflag = path_info && (orig_path_info != path_info); + } + + if (tflag) { +diff --git a/ext/bcmath/libbcmath/src/str2num.c b/ext/bcmath/libbcmath/src/str2num.c +index c484c15..a5e7850 100644 +--- a/ext/bcmath/libbcmath/src/str2num.c ++++ b/ext/bcmath/libbcmath/src/str2num.c +@@ -57,9 +57,9 @@ + zero_int = FALSE; + if ( (*ptr == '+') || (*ptr == '-')) ptr++; /* Sign */ + while (*ptr == '0') ptr++; /* Skip leading zeros. */ +- while (isdigit((int)*ptr)) ptr++, digits++; /* digits */ ++ while (*ptr >= '0' && *ptr <= '9') ptr++, digits++; /* digits */ + if (*ptr == '.') ptr++; /* decimal point */ +- while (isdigit((int)*ptr)) ptr++, strscale++; /* digits */ ++ while (*ptr >= '0' && *ptr <= '9') ptr++, strscale++; /* digits */ + if ((*ptr != '\0') || (digits+strscale == 0)) + { + *num = bc_copy_num (BCG(_zero_)); +--- /dev/null ++++ b/ext/bcmath/tests/bug78878.phpt +@@ -0,0 +1,13 @@ ++--TEST-- ++Bug #78878 (Buffer underflow in bc_shift_addsub) ++--SKIPIF-- ++<?php ++if (!extension_loaded('bcmath')) die('skip bcmath extension not available'); ++?> ++--FILE-- ++<?php ++print @bcmul("\xB26483605105519922841849335928742092", bcpowmod(2, 65535, -4e-4)); ++?> ++--EXPECT-- ++bc math warning: non-zero scale in modulus ++0 +diff --git a/ext/standard/link_win32.c b/ext/standard/link_win32.c +index 059201c..4c537db 100644 +--- a/ext/standard/link_win32.c ++++ b/ext/standard/link_win32.c +@@ -208,7 +208,7 @@ + + /*First argument to link function is the target and hence should go to frompath + Second argument to link function is the link itself and hence should go to topath */ +- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &frompath, &frompath_len, &topath, &topath_len) == FAILURE) { ++ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "pp", &frompath, &frompath_len, &topath, &topath_len) == FAILURE) { + return; + } + +--- /dev/null ++++ b/ext/standard/tests/file/windows_links/bug78862.phpt +@@ -0,0 +1,17 @@ ++--TEST-- ++Bug #78862 (link() silently truncates after a null byte on Windows) ++--FILE-- ++<?php ++file_put_contents(__DIR__ . '/bug78862.target', 'foo'); ++var_dump(link(__DIR__ . "/bug78862.target\0more", __DIR__ . "/bug78862.link\0more")); ++var_dump(file_exists(__DIR__ . '/bug78862.link')); ++?> ++--EXPECTF-- ++Warning: link() expects parameter 1 to be a valid path, string given in %s on line %d ++NULL ++bool(false) ++--CLEAN-- ++<?php ++unlink(__DIR__ . '/bug78862.target'); ++unlink(__DIR__ . '/bug78862.link'); ++?> +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index 6a3bb91..f64a14e 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -2759,7 +2759,8 @@ + continue; + if (maker_note->model && (!ImageInfo->model || strcmp(maker_note->model, ImageInfo->model))) + continue; +- if (maker_note->id_string && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len)) ++ if (maker_note->id_string && value_len >= maker_note->id_string_len ++ && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len)) + continue; + break; + } +--- /dev/null ++++ b/ext/exif/tests/bug78910.phpt +@@ -0,0 +1,17 @@ ++--TEST-- ++Bug #78910: Heap-buffer-overflow READ in exif (OSS-Fuzz #19044) ++--FILE-- ++<?php ++ ++var_dump(exif_read_data('data:image/jpg;base64,TU0AKgAAAAwgICAgAAIBDwAEAAAAAgAAACKSfCAgAAAAAEZVSklGSUxN')); ++ ++?> ++--EXPECTF-- ++Notice: exif_read_data(): Read from TIFF: tag(0x927C, MakerNote ): Illegal format code 0x2020, switching to BYTE in %s on line %d ++ ++Warning: exif_read_data(): Process tag(x927C=MakerNote ): Illegal format code 0x2020, suppose BYTE in %s on line %d ++ ++Warning: exif_read_data(): IFD data too short: 0x0000 offset 0x000C in %s on line %d ++ ++Warning: exif_read_data(): Invalid TIFF file in %s on line %d ++bool(false) +diff --git a/ext/curl/tests/curl_basic_009.phpt b/ext/curl/tests/curl_basic_009.phpt +index 529e590..3b36a78 100644 +--- a/ext/curl/tests/curl_basic_009.phpt ++++ b/ext/curl/tests/curl_basic_009.phpt +@@ -18,6 +18,6 @@ + + + ?> +---EXPECTF-- +-%unicode|string%(%d) "%Srotocol%s" +-int(1) ++--EXPECTREGEX-- ++string\(\d+\) "([^\r\n]*rotocol[^\r\n]+|Could not resolve host: .+)" ++int\(\d\) +diff --git a/ext/phar/tests/tar/phar_commitwrite.phpt b/ext/phar/tests/tar/phar_commitwrite.phpt +index 262ea1d..bfbac61 100644 +--- a/ext/phar/tests/tar/phar_commitwrite.phpt ++++ b/ext/phar/tests/tar/phar_commitwrite.phpt +@@ -5,9 +5,6 @@ + --INI-- + phar.require_hash=0 + phar.readonly=0 +---ENV-- +-TEMP=. +-TMP=. + --FILE-- + <?php + $p = new Phar(dirname(__FILE__) . '/brandnewphar.phar.tar', 0, 'brandnewphar.phar'); +diff --git a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt +index b68bbf6..c16e752 100644 +--- a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt ++++ b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt +@@ -9,9 +9,6 @@ + --INI-- + phar.require_hash=0 + phar.readonly=0 +---ENV-- +-TEMP=. +-TMP=. + --FILE-- + <?php + $fname = dirname(__FILE__) . '/' . basename(__FILE__, '.php') . '.phar.tar'; +diff --git a/ext/phar/tests/zip/phar_commitwrite.phpt b/ext/phar/tests/zip/phar_commitwrite.phpt +index 4e18a6b..eb3aeae 100644 +--- a/ext/phar/tests/zip/phar_commitwrite.phpt ++++ b/ext/phar/tests/zip/phar_commitwrite.phpt +@@ -5,9 +5,6 @@ + --INI-- + phar.require_hash=0 + phar.readonly=0 +---ENV-- +-TEMP=. +-TMP=. + --FILE-- + <?php + $p = new Phar(dirname(__FILE__) . '/brandnewphar.phar.zip', 0, 'brandnewphar.phar'); +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index f64a14e..bf2fd61 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -3253,6 +3253,11 @@ + { + unsigned exif_value_2a, offset_of_ifd; + ++ if (length < 2) { ++ exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Missing TIFF alignment marker"); ++ return; ++ } ++ + /* set the thumbnail stuff to nothing so we can test to see if they get set up */ + if (memcmp(CharBuf, "II", 2) == 0) { + ImageInfo->motorola_intel = 0; +@@ -3405,7 +3410,7 @@ + return FALSE; + } + +- sn = exif_file_sections_add(ImageInfo, marker, itemlen+1, NULL); ++ sn = exif_file_sections_add(ImageInfo, marker, itemlen, NULL); + Data = ImageInfo->file.list[sn].data; + + /* Store first two pre-read bytes. */ +--- /dev/null ++++ b/ext/exif/tests/bug79282.phpt +@@ -0,0 +1,15 @@ ++--TEST-- ++Bug #79282: Use-of-uninitialized-value in exif ++--FILE-- ++<?php ++ ++var_dump(exif_read_data('data://image/jpeg;base64,/9jhAAlFeGlmAAAg')); ++ ++?> ++--EXPECTF-- ++Warning: exif_read_data(): Invalid TIFF alignment marker in %s on line %d ++ ++Warning: exif_read_data(): File structure corrupted in %s on line %d ++ ++Warning: exif_read_data(): Invalid JPEG file in %s on line %d ++bool(false) +diff --git a/ext/standard/exec.c b/ext/standard/exec.c +index 88a6b4a..a586b78 100644 +--- a/ext/standard/exec.c ++++ b/ext/standard/exec.c +@@ -537,6 +537,15 @@ + return; + } + ++ if (!command_len) { ++ php_error_docref(NULL, E_WARNING, "Cannot execute a blank command"); ++ RETURN_FALSE; ++ } ++ if (strlen(command) != command_len) { ++ php_error_docref(NULL, E_WARNING, "NULL byte detected. Possible attack"); ++ RETURN_FALSE; ++ } ++ + #ifdef PHP_WIN32 + if ((in=VCWD_POPEN(command, "rt"))==NULL) { + #else +diff --git a/ext/standard/url.c b/ext/standard/url.c +index d6e71fa..0278bd4 100644 +--- a/ext/standard/url.c ++++ b/ext/standard/url.c +@@ -545,7 +545,7 @@ + #ifndef CHARSET_EBCDIC + *dest = (char) php_htoi(data + 1); + #else +- *dest = os_toebcdic[(char) php_htoi(data + 1)]; ++ *dest = os_toebcdic[(unsigned char) php_htoi(data + 1)]; + #endif + data += 2; + len -= 2; +@@ -647,7 +647,7 @@ + #ifndef CHARSET_EBCDIC + *dest = (char) php_htoi(data + 1); + #else +- *dest = os_toebcdic[(char) php_htoi(data + 1)]; ++ *dest = os_toebcdic[(unsigned char) php_htoi(data + 1)]; + #endif + data += 2; + len -= 2; +--- /dev/null ++++ b/ext/openssl/tests/bug72333.phpt +@@ -0,0 +1,54 @@ ++--TEST-- ++Bug #72333: fwrite() on non-blocking SSL sockets doesn't work ++--SKIPIF-- ++<?php ++if (!extension_loaded("openssl")) die("skip openssl not loaded"); ++if (!function_exists("proc_open")) die("skip no proc_open"); ++?> ++--FILE-- ++<?php ++$serverCode = <<<'CODE' ++ $context = stream_context_create(['ssl' => ['local_cert' => __DIR__ . '/bug54992.pem']]); ++ ++ $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; ++ $fp = stream_socket_server("ssl://127.0.0.1:10011", $errornum, $errorstr, $flags, $context); ++ phpt_notify(); ++ $conn = stream_socket_accept($fp); ++ ++ for ($i = 0; $i < 5; $i++) { ++ fread($conn, 100000); ++ usleep(200000); ++ } ++CODE; ++ ++$clientCode = <<<'CODE' ++ $context = stream_context_create(['ssl' => ['verify_peer' => false, 'peer_name' => 'bug54992.local']]); ++ ++ phpt_wait(); ++ $fp = stream_socket_client("ssl://127.0.0.1:10011", $errornum, $errorstr, 3000, STREAM_CLIENT_CONNECT, $context); ++ stream_set_blocking($fp, 0); ++ ++ function blocking_fwrite($fp, $buf) { ++ $write = [$fp]; ++ $total = 0; ++ while (stream_select($read, $write, $except, 180)) { ++ $result = fwrite($fp, $buf); ++ $total += $result; ++ if ($total >= strlen($buf)) { ++ return $total; ++ } ++ $buf = substr($buf, $total); ++ } ++ } ++ ++ $str1 = str_repeat("a", 5000000); ++ blocking_fwrite($fp, $str1); ++ echo "done"; ++CODE; ++ ++include 'ServerClientTestCase.inc'; ++ServerClientTestCase::getInstance()->run($clientCode, $serverCode); ++?> ++--EXPECT-- ++done ++ +diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c +index c2d477c..6a7dcd7 100644 +--- a/ext/openssl/xp_ssl.c ++++ b/ext/openssl/xp_ssl.c +@@ -1714,6 +1714,14 @@ + + if (SUCCESS == php_set_sock_blocking(sslsock->s.socket, 0 TSRMLS_CC)) { + sslsock->s.is_blocked = 0; ++ SSL_set_mode( ++ sslsock->ssl_handle, ++ ( ++ SSL_get_mode(sslsock->ssl_handle) | ++ SSL_MODE_ENABLE_PARTIAL_WRITE | ++ SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER ++ ) ++ ); + } + + timeout = sslsock->is_client ? &sslsock->connect_timeout : &sslsock->s.timeout; +diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c +index 52f058c..8fa14f3 100644 +--- a/ext/zip/php_zip.c ++++ b/ext/zip/php_zip.c +@@ -1572,6 +1572,21 @@ + ze_obj->filename = NULL; + } + ++#if LIBZIP_VERSION_MAJOR > 1 || LIBZIP_VERSION_MAJOR == 1 && LIBZIP_VERSION_MINOR >= 6 ++ /* reduce BC break introduce in libzip 1.6.0 ++ "Do not accept empty files as valid zip archives any longer" */ ++ ++ /* open for write without option to empty the archive */ ++ if ((flags & (ZIP_TRUNCATE | ZIP_RDONLY)) == 0) { ++ struct stat st; ++ ++ /* exists and is empty */ ++ if (VCWD_STAT(resolved_path, &st) == 0 && st.st_size == 0) { ++ flags |= ZIP_TRUNCATE; ++ } ++ } ++#endif ++ + intern = zip_open(resolved_path, flags, &err); + if (!intern || err) { + efree(resolved_path); +diff --git a/main/php_variables.c b/main/php_variables.c +index 6da79bd..084b10f 100644 +--- a/main/php_variables.c ++++ b/main/php_variables.c +@@ -472,7 +472,9 @@ + unsigned int new_val_len; + + *val++ = '\0'; +- php_url_decode(var, strlen(var)); ++ if (arg != PARSE_COOKIE) { ++ php_url_decode(var, strlen(var)); ++ } + val_len = php_url_decode(val, strlen(val)); + val = estrndup(val, val_len); + if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) { +@@ -483,7 +485,9 @@ + int val_len; + unsigned int new_val_len; + +- php_url_decode(var, strlen(var)); ++ if (arg != PARSE_COOKIE) { ++ php_url_decode(var, strlen(var)); ++ } + val_len = 0; + val = estrndup("", val_len); + if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) { +diff --git a/tests/basic/022.phpt b/tests/basic/022.phpt +index 0ab70d4..bd1db13 100644 +--- a/tests/basic/022.phpt ++++ b/tests/basic/022.phpt +@@ -10,7 +10,7 @@ + var_dump($_COOKIE); + ?> + --EXPECT-- +-array(10) { ++array(12) { + ["cookie1"]=> + string(6) "val1 " + ["cookie2"]=> +@@ -19,11 +19,15 @@ + string(6) "val 3." + ["cookie_4"]=> + string(10) " value 4 ;" ++ ["%20cookie1"]=> ++ string(6) "ignore" ++ ["+cookie1"]=> ++ string(6) "ignore" + ["cookie__5"]=> + string(7) " value" +- ["cookie_6"]=> ++ ["cookie%206"]=> + string(3) "þæö" +- ["cookie_7"]=> ++ ["cookie+7"]=> + string(0) "" + ["$cookie_8"]=> + string(0) "" +diff --git a/tests/basic/023.phpt b/tests/basic/023.phpt +index ca5f1dc..0e2e0ac 100644 +--- a/tests/basic/023.phpt ++++ b/tests/basic/023.phpt +@@ -10,9 +10,11 @@ + var_dump($_COOKIE); + ?> + --EXPECT-- +-array(3) { ++array(4) { + ["c_o_o_k_i_e"]=> + string(5) "value" ++ ["c%20o+o_k+i%20e"]=> ++ string(1) "v" + ["name"]=> + string(24) ""value","value",UEhQIQ==" + ["UEhQIQ"]=> +--- /dev/null ++++ b/tests/basic/bug79699.phpt +@@ -0,0 +1,22 @@ ++--TEST-- ++Cookies Security Bug ++--INI-- ++max_input_vars=1000 ++filter.default=unsafe_raw ++--COOKIE-- ++__%48ost-evil=evil; __Host-evil=good; %66oo=baz;foo=bar ++--FILE-- ++<?php ++var_dump($_COOKIE); ++?> ++--EXPECT-- ++array(4) { ++ ["__%48ost-evil"]=> ++ string(4) "evil" ++ ["__Host-evil"]=> ++ string(4) "good" ++ ["%66oo"]=> ++ string(3) "baz" ++ ["foo"]=> ++ string(3) "bar" ++} +--- a/ext/soap/php_sdl.c ++++ b/ext/soap/php_sdl.c +@@ -318,6 +318,8 @@ + ctx->context = NULL; + } + ++#define SAFE_STR(a) ((a)?a:"") ++ + static void load_wsdl_ex(zval *this_ptr, char *struri, sdlCtx *ctx, int include TSRMLS_DC) + { + sdlPtr tmpsdl = ctx->sdl; +@@ -379,7 +381,7 @@ + if (node_is_equal_ex(trav2, "schema", XSD_NAMESPACE)) { + load_schema(ctx, trav2 TSRMLS_CC); + } else if (is_wsdl_element(trav2) && !node_is_equal(trav2,"documentation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav2->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav2->name)); + } + trav2 = trav2->next; + } +@@ -440,7 +442,7 @@ + soap_error0(E_ERROR, "Parsing WSDL: <service> has no name attribute"); + } + } else if (!node_is_equal(trav,"documentation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name)); + } + trav = trav->next; + } +@@ -550,7 +552,7 @@ + } + smart_str_free(&key); + } else if (is_wsdl_element(trav) && !node_is_equal(trav,"documentation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name)); + } + trav = trav->next; + } +@@ -655,7 +657,7 @@ + } + smart_str_free(&key); + } else if (is_wsdl_element(trav) && !node_is_equal(trav,"documentation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name)); + } + trav = trav->next; + } +@@ -687,14 +689,14 @@ + sdlParamPtr param; + + if (trav->ns != NULL && strcmp((char*)trav->ns->href, WSDL_NAMESPACE) != 0) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected extensibility element <%s>", trav->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected extensibility element <%s>", SAFE_STR(trav->name)); + } + if (node_is_equal(trav,"documentation")) { + trav = trav->next; + continue; + } + if (!node_is_equal(trav,"part")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name)); + } + part = trav; + param = emalloc(sizeof(sdlParam)); +@@ -703,7 +705,7 @@ + + name = get_attribute(part->properties, "name"); + if (name == NULL) { +- soap_error1(E_ERROR, "Parsing WSDL: No name associated with <part> '%s'", message->name); ++ soap_error1(E_ERROR, "Parsing WSDL: No name associated with <part> '%s'", SAFE_STR(message->name)); + } + + param->paramName = estrdup((char*)name->children->content); +@@ -773,7 +775,7 @@ + continue; + } + if (!node_is_equal(trav,"port")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name)); + } + + port = trav; +@@ -812,7 +814,7 @@ + } + } + if (trav2 != address && is_wsdl_element(trav2) && !node_is_equal(trav2,"documentation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav2->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav2->name)); + } + trav2 = trav2->next; + } +@@ -914,7 +916,7 @@ + continue; + } + if (!node_is_equal(trav2,"operation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav2->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav2->name)); + } + + operation = trav2; +@@ -933,7 +935,7 @@ + !node_is_equal(trav3,"output") && + !node_is_equal(trav3,"fault") && + !node_is_equal(trav3,"documentation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav3->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav3->name)); + } + trav3 = trav3->next; + } +@@ -1111,7 +1113,7 @@ + } + } + } else if (is_wsdl_element(trav) && !node_is_equal(trav,"documentation")) { +- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name); ++ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name)); + } + trav = trav->next; + } +diff --git a/ext/soap/php_xml.c b/ext/soap/php_xml.c +index f3b49df..4694b4e 100644 +--- a/ext/soap/php_xml.c ++++ b/ext/soap/php_xml.c +@@ -205,7 +205,7 @@ + + int attr_is_equal_ex(xmlAttrPtr node, char *name, char *ns) + { +- if (name == NULL || strcmp((char*)node->name, name) == 0) { ++ if (name == NULL || ((node->name) && strcmp((char*)node->name, name) == 0)) { + if (ns) { + xmlNsPtr nsPtr = attr_find_ns(node); + if (nsPtr) { +@@ -221,7 +221,7 @@ + + int node_is_equal_ex(xmlNodePtr node, char *name, char *ns) + { +- if (name == NULL || strcmp((char*)node->name, name) == 0) { ++ if (name == NULL || ((node->name) && strcmp((char*)node->name, name) == 0)) { + if (ns) { + xmlNsPtr nsPtr = node_find_ns(node); + if (nsPtr) { +--- /dev/null ++++ b/ext/soap/tests/bug80672.phpt +@@ -0,0 +1,15 @@ ++--TEST-- ++Bug #80672 Null Dereference in SoapClient ++--SKIPIF-- ++<?php require_once('skipif.inc'); ?> ++--FILE-- ++<?php ++try { ++ $client = new SoapClient(__DIR__ . "/bug80672.xml"); ++ $query = $soap->query(array('sXML' => 'something')); ++} catch(SoapFault $e) { ++ print $e->getMessage(); ++} ++?> ++--EXPECTF-- ++SOAP-ERROR: Parsing WSDL: Unexpected WSDL element <> +\ No newline at end of file +--- /dev/null ++++ b/ext/soap/tests/bug80672.xml +@@ -0,0 +1,6 @@ ++<?xml version="1.0" encoding="ISO-8859-1"?> ++<soap:definitions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ++ xmlns:xsd="http://www.w3.org/2001/XMLSchema" ++ xmlns:soap="http://schemas.xmlsoap.org/wsdl/"> ++<![CDATA[test]]> ++</soap:definitions> +diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c +index b30440f..5dfe122 100644 +--- a/ext/imap/php_imap.c ++++ b/ext/imap/php_imap.c +@@ -3491,6 +3491,21 @@ + } + /* }}} */ + ++static zend_bool header_injection(char *p, zend_bool adrlist) ++{ ++ while ((p = strpbrk(p, "\r\n")) != NULL) { ++ if (!(p[0] == '\r' && p[1] == '\n') ++ /* adrlists do not support folding, but swallow trailing line breaks */ ++ && !((adrlist && p[1] == '\0') ++ /* other headers support folding */ ++ || !adrlist && (p[1] == ' ' || p[1] == '\t'))) { ++ return 1; ++ } ++ p++; ++ } ++ return 0; ++} ++ + /* {{{ proto string imap_mail_compose(array envelope, array body) + Create a MIME message based on given envelope and body sections */ + PHP_FUNCTION(imap_mail_compose) +@@ -3511,6 +3526,13 @@ + return; + } + ++#define CHECK_HEADER_INJECTION(zstr, adrlist, header) \ ++ if (header_injection(zstr, adrlist)) { \ ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "header injection attempt in " header); \ ++ RETVAL_FALSE; \ ++ goto done; \ ++ } ++ + #define PHP_RFC822_PARSE_ADRLIST(target, value) \ + str_copy = estrndup(Z_STRVAL_PP(value), Z_STRLEN_PP(value)); \ + rfc822_parse_adrlist(target, str_copy, "NO HOST"); \ +@@ -3519,46 +3541,57 @@ + env = mail_newenvelope(); + if (zend_hash_find(Z_ARRVAL_P(envelope), "remail", sizeof("remail"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "remail"); + env->remail = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "return_path", sizeof("return_path"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 1, "return_path"); + PHP_RFC822_PARSE_ADRLIST(&env->return_path, pvalue); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "date", sizeof("date"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "date"); + env->date = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "from", sizeof("from"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 1, "from"); + PHP_RFC822_PARSE_ADRLIST(&env->from, pvalue); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "reply_to", sizeof("reply_to"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 1, "reply_to"); + PHP_RFC822_PARSE_ADRLIST(&env->reply_to, pvalue); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "in_reply_to", sizeof("in_reply_to"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "in_reply_to"); + env->in_reply_to = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "subject", sizeof("subject"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "subject"); + env->subject = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "to", sizeof("to"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 1, "to"); + PHP_RFC822_PARSE_ADRLIST(&env->to, pvalue); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "cc", sizeof("cc"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 1, "cc"); + PHP_RFC822_PARSE_ADRLIST(&env->cc, pvalue); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "bcc", sizeof("bcc"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 1, "bcc"); + PHP_RFC822_PARSE_ADRLIST(&env->bcc, pvalue); + } + if (zend_hash_find(Z_ARRVAL_P(envelope), "message_id", sizeof("message_id"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "message_id"); + env->message_id=cpystr(Z_STRVAL_PP(pvalue)); + } + +@@ -3568,6 +3601,7 @@ + while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &env_data) == SUCCESS) { + custom_headers_param = mail_newbody_parameter(); + convert_to_string_ex(env_data); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(env_data), 0, "custom_headers"); + custom_headers_param->value = (char *) fs_get(Z_STRLEN_PP(env_data) + 1); + custom_headers_param->attribute = NULL; + memcpy(custom_headers_param->value, Z_STRVAL_PP(env_data), Z_STRLEN_PP(env_data) + 1); +@@ -3598,6 +3632,7 @@ + } + if (zend_hash_find(Z_ARRVAL_PP(data), "charset", sizeof("charset"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body charset"); + tmp_param = mail_newbody_parameter(); + tmp_param->value = cpystr(Z_STRVAL_PP(pvalue)); + tmp_param->attribute = cpystr("CHARSET"); +@@ -3608,10 +3643,12 @@ + if(Z_TYPE_PP(pvalue) == IS_ARRAY) { + disp_param = tmp_param = NULL; + while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { ++ CHECK_HEADER_INJECTION(key, 0, "body disposition key"); + disp_param = mail_newbody_parameter(); + zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); + disp_param->attribute = cpystr(key); + convert_to_string_ex(disp_data); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(disp_data), 0, "body disposition value"); + disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); + memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); + zend_hash_move_forward(Z_ARRVAL_PP(pvalue)); +@@ -3623,18 +3660,22 @@ + } + if (zend_hash_find(Z_ARRVAL_PP(data), "subtype", sizeof("subtype"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body subtype"); + bod->subtype = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_PP(data), "id", sizeof("id"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body id"); + bod->id = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_PP(data), "description", sizeof("description"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body description"); + bod->description = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_PP(data), "disposition.type", sizeof("disposition.type"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body disposition.type"); + bod->disposition.type = (char *) fs_get(Z_STRLEN_PP(pvalue) + 1); + memcpy(bod->disposition.type, Z_STRVAL_PP(pvalue), Z_STRLEN_PP(pvalue)+1); + } +@@ -3642,10 +3683,12 @@ + if (Z_TYPE_PP(pvalue) == IS_ARRAY) { + disp_param = tmp_param = NULL; + while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { ++ CHECK_HEADER_INJECTION(key, 0, "body type.parameters key"); + disp_param = mail_newbody_parameter(); + zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); + disp_param->attribute = cpystr(key); + convert_to_string_ex(disp_data); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(disp_data), 0, "body type.parameters value"); + disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); + memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); + zend_hash_move_forward(Z_ARRVAL_PP(pvalue)); +@@ -3675,6 +3718,7 @@ + } + if (zend_hash_find(Z_ARRVAL_PP(data), "md5", sizeof("md5"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body md5"); + bod->md5 = cpystr(Z_STRVAL_PP(pvalue)); + } + } +@@ -3710,6 +3754,7 @@ + } + if (zend_hash_find(Z_ARRVAL_PP(data), "charset", sizeof("charset"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body charset"); + tmp_param = mail_newbody_parameter(); + tmp_param->value = (char *) fs_get(Z_STRLEN_PP(pvalue) + 1); + memcpy(tmp_param->value, Z_STRVAL_PP(pvalue), Z_STRLEN_PP(pvalue) + 1); +@@ -3723,8 +3768,10 @@ + while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { + disp_param = mail_newbody_parameter(); + zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); ++ CHECK_HEADER_INJECTION(key, 0, "body type.parameters key"); + disp_param->attribute = cpystr(key); + convert_to_string_ex(disp_data); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(disp_data), 0, "body type.parameters value"); + disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); + memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); + zend_hash_move_forward(Z_ARRVAL_PP(pvalue)); +@@ -3736,18 +3783,22 @@ + } + if (zend_hash_find(Z_ARRVAL_PP(data), "subtype", sizeof("subtype"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body subtype"); + bod->subtype = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_PP(data), "id", sizeof("id"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body id"); + bod->id = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_PP(data), "description", sizeof("description"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body description"); + bod->description = cpystr(Z_STRVAL_PP(pvalue)); + } + if (zend_hash_find(Z_ARRVAL_PP(data), "disposition.type", sizeof("disposition.type"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body disposition.type"); + bod->disposition.type = (char *) fs_get(Z_STRLEN_PP(pvalue) + 1); + memcpy(bod->disposition.type, Z_STRVAL_PP(pvalue), Z_STRLEN_PP(pvalue)+1); + } +@@ -3757,8 +3808,10 @@ + while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { + disp_param = mail_newbody_parameter(); + zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); ++ CHECK_HEADER_INJECTION(key, 0, "body disposition key"); + disp_param->attribute = cpystr(key); + convert_to_string_ex(disp_data); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(disp_data), 0, "body disposition value"); + disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); + memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); + zend_hash_move_forward(Z_ARRVAL_PP(pvalue)); +@@ -3788,6 +3841,7 @@ + } + if (zend_hash_find(Z_ARRVAL_PP(data), "md5", sizeof("md5"), (void **) &pvalue)== SUCCESS) { + convert_to_string_ex(pvalue); ++ CHECK_HEADER_INJECTION(Z_STRVAL_PP(pvalue), 0, "body md5"); + bod->md5 = cpystr(Z_STRVAL_PP(pvalue)); + } + } +--- /dev/null ++++ b/ext/imap/tests/bug80710_1.phpt +@@ -0,0 +1,37 @@ ++--TEST-- ++Bug #80710 (imap_mail_compose() header injection) - MIME Splitting Attack ++--SKIPIF-- ++<?php ++if (!extension_loaded("imap")) die("skip imap extension not available"); ++?> ++--FILE-- ++<?php ++$envelope["from"]= "joe@example.com\n From : X-INJECTED"; ++$envelope["to"] = "foo@example.com\nFrom: X-INJECTED"; ++$envelope["cc"] = "bar@example.com\nFrom: X-INJECTED"; ++$envelope["subject"] = "bar@example.com\n\n From : X-INJECTED"; ++$envelope["x-remail"] = "bar@example.com\nFrom: X-INJECTED"; ++$envelope["something"] = "bar@example.com\nFrom: X-INJECTED"; ++ ++$part1["type"] = TYPEMULTIPART; ++$part1["subtype"] = "mixed"; ++ ++$part2["type"] = TYPEAPPLICATION; ++$part2["encoding"] = ENCBINARY; ++$part2["subtype"] = "octet-stream\nContent-Type: X-INJECTED"; ++$part2["description"] = "some file\nContent-Type: X-INJECTED"; ++$part2["contents.data"] = "ABC\nContent-Type: X-INJECTED"; ++ ++$part3["type"] = TYPETEXT; ++$part3["subtype"] = "plain"; ++$part3["description"] = "description3"; ++$part3["contents.data"] = "contents.data3\n\n\n\t"; ++ ++$body[1] = $part1; ++$body[2] = $part2; ++$body[3] = $part3; ++ ++echo imap_mail_compose($envelope, $body); ++?> ++--EXPECTF-- ++Warning: imap_mail_compose(): header injection attempt in from in %s on line %d +--- /dev/null ++++ b/ext/imap/tests/bug80710_2.phpt +@@ -0,0 +1,37 @@ ++--TEST-- ++Bug #80710 (imap_mail_compose() header injection) - Remail ++--SKIPIF-- ++<?php ++if (!extension_loaded("imap")) die("skip imap extension not available"); ++?> ++--FILE-- ++<?php ++$envelope["from"]= "joe@example.com\n From : X-INJECTED"; ++$envelope["to"] = "foo@example.com\nFrom: X-INJECTED"; ++$envelope["cc"] = "bar@example.com\nFrom: X-INJECTED"; ++$envelope["subject"] = "bar@example.com\n\n From : X-INJECTED"; ++$envelope["remail"] = "X-INJECTED-REMAIL: X-INJECTED\nFrom: X-INJECTED-REMAIL-FROM"; //<--- Injected as first hdr ++$envelope["something"] = "bar@example.com\nFrom: X-INJECTED"; ++ ++$part1["type"] = TYPEMULTIPART; ++$part1["subtype"] = "mixed"; ++ ++$part2["type"] = TYPEAPPLICATION; ++$part2["encoding"] = ENCBINARY; ++$part2["subtype"] = "octet-stream\nContent-Type: X-INJECTED"; ++$part2["description"] = "some file\nContent-Type: X-INJECTED"; ++$part2["contents.data"] = "ABC\nContent-Type: X-INJECTED"; ++ ++$part3["type"] = TYPETEXT; ++$part3["subtype"] = "plain"; ++$part3["description"] = "description3"; ++$part3["contents.data"] = "contents.data3\n\n\n\t"; ++ ++$body[1] = $part1; ++$body[2] = $part2; ++$body[3] = $part3; ++ ++echo imap_mail_compose($envelope, $body); ++?> ++--EXPECTF-- ++Warning: imap_mail_compose(): header injection attempt in remail in %s on line %d +diff --git a/ext/interbase/config.m4 b/ext/interbase/config.m4 +index 6aa1b36..8bb4c2e 100644 +--- a/ext/interbase/config.m4 ++++ b/ext/interbase/config.m4 +@@ -3,39 +3,54 @@ + install directory [/usr/interbase]]) + + if test "$PHP_INTERBASE" != "no"; then +- if test "$PHP_INTERBASE" = "yes"; then +- IBASE_INCDIR=/usr/interbase/include +- IBASE_LIBDIR=/usr/interbase/lib ++ ++ AC_PATH_PROG(FB_CONFIG, fb_config, no) ++ ++ if test -x "$FB_CONFIG" && test "$PHP_INTERBASE" = "yes"; then ++ AC_MSG_CHECKING(for libfbconfig) ++ FB_CFLAGS=`$FB_CONFIG --cflags` ++ FB_LIBDIR=`$FB_CONFIG --libs` ++ FB_VERSION=`$FB_CONFIG --version` ++ AC_MSG_RESULT(version $FB_VERSION) ++ PHP_EVAL_LIBLINE($FB_LIBDIR, INTERBASE_SHARED_LIBADD) ++ PHP_EVAL_INCLINE($FB_CFLAGS) ++ + else +- IBASE_INCDIR=$PHP_INTERBASE/include +- IBASE_LIBDIR=$PHP_INTERBASE/$PHP_LIBDIR +- fi ++ if test "$PHP_INTERBASE" = "yes"; then ++ IBASE_INCDIR=/usr/interbase/include ++ IBASE_LIBDIR=/usr/interbase/lib ++ else ++ IBASE_INCDIR=$PHP_INTERBASE/include ++ IBASE_LIBDIR=$PHP_INTERBASE/$PHP_LIBDIR ++ fi + +- PHP_CHECK_LIBRARY(fbclient, isc_detach_database, +- [ +- IBASE_LIBNAME=fbclient +- ], [ +- PHP_CHECK_LIBRARY(gds, isc_detach_database, ++ PHP_CHECK_LIBRARY(fbclient, isc_detach_database, + [ +- IBASE_LIBNAME=gds ++ IBASE_LIBNAME=fbclient + ], [ +- PHP_CHECK_LIBRARY(ib_util, isc_detach_database, ++ PHP_CHECK_LIBRARY(gds, isc_detach_database, + [ +- IBASE_LIBNAME=ib_util ++ IBASE_LIBNAME=gds + ], [ +- AC_MSG_ERROR([libgds, libib_util or libfbclient not found! Check config.log for more information.]) ++ PHP_CHECK_LIBRARY(ib_util, isc_detach_database, ++ [ ++ IBASE_LIBNAME=ib_util ++ ], [ ++ AC_MSG_ERROR([libgds, libib_util or libfbclient not found! Check config.log for more information.]) ++ ], [ ++ -L$IBASE_LIBDIR ++ ]) + ], [ + -L$IBASE_LIBDIR + ]) + ], [ + -L$IBASE_LIBDIR + ]) +- ], [ +- -L$IBASE_LIBDIR +- ]) + +- PHP_ADD_LIBRARY_WITH_PATH($IBASE_LIBNAME, $IBASE_LIBDIR, INTERBASE_SHARED_LIBADD) +- PHP_ADD_INCLUDE($IBASE_INCDIR) ++ PHP_ADD_LIBRARY_WITH_PATH($IBASE_LIBNAME, $IBASE_LIBDIR, INTERBASE_SHARED_LIBADD) ++ PHP_ADD_INCLUDE($IBASE_INCDIR) ++ fi ++ + AC_DEFINE(HAVE_IBASE,1,[ ]) + PHP_NEW_EXTENSION(interbase, interbase.c ibase_query.c ibase_service.c ibase_events.c ibase_blobs.c, $ext_shared) + PHP_SUBST(INTERBASE_SHARED_LIBADD) +diff --git a/ext/pdo_firebird/config.m4 b/ext/pdo_firebird/config.m4 +index f9188a0..e6362cd 100644 +--- a/ext/pdo_firebird/config.m4 ++++ b/ext/pdo_firebird/config.m4 +@@ -8,43 +8,56 @@ + AC_MSG_ERROR([PDO is not enabled! Add --enable-pdo to your configure line.]) + fi + +- if test "$PHP_PDO_FIREBIRD" = "yes"; then +- FIREBIRD_INCDIR= +- FIREBIRD_LIBDIR= +- FIREBIRD_LIBDIR_FLAG= ++ AC_PATH_PROG(FB_CONFIG, fb_config, no) ++ ++ if test -x "$FB_CONFIG" && test "$PHP_PDO_FIREBIRD" = "yes"; then ++ AC_MSG_CHECKING(for libfbconfig) ++ FB_CFLAGS=`$FB_CONFIG --cflags` ++ FB_LIBDIR=`$FB_CONFIG --libs` ++ FB_VERSION=`$FB_CONFIG --version` ++ AC_MSG_RESULT(version $FB_VERSION) ++ PHP_EVAL_LIBLINE($FB_LIBDIR, PDO_FIREBIRD_SHARED_LIBADD) ++ PHP_EVAL_INCLINE($FB_CFLAGS) ++ + else +- FIREBIRD_INCDIR=$PHP_PDO_FIREBIRD/include +- FIREBIRD_LIBDIR=$PHP_PDO_FIREBIRD/$PHP_LIBDIR +- FIREBIRD_LIBDIR_FLAG=-L$FIREBIRD_LIBDIR +- fi ++ if test "$PHP_PDO_FIREBIRD" = "yes"; then ++ FIREBIRD_INCDIR= ++ FIREBIRD_LIBDIR= ++ FIREBIRD_LIBDIR_FLAG= ++ else ++ FIREBIRD_INCDIR=$PHP_PDO_FIREBIRD/include ++ FIREBIRD_LIBDIR=$PHP_PDO_FIREBIRD/$PHP_LIBDIR ++ FIREBIRD_LIBDIR_FLAG=-L$FIREBIRD_LIBDIR ++ fi + +- PHP_CHECK_LIBRARY(fbclient, isc_detach_database, +- [ +- FIREBIRD_LIBNAME=fbclient +- ], [ +- PHP_CHECK_LIBRARY(gds, isc_detach_database, ++ PHP_CHECK_LIBRARY(fbclient, isc_detach_database, + [ +- FIREBIRD_LIBNAME=gds ++ FIREBIRD_LIBNAME=fbclient + ], [ +- PHP_CHECK_LIBRARY(ib_util, isc_detach_database, ++ PHP_CHECK_LIBRARY(gds, isc_detach_database, + [ +- FIREBIRD_LIBNAME=ib_util ++ FIREBIRD_LIBNAME=gds + ], [ +- AC_MSG_ERROR([libfbclient, libgds or libib_util not found! Check config.log for more information.]) ++ PHP_CHECK_LIBRARY(ib_util, isc_detach_database, ++ [ ++ FIREBIRD_LIBNAME=ib_util ++ ], [ ++ AC_MSG_ERROR([libfbclient, libgds or libib_util not found! Check config.log for more information.]) ++ ], [ ++ $FIREBIRD_LIBDIR_FLAG ++ ]) + ], [ + $FIREBIRD_LIBDIR_FLAG + ]) + ], [ + $FIREBIRD_LIBDIR_FLAG + ]) +- ], [ +- $FIREBIRD_LIBDIR_FLAG +- ]) ++ PHP_ADD_LIBRARY_WITH_PATH($FIREBIRD_LIBNAME, $FIREBIRD_LIBDIR, PDO_FIREBIRD_SHARED_LIBADD) ++ PHP_ADD_INCLUDE($FIREBIRD_INCDIR) ++ fi + + PHP_CHECK_PDO_INCLUDES + +- PHP_ADD_LIBRARY_WITH_PATH($FIREBIRD_LIBNAME, $FIREBIRD_LIBDIR, PDO_FIREBIRD_SHARED_LIBADD) +- PHP_ADD_INCLUDE($FIREBIRD_INCDIR) + AC_DEFINE(HAVE_PDO_FIREBIRD,1,[ ]) + PHP_NEW_EXTENSION(pdo_firebird, pdo_firebird.c firebird_driver.c firebird_statement.c, $ext_shared,,-I$pdo_cv_inc_path) + PHP_SUBST(PDO_FIREBIRD_SHARED_LIBADD) +diff --git a/ext/pdo_firebird/firebird_statement.c b/ext/pdo_firebird/firebird_statement.c +index d1f1012..8b8f822 100644 +--- a/ext/pdo_firebird/firebird_statement.c ++++ b/ext/pdo_firebird/firebird_statement.c +@@ -267,8 +267,8 @@ + unsigned short seg_len; + ISC_STATUS stat; + +- *ptr = S->fetch_buf[colno] = erealloc(*ptr, *len+1); +- ++ *ptr = S->fetch_buf[colno] = erealloc(S->fetch_buf[colno], *len+1); ++ + for (cur_len = stat = 0; (!stat || stat == isc_segment) && cur_len < *len; cur_len += seg_len) { + + unsigned short chunk_size = (*len-cur_len) > USHRT_MAX ? USHRT_MAX +--- /dev/null ++++ b/ext/pdo_firebird/tests/bug_76488.phpt +@@ -0,0 +1,32 @@ ++--TEST-- ++PDO_Firebird: Bug #76488 Memory leak when fetching a BLOB field ++--SKIPIF-- ++<?php if (!extension_loaded('interbase') || !extension_loaded('pdo_firebird')) die('skip'); ?> ++--FILE-- ++<?php ++require 'testdb.inc'; ++$dbh = new PDO('firebird:dbname='.$test_base, $user, $password) or die; ++ ++$sql = ' ++with recursive r(n) as ( ++ select 1 from rdb$database ++ union all ++ select n+1 from r where n < 1000 ++) ++select n, ++ cast(lpad(\'A\', 8000, \'A\') as BLOB sub_type TEXT) as SRC ++from r ++'; ++ ++ for ($i = 0; $i < 10; $i++) { ++ $sth = $dbh->prepare($sql); ++ $sth->execute(); ++ $rows = $sth->fetchAll(); ++ unset($rows); ++ unset($sth); ++ } ++ unset($dbh); ++ echo "OK"; ++?> ++--EXPECT-- ++OK +\ No newline at end of file +diff --git a/ext/pdo_firebird/firebird_statement.c b/ext/pdo_firebird/firebird_statement.c +index cb7e4bd..a87bcc1 100644 +--- a/ext/pdo_firebird/firebird_statement.c ++++ b/ext/pdo_firebird/firebird_statement.c +@@ -120,8 +120,14 @@ + } + if (result[0] == isc_info_sql_records) { + unsigned i = 3, result_size = isc_vax_integer(&result[1], 2); ++ if (result_size > sizeof(result)) { ++ goto error; ++ } + while (result[i] != isc_info_end && i < result_size) { + short len = (short) isc_vax_integer(&result[i + 1], 2); ++ if (len != 1 && len != 2 && len != 4) { ++ goto error; ++ } + if (result[i] != isc_info_req_select_count) { + affected_rows += isc_vax_integer(&result[i + 3], len); + } +@@ -145,7 +151,8 @@ + return 1; + } while (0); + +- RECORD_ERROR(stmt); ++error: ++ RECORD_ERROR(stmt); + + return 0; + } +--- /dev/null ++++ b/ext/pdo_firebird/tests/bug_76450.data +@@ -0,0 +1 @@ ++ +\ No newline at end of file +--- /dev/null ++++ b/ext/pdo_firebird/tests/bug_76450.phpt +@@ -0,0 +1,29 @@ ++--TEST-- ++Bug #76450 (SIGSEGV in firebird_stmt_execute) ++--SKIPIF-- ++<?php ++if (!extension_loaded('pdo_firebird')) die("skip pdo_firebird extension not available"); ++if (!extension_loaded('sockets')) die("skip sockets extension not available"); ++?> ++--FILE-- ++<?php ++require_once "payload_server.inc"; ++ ++$address = run_server(__DIR__ . "/bug_76450.data"); ++ ++// no need to change the credentials; we're running against a fake server ++$dsn = "firebird:dbname=inet://$address/test"; ++$username = 'SYSDBA'; ++$password = 'masterkey'; ++ ++$dbh = new PDO($dsn, $username, $password, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]); ++$sql = "EXECUTE PROCEDURE test_proc 123"; ++$query = $dbh->prepare($sql); ++try { ++ $query->execute(); ++} catch (Exception $ex) { ++ echo "{$ex->getMessage()}\n"; ++} ++?> ++--EXPECT-- ++SQLSTATE[HY000]: General error +diff --git a/ext/pdo_firebird/firebird_driver.c b/ext/pdo_firebird/firebird_driver.c +index 2e71d9d..baa1b96 100644 +--- a/ext/pdo_firebird/firebird_driver.c ++++ b/ext/pdo_firebird/firebird_driver.c +@@ -252,8 +252,17 @@ + if (result[0] == isc_info_sql_records) { + unsigned i = 3, result_size = isc_vax_integer(&result[1],2); + ++ if (result_size > sizeof(result)) { ++ ret = -1; ++ goto free_statement; ++ } + while (result[i] != isc_info_end && i < result_size) { + short len = (short)isc_vax_integer(&result[i+1],2); ++ /* bail out on bad len */ ++ if (len != 1 && len != 2 && len != 4) { ++ ret = -1; ++ goto free_statement; ++ } + if (result[i] != isc_info_req_select_count) { + ret += isc_vax_integer(&result[i+3],len); + } +--- /dev/null ++++ b/ext/pdo_firebird/tests/bug_76449.data +@@ -0,0 +1 @@ ++ +\ No newline at end of file +--- /dev/null ++++ b/ext/pdo_firebird/tests/bug_76449.phpt +@@ -0,0 +1,23 @@ ++--TEST-- ++Bug #76449 (SIGSEGV in firebird_handle_doer) ++--SKIPIF-- ++<?php ++if (!extension_loaded('pdo_firebird')) die("skip pdo_firebird extension not available"); ++if (!extension_loaded('sockets')) die("skip sockets extension not available"); ++?> ++--FILE-- ++<?php ++require_once "payload_server.inc"; ++ ++$address = run_server(__DIR__ . "/bug_76449.data"); ++ ++// no need to change the credentials; we're running against a fake server ++$dsn = "firebird:dbname=inet://$address/test"; ++$username = 'SYSDBA'; ++$password = 'masterkey'; ++ ++$dbh = new PDO($dsn, $username, $password, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]); ++var_dump($dbh->exec("INSERT INTO test VALUES ('hihi2', 'xxxxx')")); ++?> ++--EXPECT-- ++bool(false) +diff --git a/ext/pdo_firebird/firebird_driver.c b/ext/pdo_firebird/firebird_driver.c +index baa1b96..23bf8d8 100644 +--- a/ext/pdo_firebird/firebird_driver.c ++++ b/ext/pdo_firebird/firebird_driver.c +@@ -539,14 +539,16 @@ + } + /* }}} */ + ++#define INFO_BUF_LEN 512 ++ + /* callback to used to report database server info */ + static void firebird_info_cb(void *arg, char const *s) /* {{{ */ + { + if (arg) { + if (*(char*)arg) { /* second call */ +- strcat(arg, " "); ++ strlcat(arg, " ", INFO_BUF_LEN); + } +- strcat(arg, s); ++ strlcat(arg, s, INFO_BUF_LEN); + } + } + /* }}} */ +@@ -557,8 +559,8 @@ + pdo_firebird_db_handle *H = (pdo_firebird_db_handle *)dbh->driver_data; + + switch (attr) { +- char tmp[512]; +- ++ char tmp[INFO_BUF_LEN]; ++ + case PDO_ATTR_AUTOCOMMIT: + ZVAL_LONG(val,dbh->auto_commit); + return 1; +--- /dev/null ++++ b/ext/pdo_firebird/tests/bug_76448.data +@@ -0,0 +1 @@ ++ +\ No newline at end of file +--- /dev/null ++++ b/ext/pdo_firebird/tests/bug_76448.phpt +@@ -0,0 +1,23 @@ ++--TEST-- ++Bug #76448 (Stack buffer overflow in firebird_info_cb) ++--SKIPIF-- ++<?php ++if (!extension_loaded('pdo_firebird')) die("skip podo_firebird extension not available"); ++if (!extension_loaded('sockets')) die("skip sockets extension not available"); ++?> ++--FILE-- ++<?php ++require_once "payload_server.inc"; ++ ++$address = run_server(__DIR__ . "/bug_76448.data"); ++ ++// no need to change the credentials; we're running against a falke server ++$dsn = "firebird:dbname=inet://$address/test"; ++$username = 'SYSDBA'; ++$password = 'masterkey'; ++ ++$dbh = new PDO($dsn, $username, $password, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]); ++var_dump($dbh->getAttribute(PDO::ATTR_SERVER_INFO)); ++?> ++--EXPECT-- ++bool(false) +diff --git a/ext/pdo_firebird/firebird_driver.c b/ext/pdo_firebird/firebird_driver.c +index 23bf8d8..f8a44e7 100644 +--- a/ext/pdo_firebird/firebird_driver.c ++++ b/ext/pdo_firebird/firebird_driver.c +@@ -239,14 +239,16 @@ + /* execute the statement */ + if (isc_dsql_execute2(H->isc_status, &H->tr, &stmt, PDO_FB_SQLDA_VERSION, &in_sqlda, &out_sqlda)) { + RECORD_ERROR(dbh); +- return -1; ++ ret = -1; ++ goto free_statement; + } + + /* find out how many rows were affected */ + if (isc_dsql_sql_info(H->isc_status, &stmt, sizeof(info_count), const_cast(info_count), + sizeof(result), result)) { + RECORD_ERROR(dbh); +- return -1; ++ ret = -1; ++ goto free_statement; + } + + if (result[0] == isc_info_sql_records) { +@@ -275,6 +277,12 @@ + RECORD_ERROR(dbh); + } + ++free_statement: ++ ++ if (isc_dsql_free_statement(H->isc_status, &stmt, DSQL_drop)) { ++ RECORD_ERROR(dbh); ++ } ++ + return ret; + } + /* }}} */ +diff --git a/ext/pdo_firebird/firebird_driver.c b/ext/pdo_firebird/firebird_driver.c +index f8a44e7..c53fd31 100644 +--- a/ext/pdo_firebird/firebird_driver.c ++++ b/ext/pdo_firebird/firebird_driver.c +@@ -139,7 +139,7 @@ + HashTable *np; + + do { +- isc_stmt_handle s = NULL; ++ isc_stmt_handle s = PDO_FIREBIRD_HANDLE_INITIALIZER; + XSQLDA num_sqlda; + static char const info[] = { isc_info_sql_stmt_type }; + char result[8]; +@@ -220,7 +220,7 @@ + static long firebird_handle_doer(pdo_dbh_t *dbh, const char *sql, long sql_len TSRMLS_DC) /* {{{ */ + { + pdo_firebird_db_handle *H = (pdo_firebird_db_handle *)dbh->driver_data; +- isc_stmt_handle stmt = NULL; ++ isc_stmt_handle stmt = PDO_FIREBIRD_HANDLE_INITIALIZER; + static char const info_count[] = { isc_info_sql_records }; + char result[64]; + int ret = 0; +diff --git a/ext/pdo_firebird/firebird_statement.c b/ext/pdo_firebird/firebird_statement.c +index a87bcc1..dc64c19 100644 +--- a/ext/pdo_firebird/firebird_statement.c ++++ b/ext/pdo_firebird/firebird_statement.c +@@ -230,7 +230,7 @@ + { + pdo_firebird_stmt *S = (pdo_firebird_stmt*)stmt->driver_data; + pdo_firebird_db_handle *H = S->H; +- isc_blob_handle blobh = NULL; ++ isc_blob_handle blobh = PDO_FIREBIRD_HANDLE_INITIALIZER; + char const bl_item = isc_info_blob_total_length; + char bl_info[20]; + unsigned short i; +@@ -424,7 +424,7 @@ + { + pdo_firebird_stmt *S = (pdo_firebird_stmt*)stmt->driver_data; + pdo_firebird_db_handle *H = S->H; +- isc_blob_handle h = NULL; ++ isc_blob_handle h = PDO_FIREBIRD_HANDLE_INITIALIZER; + unsigned long put_cnt = 0, rem_cnt; + unsigned short chunk_size; + int result = 1; +diff --git a/ext/pdo_firebird/php_pdo_firebird_int.h b/ext/pdo_firebird/php_pdo_firebird_int.h +index 796f383..09cd485 100644 +--- a/ext/pdo_firebird/php_pdo_firebird_int.h ++++ b/ext/pdo_firebird/php_pdo_firebird_int.h +@@ -61,6 +61,12 @@ + #define min(a,b) ((a)<(b)?(a):(b)) + #endif + ++#if defined(_LP64) || defined(__LP64__) || defined(__arch64__) || defined(_WIN64) ++# define PDO_FIREBIRD_HANDLE_INITIALIZER 0U ++#else ++# define PDO_FIREBIRD_HANDLE_INITIALIZER NULL ++#endif ++ + typedef struct { + + /* the result of the last API call */ +diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c +index 8fa14f3..0768c48 100644 +--- a/ext/zip/php_zip.c ++++ b/ext/zip/php_zip.c +@@ -122,8 +122,8 @@ + return NULL; + } + +- if (IS_SLASH(path[0])) { +- return path + 1; ++ if (IS_ABSOLUTE_PATH(path, path_len)) { ++ return path + COPY_WHEN_ABSOLUTE(path) + 1; + } + + i = path_len; +diff --git a/ext/libxml/libxml.c b/ext/libxml/libxml.c +index d4a47ff..02453ff 100644 +--- a/ext/libxml/libxml.c ++++ b/ext/libxml/libxml.c +@@ -433,6 +433,8 @@ + void *context = NULL; + char *unescaped = NULL; + ++ TSRMLS_FETCH(); ++ + if (URI == NULL) + return(NULL); + diff --git a/fpm-numeric-uid-gid.patch b/fpm-numeric-uid-gid.patch new file mode 100644 index 000000000000..f99dbe048037 --- /dev/null +++ b/fpm-numeric-uid-gid.patch @@ -0,0 +1,52 @@ +--- a/sapi/fpm/fpm/fpm_unix.c ++++ b/sapi/fpm/fpm/fpm_unix.c +@@ -165,27 +165,35 @@ + #endif + + if (c->listen_owner && *c->listen_owner) { +- struct passwd *pwd; ++ if (strlen(c->listen_owner) == strspn(c->listen_owner, "0123456789")) { ++ wp->socket_uid = strtoul(c->listen_owner, 0, 10); ++ } else { ++ struct passwd *pwd; + +- pwd = getpwnam(c->listen_owner); +- if (!pwd) { +- zlog(ZLOG_SYSERROR, "[pool %s] cannot get uid for user '%s'", wp->config->name, c->listen_owner); +- return -1; +- } ++ pwd = getpwnam(c->listen_owner); ++ if (!pwd) { ++ zlog(ZLOG_SYSERROR, "[pool %s] cannot get uid for user '%s'", wp->config->name, c->listen_owner); ++ return -1; ++ } + +- wp->socket_uid = pwd->pw_uid; +- wp->socket_gid = pwd->pw_gid; ++ wp->socket_uid = pwd->pw_uid; ++ wp->socket_gid = pwd->pw_gid; ++ } + } + + if (c->listen_group && *c->listen_group) { +- struct group *grp; ++ if (strlen(c->listen_group) == strspn(c->listen_group, "0123456789")) { ++ wp->socket_gid = strtoul(c->listen_group, 0, 10); ++ } else { ++ struct group *grp; + +- grp = getgrnam(c->listen_group); +- if (!grp) { +- zlog(ZLOG_SYSERROR, "[pool %s] cannot get gid for group '%s'", wp->config->name, c->listen_group); +- return -1; ++ grp = getgrnam(c->listen_group); ++ if (!grp) { ++ zlog(ZLOG_SYSERROR, "[pool %s] cannot get gid for group '%s'", wp->config->name, c->listen_group); ++ return -1; ++ } ++ wp->socket_gid = grp->gr_gid; + } +- wp->socket_gid = grp->gr_gid; + } + + return 0; diff --git a/fpm-reload-sighup.patch b/fpm-reload-sighup.patch new file mode 100644 index 000000000000..09b32b73ba06 --- /dev/null +++ b/fpm-reload-sighup.patch @@ -0,0 +1,57 @@ +diff --git a/sapi/fpm/fpm/fpm_events.c b/sapi/fpm/fpm/fpm_events.c +index ce5d543..63de0a4 100644 +--- a/sapi/fpm/fpm/fpm_events.c ++++ b/sapi/fpm/fpm/fpm_events.c +@@ -113,6 +113,11 @@ + zlog(ZLOG_NOTICE, "Reloading in progress ..."); + fpm_pctl(FPM_PCTL_STATE_RELOADING, FPM_PCTL_ACTION_SET); + break; ++ case 'H' : /* SIGHUP */ ++ zlog(ZLOG_DEBUG, "received SIGHUP"); ++ zlog(ZLOG_NOTICE, "Reloading in progress ..."); ++ fpm_pctl(FPM_PCTL_STATE_RELOADING, FPM_PCTL_ACTION_SET); ++ break; + } + + if (fpm_globals.is_child) { +diff --git a/sapi/fpm/fpm/fpm_signals.c b/sapi/fpm/fpm/fpm_signals.c +index c5d0692..9fae650 100644 +--- a/sapi/fpm/fpm/fpm_signals.c ++++ b/sapi/fpm/fpm/fpm_signals.c +@@ -160,6 +160,7 @@ + [SIGINT] = 'I', + [SIGUSR1] = '1', + [SIGUSR2] = '2', ++ [SIGHUP] = 'H', + [SIGQUIT] = 'Q', + [SIGCHLD] = 'C' + }; +@@ -206,6 +207,7 @@ + 0 > sigaction(SIGINT, &act, 0) || + 0 > sigaction(SIGUSR1, &act, 0) || + 0 > sigaction(SIGUSR2, &act, 0) || ++ 0 > sigaction(SIGHUP, &act, 0) || + 0 > sigaction(SIGCHLD, &act, 0) || + 0 > sigaction(SIGQUIT, &act, 0)) { + +@@ -235,6 +237,7 @@ + 0 > sigaction(SIGINT, &act_dfl, 0) || + 0 > sigaction(SIGUSR1, &act_dfl, 0) || + 0 > sigaction(SIGUSR2, &act_dfl, 0) || ++ 0 > sigaction(SIGHUP, &act_dfl, 0) || + 0 > sigaction(SIGCHLD, &act_dfl, 0) || + 0 > sigaction(SIGQUIT, &act, 0)) { + +diff --git a/sapi/fpm/php-fpm.8.in b/sapi/fpm/php-fpm.8.in +index 794f508..b1bcf08 100644 +--- a/sapi/fpm/php-fpm.8.in ++++ b/sapi/fpm/php-fpm.8.in +@@ -150,7 +150,7 @@ + .TP + .B SIGUSR1 \fPre-open log file + .TP +-.B SIGUSR2 \fPgraceful reload of all workers + reload of fpm conf/binary ++.B SIGUSR2,SIGHUP \fPgraceful reload of all workers + reload of fpm conf/binary + .RE + .PD 1 + .P diff --git a/freetype-path.patch b/freetype-path.patch deleted file mode 100644 index e3515df4055a..000000000000 --- a/freetype-path.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/configure b/configure -index d506892..51617e8 100755 ---- a/configure -+++ b/configure -@@ -38277,7 +38277,7 @@ fi - if test "$PHP_FREETYPE_DIR" != "no"; then - - for i in $PHP_FREETYPE_DIR /usr/local /usr; do -- if test -f "$i/include/freetype2/freetype/freetype.h"; then -+ if test -f "$i/include/freetype2/freetype.h"; then - FREETYPE2_DIR=$i - FREETYPE2_INC_DIR=$i/include/freetype2 - break diff --git a/logrotate.d.php-fpm b/logrotate.d.php-fpm deleted file mode 100644 index a6dd8c21f436..000000000000 --- a/logrotate.d.php-fpm +++ /dev/null @@ -1,8 +0,0 @@ -/var/log/php53-fpm.log { - missingok - notifempty - delaycompress - postrotate - /bin/kill -SIGUSR1 `cat /run/php53-fpm/php-fpm.pid 2>/dev/null` 2>/dev/null || true - endscript -} diff --git a/make-tests.patch b/make-tests.patch new file mode 100644 index 000000000000..fe7d21ea5aab --- /dev/null +++ b/make-tests.patch @@ -0,0 +1,11 @@ +--- a/Makefile ++++ b/Makefile +@@ -213,7 +213,7 @@ + fi; \ + TEST_PHP_EXECUTABLE=$(PHP_EXECUTABLE) \ + TEST_PHP_SRCDIR=$(top_srcdir) \ +- CC="$(CC)" \ ++ REPORT_EXIT_STATUS=1 NO_INTERACTION=1 SKIP_ONLINE_TESTS=1 SKIP_SLOW_TESTS=1 CC="$(CC)" \ + $(PHP_EXECUTABLE) -n -c $(top_builddir)/tmp-php.ini $(PHP_TEST_SETTINGS) $(top_srcdir)/run-tests.php -n -c $(top_builddir)/tmp-php.ini -d extension_dir=$(top_builddir)/modules/ $(PHP_TEST_SHARED_EXTENSIONS) $(TESTS); \ + TEST_RESULT_EXIT_CODE=$$?; \ + rm $(top_builddir)/tmp-php.ini; \ diff --git a/mpm-apache.patch b/mpm-apache.patch new file mode 100644 index 000000000000..0786a6b525e4 --- /dev/null +++ b/mpm-apache.patch @@ -0,0 +1,22 @@ +--- php-5.3.29-orig/sapi/apache2filter/config.m4 ++++ php-5.3.29/sapi/apache2filter/config.m4 +@@ -118,7 +118,7 @@ + esac + + if test "$APACHE_VERSION" -lt 2004001; then +- APXS_MPM=`$APXS -q MPM_NAME` ++ APXS_MPM=prefork + if test "$APXS_MPM" != "prefork" && test "$APXS_MPM" != "peruser" && test "$APXS_MPM" != "itk"; then + PHP_BUILD_THREAD_SAFE + fi +--- php-5.3.29-orig/sapi/apache2handler/config.m4 ++++ php-5.3.29/sapi/apache2handler/config.m4 +@@ -117,7 +117,7 @@ + esac + + if test "$APACHE_VERSION" -lt 2004001; then +- APXS_MPM=`$APXS -q MPM_NAME` ++ APXS_MPM=prefork + if test "$APXS_MPM" != "prefork" && test "$APXS_MPM" != "peruser" && test "$APXS_MPM" != "itk"; then + PHP_BUILD_THREAD_SAFE + fi diff --git a/mysql-socket-php5.3.patch b/mysql-socket-php5.3.patch new file mode 100644 index 000000000000..814ec7e8b270 --- /dev/null +++ b/mysql-socket-php5.3.patch @@ -0,0 +1,22 @@ +--- a/ext/pdo_mysql/pdo_mysql.c ++++ b/ext/pdo_mysql/pdo_mysql.c +@@ -51,7 +51,7 @@ + # define PDO_MYSQL_UNIX_ADDR PHP_MYSQL_UNIX_SOCK_ADDR + # else + # if !PHP_WIN32 +-# define PDO_MYSQL_UNIX_ADDR "/tmp/mysql.sock" ++# define PDO_MYSQL_UNIX_ADDR "/run/mysqld/mysqld.sock" + # else + # define PDO_MYSQL_UNIX_ADDR NULL + # endif +--- a/ext/mysqlnd/mysqlnd.c ++++ a/ext/mysqlnd/mysqlnd.c +@@ -958,7 +958,7 @@ + if (host_len == sizeof("localhost") - 1 && !strncasecmp(host, "localhost", host_len)) { + DBG_INF_FMT("socket=%s", socket_or_pipe? socket_or_pipe:"n/a"); + if (!socket_or_pipe) { +- socket_or_pipe = "/tmp/mysql.sock"; ++ socket_or_pipe = "/run/mysqld/mysqld.sock"; + } + transport_len = mnd_sprintf(&transport, 0, "unix://%s", socket_or_pipe); + unix_socket = TRUE; diff --git a/openssl-1.0.patch b/openssl-1.0.patch new file mode 100644 index 000000000000..c88d14d0c811 --- /dev/null +++ b/openssl-1.0.patch @@ -0,0 +1,34 @@ +--- php-5.3.29-orig/acinclude.m4 ++++ php-5.3.29/acinclude.m4 +@@ -2345,11 +2345,11 @@ + fi + + for i in $PHP_OPENSSL_DIR; do +- if test -r $i/include/openssl/evp.h; then +- OPENSSL_INCDIR=$i/include ++ if test -r $i/include/openssl-1.0/openssl/evp.h; then ++ OPENSSL_INCDIR=$i/include/openssl-1.0 + fi + if test -r $i/$PHP_LIBDIR/libssl.a -o -r $i/$PHP_LIBDIR/libssl.$SHLIB_SUFFIX_NAME; then +- OPENSSL_LIBDIR=$i/$PHP_LIBDIR ++ OPENSSL_LIBDIR=$i/$PHP_LIBDIR/openssl-1.0 + fi + test -n "$OPENSSL_INCDIR" && test -n "$OPENSSL_LIBDIR" && break + done +--- php-5.3.29-orig/aclocal.m4 ++++ php-5.3.29/aclocal.m4 +@@ -2345,11 +2345,11 @@ + fi + + for i in $PHP_OPENSSL_DIR; do +- if test -r $i/include/openssl/evp.h; then +- OPENSSL_INCDIR=$i/include ++ if test -r $i/include/openssl-1.0/openssl/evp.h; then ++ OPENSSL_INCDIR=$i/include/openssl-1.0 + fi + if test -r $i/$PHP_LIBDIR/libssl.a -o -r $i/$PHP_LIBDIR/libssl.$SHLIB_SUFFIX_NAME; then +- OPENSSL_LIBDIR=$i/$PHP_LIBDIR ++ OPENSSL_LIBDIR=$i/$PHP_LIBDIR/openssl-1.0 + fi + test -n "$OPENSSL_INCDIR" && test -n "$OPENSSL_LIBDIR" && break + done diff --git a/openssl-sslv3-consts.patch b/openssl-sslv3-consts.patch new file mode 100644 index 000000000000..f8075216683b --- /dev/null +++ b/openssl-sslv3-consts.patch @@ -0,0 +1,12 @@ +--- a/ext/openssl/openssl.c ++++ b/ext/openssl/openssl.c +@@ -1482,7 +1482,9 @@ + REGISTER_LONG_CONSTANT("PKCS7_NOSIGS", PKCS7_NOSIGS, CONST_CS|CONST_PERSISTENT); + + REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_CS|CONST_PERSISTENT); ++#ifdef RSA_SSLV23_PADDING + REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_CS|CONST_PERSISTENT); ++#endif + REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT); + diff --git a/openssl-sslv3.patch b/openssl-sslv3.patch new file mode 100644 index 000000000000..38605183b3d3 --- /dev/null +++ b/openssl-sslv3.patch @@ -0,0 +1,46 @@ +--- a/ext/openssl/xp_ssl.c ++++ b/ext/openssl/xp_ssl.c +@@ -339,9 +339,14 @@ + break; + #endif + case STREAM_CRYPTO_METHOD_SSLv3_CLIENT: ++#ifdef OPENSSL_NO_SSL3 ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSLv3 support is not compiled into the OpenSSL library PHP is linked against"); ++ return -1; ++#else + sslsock->is_client = 1; + method = SSLv3_client_method(); + break; ++#endif + case STREAM_CRYPTO_METHOD_TLS_CLIENT: + sslsock->is_client = 1; + method = TLSv1_client_method(); +@@ -351,9 +356,14 @@ + method = SSLv23_server_method(); + break; + case STREAM_CRYPTO_METHOD_SSLv3_SERVER: ++#ifdef OPENSSL_NO_SSL3 ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSLv3 support is not compiled into the OpenSSL library PHP is linked against"); ++ return -1; ++#else + sslsock->is_client = 0; + method = SSLv3_server_method(); + break; ++#endif + case STREAM_CRYPTO_METHOD_SSLv2_SERVER: + #ifdef OPENSSL_NO_SSL2 + php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSLv2 support is not compiled into the OpenSSL library PHP is linked against"); +@@ -949,8 +959,13 @@ + sslsock->method = STREAM_CRYPTO_METHOD_SSLv2_CLIENT; + #endif + } else if (strncmp(proto, "sslv3", protolen) == 0) { ++#ifdef OPENSSL_NO_SSL3 ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSLv3 support is not compiled into the OpenSSL library PHP is linked against"); ++ return NULL; ++#else + sslsock->enable_on_connect = 1; + sslsock->method = STREAM_CRYPTO_METHOD_SSLv3_CLIENT; ++#endif + } else if (strncmp(proto, "tls", protolen) == 0) { + sslsock->enable_on_connect = 1; + sslsock->method = STREAM_CRYPTO_METHOD_TLS_CLIENT; diff --git a/pear-config-patcher.php b/pear-config-patcher.php new file mode 100644 index 000000000000..ac6a1254282b --- /dev/null +++ b/pear-config-patcher.php @@ -0,0 +1,42 @@ +<?php +if (!isset($argv, $argc)) { + echo "No command line args provided\n"; + exit(1); +} +if ($argc < 3) { + echo "Not all command line args provided\n"; + exit(2); +} +$targetFile = $confFile = $argv[1]; +$varPath = $argv[2]; + +$data = ''; +$file = fopen($confFile, "r"); + +if ($file !== false) { + while(!feof($file)) { + $line = fgets($file); + $serialized = @unserialize($line); + if (is_array($serialized)) { + $serialized['temp_dir'] = "{$varPath}/temp"; + $serialized['cache_dir'] = "{$varPath}/cache"; + $serialized['download_dir'] = "{$varPath}/download"; + $serialized['metadata_dir'] = "{$varPath}/metadata"; + $data .= @serialize($serialized); + $data .= "\n"; + } else { + $data .= $line; + } + } + fclose($file); + if (false !== file_put_contents($targetFile, $data)) { + echo "Written to $targetFile\n"; + } else { + echo "Failed to write to $targetFile\n"; + exit(3); + } +} else { + echo "File was not found {$confFile}\n"; + exit(4); +} +exit(0); diff --git a/php-apache.conf b/php-apache.conf new file mode 100644 index 000000000000..e74ae8d9b7a8 --- /dev/null +++ b/php-apache.conf @@ -0,0 +1,13 @@ +# Required modules: dir_module, @MODULE@ + +<IfModule dir_module> + <IfModule @MODULE@> + DirectoryIndex index.php index.html + <FilesMatch "\.php$"> + SetHandler application/x-httpd-php + </FilesMatch> + <FilesMatch "\.phps$"> + SetHandler application/x-httpd-php-source + </FilesMatch> + </IfModule> +</IfModule> diff --git a/php-apache.install b/php-apache.install deleted file mode 100644 index cda7e5bd0e4a..000000000000 --- a/php-apache.install +++ /dev/null @@ -1,11 +0,0 @@ -post_install() { - echo "You will need to add the following line after the existing LoadModule instructions in /etc/httpd/conf/httpd.conf :" - echo "LoadModule php5_module modules/libphp53.so" - echo - echo "Additionally, include this line at the end of /etc/httpd/conf/httpd.conf if you want .php files to be handled by php 5.3 :" - echo "Include conf/extra/php53_module.conf" - echo - echo "Be aware that ONLY A SINGLE PHP MODULE can be loaded into an Apache instance." - echo "If you want php 5 and php 7 to cohabitate, you'll have to use another method such as php-fpm, fcgi or cgi for the other PHP version." -} - diff --git a/php-enchant-depr.patch b/php-enchant-depr.patch new file mode 100644 index 000000000000..0e2d2c0cf676 --- /dev/null +++ b/php-enchant-depr.patch @@ -0,0 +1,38 @@ +--- php-7.2.1/ext/enchant/enchant.c.orig ++++ php-7.2.1/ext/enchant/enchant.c +@@ -741,7 +741,7 @@ + for (i = 0; i < n_sugg; i++) { + add_next_index_string(sugg, suggs[i]); + } +- enchant_dict_free_suggestions(pdict->pdict, suggs); ++ enchant_dict_free_string_list(pdict->pdict, suggs); + } + + +@@ -798,7 +798,7 @@ + add_next_index_string(return_value, suggs[i]); + } + +- enchant_dict_free_suggestions(pdict->pdict, suggs); ++ enchant_dict_free_string_list(pdict->pdict, suggs); + } + } + /* }}} */ +@@ -818,7 +818,7 @@ + + PHP_ENCHANT_GET_DICT; + +- enchant_dict_add_to_personal(pdict->pdict, word, wordlen); ++ enchant_dict_add(pdict->pdict, word, wordlen); + } + /* }}} */ + +@@ -856,7 +856,7 @@ + + PHP_ENCHANT_GET_DICT; + +- RETURN_BOOL(enchant_dict_is_in_session(pdict->pdict, word, wordlen)); ++ RETURN_BOOL(enchant_dict_is_added(pdict->pdict, word, wordlen)); + } + /* }}} */ + diff --git a/php-enchant-php5.3.patch b/php-enchant-php5.3.patch new file mode 100644 index 000000000000..b82eef7fdd91 --- /dev/null +++ b/php-enchant-php5.3.patch @@ -0,0 +1,23 @@ +--- a/ext/enchant/config.m4 ++++ b/ext/enchant/config.m4 +@@ -14,9 +14,9 @@ + ENCHANT_SEARCH_DIRS="/usr/local /usr" + fi + for i in $ENCHANT_SEARCH_DIRS; do +- if test -f $i/include/enchant/enchant.h; then ++ if test -f $i/include/enchant-2/enchant.h; then + ENCHANT_DIR=$i +- ENCHANT_INCDIR=$i/include/enchant ++ ENCHANT_INCDIR=$i/include/enchant-2 + elif test -f $i/include/enchant.h; then + ENCHANT_DIR=$i + ENCHANT_INCDIR=$i/include +@@ -31,7 +31,7 @@ + + AC_DEFINE(HAVE_ENCHANT,1,[ ]) + PHP_SUBST(ENCHANT_SHARED_LIBADD) +- PHP_ADD_LIBRARY_WITH_PATH(enchant, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD) ++ PHP_ADD_LIBRARY_WITH_PATH(enchant-2, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD) + PHP_ADD_INCLUDE($ENCHANT_INCDIR) + PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param, + [ diff --git a/php-fpm.conf.in.patch b/php-fpm.conf.in.patch deleted file mode 100644 index 349d013e69ac..000000000000 --- a/php-fpm.conf.in.patch +++ /dev/null @@ -1,52 +0,0 @@ ---- sapi/fpm/php-fpm.conf.in 2011-10-08 23:04:10.000000000 +0200 -+++ sapi/fpm/php-fpm.conf.in 2012-03-01 19:50:48.549947258 +0100 -@@ -12,7 +12,7 @@ - ; Relative path can also be used. They will be prefixed by: - ; - the global prefix if it's been set (-p argument) - ; - @prefix@ otherwise --;include=etc/fpm.d/*.conf -+;include=/etc/php53/fpm.d/*.conf - - ;;;;;;;;;;;;;;;;;; - ; Global Options ; -@@ -22,7 +22,7 @@ - ; Pid file - ; Note: the default prefix is @EXPANDED_LOCALSTATEDIR@ - ; Default Value: none --;pid = run/php-fpm.pid -+pid = run/php53-fpm/php-fpm.pid - - ; Error log file - ; If it's set to "syslog", log is sent to syslogd instead of being written -@@ -140,7 +140,8 @@ - ; specific port; - ; '/path/to/unix/socket' - to listen on a unix socket. - ; Note: This value is mandatory. --listen = 127.0.0.1:9000 -+;listen = 127.0.0.1:9001 -+listen = /run/php53-fpm/php-fpm.sock - - ; Set listen(2) backlog. - ; Default Value: 128 (-1 on FreeBSD and OpenBSD) -@@ -151,9 +152,9 @@ - ; BSD-derived systems allow connections regardless of permissions. - ; Default Values: user and group are set as the running user - ; mode is set to 0660 --;listen.owner = @php_fpm_user@ --;listen.group = @php_fpm_group@ --;listen.mode = 0660 -+listen.owner = @php_fpm_user@ -+listen.group = @php_fpm_group@ -+listen.mode = 0660 - - ; List of ipv4 addresses of FastCGI clients which are allowed to connect. - ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -@@ -442,7 +443,7 @@ - ; Chdir to this directory at the start. - ; Note: relative path can be used. - ; Default Value: current directory or / when chroot --;chdir = /var/www -+;chdir = /srv/http - - ; Redirect worker stdout and stderr into main error log. If not set, stdout and - ; stderr will be redirected to /dev/null according to FastCGI specs. diff --git a/php-fpm.install b/php-fpm.install index 539b13a9b694..90fa868cd1da 100644 --- a/php-fpm.install +++ b/php-fpm.install @@ -1,9 +1,31 @@ +pre_install() { + echo "php-fpm pre_install hook" + echo "1=$1" +} + post_install() { - if [[ ! -d run/php53-fpm ]]; then - usr/bin/systemd-tmpfiles --create php53-fpm.conf - fi + echo "php-fpm post_install hook" + echo "1=$1" +} + +pre_upgrade() { + echo "php-fpm pre_upgrade hook" + echo "1=$1" + echo "2=$2" } post_upgrade() { - post_install + echo "php-fpm post_upgrade hook" + echo "1=$1" + echo "2=$2" +} + +pre_remove() { + echo "php-fpm pre_remove hook" + echo "1=$1" +} + +post_remove() { + echo "php-fpm post_remove hook" + echo "1=$1" } diff --git a/php-fpm.service b/php-fpm.service deleted file mode 100644 index 2c31af90d9f3..000000000000 --- a/php-fpm.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=The PHP 5.3 FastCGI Process Manager -After=syslog.target network.target - -[Service] -Type=simple -PIDFile=/run/php53-fpm/php-fpm.pid -PrivateTmp=true -ExecStart=/usr/bin/php53-fpm --nodaemonize --pid /run/php53-fpm/php-fpm.pid -ExecReload=/bin/kill -USR2 $MAINPID - -[Install] -WantedBy=multi-user.target diff --git a/php-fpm.tmpfiles b/php-fpm.tmpfiles deleted file mode 100644 index 1f14f6c012ca..000000000000 --- a/php-fpm.tmpfiles +++ /dev/null @@ -1 +0,0 @@ -d /run/php53-fpm 755 root root diff --git a/php-makefile-patcher.php b/php-makefile-patcher.php new file mode 100644 index 000000000000..7a071eeba66d --- /dev/null +++ b/php-makefile-patcher.php @@ -0,0 +1,47 @@ +<?php +if (!isset($argv, $argc)) { + echo "No command line args provided\n"; + exit(1); +} +if ($argc < 2) { + echo "Not all command line args provided\n"; + exit(2); +} +$filename = $argv[1]; +$fileContent = @file_get_contents($filename); +if (!strlen($fileContent)) { + echo "No file contents of $filename\n"; + exit(3); +} +$matches = array(); +$match = preg_match("/^(?P<line>(?P<definition>PHP_MODULES[\s\t]+=[\s\t]+)(?P<expression>.*)$)/m", $fileContent, $matches); +if (!$match) { + echo "No PHP_MODULES in $filename\n"; + exit (4); +} +$expression = explode(' ', $matches['expression']); +function sortByPrio($a, $b) { + $aPrio = 999; + $bPrio = 999; + $priorities = array('/openssl/i'=> 0, '@\/xml\.@i'=>1, '@\/pdo\.@i'=>2, '@\/dom\.@i'=>3, '/mysqlnd/i'=>4); + foreach ($priorities as $regex => $prio) { + if (preg_match($regex, $a) && $prio < $aPrio) { + $aPrio = $prio; + } + if (preg_match($regex, $b) && $prio < $bPrio) { + $bPrio = $prio; + } + } + if ($aPrio == $bPrio) { + return 0; + } + return $aPrio > $bPrio ? 1: -1; +} +usort($expression, 'sortByPrio'); +$expression = $matches['definition'].join (' ', $expression)."\n"; +$fileContent = str_replace($matches['line'], $expression, $fileContent); +if (!file_put_contents($filename, $fileContent)) { + echo "Failed to write to $filename\n"; + exit(5); +} +exit(0); diff --git a/php-mysqlnd-charsets.patch b/php-mysqlnd-charsets.patch new file mode 100644 index 000000000000..e2e7bf6bc110 --- /dev/null +++ b/php-mysqlnd-charsets.patch @@ -0,0 +1,58 @@ +diff --git a/ext/mysqlnd/mysqlnd_charset.c b/ext/mysqlnd/mysqlnd_charset.c +index 5983b2d..c728452 100644 +--- a/ext/mysqlnd/mysqlnd_charset.c ++++ b/ext/mysqlnd/mysqlnd_charset.c +@@ -687,6 +687,53 @@ + { 249, "gb18030", "gb18030_bin", 1, 4, "", mysqlnd_mbcharlen_gb18030, my_ismbchar_gb18030}, + + { 254, UTF8_MB3, UTF8_MB3"_general_cs", 1, 3, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 255, UTF8_MB4, UTF8_MB4"_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 256, UTF8_MB4, UTF8_MB4"_de_pb_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 257, UTF8_MB4, UTF8_MB4"_is_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 258, UTF8_MB4, UTF8_MB4"_lv_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 259, UTF8_MB4, UTF8_MB4"_ro_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 260, UTF8_MB4, UTF8_MB4"_sl_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 261, UTF8_MB4, UTF8_MB4"_pl_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 262, UTF8_MB4, UTF8_MB4"_et_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 263, UTF8_MB4, UTF8_MB4"_es_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 264, UTF8_MB4, UTF8_MB4"_sv_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 265, UTF8_MB4, UTF8_MB4"_tr_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 266, UTF8_MB4, UTF8_MB4"_cs_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 267, UTF8_MB4, UTF8_MB4"_da_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 268, UTF8_MB4, UTF8_MB4"_lt_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 269, UTF8_MB4, UTF8_MB4"_sk_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 270, UTF8_MB4, UTF8_MB4"_es_trad_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 271, UTF8_MB4, UTF8_MB4"_la_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 272, UTF8_MB4, UTF8_MB4"_fa_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 273, UTF8_MB4, UTF8_MB4"_eo_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 274, UTF8_MB4, UTF8_MB4"_hu_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 275, UTF8_MB4, UTF8_MB4"_hr_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 276, UTF8_MB4, UTF8_MB4"_si_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 277, UTF8_MB4, UTF8_MB4"_vi_0900_ai_ci", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 278, UTF8_MB4, UTF8_MB4"_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 279, UTF8_MB4, UTF8_MB4"_de_pb_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 280, UTF8_MB4, UTF8_MB4"_is_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 281, UTF8_MB4, UTF8_MB4"_lv_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 282, UTF8_MB4, UTF8_MB4"_ro_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 283, UTF8_MB4, UTF8_MB4"_sl_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 284, UTF8_MB4, UTF8_MB4"_pl_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 285, UTF8_MB4, UTF8_MB4"_et_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 286, UTF8_MB4, UTF8_MB4"_es_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 287, UTF8_MB4, UTF8_MB4"_sv_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 288, UTF8_MB4, UTF8_MB4"_tr_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 289, UTF8_MB4, UTF8_MB4"_cs_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 290, UTF8_MB4, UTF8_MB4"_da_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 291, UTF8_MB4, UTF8_MB4"_lt_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 292, UTF8_MB4, UTF8_MB4"_sk_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 293, UTF8_MB4, UTF8_MB4"_es_trad_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 294, UTF8_MB4, UTF8_MB4"_la_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 295, UTF8_MB4, UTF8_MB4"_fa_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 296, UTF8_MB4, UTF8_MB4"_eo_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 297, UTF8_MB4, UTF8_MB4"_hu_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 298, UTF8_MB4, UTF8_MB4"_hr_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 299, UTF8_MB4, UTF8_MB4"_si_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 300, UTF8_MB4, UTF8_MB4"_vi_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, ++ { 303, UTF8_MB4, UTF8_MB4"_ja_0900_as_cs", 1, 4, "", mysqlnd_mbcharlen_utf8, check_mb_utf8_valid}, + { 0, NULL, NULL, 0, 0, NULL, NULL, NULL} + }; + /* }}} */ diff --git a/php-mysqlnd.patch b/php-mysqlnd.patch new file mode 100644 index 000000000000..88c4f76de662 --- /dev/null +++ b/php-mysqlnd.patch @@ -0,0 +1,22 @@ +--- a/ext/mysqlnd/mysqlnd_ps_codec.c ++++ b/ext/mysqlnd/mysqlnd_ps_codec.c +@@ -911,7 +911,7 @@ + zend_uchar *p = stmt->execute_cmd_buffer.buffer, + *cmd_buffer = stmt->execute_cmd_buffer.buffer; + size_t cmd_buffer_length = stmt->execute_cmd_buffer.length; +- enum_func_status ret; ++ enum_func_status ret = PASS; + + DBG_ENTER("mysqlnd_stmt_execute_generate_request"); + +@@ -928,7 +928,9 @@ + int1store(p, 1); /* and send 1 for iteration count */ + p+= 4; + +- ret = mysqlnd_stmt_execute_store_params(s, &cmd_buffer, &p, &cmd_buffer_length TSRMLS_CC); ++ if (stmt->param_count != 0) { ++ ret = mysqlnd_stmt_execute_store_params(s, &cmd_buffer, &p, &cmd_buffer_length TSRMLS_CC); ++ } + + *free_buffer = (cmd_buffer != stmt->execute_cmd_buffer.buffer); + *request_len = (p - cmd_buffer); diff --git a/php-phpinfo.patch b/php-phpinfo.patch new file mode 100644 index 000000000000..72d0beaea4bd --- /dev/null +++ b/php-phpinfo.patch @@ -0,0 +1,22 @@ +--- a/ext/standard/info.c ++++ b/ext/standard/info.c +@@ -810,9 +810,6 @@ PHPAPI ZEND_COLD void php_print_info(int flag) + #ifdef ARCHITECTURE + php_info_print_table_row(2, "Architecture", ARCHITECTURE); + #endif +-#ifdef CONFIGURE_COMMAND +- php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND ); +-#endif + + if (sapi_module.pretty_name) { + php_info_print_table_row(2, "Server API", sapi_module.pretty_name ); +--- a/ext/standard/tests/general_functions/phpinfo.phpt ++++ b/ext/standard/tests/general_functions/phpinfo.phpt +@@ -20,7 +20,6 @@ PHP Version => %s + + System => %s + Build Date => %s%a +-Configure Command => %s + Server API => Command Line Interface + Virtual Directory Support => %s + Configuration File (php.ini) Path => %s diff --git a/php-tests.patch b/php-tests.patch new file mode 100644 index 000000000000..6f01e6d0f4db --- /dev/null +++ b/php-tests.patch @@ -0,0 +1,11 @@ +--- a/run-tests.php ++++ b/run-tests.php +@@ -813,7 +813,7 @@ + + junit_save_xml(); + +- if (getenv('REPORT_EXIT_STATUS') == 1 and preg_match('/FAILED(?: |$)/', implode(' ', $test_results))) { ++ if (getenv('REPORT_EXIT_STATUS') == 1 and $sum_results['FAILED']) { + exit(1); + } + diff --git a/php.ini.patch b/php.ini.patch deleted file mode 100644 index 67e8b00c1049..000000000000 --- a/php.ini.patch +++ /dev/null @@ -1,125 +0,0 @@ ---- php.ini-production 2012-03-29 06:17:59.000000000 +0200 -+++ php.ini-production 2012-03-30 10:46:21.181340861 +0200 -@@ -305,7 +305,7 @@ - ; or per-virtualhost web server configuration file. This directive is - ; *NOT* affected by whether Safe Mode is turned On or Off. - ; http://php.net/open-basedir --;open_basedir = -+open_basedir = /srv/http/:/home/:/tmp/:/usr/share/php53/pear/:/usr/share/webapps/ - - ; This directive allows you to disable certain functions for security reasons. - ; It receives a comma-delimited list of function names. This directive is -@@ -702,7 +702,7 @@ - ;;;;;;;;;;;;;;;;;;;;;;;;; - - ; UNIX: "/path1:/path2" --;include_path = ".:/php/includes" -+include_path = ".:/usr/share/php53/pear" - ; - ; Windows: "\path1;\path2" - ;include_path = ".;c:\php\includes" -@@ -725,7 +725,7 @@ - - ; Directory in which the loadable extensions (modules) reside. - ; http://php.net/extension-dir --; extension_dir = "./" -+extension_dir = "/usr/lib/php53/modules/" - ; On windows: - ; extension_dir = "ext" - -@@ -859,53 +859,48 @@ - ; If you only provide the name of the extension, PHP will look for it in its - ; default extension directory. - ; --; Windows Extensions --; Note that ODBC support is built in, so no dll is needed for it. --; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) --; extension folders as well as the separate PECL DLL download (PHP 5). --; Be sure to appropriately set the extension_dir directive. --; --;extension=php_bz2.dll --;extension=php_curl.dll --;extension=php_fileinfo.dll --;extension=php_gd2.dll --;extension=php_gettext.dll --;extension=php_gmp.dll --;extension=php_intl.dll --;extension=php_imap.dll --;extension=php_interbase.dll --;extension=php_ldap.dll --;extension=php_mbstring.dll --;extension=php_exif.dll ; Must be after mbstring as it depends on it --;extension=php_mysql.dll --;extension=php_mysqli.dll --;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client --;extension=php_oci8_11g.dll ; Use with Oracle 11gR2 Instant Client --;extension=php_openssl.dll --;extension=php_pdo_firebird.dll --;extension=php_pdo_mssql.dll --;extension=php_pdo_mysql.dll --;extension=php_pdo_oci.dll --;extension=php_pdo_odbc.dll --;extension=php_pdo_pgsql.dll --;extension=php_pdo_sqlite.dll --;extension=php_pgsql.dll --;extension=php_pspell.dll --;extension=php_shmop.dll -- --; The MIBS data available in the PHP distribution must be installed. --; See http://www.php.net/manual/en/snmp.installation.php --;extension=php_snmp.dll -- --;extension=php_soap.dll --;extension=php_sockets.dll --;extension=php_sqlite.dll --;extension=php_sqlite3.dll --;extension=php_sybase_ct.dll --;extension=php_tidy.dll --;extension=php_xmlrpc.dll --;extension=php_xsl.dll --;extension=php_zip.dll -+;extension=bcmath.so -+;extension=bz2.so -+;extension=calendar.so -+extension=curl.so -+;extension=dba.so -+;extension=enchant.so -+;extension=exif.so -+;extension=ftp.so -+;extension=gd.so -+;extension=gettext.so -+;extension=gmp.so -+extension=json.so -+;extension=iconv.so -+;extension=imap.so -+;extension=intl.so -+;extension=ldap.so -+;extension=mcrypt.so -+;extension=mssql.so -+;extension=mysqli.so -+;extension=mysql.so -+;extension=odbc.so -+;extension=openssl.so -+;extension=pdo_mysql.so -+;extension=pdo_odbc.so -+;extension=pdo_pgsql.so -+;extension=pdo_sqlite.so -+;extension=pgsql.so -+;extension=phar.so -+;extension=posix.so -+;extension=pspell.so -+;extension=shmop.so -+;extension=snmp.so -+;extension=soap.so -+;extension=sockets.so -+;extension=sqlite3.so -+;extension=sysvmsg.so -+;extension=sysvsem.so -+;extension=sysvshm.so -+;extension=tidy.so -+;extension=xmlrpc.so -+;extension=xsl.so -+;extension=zip.so - - ;;;;;;;;;;;;;;;;;;; - ; Module Settings ; diff --git a/php53-phar-names.patch b/php53-phar-names.patch new file mode 100644 index 000000000000..42999c9291d0 --- /dev/null +++ b/php53-phar-names.patch @@ -0,0 +1,12 @@ +--- php-5.3.29-orig/ext/phar/Makefile.frag ++++ php-5.3.29/ext/phar/Makefile.frag +@@ -37,6 +37,6 @@ + + install-pharcmd: pharcmd + -@$(mkinstalldirs) $(INSTALL_ROOT)$(bindir) +- $(INSTALL) $(builddir)/phar.phar $(INSTALL_ROOT)$(bindir) +- -@rm -f $(INSTALL_ROOT)$(bindir)/phar +- $(LN_S) -f $(bindir)/phar.phar $(INSTALL_ROOT)$(bindir)/phar ++ $(INSTALL) $(builddir)/phar.phar $(INSTALL_ROOT)$(bindir)/$(program_prefix)phar$(program_suffix).phar ++ -@rm -f $(INSTALL_ROOT)$(bindir)/$(program_prefix)phar$(program_suffix) ++ $(LN_S) -f $(program_prefix)phar$(program_suffix).phar $(INSTALL_ROOT)$(bindir)/$(program_prefix)phar$(program_suffix) diff --git a/recode-php5.3.patch b/recode-php5.3.patch new file mode 100644 index 000000000000..f7fa0105b78d --- /dev/null +++ b/recode-php5.3.patch @@ -0,0 +1,10 @@ +--- a/ext/recode/config9.m4 ++++ b/ext/recode/config9.m4 +@@ -13,6 +13,6 @@ + fi + + if test -n "$recode_conflict"; then +- AC_MSG_ERROR([recode extension can not be configured together with:$recode_conflict]) ++ AC_MSG_WARN([recode extension can not be configured together with:$recode_conflict]) + fi + fi diff --git a/suhosin.patch b/suhosin.patch deleted file mode 100644 index 0f7a1114d568..000000000000 --- a/suhosin.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- suhosin-patch-5.3.9-0.9.10.patch 2012-04-01 11:55:46.699676255 +0200 -+++ suhosin-patch-5.3.9-0.9.10.patch 2012-04-01 11:56:19.322146479 +0200 -@@ -4515,8 +4515,8 @@ - +#define SUHOSIN_PATCH 1 - +EOF - -- echo $ac_n "checking for declared timezone""... $ac_c" 1>&6 -- echo "configure:19377: checking for declared timezone" >&5 -+ echo "$as_me:$LINENO: checking for declared timezone" >&5 -+ echo $ECHO_N "checking for declared timezone... $ECHO_C" >&6 - @@ -115830,7 +115833,7 @@ - php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \ - strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \ |