diff --git a/20-ffi.ini b/20-ffi.ini new file mode 100644 index 0000000000000000000000000000000000000000..0bce40d5d767b37a5288a2f4a563ededbe9ba3a8 --- /dev/null +++ b/20-ffi.ini @@ -0,0 +1,13 @@ +; Enable ffi extension module +extension=ffi + +; FFI API restriction. Possibe values: +; "preload" - enabled in CLI scripts and preloaded files (default) +; "false" - always disabled +; "true" - always enabled +;ffi.enable=preload + +; List of headers files to preload, wildcard patterns allowed. +; /usr/share/php/preload used by for RPM packages +; /usr/local/share/php/preload may be used for local files +ffi.preload=/usr/share/php/preload/*.h:/usr/local/share/php/preload/*.h diff --git a/CVE-2018-19518.patch b/CVE-2018-19518.patch deleted file mode 100644 index 1737830bf07bde2c2d0ea290992eaf3dc4be78aa..0000000000000000000000000000000000000000 --- a/CVE-2018-19518.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 336d2086a9189006909ae06c7e95902d7d5ff77e Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sun, 18 Nov 2018 17:10:43 -0800 -Subject: [PATCH] Disable rsh/ssh functionality in imap by default (bug #77153) - ---- - NEWS | 4 ++++ - UPGRADING | 7 +++++++ - ext/imap/php_imap.c | 17 +++++++++++++++++ - ext/imap/php_imap.h | 1 + - ext/imap/tests/bug77153.phpt | 24 ++++++++++++++++++++++++ - 5 files changed, 53 insertions(+) - create mode 100644 ext/imap/tests/bug77153.phpt - -index ec2d8f46ed..52968a3857 100644 - -diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c -index e1adcf2264..42e7d8611c 100644 ---- a/ext/imap/php_imap.c -+++ b/ext/imap/php_imap.c -@@ -562,6 +562,15 @@ static const zend_module_dep imap_deps[] = { - }; - /* }}} */ - -+ -+/* {{{ PHP_INI -+ */ -+PHP_INI_BEGIN() -+STD_PHP_INI_BOOLEAN("imap.enable_insecure_rsh", "0", PHP_INI_SYSTEM, OnUpdateBool, enable_rsh, zend_imap_globals, imap_globals) -+PHP_INI_END() -+/* }}} */ -+ -+ - /* {{{ imap_module_entry - */ - zend_module_entry imap_module_entry = { -@@ -832,6 +841,8 @@ PHP_MINIT_FUNCTION(imap) - { - unsigned long sa_all = SA_MESSAGES | SA_RECENT | SA_UNSEEN | SA_UIDNEXT | SA_UIDVALIDITY; - -+ REGISTER_INI_ENTRIES(); -+ - #ifndef PHP_WIN32 - mail_link(&unixdriver); /* link in the unix driver */ - mail_link(&mhdriver); /* link in the mh driver */ -@@ -1049,6 +1060,12 @@ PHP_MINIT_FUNCTION(imap) - GC_TEXTS texts - */ - -+ if (!IMAPG(enable_rsh)) { -+ /* disable SSH and RSH, see https://bugs.php.net/bug.php?id=77153 */ -+ mail_parameters (NIL, SET_RSHTIMEOUT, 0); -+ mail_parameters (NIL, SET_SSHTIMEOUT, 0); -+ } -+ - le_imap = zend_register_list_destructors_ex(mail_close_it, NULL, "imap", module_number); - return SUCCESS; - } -diff --git a/ext/imap/php_imap.h b/ext/imap/php_imap.h -index 7691d1fdd7..556163ed2d 100644 ---- a/ext/imap/php_imap.h -+++ b/ext/imap/php_imap.h -@@ -231,6 +231,7 @@ ZEND_BEGIN_MODULE_GLOBALS(imap) - #endif - /* php_stream for php_mail_gets() */ - php_stream *gets_stream; -+ zend_bool enable_rsh; - ZEND_END_MODULE_GLOBALS(imap) - - #ifdef ZTS -diff --git a/ext/imap/tests/bug77153.phpt b/ext/imap/tests/bug77153.phpt -new file mode 100644 -index 0000000000..63590aee1d ---- /dev/null -+++ b/ext/imap/tests/bug77153.phpt -@@ -0,0 +1,24 @@ -+--TEST-- -+Bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter) -+--SKIPIF-- -+ -+--FILE-- -+ " . __DIR__ . '/__bug'; -+$payloadb64 = base64_encode($payload); -+$server = "x -oProxyCommand=echo\t$payloadb64|base64\t-d|sh}"; -+@imap_open('{'.$server.':143/imap}INBOX', '', ''); -+// clean -+imap_errors(); -+var_dump(file_exists(__DIR__ . '/__bug')); -+?> -+--EXPECT-- -+bool(false) -+--CLEAN-- -+ -\ No newline at end of file --- -2.11.0 diff --git a/CVE-2018-19935.patch b/CVE-2018-19935.patch deleted file mode 100644 index 14d72fcbfa4c62a075eeda25467ab5347a40f323..0000000000000000000000000000000000000000 --- a/CVE-2018-19935.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 3329e30a0c631753980757045ddfcc7b356a34a2 Mon Sep 17 00:00:00 2001 -Date: Wed, 4 Dec 2019 17:50:56 +0800 -Subject: Fix #77020: null pointer dereference in imap_mail - -If an empty $message is passed to imap_mail(), we must not set message -to NULL, since _php_imap_mail() is not supposed to handle NULL pointers -(opposed to pointers to NUL). - ---- - ext/imap/php_imap.c | 1 - - ext/imap/tests/bug77020.phpt | 15 +++++++++++++++ - 2 files changed, 15 insertions(+), 1 deletion(-) - create mode 100644 php-7.2.10/ext/imap/tests/bug77020.phpt - -diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c -index e1adcf22..56126a0c 100644 ---- a/ext/imap/php_imap.c -+++ b/ext/imap/php_imap.c -@@ -4106,7 +4106,6 @@ PHP_FUNCTION(imap_mail) - if (!ZSTR_LEN(message)) { - /* this is not really an error, so it is allowed. */ - php_error_docref(NULL, E_WARNING, "No message string in mail command"); -- message = NULL; - } - - if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message), headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL, -diff --git a/ext/imap/tests/bug77020.phpt b/ext/imap/tests/bug77020.phpt -new file mode 100644 -index 00000000..76386a09 ---- /dev/null -+++ b/ext/imap/tests/bug77020.phpt -@@ -0,0 +1,15 @@ -+ --TEST-- -+Bug #77020 (null pointer dereference in imap_mail) -+--SKIPIF-- -+ -+--FILE-- -+ -+===DONE=== -+--EXPECTF-- -+Warning: imap_mail(): No message string in mail command in %s on line %d -+%s -+===DONE=== --- -2.19.1 - diff --git a/CVE-2019-11034.patch b/CVE-2019-11034.patch deleted file mode 100644 index 8bf5c9dea0bb647e8c36074e1ab1167911fc0852..0000000000000000000000000000000000000000 --- a/CVE-2019-11034.patch +++ /dev/null @@ -1,55 +0,0 @@ -From f3aefc6d071b807ddacae0a0bc49f09c38e18490 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sun, 17 Mar 2019 22:54:46 -0700 -Subject: [PATCH] Fix bug #77753 - Heap-buffer-overflow in php_ifd_get32s - ---- - ext/exif/exif.c | 4 ++++ - ext/exif/tests/bug77753.phpt | 16 ++++++++++++++++ - ext/exif/tests/bug77753.tiff | Bin 0 -> 873 bytes - 3 files changed, 20 insertions(+) - create mode 100644 ext/exif/tests/bug77753.phpt - create mode 100644 ext/exif/tests/bug77753.tiff - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index fe89b85..0b5bb5a 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -2802,6 +2802,10 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu - exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 2 + 0x%04X*12 = 0x%04X > 0x%04X", NumDirEntries, 2+NumDirEntries*12, value_len); - return FALSE; - } -+ if ((dir_start - value_ptr) > value_len - (2+NumDirEntries*12)) { -+ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 0x%04X > 0x%04X", (dir_start - value_ptr) + (2+NumDirEntries*12), value_len); -+ return FALSE; -+ } - - for (de=0;de -+--FILE-- -+ -+DONE -+--EXPECTF-- -+%A -+Warning: exif_read_data(bug77753.tiff): Illegal IFD size: 0x006A > 0x0065 in %sbug77753.php on line %d -+ -+Warning: exif_read_data(bug77753.tiff): Invalid TIFF file in %sbug77753.php on line %d -+bool(false) -+DONE -\ No newline at end of file - --- -2.1.4 - diff --git a/CVE-2019-11035.patch b/CVE-2019-11035.patch deleted file mode 100644 index cdd334f0f67ba414239f4fc901d2d9125967019f..0000000000000000000000000000000000000000 --- a/CVE-2019-11035.patch +++ /dev/null @@ -1,185 +0,0 @@ -From 887a7b571407f7a49a5e7cf1e612d21ef83fedb4 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Tue, 2 Apr 2019 00:12:26 -0700 -Subject: [PATCH] Fixed bug #77831 - Heap-buffer-overflow in exif_iif_add_value - in EXIF - ---- - NEWS | 1 + - ext/exif/exif.c | 43 ++++++++++++++++++++++++++++--------------- - ext/exif/tests/bug77831.phpt | 13 +++++++++++++ - ext/exif/tests/bug77831.tiff | Bin 0 -> 49 bytes - 4 files changed, 42 insertions(+), 15 deletions(-) - create mode 100644 ext/exif/tests/bug77831.phpt - create mode 100644 ext/exif/tests/bug77831.tiff - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index 0b5bb5a..408bf03 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -1654,10 +1654,10 @@ static int exif_file_sections_free(image_info_type *ImageInfo) - /* {{{ exif_iif_add_value - Add a value to image_info - */ --static void exif_iif_add_value(image_info_type *image_info, int section_index, char *name, int tag, int format, int length, void* value, int motorola_intel) -+static void exif_iif_add_value(image_info_type *image_info, int section_index, char *name, int tag, int format, int length, void* value, size_t value_len, int motorola_intel) - { - size_t idex; -- void *vptr; -+ void *vptr, *vptr_end; - image_info_value *info_value; - image_info_data *info_data; - image_info_data *list; -@@ -1679,8 +1679,12 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c - - switch (format) { - case TAG_FMT_STRING: -+ if (length > value_len) { -+ exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length, value_len); -+ value = NULL; -+ } - if (value) { -- length = php_strnlen(value, length); -+ length = (int)php_strnlen(value, length); - info_value->s = estrndup(value, length); - info_data->length = length; - } else { -@@ -1702,6 +1706,10 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c - if (!length) - break; - case TAG_FMT_UNDEFINED: -+ if (length > value_len) { -+ exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length, value_len); -+ value = NULL; -+ } - if (value) { - if (tag == TAG_MAKER_NOTE) { - length = (int) php_strnlen(value, length); -@@ -1732,7 +1740,12 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c - } else { - info_value = &info_data->value; - } -+ vptr_end = value+value_len; - for (idex=0,vptr=value; idex<(size_t)length; idex++,vptr=(char *) vptr + php_tiff_bytes_per_format[format]) { -+ if (vptr_end - vptr < php_tiff_bytes_per_format[format]) { -+ exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "Value too short"); -+ break; -+ } - if (length>1) { - info_value = &info_data->value.list[idex]; - } -@@ -1768,7 +1781,7 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c - php_error_docref(NULL, E_WARNING, "Found value of type single"); - #endif - info_value->f = *(float *)value; -- -+ break; - case TAG_FMT_DOUBLE: - #ifdef EXIF_DEBUG - php_error_docref(NULL, E_WARNING, "Found value of type double"); -@@ -1786,9 +1799,9 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c - /* {{{ exif_iif_add_tag - Add a tag from IFD to image_info - */ --static void exif_iif_add_tag(image_info_type *image_info, int section_index, char *name, int tag, int format, size_t length, void* value) -+static void exif_iif_add_tag(image_info_type *image_info, int section_index, char *name, int tag, int format, size_t length, void* value, size_t value_len) - { -- exif_iif_add_value(image_info, section_index, name, tag, format, (int)length, value, image_info->motorola_intel); -+ exif_iif_add_value(image_info, section_index, name, tag, format, (int)length, value, value_len, image_info->motorola_intel); - } - /* }}} */ - -@@ -2209,7 +2222,7 @@ static void add_assoc_image_info(zval *value, int sub_array, image_info_type *im - */ - static void exif_process_COM (image_info_type *image_info, char *value, size_t length) - { -- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2); -+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2, length-2); - } - /* }}} */ - -@@ -2224,17 +2237,17 @@ static void exif_process_CME (image_info_type *image_info, char *value, size_t l - if (length>3) { - switch(value[2]) { - case 0: -- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value); -+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value), length; - break; - case 1: -- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value); -+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value, length); - break; - default: - php_error_docref(NULL, E_NOTICE, "Undefined JPEG2000 comment encoding"); - break; - } - } else { -- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL); -+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL, 0); - php_error_docref(NULL, E_NOTICE, "JPEG2000 comment section too small"); - } - } -@@ -2827,7 +2840,7 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu - static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, char *offset_base, size_t IFDlength, size_t displacement, int section_index, int ReadNextIFD, tag_table_type tag_table) - { - size_t length; -- int tag, format, components; -+ unsigned int tag, format, components; - char *value_ptr, tagname[64], cbuf[32], *outside=NULL; - size_t byte_count, offset_val, fpos, fgot; - int64_t byte_count_signed; -@@ -3138,7 +3151,7 @@ static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, cha - } - } - } -- exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag, tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr); -+ exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag, tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr, byte_count); - EFREE_IF(outside); - return TRUE; - } -@@ -3296,10 +3309,10 @@ static void exif_process_APP12(image_info_type *ImageInfo, char *buffer, size_t - size_t l1, l2=0; - - if ((l1 = php_strnlen(buffer+2, length-2)) > 0) { -- exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE, TAG_FMT_STRING, l1, buffer+2); -+ exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE, TAG_FMT_STRING, l1, buffer+2, l1); - if (length > 2+l1+1) { - l2 = php_strnlen(buffer+2+l1+1, length-2-l1-1); -- exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info", TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1); -+ exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info", TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1, l2); - } - } - #ifdef EXIF_DEBUG -@@ -4100,7 +4113,7 @@ PHP_FUNCTION(exif_read_data) - if (ImageInfo.Thumbnail.size) { - if (read_thumbnail) { - /* not exif_iif_add_str : this is a buffer */ -- exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL, "THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size, ImageInfo.Thumbnail.data); -+ exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL, "THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size, ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size); - } - if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) { - /* try to evaluate if thumbnail data is present */ -diff --git a/ext/exif/tests/bug77831.phpt b/ext/exif/tests/bug77831.phpt -new file mode 100644 -index 0000000..d868d47 ---- /dev/null -+++ b/ext/exif/tests/bug77831.phpt -@@ -0,0 +1,13 @@ -+--TEST-- -+Bug #77831 (Heap-buffer-overflow in exif_iif_add_value in EXIF) -+--SKIPIF-- -+ -+--FILE-- -+ -+DONE -+--EXPECTF-- -+%A -+bool(false) -+DONE -\ No newline at end of file - --- -2.1.4 - diff --git a/CVE-2019-11036.patch b/CVE-2019-11036.patch deleted file mode 100644 index 34861d738e688ce6957d1d62cea673e90a810740..0000000000000000000000000000000000000000 --- a/CVE-2019-11036.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f80ad18afae2230c2c1802c7d829100af646874e Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Mon, 29 Apr 2019 23:38:12 -0700 -Subject: [PATCH] Fix bug #77950 - Heap-buffer-overflow in _estrndup via - exif_process_IFD_TAG - -I do not completely understand what is going on there, but I am pretty -sure dir_entry <= offset_base if not a normal situation, so we better not -to rely on such dir_entry. ---- - ext/exif/exif.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index a763f6c..d174def 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -2891,7 +2891,7 @@ static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, cha - offset_base is ImageInfo->file.list[sn].data-dir_offset - dir_entry - offset_base is dir_offset+2+i*12 - */ -- if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base)) { -+ if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base) || dir_entry <= offset_base) { - /* It is important to check for IMAGE_FILETYPE_TIFF - * JPEG does not use absolute pointers instead its pointers are - * relative to the start of the TIFF header in APP1 section. */ - diff --git a/CVE-2019-11041.patch b/CVE-2019-11041.patch deleted file mode 100644 index 4158d7b5d970c2d3ae22a859297df8a74a965c32..0000000000000000000000000000000000000000 --- a/CVE-2019-11041.patch +++ /dev/null @@ -1,45 +0,0 @@ -From dea2989ab8ba87a6180af497b2efaf0527e985c5 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sun, 7 Jul 2019 17:01:01 -0700 -Subject: [PATCH] Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail) - ---- - ext/exif/exif.c | 2 +- - ext/exif/tests/bug78222.phpt | 11 +++++++++++ - 2 files changed, 12 insertions(+), 1 deletion(-) - create mode 100644 ext/exif/tests/bug78222.phpt - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index 605b37923f..cd7975a9f5 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3498,7 +3498,7 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo) - size_t length=2, pos=0; - jpeg_sof_info sof_info; - -- if (!data) { -+ if (!data || ImageInfo->Thumbnail.size < 4) { - return FALSE; /* nothing to do here */ - } - if (memcmp(data, "\xFF\xD8\xFF", 3)) { -diff --git a/ext/exif/tests/bug78222.phpt b/ext/exif/tests/bug78222.phpt -new file mode 100644 -index 0000000000..0e4ead33e4 ---- /dev/null -+++ b/ext/exif/tests/bug78222.phpt -@@ -0,0 +1,11 @@ -+--TEST-- -+Bug #78222 (heap-buffer-overflow on exif_scan_thumbnail) -+--SKIPIF-- -+ -+--FILE-- -+ -+DONE -+--EXPECTF-- -+DONE -\ No newline at end of file --- -2.21.0 - diff --git a/CVE-2019-11042.patch b/CVE-2019-11042.patch deleted file mode 100644 index 3d217e535ce589e2c77d3109e7032bdb1deaa5ac..0000000000000000000000000000000000000000 --- a/CVE-2019-11042.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 99b7ef940e04cd273d03c5fa93bf182db2d7ce8d Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sun, 7 Jul 2019 17:39:59 -0700 -Subject: [PATCH] Fix bug #78256 (heap-buffer-overflow on - exif_process_user_comment) - ---- - ext/exif/exif.c | 4 ++-- - ext/exif/tests/bug78256.phpt | 11 +++++++++++ - 2 files changed, 13 insertions(+), 2 deletions(-) - create mode 100644 ext/exif/tests/bug78256.phpt - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index 77a11300..a80f2c2a 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3040,11 +3040,11 @@ static int exif_process_user_comment(image_info_type *ImageInfo, char **pszInfoP - /* First try to detect BOM: ZERO WIDTH NOBREAK SPACE (FEFF 16) - * since we have no encoding support for the BOM yet we skip that. - */ -- if (!memcmp(szValuePtr, "\xFE\xFF", 2)) { -+ if (ByteCount >=2 && !memcmp(szValuePtr, "\xFE\xFF", 2)) { - decode = "UCS-2BE"; - szValuePtr = szValuePtr+2; - ByteCount -= 2; -- } else if (!memcmp(szValuePtr, "\xFF\xFE", 2)) { -+ } else if (ByteCount >=2 && !memcmp(szValuePtr, "\xFF\xFE", 2)) { - decode = "UCS-2LE"; - szValuePtr = szValuePtr+2; - ByteCount -= 2; -diff --git a/ext/exif/tests/bug78256.phpt b/ext/exif/tests/bug78256.phpt -new file mode 100644 -index 00000000..37a3f1d8 ---- /dev/null -+++ b/ext/exif/tests/bug78256.phpt -@@ -0,0 +1,11 @@ -+--TEST-- -+Bug #78256 (heap-buffer-overflow on exif_process_user_comment) -+--SKIPIF-- -+ -+--FILE-- -+ -+DONE -+--EXPECTF-- -+DONE -\ No newline at end of file --- -2.21.0 - diff --git a/CVE-2019-11043.patch b/CVE-2019-11043.patch deleted file mode 100644 index 89e3b10b27c6f7d1f80bc106c7228dc958928697..0000000000000000000000000000000000000000 --- a/CVE-2019-11043.patch +++ /dev/null @@ -1,131 +0,0 @@ -From ab061f95ca966731b1c84cf5b7b20155c0a1c06a Mon Sep 17 00:00:00 2001 -From: Jakub Zelenka -Date: Sat, 12 Oct 2019 15:56:16 +0100 -Subject: [PATCH] Fix bug #78599 (env_path_info underflow can lead to RCE) - (CVE-2019-11043) - ---- - sapi/fpm/fpm/fpm_main.c | 4 +- - .../tests/bug78599-path-info-underflow.phpt | 61 +++++++++++++++++++ - sapi/fpm/tests/tester.inc | 11 +++- - 3 files changed, 72 insertions(+), 4 deletions(-) - create mode 100644 sapi/fpm/tests/bug78599-path-info-underflow.phpt - -diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c -index 24a7e5d56ac6..50f92981f1fb 100644 ---- a/sapi/fpm/fpm/fpm_main.c -+++ b/sapi/fpm/fpm/fpm_main.c -@@ -1209,8 +1209,8 @@ static void init_request_info(void) - path_info = script_path_translated + ptlen; - tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0)); - } else { -- path_info = env_path_info ? env_path_info + pilen - slen : NULL; -- tflag = (orig_path_info != path_info); -+ path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL; -+ tflag = path_info && (orig_path_info != path_info); - } - - if (tflag) { -diff --git a/sapi/fpm/tests/bug78599-path-info-underflow.phpt b/sapi/fpm/tests/bug78599-path-info-underflow.phpt -new file mode 100644 -index 000000000000..edd4e0d49699 ---- /dev/null -+++ b/sapi/fpm/tests/bug78599-path-info-underflow.phpt -@@ -0,0 +1,61 @@ -+--TEST-- -+FPM: bug78599 - env_path_info underflow - CVE-2019-11043 -+--SKIPIF-- -+ -+--FILE-- -+start(); -+$tester->expectLogStartNotices(); -+$uri = $tester->makeSourceFile(); -+$tester -+ ->request( -+ '', -+ [ -+ 'SCRIPT_FILENAME' => $uri . "/" . str_repeat('A', 35), -+ 'PATH_INFO' => '', -+ 'HTTP_HUI' => str_repeat('PTEST', 1000), -+ ], -+ $uri -+ ) -+ ->expectBody( -+ [ -+ 'Test Start', -+ 'string(0) ""', -+ 'Test End' -+ ] -+ ); -+$tester->terminate(); -+$tester->close(); -+ -+?> -+Done -+--EXPECT-- -+Done -+--CLEAN-- -+ -diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc -index 70c03ad70f1c..3b6702866cc1 100644 ---- a/sapi/fpm/tests/tester.inc -+++ b/sapi/fpm/tests/tester.inc -@@ -513,7 +513,7 @@ class Tester - return new Response(null, true); - } - if (is_null($uri)) { -- $uri = $this->makeFile('src.php', $this->code); -+ $uri = $this->makeSourceFile(); - } - - $params = array_merge( -@@ -538,7 +538,6 @@ class Tester - ], - $headers - ); -- - try { - $this->response = new Response( - $this->getClient($address, $connKeepAlive)->request_data($params, false) -@@ -944,6 +943,14 @@ class Tester - return $filePath; - } - -+ /** -+ * @return string -+ */ -+ public function makeSourceFile() -+ { -+ return $this->makeFile('src.php', $this->code); -+ } -+ - /** - * @param string|null $msg - */ diff --git a/CVE-2019-11045.patch b/CVE-2019-11045.patch deleted file mode 100644 index f86e68c63ca8d2aa90e7a52df239b499d2d35236..0000000000000000000000000000000000000000 --- a/CVE-2019-11045.patch +++ /dev/null @@ -1,72 +0,0 @@ -From a5a15965da23c8e97657278fc8dfbf1dfb20c016 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" -Date: Mon, 25 Nov 2019 16:56:34 +0100 -Subject: [PATCH] Fix #78863: DirectoryIterator class silently truncates after - a null byte - -Since the constructor of DirectoryIterator and friends is supposed to -accepts paths (i.e. strings without NUL bytes), we must not accept -arbitrary strings. ---- - ext/spl/spl_directory.c | 4 ++-- - ext/spl/tests/bug78863.phpt | 31 +++++++++++++++++++++++++++++++ - 2 files changed, 33 insertions(+), 2 deletions(-) - create mode 100644 ext/spl/tests/bug78863.phpt - -diff --git a/ext/spl/spl_directory.c b/ext/spl/spl_directory.c -index 91ea2e0265..56e809b1c7 100644 ---- a/ext/spl/spl_directory.c -+++ b/ext/spl/spl_directory.c -@@ -701,10 +701,10 @@ void spl_filesystem_object_construct(INTERNAL_FUNCTION_PARAMETERS, zend_long cto - - if (SPL_HAS_FLAG(ctor_flags, DIT_CTOR_FLAGS)) { - flags = SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_FILEINFO; -- parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s|l", &path, &len, &flags); -+ parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p|l", &path, &len, &flags); - } else { - flags = SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_SELF; -- parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s", &path, &len); -+ parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p", &path, &len); - } - if (SPL_HAS_FLAG(ctor_flags, SPL_FILE_DIR_SKIPDOTS)) { - flags |= SPL_FILE_DIR_SKIPDOTS; -diff --git a/ext/spl/tests/bug78863.phpt b/ext/spl/tests/bug78863.phpt -new file mode 100644 -index 0000000000..dc88d98dee ---- /dev/null -+++ b/ext/spl/tests/bug78863.phpt -@@ -0,0 +1,31 @@ -+--TEST-- -+Bug #78863 (DirectoryIterator class silently truncates after a null byte) -+--FILE-- -+isDot()) { -+ var_dump($fileinfo->getFilename()); -+ } -+} -+?> -+--EXPECTF-- -+Fatal error: Uncaught UnexpectedValueException: DirectoryIterator::__construct() expects parameter 1 to be a valid path, string given in %s:%d -+Stack trace: -+#0 %s(%d): DirectoryIterator->__construct('%s') -+#1 {main} -+ thrown in %s on line %d -+--CLEAN-- -+ --- -2.19.1 - diff --git a/CVE-2019-11046.patch b/CVE-2019-11046.patch deleted file mode 100644 index b7963df7117c88bd7a5cb17c5609750bae4ab9af..0000000000000000000000000000000000000000 --- a/CVE-2019-11046.patch +++ /dev/null @@ -1,51 +0,0 @@ -From eb23c6008753b1cdc5359dead3a096dce46c9018 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" -Date: Sat, 30 Nov 2019 12:26:37 +0100 -Subject: [PATCH] Fix #78878: Buffer underflow in bc_shift_addsub - -We must not rely on `isdigit()` to detect digits, since we only support -decimal ASCII digits in the following processing. ---- - ext/bcmath/libbcmath/src/str2num.c | 4 ++-- - ext/bcmath/tests/bug78878.phpt | 13 +++++++++++++ - 2 files changed, 15 insertions(+), 2 deletions(-) - create mode 100644 ext/bcmath/tests/bug78878.phpt - -diff --git a/ext/bcmath/libbcmath/src/str2num.c b/ext/bcmath/libbcmath/src/str2num.c -index f38d341570..03aec15930 100644 ---- a/ext/bcmath/libbcmath/src/str2num.c -+++ b/ext/bcmath/libbcmath/src/str2num.c -@@ -57,9 +57,9 @@ bc_str2num (bc_num *num, char *str, int scale) - zero_int = FALSE; - if ( (*ptr == '+') || (*ptr == '-')) ptr++; /* Sign */ - while (*ptr == '0') ptr++; /* Skip leading zeros. */ -- while (isdigit((int)*ptr)) ptr++, digits++; /* digits */ -+ while (*ptr >= '0' && *ptr <= '9') ptr++, digits++; /* digits */ - if (*ptr == '.') ptr++; /* decimal point */ -- while (isdigit((int)*ptr)) ptr++, strscale++; /* digits */ -+ while (*ptr >= '0' && *ptr <= '9') ptr++, strscale++; /* digits */ - if ((*ptr != '\0') || (digits+strscale == 0)) - { - *num = bc_copy_num (BCG(_zero_)); -diff --git a/ext/bcmath/tests/bug78878.phpt b/ext/bcmath/tests/bug78878.phpt -new file mode 100644 -index 0000000000..2c9d72b946 ---- /dev/null -+++ b/ext/bcmath/tests/bug78878.phpt -@@ -0,0 +1,13 @@ -+--TEST-- -+Bug #78878 (Buffer underflow in bc_shift_addsub) -+--SKIPIF-- -+ -+--FILE-- -+ -+--EXPECT-- -+bc math warning: non-zero scale in modulus -+0 --- -2.19.1 - diff --git a/CVE-2019-11047.patch b/CVE-2019-11047.patch deleted file mode 100644 index 3c52d1bf11b08e215852c6f70028c3e03af55684..0000000000000000000000000000000000000000 --- a/CVE-2019-11047.patch +++ /dev/null @@ -1,50 +0,0 @@ -From d348cfb96f2543565691010ade5e0346338be5a7 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Mon, 16 Dec 2019 00:10:39 -0800 -Subject: [PATCH] Fixed bug #78910 - ---- - ext/exif/exif.c | 3 ++- - ext/exif/tests/bug78910.phpt | 17 +++++++++++++++++ - 2 files changed, 19 insertions(+), 1 deletion(-) - create mode 100644 ext/exif/tests/bug78910.phpt - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index f961f44a46c..c0be05922fb 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3154,7 +3154,8 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu - continue; - if (maker_note->model && (!ImageInfo->model || strcmp(maker_note->model, ImageInfo->model))) - continue; -- if (maker_note->id_string && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len)) -+ if (maker_note->id_string && value_len >= maker_note->id_string_len -+ && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len)) - continue; - break; - } -diff --git a/ext/exif/tests/bug78910.phpt b/ext/exif/tests/bug78910.phpt -new file mode 100644 -index 00000000000..f5b1c32c1bd ---- /dev/null -+++ b/ext/exif/tests/bug78910.phpt -@@ -0,0 +1,17 @@ -+--TEST-- -+Bug #78910: Heap-buffer-overflow READ in exif (OSS-Fuzz #19044) -+--FILE-- -+ -+--EXPECTF-- -+Notice: exif_read_data(): Read from TIFF: tag(0x927C, MakerNote ): Illegal format code 0x2020, switching to BYTE in %s on line %d -+ -+Warning: exif_read_data(): Process tag(x927C=MakerNote ): Illegal format code 0x2020, suppose BYTE in %s on line %d -+ -+Warning: exif_read_data(): IFD data too short: 0x0000 offset 0x000C in %s on line %d -+ -+Warning: exif_read_data(): Invalid TIFF file in %s on line %d -+bool(false) --- -2.11.0 diff --git a/CVE-2019-11048.patch b/CVE-2019-11048.patch deleted file mode 100644 index d5849a59b51857fe90cdea6dc0e3d1b909557c97..0000000000000000000000000000000000000000 --- a/CVE-2019-11048.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" -Date: Wed, 18 Mar 2020 10:26:53 +0100 -Subject: [PATCH] Fix #78875: Long filenames cause OOM and temp files are not - cleaned - -We must not cast `size_t` to `int` (unless the `size_t` value is -guaranteed to be less than or equal to `INT_MAX`). In this case we can -declare `array_len` as `size_t` in the first place. ---- - main/rfc1867.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/main/rfc1867.c b/main/rfc1867.c -index bd01b34cf070..783eab4175d5 100644 ---- a/main/rfc1867.c -+++ b/main/rfc1867.c -@@ -692,7 +692,8 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL; - char *lbuf = NULL, *abuf = NULL; - zend_string *temp_filename = NULL; -- int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0, array_len = 0; -+ int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0; -+ size_t array_len = 0; - int64_t total_bytes = 0, max_file_size = 0; - int skip_upload = 0, anonindex = 0, is_anonymous; - HashTable *uploaded_files = NULL; -@@ -1126,7 +1127,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - is_arr_upload = (start_arr = strchr(param,'[')) && (param[strlen(param)-1] == ']'); - - if (is_arr_upload) { -- array_len = (int)strlen(start_arr); -+ array_len = strlen(start_arr); - if (array_index) { - efree(array_index); - } diff --git a/CVE-2019-11050.patch b/CVE-2019-11050.patch deleted file mode 100644 index 9122d878dccb2b9b1c80fe7500fa215568fa4603..0000000000000000000000000000000000000000 --- a/CVE-2019-11050.patch +++ /dev/null @@ -1,48 +0,0 @@ -From c14eb8de974fc8a4d74f3515424c293bc7a40fba Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Mon, 16 Dec 2019 01:14:38 -0800 -Subject: [PATCH] Fix bug #78793 - ---- - ext/exif/exif.c | 5 +++-- - ext/exif/tests/bug78793.phpt | 12 ++++++++++++ - 2 files changed, 15 insertions(+), 2 deletions(-) - create mode 100644 ext/exif/tests/bug78793.phpt - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index c0be05922f..7fe055f381 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3235,8 +3235,9 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu - } - - for (de=0;detag_table)) { -+ size_t offset = 2 + 12 * de; -+ if (!exif_process_IFD_TAG(ImageInfo, dir_start + offset, -+ offset_base, data_len - offset, displacement, section_index, 0, maker_note->tag_table)) { - return FALSE; - } - } -diff --git a/ext/exif/tests/bug78793.phpt b/ext/exif/tests/bug78793.phpt -new file mode 100644 -index 0000000000..033f255ace ---- /dev/null -+++ b/ext/exif/tests/bug78793.phpt -@@ -0,0 +1,12 @@ -+--TEST-- -+Bug #78793: Use-after-free in exif parsing under memory sanitizer -+--FILE-- -+ -+===DONE=== -+--EXPECT-- -+===DONE=== --- -2.19.1 - diff --git a/CVE-2019-6977.patch b/CVE-2019-6977.patch deleted file mode 100644 index a72f65ee5294a0b36dd29f54066a0dfef0ba7b17..0000000000000000000000000000000000000000 --- a/CVE-2019-6977.patch +++ /dev/null @@ -1,59 +0,0 @@ -From a15af81b5f0058e020eda0f109f51a3c863f5212 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" -Date: Sun, 30 Dec 2018 13:59:26 +0100 -Subject: [PATCH] Fix #77270: imagecolormatch Out Of Bounds Write on Heap - -At least some of the image reading functions may return images which -use color indexes greater than or equal to im->colorsTotal. We cater -to this by always using a buffer size which is sufficient for -`gdMaxColors` in `gdImageColorMatch()`. - -(cherry picked from commit 7a12dad4dd6c370835b13afae214b240082c7538) ---- - NEWS | 1 + - ext/gd/libgd/gd_color_match.c | 4 ++-- - ext/gd/tests/bug77270.phpt | 18 ++++++++++++++++++ - 3 files changed, 21 insertions(+), 2 deletions(-) - create mode 100644 ext/gd/tests/bug77270.phpt - -diff --git a/ext/gd/libgd/gd_color_match.c b/ext/gd/libgd/gd_color_match.c -index a4e56b1c40..e6f539bc75 100644 ---- a/ext/gd/libgd/gd_color_match.c -+++ b/ext/gd/libgd/gd_color_match.c -@@ -33,8 +33,8 @@ int gdImageColorMatch (gdImagePtr im1, gdImagePtr im2) - return -4; /* At least 1 color must be allocated */ - } - -- buf = (unsigned long *)safe_emalloc(sizeof(unsigned long), 5 * im2->colorsTotal, 0); -- memset( buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal ); -+ buf = (unsigned long *)safe_emalloc(sizeof(unsigned long), 5 * gdMaxColors, 0); -+ memset( buf, 0, sizeof(unsigned long) * 5 * gdMaxColors ); - - for (x=0; xsx; x++) { - for( y=0; ysy; y++ ) { -diff --git a/ext/gd/tests/bug77270.phpt b/ext/gd/tests/bug77270.phpt -new file mode 100644 -index 0000000000..1c4555a64d ---- /dev/null -+++ b/ext/gd/tests/bug77270.phpt -@@ -0,0 +1,18 @@ -+--TEST-- -+Bug #77270 (imagecolormatch Out Of Bounds Write on Heap) -+--SKIPIF-- -+ -+--FILE-- -+ -+===DONE=== -+--EXPECT-- -+===DONE=== --- -2.11.0 diff --git a/CVE-2019-9021.patch b/CVE-2019-9021.patch deleted file mode 100644 index 33b39a96732f70299707715dc3d0f22a47da87a4..0000000000000000000000000000000000000000 --- a/CVE-2019-9021.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/ext/phar/phar.c b/ext/phar/phar.c -index 4d5988eaa9..812720a011 100644 ---- a/ext/phar/phar.c -+++ b/ext/phar/phar.c -@@ -2026,7 +2026,7 @@ next_extension: - } - - while (pos != filename && (*(pos - 1) == '/' || *(pos - 1) == '\0')) { -- pos = memchr(pos + 1, '.', filename_len - (pos - filename) + 1); -+ pos = memchr(pos + 1, '.', filename_len - (pos - filename) - 1); - if (!pos) { - return FAILURE; - } - diff --git a/CVE-2019-9022.patch b/CVE-2019-9022.patch deleted file mode 100644 index 0b3e03a3ba944bebf3fc8ac0acefda9a01679dca..0000000000000000000000000000000000000000 --- a/CVE-2019-9022.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 8d3dfabef459fe7815e8ea2fd68753fd17859d7b Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sat, 29 Dec 2018 20:39:08 -0800 -Subject: [PATCH] Fix #77369 - memcpy with negative length via crafted DNS - response - ---- - ext/standard/dns.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/ext/standard/dns.c b/ext/standard/dns.c -index 8e102f8..b5fbcb9 100644 ---- a/ext/standard/dns.c -+++ b/ext/standard/dns.c -@@ -459,6 +459,10 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t - GETLONG(ttl, cp); - GETSHORT(dlen, cp); - CHECKCP(dlen); -+ if (dlen == 0) { -+ /* No data in the response - nothing to do */ -+ return NULL; -+ } - if (type_to_fetch != T_ANY && type != type_to_fetch) { - cp += dlen; - return cp; -@@ -549,6 +553,9 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t - CHECKCP(n); - add_assoc_stringl(subarray, "tag", (char*)cp, n); - cp += n; -+ if ( (size_t) dlen < ((size_t)n) + 2 ) { -+ return NULL; -+ } - n = dlen - n - 2; - CHECKCP(n); - add_assoc_stringl(subarray, "value", (char*)cp, n); --- -2.1.4 diff --git a/CVE-2019-9023.patch b/CVE-2019-9023.patch deleted file mode 100644 index a6716ffb32ba5b8c601ae003b20214e11a1b82e6..0000000000000000000000000000000000000000 --- a/CVE-2019-9023.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 9a96e864885ccc3b19d360ba410a562eb7c5dc45 Mon Sep 17 00:00:00 2001 -From: gwx620998 -Date: Sat, 23 Mar 2019 03:34:11 -0400 -Subject: [PATCH] CVE-2019-9023 - -Signed-off-by: gwx620998 ---- - ext/mbstring/oniguruma/src/regcomp.c | 3 +++ - ext/mbstring/oniguruma/src/regparse.c | 2 ++ - ext/mbstring/oniguruma/src/unicode.c | 1 + - ext/mbstring/oniguruma/src/utf32_be.c | 3 ++- - 4 files changed, 8 insertions(+), 1 deletion(-) - -diff --git a/ext/mbstring/oniguruma/src/regcomp.c b/ext/mbstring/oniguruma/src/regcomp.c -index 0e9a9ab..cf914cc 100644 ---- a/ext/mbstring/oniguruma/src/regcomp.c -+++ b/ext/mbstring/oniguruma/src/regcomp.c -@@ -476,6 +476,7 @@ compile_length_string_node(Node* node, regex_t* reg) - - for (; p < sn->end; ) { - len = enclen(enc, p); -+ if (p + len > sn->end) len = sn->end - p; - if (len == prev_len) { - slen++; - } -@@ -524,6 +525,7 @@ compile_string_node(Node* node, regex_t* reg) - - for (; p < end; ) { - len = enclen(enc, p); -+ if (p + len > end) len = end - p; - if (len == prev_len) { - slen++; - } -@@ -3436,6 +3438,7 @@ expand_case_fold_string(Node* node, regex_t* reg) - } - - len = enclen(reg->enc, p); -+ if (p + len > end) len = end - p; - - if (n == 0) { - if (IS_NULL(snode)) { -diff --git a/ext/mbstring/oniguruma/src/regparse.c b/ext/mbstring/oniguruma/src/regparse.c -index 8153513..9393b9d 100644 ---- a/ext/mbstring/oniguruma/src/regparse.c -+++ b/ext/mbstring/oniguruma/src/regparse.c -@@ -3594,6 +3594,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env) - } - else { /* string */ - p = tok->backp + enclen(enc, tok->backp); -+ if (p > end) p = end; - } - } - break; -@@ -3763,6 +3764,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env) - out: - #endif - *src = p; -+ if (*src > end) *src = end; - return tok->type; - } - -diff --git a/ext/mbstring/oniguruma/src/unicode.c b/ext/mbstring/oniguruma/src/unicode.c -index 8812ca2..cbdc42f 100644 ---- a/ext/mbstring/oniguruma/src/unicode.c -+++ b/ext/mbstring/oniguruma/src/unicode.c -@@ -255,6 +255,7 @@ onigenc_unicode_mbc_case_fold(OnigEncoding enc, - - code = ONIGENC_MBC_TO_CODE(enc, p, end); - len = enclen(enc, p); -+ if (*pp + len > end) len = end - *pp; - *pp += len; - - #ifdef USE_UNICODE_CASE_FOLD_TURKISH_AZERI -diff --git a/ext/mbstring/oniguruma/src/utf32_be.c b/ext/mbstring/oniguruma/src/utf32_be.c -index d0c7f39..4cf6fed 100644 ---- a/ext/mbstring/oniguruma/src/utf32_be.c -+++ b/ext/mbstring/oniguruma/src/utf32_be.c -@@ -65,8 +65,9 @@ utf32be_is_mbc_newline(const UChar* p, const UChar* end) - } - - static OnigCodePoint --utf32be_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED) -+utf32be_mbc_to_code(const UChar* p, const UChar* end) - { -+ if (p + 4 > end) return (OnigCodePoint ) NULL; - return (OnigCodePoint )(((p[0] * 256 + p[1]) * 256 + p[2]) * 256 + p[3]); - } - --- -1.8.3.1 - diff --git a/CVE-2019-9024.patch b/CVE-2019-9024.patch deleted file mode 100644 index 5ac3f3ceb1c7fac4829ede497cd67e6385748e83..0000000000000000000000000000000000000000 --- a/CVE-2019-9024.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 1cc2182bcc81e185c14837e659d12b268cb99d63 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Tue, 1 Jan 2019 17:15:20 -0800 -Subject: [PATCH] Fix bug #77380 (Global out of bounds read in xmlrpc base64 - code) - ---- -diff --git a/ext/xmlrpc/libxmlrpc/base64.c b/ext/xmlrpc/libxmlrpc/base64.c -index 5ebdf31..a4fa193 100644 ---- a/ext/xmlrpc/libxmlrpc/base64.c -+++ b/ext/xmlrpc/libxmlrpc/base64.c -@@ -169,7 +169,7 @@ void base64_decode_xmlrpc(struct buffer_st *bfr, const char *source, int length) - return; - } - -- if (dtable[c] & 0x80) { -+ if (dtable[(unsigned char)c] & 0x80) { - /* - fprintf(stderr, "Offset %i length %i\n", offset, length); - fprintf(stderr, "character '%c:%x:%c' in input file.\n", c, c, dtable[c]); --- -2.1.4 - diff --git a/CVE-2019-9637.patch b/CVE-2019-9637.patch deleted file mode 100644 index ccc4f21328289cf75c902e7a57998c571f16eb77..0000000000000000000000000000000000000000 --- a/CVE-2019-9637.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 40f6425978917209cb0c2c3be05a25c65c9a900e Mon Sep 17 00:00:00 2001 -From: gwx620998 -Date: Sat, 23 Mar 2019 07:14:35 -0400 -Subject: [PATCH] CVE-2019-9637 - -Signed-off-by: gwx620998 ---- - main/streams/plain_wrapper.c | 50 +++++++++++++++++++++++++++++--------------- - 1 file changed, 33 insertions(+), 17 deletions(-) - -diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c -index 9b36d00..cb9e642 100644 ---- a/main/streams/plain_wrapper.c -+++ b/main/streams/plain_wrapper.c -@@ -1168,34 +1168,50 @@ static int php_plain_files_rename(php_stream_wrapper *wrapper, const char *url_f - # ifdef EXDEV - if (errno == EXDEV) { - zend_stat_t sb; -+# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE) -+ /* not sure what to do in ZTS case, umask is not thread-safe */ -+ int oldmask = umask(077); -+# endif -+ int success = 0; - if (php_copy_file(url_from, url_to) == SUCCESS) { - if (VCWD_STAT(url_from, &sb) == 0) { -+ success = 1; - # ifndef TSRM_WIN32 -- if (VCWD_CHMOD(url_to, sb.st_mode)) { -- if (errno == EPERM) { -- php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); -- VCWD_UNLINK(url_from); -- return 1; -- } -+ /* -+ * Try to set user and permission info on the target. -+ * If we're not root, then some of these may fail. -+ * We try chown first, to set proper group info, relying -+ * on the system environment to have proper umask to not allow -+ * access to the file in the meantime. -+ */ -+ if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) { - php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); -- return 0; -+ if (errno != EPERM) { -+ success = 0; -+ } - } -- if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) { -- if (errno == EPERM) { -+ if (success) { -+ if (VCWD_CHMOD(url_to, sb.st_mode)) { - php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); -- VCWD_UNLINK(url_from); -- return 1; -+ if (errno != EPERM) { -+ success = 0; -+ } - } -- php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); -- return 0; - } - # endif -- VCWD_UNLINK(url_from); -- return 1; -+ if (success) { -+ VCWD_UNLINK(url_from); -+ } -+ } else { -+ php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); - } -+ } else { -+ php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); - } -- php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno)); -- return 0; -+# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE) -+ umask(oldmask); -+# endif -+ return success; - } - # endif - #endif --- -1.8.3.1 - diff --git a/CVE-2019-9638-CVE-2019-9639.patch b/CVE-2019-9638-CVE-2019-9639.patch deleted file mode 100644 index ddc1dae033259ec6c54014cd78ad2b50de43976a..0000000000000000000000000000000000000000 --- a/CVE-2019-9638-CVE-2019-9639.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 7168d3dc576344f7e55fac81d86304d2421ffe93 Mon Sep 17 00:00:00 2001 -From: gwx620998 -Date: Sat, 23 Mar 2019 07:42:34 -0400 -Subject: [PATCH] CVE-2019-9638 - -Signed-off-by: gwx620998 ---- - ext/exif/exif.c | 5 +++-- - ext/exif/tests/bug77563.phpt | 16 ++++++++++++++++ - 2 files changed, 19 insertions(+), 2 deletions(-) - create mode 100644 ext/exif/tests/bug77563.phpt - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index 3a76d8f..d82b5ae 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3151,8 +3151,8 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu - continue; - break; - } -- -- if (maker_note->offset >= value_len) { -+ -+ if (value_len < 2 || maker_note->offset >= value_len - 1) { - /* Do not go past the value end */ - exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "IFD data too short: 0x%04X offset 0x%04X", value_len, maker_note->offset); - return FALSE; -@@ -3207,6 +3207,7 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu - #endif - default: - case MN_OFFSET_NORMAL: -+ data_len = value_len; - break; - } - -diff --git a/ext/exif/tests/bug77563.phpt b/ext/exif/tests/bug77563.phpt -new file mode 100644 -index 0000000..d1c5b9f ---- /dev/null -+++ b/ext/exif/tests/bug77563.phpt -@@ -0,0 +1,16 @@ -++--TEST-- -++Bug 77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE) -++--SKIPIF-- -++ -++--FILE-- -++ -++DONE -++--EXPECTF-- -++Warning: exif_thumbnail(bug77563.jpg): Illegal IFD offset in %s/bug77563.php on line %d -++ -++Warning: exif_thumbnail(bug77563.jpg): File structure corrupted in %s/bug77563.php on line %d -++ -++Warning: exif_thumbnail(bug77563.jpg): Invalid JPEG file in %s/bug77563.php on line %d -++DONE --- -1.8.3.1 - diff --git a/CVE-2019-9640.patch b/CVE-2019-9640.patch deleted file mode 100644 index 4cda3bcb52ccacad2259cd9619db6720e44dad58..0000000000000000000000000000000000000000 --- a/CVE-2019-9640.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 30d2b94a2e88021b77b07149e1f4438662ca8e5e Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sat, 2 Mar 2019 13:38:00 -0800 -Subject: [PATCH] Fix bug #77540 - Invalid Read on exif_process_SOFn - ---- - ext/exif/exif.c | 10 ++++++++-- - ext/exif/tests/bug77540.jpg | Bin 0 -> 91 bytes - ext/exif/tests/bug77540.phpt | 16 ++++++++++++++++ - 3 files changed, 24 insertions(+), 2 deletions(-) - create mode 100644 ext/exif/tests/bug77540.jpg - create mode 100644 ext/exif/tests/bug77540.phpt - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index 4f2f660..8ed9c85 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3902,7 +3902,7 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo) - return FALSE; - marker = c; - length = php_jpg_get16(data+pos); -- if (pos+length>=ImageInfo->Thumbnail.size) { -+ if (length > ImageInfo->Thumbnail.size || pos >= ImageInfo->Thumbnail.size - length) { - return FALSE; - } - #ifdef EXIF_DEBUG -@@ -3923,6 +3923,10 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo) - case M_SOF14: - case M_SOF15: - /* handle SOFn block */ -+ if (length < 8 || ImageInfo->Thumbnail.size - 8 < pos) { -+ /* exif_process_SOFn needs 8 bytes */ -+ return FALSE; -+ } - exif_process_SOFn(data+pos, marker, &sof_info); - ImageInfo->Thumbnail.height = sof_info.height; - ImageInfo->Thumbnail.width = sof_info.width; -@@ -4654,7 +4658,9 @@ PHP_FUNCTION(exif_thumbnail) - ZVAL_STRINGL(return_value, ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size); - if (arg_c >= 3) { - if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) { -- exif_scan_thumbnail(&ImageInfo); -+ if (!exif_scan_thumbnail(&ImageInfo)) { -+ ImageInfo.Thumbnail.width = ImageInfo.Thumbnail.height = 0; -+ } - } - zval_dtor(z_width); - zval_dtor(z_height); --- -diff --git a/ext/exif/tests/bug77540.phpt b/ext/exif/tests/bug77540.phpt -new file mode 100644 -index 0000000..8702e0c ---- /dev/null -+++ b/ext/exif/tests/bug77540.phpt -@@ -0,0 +1,16 @@ -+--TEST-- -+Bug 77540 (Invalid Read on exif_process_SOFn) -+--SKIPIF-- -+ -+--FILE-- -+ -+DONE -+--EXPECTF-- -+Width 0 -+Height 0 -+DONE --- -2.1.4 - diff --git a/CVE-2020-7064.patch b/CVE-2020-7064.patch deleted file mode 100644 index 3cce2dcb164482871902fc562447b5b2769cdd4d..0000000000000000000000000000000000000000 --- a/CVE-2020-7064.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 0c77b4307df73217283a4aaf9313e1a33a0967ff Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sun, 15 Mar 2020 17:26:00 -0700 -Subject: [PATCH] Fixed bug #79282 - ---- - ext/exif/exif.c | 7 ++++++- - ext/exif/tests/bug79282.phpt | 15 +++++++++++++++ - 2 files changed, 21 insertions(+), 1 deletion(-) - create mode 100644 ext/exif/tests/bug79282.phpt - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index a63e0c1..b85ac19 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3660,6 +3660,11 @@ static void exif_process_TIFF_in_JPEG(image_info_type *ImageInfo, char *CharBuf, - { - unsigned exif_value_2a, offset_of_ifd; - -+ if (length < 2) { -+ exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Missing TIFF alignment marker"); -+ return; -+ } -+ - /* set the thumbnail stuff to nothing so we can test to see if they get set up */ - if (memcmp(CharBuf, "II", 2) == 0) { - ImageInfo->motorola_intel = 0; -@@ -3812,7 +3817,7 @@ static int exif_scan_JPEG_header(image_info_type *ImageInfo) - return FALSE; - } - -- sn = exif_file_sections_add(ImageInfo, marker, itemlen+1, NULL); -+ sn = exif_file_sections_add(ImageInfo, marker, itemlen, NULL); - Data = ImageInfo->file.list[sn].data; - - /* Store first two pre-read bytes. */ -diff --git a/ext/exif/tests/bug79282.phpt b/ext/exif/tests/bug79282.phpt -new file mode 100644 -index 0000000..7b7e365 ---- /dev/null -+++ b/ext/exif/tests/bug79282.phpt -@@ -0,0 +1,15 @@ -+--TEST-- -+Bug #79282: Use-of-uninitialized-value in exif -+--FILE-- -+ -+--EXPECTF-- -+Warning: exif_read_data(): Invalid TIFF alignment marker in %s on line %d -+ -+Warning: exif_read_data(): File structure corrupted in %s on line %d -+ -+Warning: exif_read_data(): Invalid JPEG file in %s on line %d -+bool(false) --- -1.8.3.1 - diff --git a/CVE-2020-7066.patch b/CVE-2020-7066.patch deleted file mode 100644 index 63200d170b36d4b4b306d8e7da34eb0ffa071d49..0000000000000000000000000000000000000000 --- a/CVE-2020-7066.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 0181cb204b54ee08710147338b76dc0845aba4f9 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sun, 15 Mar 2020 17:30:44 -0700 -Subject: [PATCH] Fix bug #79329 - get_headers should not accept \0 - ---- - ext/standard/url.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ext/standard/url.c b/ext/standard/url.c -index 57fd80c..fe6d7f9 100644 ---- a/ext/standard/url.c -+++ b/ext/standard/url.c -@@ -680,7 +680,7 @@ PHP_FUNCTION(get_headers) - php_stream_context *context; - - ZEND_PARSE_PARAMETERS_START(1, 3) -- Z_PARAM_STRING(url, url_len) -+ Z_PARAM_PATH(url, url_len) - Z_PARAM_OPTIONAL - Z_PARAM_LONG(format) - Z_PARAM_RESOURCE_EX(zcontext, 1, 0) --- -1.8.3.1 - diff --git a/CVE-2020-7068.patch b/CVE-2020-7068.patch deleted file mode 100644 index 3726e1e1dce479fb189dfb26b01f79c08224c702..0000000000000000000000000000000000000000 --- a/CVE-2020-7068.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 7355ab81763a3d6a04ac11660e6a16d58838d187 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" -Date: Tue, 14 Jul 2020 17:04:24 +0200 -Subject: [PATCH] Fix #79797: Use of freed hash key in the -phar_parse_zipfile funtion - ---- - ext/phar/zip.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ext/phar/zip.c b/ext/phar/zip.c -index d615e8ad..50c5d69e 100644 ---- a/ext/phar/zip.c -+++ b/ext/phar/zip.c -@@ -703,7 +703,7 @@ foundit: - efree(actual_alias); - } - -- zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), actual_alias, mydata->alias_len, mydata); -+ zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), mydata->alias, mydata->alias_len, mydata); - } else { - phar_archive_data *fd_ptr; - --- -2.23.0 - diff --git a/be50a72715c141befe6f34ece660745da894aaf3.patch b/be50a72715c141befe6f34ece660745da894aaf3.patch deleted file mode 100644 index 2bcf82df4cad8095e39fc216713174403af3dec2..0000000000000000000000000000000000000000 --- a/be50a72715c141befe6f34ece660745da894aaf3.patch +++ /dev/null @@ -1,37 +0,0 @@ -From be50a72715c141befe6f34ece660745da894aaf3 Mon Sep 17 00:00:00 2001 -From: Jakub Zelenka -Date: Sun, 9 Sep 2018 18:53:37 +0100 -Subject: [PATCH] Fix ssl stream reneg limit test to print only after first - renegotiation - -It has been reported that in some setup the test does multiple -renegotiations which is allowed. ---- - ext/openssl/tests/stream_server_reneg_limit.phpt | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/ext/openssl/tests/stream_server_reneg_limit.phpt b/ext/openssl/tests/stream_server_reneg_limit.phpt -index f0353351a23a..f033cbabe343 100644 ---- a/ext/openssl/tests/stream_server_reneg_limit.phpt -+++ b/ext/openssl/tests/stream_server_reneg_limit.phpt -@@ -22,14 +22,18 @@ if(substr(PHP_OS, 0, 3) == 'WIN') { - */ - - $serverCode = <<<'CODE' -+ $printed = false; - $serverUri = "ssl://127.0.0.1:64321"; - $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; - $serverCtx = stream_context_create(['ssl' => [ - 'local_cert' => __DIR__ . '/bug54992.pem', - 'reneg_limit' => 0, - 'reneg_window' => 30, -- 'reneg_limit_callback' => function($stream) { -- var_dump($stream); -+ 'reneg_limit_callback' => function($stream) use (&$printed) { -+ if (!$printed) { -+ $printed = true; -+ var_dump($stream); -+ } - } - ]]); - diff --git a/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch b/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch deleted file mode 100644 index d9451923904982c815027a6029126c3e00f08628..0000000000000000000000000000000000000000 --- a/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch +++ /dev/null @@ -1,22 +0,0 @@ -From c1729272b17a1fe893d1a54e423d3b71470f3ee8 Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Wed, 29 Aug 2018 09:10:59 +0200 -Subject: [PATCH] fix double cast to int on 32-bit - ---- - Zend/zend_operators.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Zend/zend_operators.c b/Zend/zend_operators.c -index cafb14d4cc25..9a8a40142433 100644 ---- a/Zend/zend_operators.c -+++ b/Zend/zend_operators.c -@@ -3101,7 +3101,7 @@ ZEND_API zend_long ZEND_FASTCALL zend_dval_to_lval_slow(double d) - if (dmod < 0) { - /* we're going to make this number positive; call ceil() - * to simulate rounding towards 0 of the negative number */ -- dmod = ceil(dmod);// + two_pow_32; -+ dmod = ceil(dmod) + two_pow_32; - } - return (zend_long)(zend_ulong)dmod; - } diff --git a/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch b/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch deleted file mode 100644 index 0cb89c82dcc057e7aef48f6543658df8dff556af..0000000000000000000000000000000000000000 --- a/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch +++ /dev/null @@ -1,38 +0,0 @@ -From cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a Mon Sep 17 00:00:00 2001 -From: Jakub Zelenka -Date: Sun, 2 Sep 2018 20:00:08 +0100 -Subject: [PATCH] Fix stream_security_level.phpt with OpenSSL 1.1.1 - ---- - ext/openssl/tests/stream_security_level.phpt | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/ext/openssl/tests/stream_security_level.phpt b/ext/openssl/tests/stream_security_level.phpt -index fb1d36a58624..26fedcf670e9 100644 ---- a/ext/openssl/tests/stream_security_level.phpt -+++ b/ext/openssl/tests/stream_security_level.phpt -@@ -5,6 +5,7 @@ security_level setting to prohibit cert - if (!extension_loaded("openssl")) die("skip openssl not loaded"); - if (OPENSSL_VERSION_NUMBER < 0x10100000) die("skip OpenSSL >= v1.1.0 required"); - if (!function_exists("proc_open")) die("skip no proc_open"); -+?> - --FILE-- - [ -- 'security_level' => 3, -+ 'security_level' => 2, - 'verify_peer' => true, - 'cafile' => __DIR__ . '/bug54992-ca.pem', - 'verify_peer_name' => false -@@ -38,6 +39,7 @@ CODE; - - include 'ServerClientTestCase.inc'; - ServerClientTestCase::getInstance()->run($clientCode, $serverCode); -+?> - --EXPECTF-- - Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: - error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in %s : eval()'d code on line %d diff --git a/php-5.3.0-recode.patch b/php-5.3.0-recode.patch deleted file mode 100644 index 86f75a57af637c5237d77d5346139f3c0401a412..0000000000000000000000000000000000000000 --- a/php-5.3.0-recode.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -up php-5.3.0beta1/ext/recode/config9.m4.recode php-5.3.0beta1/ext/recode/config9.m4 ---- php-5.3.0beta1/ext/recode/config9.m4.recode 2008-12-02 00:30:21.000000000 +0100 -+++ php-5.3.0beta1/ext/recode/config9.m4 2009-02-28 09:46:50.000000000 +0100 -@@ -4,13 +4,6 @@ dnl - - dnl Check for extensions with which Recode can not work - if test "$PHP_RECODE" != "no"; then -- test "$PHP_IMAP" != "no" && recode_conflict="$recode_conflict imap" -- -- if test -n "$MYSQL_LIBNAME"; then -- PHP_CHECK_LIBRARY($MYSQL_LIBNAME, hash_insert, [ -- recode_conflict="$recode_conflict mysql" -- ]) -- fi - - if test -n "$recode_conflict"; then - AC_MSG_ERROR([recode extension can not be configured together with:$recode_conflict]) diff --git a/php-5.4.0-phpize.patch b/php-5.4.0-phpize.patch deleted file mode 100644 index e666e45b64ffcdab87f00e77091dbb441fc5f5fc..0000000000000000000000000000000000000000 --- a/php-5.4.0-phpize.patch +++ /dev/null @@ -1,34 +0,0 @@ ---- php-5.4.0RC5/scripts/phpize.in.orig 2012-01-18 17:13:54.018022983 +0100 -+++ php-5.4.0RC5/scripts/phpize.in 2012-01-18 17:14:40.614024941 +0100 -@@ -162,6 +162,15 @@ - $PHP_AUTOHEADER || exit 1 - } - -+phpize_check_headers() -+{ -+ if test ! -f $includedir/main/php.h; then -+ echo "Can't find PHP headers in $includedir" -+ echo "The php-devel package is required for use of this command." -+ exit 1 -+ fi -+} -+ - # Main script - - case "$1" in -@@ -180,12 +189,15 @@ - - # Version - --version|-v) -+ phpize_check_headers - phpize_print_api_numbers - exit 0 - ;; - - # Default - *) -+ phpize_check_headers -+ - phpize_check_configm4 0 - - phpize_check_build_files diff --git a/php-5.6.3-datetests.patch b/php-5.6.3-datetests.patch deleted file mode 100644 index a29bb636383139518c6296c2661813f964e8237f..0000000000000000000000000000000000000000 --- a/php-5.6.3-datetests.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- a/ext/date/tests/bug66985.phpt 2014-10-30 07:32:03.297693403 +0100 -+++ b/ext/date/tests/bug66985.phpt 2014-10-30 07:32:45.138877977 +0100 -@@ -3,7 +3,7 @@ - --FILE-- - 3 -- [timezone] => Factory --) --DateTimeZone Object --( - [timezone_type] => 3 - [timezone] => GB-Eire - ) diff --git a/php-5.6.3-phpinfo.patch b/php-5.6.3-phpinfo.patch deleted file mode 100644 index a11a29805b532b3906fbf0618d0da86c0452df9a..0000000000000000000000000000000000000000 --- a/php-5.6.3-phpinfo.patch +++ /dev/null @@ -1,27 +0,0 @@ - -Drop "Configure Command" from phpinfo as it doesn't -provide any useful information. -The available extensions are not related to this command. - ---- php-5.4.9/ext/standard/info.c.orig 2012-12-11 10:43:02.450578276 +0100 -+++ php-5.4.9/ext/standard/info.c 2012-12-11 10:44:12.530820821 +0100 -@@ -743,9 +743,6 @@ - #ifdef ARCHITECTURE - php_info_print_table_row(2, "Architecture", ARCHITECTURE); - #endif --#ifdef CONFIGURE_COMMAND -- php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND ); --#endif - - if (sapi_module.pretty_name) { - php_info_print_table_row(2, "Server API", sapi_module.pretty_name ); ---- php-5.4.9/ext/standard/tests/general_functions/phpinfo.phpt.orig 2012-12-11 11:07:26.959156091 +0100 -+++ php-5.4.9/ext/standard/tests/general_functions/phpinfo.phpt 2012-12-11 11:07:30.899170970 +0100 -@@ -20,7 +20,6 @@ - - System => %s - Build Date => %s%a --Configure Command => %s - Server API => Command Line Interface - Virtual Directory Support => %s - Configuration File (php.ini) Path => %s diff --git a/php-7.1.7-httpd.patch b/php-7.1.7-httpd.patch deleted file mode 100644 index acb3d2c6e9a042dbfa289aab6d19d0746cba74a9..0000000000000000000000000000000000000000 --- a/php-7.1.7-httpd.patch +++ /dev/null @@ -1,28 +0,0 @@ -Disable MPM detection - -mod_php is build twice -- as NTS without option -- as ZTS using --enable-maintainer-zts - -diff --git a/sapi/apache2handler/config.m4 b/sapi/apache2handler/config.m4 -index 2e64b21..ec4799f 100644 ---- a/sapi/apache2handler/config.m4 -+++ b/sapi/apache2handler/config.m4 -@@ -116,17 +116,6 @@ if test "$PHP_APXS2" != "no"; then - ;; - esac - -- if test "$APACHE_VERSION" -lt 2004001; then -- APXS_MPM=`$APXS -q MPM_NAME` -- if test "$APXS_MPM" != "prefork" && test "$APXS_MPM" != "peruser" && test "$APXS_MPM" != "itk"; then -- PHP_BUILD_THREAD_SAFE -- fi -- else -- APACHE_THREADED_MPM=`$APXS_HTTPD -V | grep 'threaded:.*yes'` -- if test -n "$APACHE_THREADED_MPM"; then -- PHP_BUILD_THREAD_SAFE -- fi -- fi - AC_MSG_RESULT(yes) - PHP_SUBST(APXS) - else diff --git a/php-7.2.0-includedir.patch b/php-7.2.0-includedir.patch deleted file mode 100644 index 6d9a871b46cc9a1dd6a6e149e285b324fe651d6a..0000000000000000000000000000000000000000 --- a/php-7.2.0-includedir.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- php-7.2.0/configure.ac.includedir -+++ php-7.2.0/configure.ac -@@ -1230,7 +1230,7 @@ - EXPANDED_DATADIR=$datadir - EXPANDED_PHP_CONFIG_FILE_PATH=`eval echo "$PHP_CONFIG_FILE_PATH"` - EXPANDED_PHP_CONFIG_FILE_SCAN_DIR=`eval echo "$PHP_CONFIG_FILE_SCAN_DIR"` --INCLUDE_PATH=.:$EXPANDED_PEAR_INSTALLDIR -+INCLUDE_PATH=.:$EXPANDED_PEAR_INSTALLDIR:${EXPANDED_DATADIR}/php - - exec_prefix=$old_exec_prefix - libdir=$old_libdir diff --git a/php-7.2.0-libdb.patch b/php-7.2.0-libdb.patch deleted file mode 100644 index ca36d1a33004c20e6dec6d847acf39dde2902f02..0000000000000000000000000000000000000000 --- a/php-7.2.0-libdb.patch +++ /dev/null @@ -1,92 +0,0 @@ -diff -up php-7.2.0alpha0/ext/dba/config.m4.libdb php-7.2.0alpha0/ext/dba/config.m4 ---- php-7.2.0alpha0/ext/dba/config.m4.libdb 2017-05-29 08:56:06.000000000 +0200 -+++ php-7.2.0alpha0/ext/dba/config.m4 2017-05-29 09:13:52.014823282 +0200 -@@ -346,61 +346,13 @@ if test "$PHP_DB4" != "no"; then - dbdp4="/usr/local/BerkeleyDB.4." - dbdp5="/usr/local/BerkeleyDB.5." - for i in $PHP_DB4 ${dbdp5}1 ${dbdp5}0 ${dbdp4}8 ${dbdp4}7 ${dbdp4}6 ${dbdp4}5 ${dbdp4}4 ${dbdp4}3 ${dbdp4}2 ${dbdp4}1 ${dbdp}0 /usr/local /usr; do -- if test -f "$i/db5/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/db5/db.h -- break -- elif test -f "$i/db4/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/db4/db.h -- break -- elif test -f "$i/include/db5.3/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db5.3/db.h -- break -- elif test -f "$i/include/db5.1/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db5.1/db.h -- break -- elif test -f "$i/include/db5.0/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db5.0/db.h -- break -- elif test -f "$i/include/db4.8/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db4.8/db.h -- break -- elif test -f "$i/include/db4.7/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db4.7/db.h -- break -- elif test -f "$i/include/db4.6/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db4.6/db.h -- break -- elif test -f "$i/include/db4.5/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db4.5/db.h -- break -- elif test -f "$i/include/db4/db.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db4/db.h -- break -- elif test -f "$i/include/db/db4.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db/db4.h -- break -- elif test -f "$i/include/db4.h"; then -- THIS_PREFIX=$i -- THIS_INCLUDE=$i/include/db4.h -- break -- elif test -f "$i/include/db.h"; then -+ if test -f "$i/include/db.h"; then - THIS_PREFIX=$i - THIS_INCLUDE=$i/include/db.h - break - fi - done -- PHP_DBA_DB_CHECK(4, db-5.3 db-5.1 db-5.0 db-4.8 db-4.7 db-4.6 db-4.5 db-4.4 db-4.3 db-4.2 db-4.1 db-4.0 db-4 db4 db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) -+ PHP_DBA_DB_CHECK(4, db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) - fi - PHP_DBA_STD_RESULT(db4,Berkeley DB4) - -diff -up php-7.2.0alpha0/ext/dba/dba.c.libdb php-7.2.0alpha0/ext/dba/dba.c ---- php-7.2.0alpha0/ext/dba/dba.c.libdb 2017-05-29 09:16:15.736628202 +0200 -+++ php-7.2.0alpha0/ext/dba/dba.c 2017-05-29 09:16:20.494654746 +0200 -@@ -53,6 +53,10 @@ - #include "php_tcadb.h" - #include "php_lmdb.h" - -+#ifdef DB4_INCLUDE_FILE -+#include DB4_INCLUDE_FILE -+#endif -+ - /* {{{ arginfo */ - ZEND_BEGIN_ARG_INFO_EX(arginfo_dba_popen, 0, 0, 2) - ZEND_ARG_INFO(0, path) -@@ -558,6 +562,10 @@ PHP_MINFO_FUNCTION(dba) - - php_info_print_table_start(); - php_info_print_table_row(2, "DBA support", "enabled"); -+#ifdef DB_VERSION_STRING -+ php_info_print_table_row(2, "libdb header version", DB_VERSION_STRING); -+ php_info_print_table_row(2, "libdb library version", db_version(NULL, NULL, NULL)); -+#endif - if (handlers.s) { - smart_str_0(&handlers); - php_info_print_table_row(2, "Supported handlers", ZSTR_VAL(handlers.s)); diff --git a/php-7.2.3-ldap_r.patch b/php-7.2.3-ldap_r.patch deleted file mode 100644 index 5e947cfcd7f909025ea716d10188de6f007520bb..0000000000000000000000000000000000000000 --- a/php-7.2.3-ldap_r.patch +++ /dev/null @@ -1,19 +0,0 @@ - -Use -lldap_r by default. - -diff -up php-7.2.3RC1/ext/ldap/config.m4.ldap_r php-7.2.3RC1/ext/ldap/config.m4 ---- php-7.2.3RC1/ext/ldap/config.m4.ldap_r 2018-02-14 06:05:11.553142812 +0100 -+++ php-7.2.3RC1/ext/ldap/config.m4 2018-02-14 06:07:31.179816122 +0100 -@@ -119,7 +119,11 @@ if test "$PHP_LDAP" != "no"; then - - MACHINE_INCLUDES=$($CC -dumpmachine) - -- if test -f $LDAP_LIBDIR/liblber.a || test -f $LDAP_LIBDIR/liblber.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.a || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.$SHLIB_SUFFIX_NAME; then -+ if test -f $LDAP_LIBDIR/libldap_r.$SHLIB_SUFFIX_NAME; then -+ PHP_ADD_LIBRARY_WITH_PATH(lber, $LDAP_LIBDIR, LDAP_SHARED_LIBADD) -+ PHP_ADD_LIBRARY_WITH_PATH(ldap_r, $LDAP_LIBDIR, LDAP_SHARED_LIBADD) -+ -+ elif test -f $LDAP_LIBDIR/liblber.a || test -f $LDAP_LIBDIR/liblber.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.a || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.$SHLIB_SUFFIX_NAME; then - PHP_ADD_LIBRARY_WITH_PATH(lber, $LDAP_LIBDIR, LDAP_SHARED_LIBADD) - PHP_ADD_LIBRARY_WITH_PATH(ldap, $LDAP_LIBDIR, LDAP_SHARED_LIBADD) - diff --git a/php-7.2.3-systzdata-v16.patch b/php-7.2.3-systzdata-v16.patch deleted file mode 100644 index e488beb9c503de63308e32743ea5a522b4b3498f..0000000000000000000000000000000000000000 --- a/php-7.2.3-systzdata-v16.patch +++ /dev/null @@ -1,654 +0,0 @@ -# License: MIT -# http://opensource.org/licenses/MIT - -Add support for use of the system timezone database, rather -than embedding a copy. Discussed upstream but was not desired. - -History: -r16: adapt for timelib 2017.06 (in 7.2.3RC1) -r15: adapt for timelib 2017.05beta7 (in 7.2.0RC1) -r14: improve check for valid tz file -r13: adapt for upstream changes to use PHP allocator -r12: adapt for upstream changes for new zic -r11: use canonical names to avoid more case sensitivity issues - round lat/long from zone.tab towards zero per builtin db -r10: make timezone case insensitive -r9: fix another compile error without --with-system-tzdata configured (Michael Heimpold) -r8: fix compile error without --with-system-tzdata configured -r7: improve check for valid timezone id to exclude directories -r6: fix fd leak in r5, fix country code/BC flag use in - timezone_identifiers_list() using system db, - fix use of PECL timezonedb to override system db, -r5: reverts addition of "System/Localtime" fake tzname. - updated for 5.3.0, parses zone.tab to pick up mapping between - timezone name, country code and long/lat coords -r4: added "System/Localtime" tzname which uses /etc/localtime -r3: fix a crash if /usr/share/zoneinfo doesn't exist (Raphael Geissert) -r2: add filesystem trawl to set up name alias index -r1: initial revision - -diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/lib/parse_tz.c ---- php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata 2018-02-13 20:18:34.000000000 +0100 -+++ php-7.2.3RC1/ext/date/lib/parse_tz.c 2018-02-14 06:14:23.484804852 +0100 -@@ -25,8 +25,21 @@ - #include "timelib.h" - #include "timelib_private.h" - -+#ifdef HAVE_SYSTEM_TZDATA -+#include -+#include -+#include -+#include -+#include -+ -+#include "php_scandir.h" -+ -+#else - #define TIMELIB_SUPPORTS_V2DATA - #include "timezonedb.h" -+#endif -+ -+#include - - #if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__)) - # if defined(__LITTLE_ENDIAN__) -@@ -67,6 +80,11 @@ static int read_php_preamble(const unsig - { - uint32_t version; - -+ if (memcmp(*tzf, "TZif", 4) == 0) { -+ *tzf += 20; -+ return 0; -+ } -+ - /* read ID */ - version = (*tzf)[3] - '0'; - *tzf += 4; -@@ -374,7 +392,429 @@ void timelib_dump_tzinfo(timelib_tzinfo - } - } - --static int seek_to_tz_position(const unsigned char **tzf, char *timezone, const timelib_tzdb *tzdb) -+#ifdef HAVE_SYSTEM_TZDATA -+ -+#ifdef HAVE_SYSTEM_TZDATA_PREFIX -+#define ZONEINFO_PREFIX HAVE_SYSTEM_TZDATA_PREFIX -+#else -+#define ZONEINFO_PREFIX "/usr/share/zoneinfo" -+#endif -+ -+/* System timezone database pointer. */ -+static const timelib_tzdb *timezonedb_system; -+ -+/* Hash table entry for the cache of the zone.tab mapping table. */ -+struct location_info { -+ char code[2]; -+ double latitude, longitude; -+ char name[64]; -+ char *comment; -+ struct location_info *next; -+}; -+ -+/* Cache of zone.tab. */ -+static struct location_info **system_location_table; -+ -+/* Size of the zone.tab hash table; a random-ish prime big enough to -+ * prevent too many collisions. */ -+#define LOCINFO_HASH_SIZE (1021) -+ -+/* Compute a case insensitive hash of str */ -+static uint32_t tz_hash(const char *str) -+{ -+ const unsigned char *p = (const unsigned char *)str; -+ uint32_t hash = 5381; -+ int c; -+ -+ while ((c = tolower(*p++)) != '\0') { -+ hash = (hash << 5) ^ hash ^ c; -+ } -+ -+ return hash % LOCINFO_HASH_SIZE; -+} -+ -+/* Parse an ISO-6709 date as used in zone.tab. Returns end of the -+ * parsed string on success, or NULL on parse error. On success, -+ * writes the parsed number to *result. */ -+static char *parse_iso6709(char *p, double *result) -+{ -+ double v, sign; -+ char *pend; -+ size_t len; -+ -+ if (*p == '+') -+ sign = 1.0; -+ else if (*p == '-') -+ sign = -1.0; -+ else -+ return NULL; -+ -+ p++; -+ for (pend = p; *pend >= '0' && *pend <= '9'; pend++) -+ ;; -+ -+ /* Annoying encoding used by zone.tab has no decimal point, so use -+ * the length to determine the format: -+ * -+ * 4 = DDMM -+ * 5 = DDDMM -+ * 6 = DDMMSS -+ * 7 = DDDMMSS -+ */ -+ len = pend - p; -+ if (len < 4 || len > 7) { -+ return NULL; -+ } -+ -+ /* p => [D]DD */ -+ v = (p[0] - '0') * 10.0 + (p[1] - '0'); -+ p += 2; -+ if (len == 5 || len == 7) -+ v = v * 10.0 + (*p++ - '0'); -+ /* p => MM[SS] */ -+ v += (10.0 * (p[0] - '0') -+ + p[1] - '0') / 60.0; -+ p += 2; -+ /* p => [SS] */ -+ if (len > 5) { -+ v += (10.0 * (p[0] - '0') -+ + p[1] - '0') / 3600.0; -+ p += 2; -+ } -+ -+ /* Round to five decimal place, not because it's a good idea, -+ * but, because the builtin data uses rounded data, so, match -+ * that. */ -+ *result = trunc(v * sign * 100000.0) / 100000.0; -+ -+ return p; -+} -+ -+/* This function parses the zone.tab file to build up the mapping of -+ * timezone to country code and geographic location, and returns a -+ * hash table. The hash table is indexed by the function: -+ * -+ * tz_hash(timezone-name) -+ */ -+static struct location_info **create_location_table(void) -+{ -+ struct location_info **li, *i; -+ char zone_tab[PATH_MAX]; -+ char line[512]; -+ FILE *fp; -+ -+ strncpy(zone_tab, ZONEINFO_PREFIX "/zone.tab", sizeof zone_tab); -+ -+ fp = fopen(zone_tab, "r"); -+ if (!fp) { -+ return NULL; -+ } -+ -+ li = calloc(LOCINFO_HASH_SIZE, sizeof *li); -+ -+ while (fgets(line, sizeof line, fp)) { -+ char *p = line, *code, *name, *comment; -+ uint32_t hash; -+ double latitude, longitude; -+ -+ while (isspace(*p)) -+ p++; -+ -+ if (*p == '#' || *p == '\0' || *p == '\n') -+ continue; -+ -+ if (!isalpha(p[0]) || !isalpha(p[1]) || p[2] != '\t') -+ continue; -+ -+ /* code => AA */ -+ code = p; -+ p[2] = 0; -+ p += 3; -+ -+ /* coords => [+-][D]DDMM[SS][+-][D]DDMM[SS] */ -+ p = parse_iso6709(p, &latitude); -+ if (!p) { -+ continue; -+ } -+ p = parse_iso6709(p, &longitude); -+ if (!p) { -+ continue; -+ } -+ -+ if (!p || *p != '\t') { -+ continue; -+ } -+ -+ /* name = string */ -+ name = ++p; -+ while (*p != '\t' && *p && *p != '\n') -+ p++; -+ -+ *p++ = '\0'; -+ -+ /* comment = string */ -+ comment = p; -+ while (*p != '\t' && *p && *p != '\n') -+ p++; -+ -+ if (*p == '\n' || *p == '\t') -+ *p = '\0'; -+ -+ hash = tz_hash(name); -+ i = malloc(sizeof *i); -+ memcpy(i->code, code, 2); -+ strncpy(i->name, name, sizeof i->name); -+ i->comment = strdup(comment); -+ i->longitude = longitude; -+ i->latitude = latitude; -+ i->next = li[hash]; -+ li[hash] = i; -+ /* printf("%s [%u, %f, %f]\n", name, hash, latitude, longitude); */ -+ } -+ -+ fclose(fp); -+ -+ return li; -+} -+ -+/* Return location info from hash table, using given timezone name. -+ * Returns NULL if the name could not be found. */ -+const struct location_info *find_zone_info(struct location_info **li, -+ const char *name) -+{ -+ uint32_t hash = tz_hash(name); -+ const struct location_info *l; -+ -+ if (!li) { -+ return NULL; -+ } -+ -+ for (l = li[hash]; l; l = l->next) { -+ if (timelib_strcasecmp(l->name, name) == 0) -+ return l; -+ } -+ -+ return NULL; -+} -+ -+/* Filter out some non-tzdata files and the posix/right databases, if -+ * present. */ -+static int index_filter(const struct dirent *ent) -+{ -+ return strcmp(ent->d_name, ".") != 0 -+ && strcmp(ent->d_name, "..") != 0 -+ && strcmp(ent->d_name, "posix") != 0 -+ && strcmp(ent->d_name, "posixrules") != 0 -+ && strcmp(ent->d_name, "right") != 0 -+ && strstr(ent->d_name, ".list") == NULL -+ && strstr(ent->d_name, ".tab") == NULL; -+} -+ -+static int sysdbcmp(const void *first, const void *second) -+{ -+ const timelib_tzdb_index_entry *alpha = first, *beta = second; -+ -+ return timelib_strcasecmp(alpha->id, beta->id); -+} -+ -+ -+/* Create the zone identifier index by trawling the filesystem. */ -+static void create_zone_index(timelib_tzdb *db) -+{ -+ size_t dirstack_size, dirstack_top; -+ size_t index_size, index_next; -+ timelib_tzdb_index_entry *db_index; -+ char **dirstack; -+ -+ /* LIFO stack to hold directory entries to scan; each slot is a -+ * directory name relative to the zoneinfo prefix. */ -+ dirstack_size = 32; -+ dirstack = malloc(dirstack_size * sizeof *dirstack); -+ dirstack_top = 1; -+ dirstack[0] = strdup(""); -+ -+ /* Index array. */ -+ index_size = 64; -+ db_index = malloc(index_size * sizeof *db_index); -+ index_next = 0; -+ -+ do { -+ struct dirent **ents; -+ char name[PATH_MAX], *top; -+ int count; -+ -+ /* Pop the top stack entry, and iterate through its contents. */ -+ top = dirstack[--dirstack_top]; -+ snprintf(name, sizeof name, ZONEINFO_PREFIX "/%s", top); -+ -+ count = php_scandir(name, &ents, index_filter, php_alphasort); -+ -+ while (count > 0) { -+ struct stat st; -+ const char *leaf = ents[count - 1]->d_name; -+ -+ snprintf(name, sizeof name, ZONEINFO_PREFIX "/%s/%s", -+ top, leaf); -+ -+ if (strlen(name) && stat(name, &st) == 0) { -+ /* Name, relative to the zoneinfo prefix. */ -+ const char *root = top; -+ -+ if (root[0] == '/') root++; -+ -+ snprintf(name, sizeof name, "%s%s%s", root, -+ *root ? "/": "", leaf); -+ -+ if (S_ISDIR(st.st_mode)) { -+ if (dirstack_top == dirstack_size) { -+ dirstack_size *= 2; -+ dirstack = realloc(dirstack, -+ dirstack_size * sizeof *dirstack); -+ } -+ dirstack[dirstack_top++] = strdup(name); -+ } -+ else { -+ if (index_next == index_size) { -+ index_size *= 2; -+ db_index = realloc(db_index, -+ index_size * sizeof *db_index); -+ } -+ -+ db_index[index_next++].id = strdup(name); -+ } -+ } -+ -+ free(ents[--count]); -+ } -+ -+ if (count != -1) free(ents); -+ free(top); -+ } while (dirstack_top); -+ -+ qsort(db_index, index_next, sizeof *db_index, sysdbcmp); -+ -+ db->index = db_index; -+ db->index_size = index_next; -+ -+ free(dirstack); -+} -+ -+#define FAKE_HEADER "1234\0??\1??" -+#define FAKE_UTC_POS (7 - 4) -+ -+/* Create a fake data segment for database 'sysdb'. */ -+static void fake_data_segment(timelib_tzdb *sysdb, -+ struct location_info **info) -+{ -+ size_t n; -+ char *data, *p; -+ -+ data = malloc(3 * sysdb->index_size + 7); -+ -+ p = mempcpy(data, FAKE_HEADER, sizeof(FAKE_HEADER) - 1); -+ -+ for (n = 0; n < sysdb->index_size; n++) { -+ const struct location_info *li; -+ timelib_tzdb_index_entry *ent; -+ -+ ent = (timelib_tzdb_index_entry *)&sysdb->index[n]; -+ -+ /* Lookup the timezone name in the hash table. */ -+ if (strcmp(ent->id, "UTC") == 0) { -+ ent->pos = FAKE_UTC_POS; -+ continue; -+ } -+ -+ li = find_zone_info(info, ent->id); -+ if (li) { -+ /* If found, append the BC byte and the -+ * country code; set the position for this -+ * section of timezone data. */ -+ ent->pos = (p - data) - 4; -+ *p++ = '\1'; -+ *p++ = li->code[0]; -+ *p++ = li->code[1]; -+ } -+ else { -+ /* If not found, the timezone data can -+ * point at the header. */ -+ ent->pos = 0; -+ } -+ } -+ -+ sysdb->data = (unsigned char *)data; -+} -+ -+/* Returns true if the passed-in stat structure describes a -+ * probably-valid timezone file. */ -+static int is_valid_tzfile(const struct stat *st, int fd) -+{ -+ if (fd) { -+ char buf[20]; -+ if (read(fd, buf, 20)!=20) { -+ return 0; -+ } -+ lseek(fd, SEEK_SET, 0); -+ if (memcmp(buf, "TZif", 4)) { -+ return 0; -+ } -+ } -+ return S_ISREG(st->st_mode) && st->st_size > 20; -+} -+ -+/* To allow timezone names to be used case-insensitively, find the -+ * canonical name for this timezone, if possible. */ -+static const char *canonical_tzname(const char *timezone) -+{ -+ if (timezonedb_system) { -+ timelib_tzdb_index_entry *ent, lookup; -+ -+ lookup.id = (char *)timezone; -+ -+ ent = bsearch(&lookup, timezonedb_system->index, -+ timezonedb_system->index_size, sizeof lookup, -+ sysdbcmp); -+ if (ent) { -+ return ent->id; -+ } -+ } -+ -+ return timezone; -+} -+ -+/* Return the mmap()ed tzfile if found, else NULL. On success, the -+ * length of the mapped data is placed in *length. */ -+static char *map_tzfile(const char *timezone, size_t *length) -+{ -+ char fname[PATH_MAX]; -+ struct stat st; -+ char *p; -+ int fd; -+ -+ if (timezone[0] == '\0' || strstr(timezone, "..") != NULL) { -+ return NULL; -+ } -+ -+ snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", canonical_tzname(timezone)); -+ -+ fd = open(fname, O_RDONLY); -+ if (fd == -1) { -+ return NULL; -+ } else if (fstat(fd, &st) != 0 || !is_valid_tzfile(&st, fd)) { -+ close(fd); -+ return NULL; -+ } -+ -+ *length = st.st_size; -+ p = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0); -+ close(fd); -+ -+ return p != MAP_FAILED ? p : NULL; -+} -+ -+#endif -+ -+static int inmem_seek_to_tz_position(const unsigned char **tzf, char *timezone, const timelib_tzdb *tzdb) - { - int left = 0, right = tzdb->index_size - 1; - -@@ -400,9 +840,48 @@ static int seek_to_tz_position(const uns - return 0; - } - -+static int seek_to_tz_position(const unsigned char **tzf, char *timezone, -+ char **map, size_t *maplen, -+ const timelib_tzdb *tzdb) -+{ -+#ifdef HAVE_SYSTEM_TZDATA -+ if (tzdb == timezonedb_system) { -+ char *orig; -+ -+ orig = map_tzfile(timezone, maplen); -+ if (orig == NULL) { -+ return 0; -+ } -+ -+ (*tzf) = (unsigned char *)orig; -+ *map = orig; -+ return 1; -+ } -+ else -+#endif -+ { -+ return inmem_seek_to_tz_position(tzf, timezone, tzdb); -+ } -+} -+ - const timelib_tzdb *timelib_builtin_db(void) - { -+#ifdef HAVE_SYSTEM_TZDATA -+ if (timezonedb_system == NULL) { -+ timelib_tzdb *tmp = malloc(sizeof *tmp); -+ -+ tmp->version = "0.system"; -+ tmp->data = NULL; -+ create_zone_index(tmp); -+ system_location_table = create_location_table(); -+ fake_data_segment(tmp, system_location_table); -+ timezonedb_system = tmp; -+ } -+ -+ return timezonedb_system; -+#else - return &timezonedb_builtin; -+#endif - } - - const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_tzdb *tzdb, int *count) -@@ -414,7 +893,30 @@ const timelib_tzdb_index_entry *timelib_ - int timelib_timezone_id_is_valid(char *timezone, const timelib_tzdb *tzdb) - { - const unsigned char *tzf; -- return (seek_to_tz_position(&tzf, timezone, tzdb)); -+ -+#ifdef HAVE_SYSTEM_TZDATA -+ if (tzdb == timezonedb_system) { -+ char fname[PATH_MAX]; -+ struct stat st; -+ -+ if (timezone[0] == '\0' || strstr(timezone, "..") != NULL) { -+ return 0; -+ } -+ -+ if (system_location_table) { -+ if (find_zone_info(system_location_table, timezone) != NULL) { -+ /* found in cache */ -+ return 1; -+ } -+ } -+ -+ snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", canonical_tzname(timezone)); -+ -+ return stat(fname, &st) == 0 && is_valid_tzfile(&st, 0); -+ } -+#endif -+ -+ return (inmem_seek_to_tz_position(&tzf, timezone, tzdb)); - } - - static int skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz) -@@ -456,12 +958,14 @@ static timelib_tzinfo* timelib_tzinfo_ct - timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb, int *error_code) - { - const unsigned char *tzf; -+ char *memmap = NULL; -+ size_t maplen; - timelib_tzinfo *tmp; - int version; - int transitions_result, types_result; - unsigned int type; /* TIMELIB_TZINFO_PHP or TIMELIB_TZINFO_ZONEINFO */ - -- if (seek_to_tz_position(&tzf, timezone, tzdb)) { -+ if (seek_to_tz_position(&tzf, timezone, &memmap, &maplen, tzdb)) { - tmp = timelib_tzinfo_ctor(timezone); - - version = read_preamble(&tzf, tmp, &type); -@@ -484,6 +988,29 @@ timelib_tzinfo *timelib_parse_tzfile(cha - timelib_tzinfo_dtor(tmp); - return NULL; - } -+ -+#ifdef HAVE_SYSTEM_TZDATA -+ if (memmap) { -+ const struct location_info *li; -+ -+ /* TZif-style - grok the location info from the system database, -+ * if possible. */ -+ -+ if ((li = find_zone_info(system_location_table, timezone)) != NULL) { -+ tmp->location.comments = timelib_strdup(li->comment); -+ strncpy(tmp->location.country_code, li->code, 2); -+ tmp->location.longitude = li->longitude; -+ tmp->location.latitude = li->latitude; -+ tmp->bc = 1; -+ } -+ else { -+ set_default_location_and_comments(&tzf, tmp); -+ } -+ -+ /* Now done with the mmap segment - discard it. */ -+ munmap(memmap, maplen); -+ } else { -+#endif - if (version == 2 || version == 3) { - if (!skip_64bit_preamble(&tzf, tmp)) { - /* 64 bit preamble is not in place */ -@@ -501,6 +1028,9 @@ timelib_tzinfo *timelib_parse_tzfile(cha - } else { - set_default_location_and_comments(&tzf, tmp); - } -+#ifdef HAVE_SYSTEM_TZDATA -+ } -+#endif - } else { - *error_code = TIMELIB_ERROR_NO_SUCH_TIMEZONE; - tmp = NULL; -diff -up php-7.2.3RC1/ext/date/lib/timelib.m4.systzdata php-7.2.3RC1/ext/date/lib/timelib.m4 ---- php-7.2.3RC1/ext/date/lib/timelib.m4.systzdata 2018-02-13 20:18:34.000000000 +0100 -+++ php-7.2.3RC1/ext/date/lib/timelib.m4 2018-02-14 06:11:54.273089963 +0100 -@@ -81,3 +81,16 @@ io.h - - dnl Check for strtoll, atoll - AC_CHECK_FUNCS(strtoll atoll strftime gettimeofday) -+ -+PHP_ARG_WITH(system-tzdata, for use of system timezone data, -+[ --with-system-tzdata[=DIR] to specify use of system timezone data], -+no, no) -+ -+if test "$PHP_SYSTEM_TZDATA" != "no"; then -+ AC_DEFINE(HAVE_SYSTEM_TZDATA, 1, [Define if system timezone data is used]) -+ -+ if test "$PHP_SYSTEM_TZDATA" != "yes"; then -+ AC_DEFINE_UNQUOTED(HAVE_SYSTEM_TZDATA_PREFIX, "$PHP_SYSTEM_TZDATA", -+ [Define for location of system timezone data]) -+ fi -+fi diff --git a/php-7.2.4-dlopen.patch b/php-7.2.4-dlopen.patch deleted file mode 100644 index 3c764745e2a0200614d4268a6c50e296072abc94..0000000000000000000000000000000000000000 --- a/php-7.2.4-dlopen.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff -up php-7.2.4RC1/sapi/litespeed/lsapilib.c.dlopen php-7.2.4RC1/sapi/litespeed/lsapilib.c ---- php-7.2.4RC1/sapi/litespeed/lsapilib.c.dlopen 2018-03-13 12:40:25.330885880 +0100 -+++ php-7.2.4RC1/sapi/litespeed/lsapilib.c 2018-03-13 12:41:35.797251042 +0100 -@@ -755,7 +755,7 @@ static int (*fp_lve_leave)(struct liblve - static int (*fp_lve_jail)( struct passwd *, char *) = NULL; - static int lsapi_load_lve_lib(void) - { -- s_liblve = dlopen("liblve.so.0", RTLD_LAZY); -+ s_liblve = dlopen("liblve.so.0", RTLD_NOW); - if (s_liblve) - { - fp_lve_is_available = dlsym(s_liblve, "lve_is_available"); -diff -up php-7.2.4RC1/Zend/zend_portability.h.dlopen php-7.2.4RC1/Zend/zend_portability.h ---- php-7.2.4RC1/Zend/zend_portability.h.dlopen 2018-03-13 12:33:38.000000000 +0100 -+++ php-7.2.4RC1/Zend/zend_portability.h 2018-03-13 12:40:25.330885880 +0100 -@@ -144,11 +144,11 @@ - # endif - - # if defined(RTLD_GROUP) && defined(RTLD_WORLD) && defined(RTLD_PARENT) --# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT) -+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT) - # elif defined(RTLD_DEEPBIND) && !defined(__SANITIZE_ADDRESS__) --# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_DEEPBIND) -+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_DEEPBIND) - # else --# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL) -+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL) - # endif - # define DL_UNLOAD dlclose - # if defined(DLSYM_NEEDS_UNDERSCORE) diff --git a/php-7.2.4-fixheader.patch b/php-7.2.4-fixheader.patch deleted file mode 100644 index 52a41214e7189d4ddf401ae2e1ae861d1d564e2a..0000000000000000000000000000000000000000 --- a/php-7.2.4-fixheader.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up php-7.2.4RC1/configure.ac.fixheader php-7.2.4RC1/configure.ac ---- php-7.2.4RC1/configure.ac.fixheader 2018-03-13 12:42:47.594623100 +0100 -+++ php-7.2.4RC1/configure.ac 2018-03-13 12:43:35.591871825 +0100 -@@ -1275,7 +1275,7 @@ PHP_BUILD_DATE=`date -u +%Y-%m-%d` - fi - AC_DEFINE_UNQUOTED(PHP_BUILD_DATE,"$PHP_BUILD_DATE",[PHP build date]) - --PHP_UNAME=`uname -a | xargs` -+PHP_UNAME=`uname | xargs` - AC_DEFINE_UNQUOTED(PHP_UNAME,"$PHP_UNAME",[uname -a output]) - PHP_OS=`uname | xargs` - AC_DEFINE_UNQUOTED(PHP_OS,"$PHP_OS",[uname output]) diff --git a/php-7.2.8-getallheaders.patch b/php-7.2.8-getallheaders.patch deleted file mode 100644 index ef44d5d9fd8472fd2b802f693d3eee7a883b53b3..0000000000000000000000000000000000000000 --- a/php-7.2.8-getallheaders.patch +++ /dev/null @@ -1,280 +0,0 @@ -Adapted for 7.2 from 7.3 by remi - - -From 0ea4013f101d64fbeb9221260b36e98f10ed1ddd Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Wed, 4 Jul 2018 08:48:38 +0200 -Subject: [PATCH] Fixed bug #62596 add getallheaders (apache_request_headers) - missing function in FPM add sapi_add_request_header in public API (was - add_request_header) fix arginfo for fastcgi_finish_request fucntion - ---- - main/SAPI.c | 50 +++++++++++++++++++++++++++++ - main/SAPI.h | 1 + - sapi/cgi/cgi_main.c | 51 +---------------------------- - sapi/fpm/fpm/fpm_main.c | 25 ++++++++++++++- - sapi/fpm/tests/getallheaders.phpt | 67 +++++++++++++++++++++++++++++++++++++++ - 5 files changed, 143 insertions(+), 51 deletions(-) - create mode 100644 sapi/fpm/tests/getallheaders.phpt - -diff --git a/main/SAPI.c b/main/SAPI.c -index b6c3329..7e0c7c8 100644 ---- a/main/SAPI.c -+++ b/main/SAPI.c -@@ -1104,6 +1104,56 @@ SAPI_API void sapi_terminate_process(void) { - } - } - -+SAPI_API void sapi_add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg) /* {{{ */ -+{ -+ zval *return_value = (zval*)arg; -+ char *str = NULL; -+ -+ ALLOCA_FLAG(use_heap) -+ -+ if (var_len > 5 && -+ var[0] == 'H' && -+ var[1] == 'T' && -+ var[2] == 'T' && -+ var[3] == 'P' && -+ var[4] == '_') { -+ -+ char *p; -+ -+ var_len -= 5; -+ p = var + 5; -+ var = str = do_alloca(var_len + 1, use_heap); -+ *str++ = *p++; -+ while (*p) { -+ if (*p == '_') { -+ *str++ = '-'; -+ p++; -+ if (*p) { -+ *str++ = *p++; -+ } -+ } else if (*p >= 'A' && *p <= 'Z') { -+ *str++ = (*p++ - 'A' + 'a'); -+ } else { -+ *str++ = *p++; -+ } -+ } -+ *str = 0; -+ } else if (var_len == sizeof("CONTENT_TYPE")-1 && -+ memcmp(var, "CONTENT_TYPE", sizeof("CONTENT_TYPE")-1) == 0) { -+ var = "Content-Type"; -+ } else if (var_len == sizeof("CONTENT_LENGTH")-1 && -+ memcmp(var, "CONTENT_LENGTH", sizeof("CONTENT_LENGTH")-1) == 0) { -+ var = "Content-Length"; -+ } else { -+ return; -+ } -+ add_assoc_stringl_ex(return_value, var, var_len, val, val_len); -+ if (str) { -+ free_alloca(var, use_heap); -+ } -+} -+/* }}} */ -+ - /* - * Local variables: - * tab-width: 4 -diff --git a/main/SAPI.h b/main/SAPI.h -index f829fd7..4b8e223 100644 ---- a/main/SAPI.h -+++ b/main/SAPI.h -@@ -151,6 +151,7 @@ SAPI_API void sapi_shutdown(void); - SAPI_API void sapi_activate(void); - SAPI_API void sapi_deactivate(void); - SAPI_API void sapi_initialize_empty_request(void); -+SAPI_API void sapi_add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg); - END_EXTERN_C() - - /* -diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c -index 2e9cefe..350846d 100644 ---- a/sapi/cgi/cgi_main.c -+++ b/sapi/cgi/cgi_main.c -@@ -1591,54 +1591,6 @@ PHP_FUNCTION(apache_child_terminate) /* - } - /* }}} */ - --static void add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg) /* {{{ */ --{ -- zval *return_value = (zval*)arg; -- char *str = NULL; -- char *p; -- ALLOCA_FLAG(use_heap) -- -- if (var_len > 5 && -- var[0] == 'H' && -- var[1] == 'T' && -- var[2] == 'T' && -- var[3] == 'P' && -- var[4] == '_') { -- -- var_len -= 5; -- p = var + 5; -- var = str = do_alloca(var_len + 1, use_heap); -- *str++ = *p++; -- while (*p) { -- if (*p == '_') { -- *str++ = '-'; -- p++; -- if (*p) { -- *str++ = *p++; -- } -- } else if (*p >= 'A' && *p <= 'Z') { -- *str++ = (*p++ - 'A' + 'a'); -- } else { -- *str++ = *p++; -- } -- } -- *str = 0; -- } else if (var_len == sizeof("CONTENT_TYPE")-1 && -- memcmp(var, "CONTENT_TYPE", sizeof("CONTENT_TYPE")-1) == 0) { -- var = "Content-Type"; -- } else if (var_len == sizeof("CONTENT_LENGTH")-1 && -- memcmp(var, "CONTENT_LENGTH", sizeof("CONTENT_LENGTH")-1) == 0) { -- var = "Content-Length"; -- } else { -- return; -- } -- add_assoc_stringl_ex(return_value, var, var_len, val, val_len); -- if (str) { -- free_alloca(var, use_heap); -- } --} --/* }}} */ -- - PHP_FUNCTION(apache_request_headers) /* {{{ */ - { - if (zend_parse_parameters_none()) { -@@ -1648,7 +1600,7 @@ PHP_FUNCTION(apache_request_headers) /* - if (fcgi_is_fastcgi()) { - fcgi_request *request = (fcgi_request*) SG(server_context); - -- fcgi_loadenv(request, add_request_header, return_value); -+ fcgi_loadenv(request, sapi_add_request_header, return_value); - } else { - char buf[128]; - char **env, *p, *q, *var, *val, *t = buf; -diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c -index 3256660..e815be4 100644 ---- a/sapi/fpm/fpm/fpm_main.c -+++ b/sapi/fpm/fpm/fpm_main.c -@@ -1533,6 +1533,10 @@ PHP_FUNCTION(fastcgi_finish_request) /* {{{ */ - { - fcgi_request *request = (fcgi_request*) SG(server_context); - -+ if (zend_parse_parameters_none() == FAILURE) { -+ return; -+ } -+ - if (!fcgi_is_closed(request)) { - php_output_end_all(); - php_header(); -@@ -1547,8 +1551,27 @@ PHP_FUNCTION(fastcgi_finish_request) /* {{{ */ - } - /* }}} */ - -+ZEND_BEGIN_ARG_INFO(cgi_fcgi_sapi_no_arginfo, 0) -+ZEND_END_ARG_INFO() -+ -+PHP_FUNCTION(apache_request_headers) /* {{{ */ -+{ -+ fcgi_request *request; -+ -+ if (zend_parse_parameters_none() == FAILURE) { -+ return; -+ } -+ -+ array_init(return_value); -+ if ((request = (fcgi_request*) SG(server_context))) { -+ fcgi_loadenv(request, sapi_add_request_header, return_value); -+ } -+} /* }}} */ -+ - static const zend_function_entry cgi_fcgi_sapi_functions[] = { -- PHP_FE(fastcgi_finish_request, NULL) -+ PHP_FE(fastcgi_finish_request, cgi_fcgi_sapi_no_arginfo) -+ PHP_FE(apache_request_headers, cgi_fcgi_sapi_no_arginfo) -+ PHP_FALIAS(getallheaders, apache_request_headers, cgi_fcgi_sapi_no_arginfo) - PHP_FE_END - }; - -diff --git a/sapi/fpm/tests/getallheaders.phpt b/sapi/fpm/tests/getallheaders.phpt -new file mode 100644 -index 0000000..b41f1c6 ---- /dev/null -+++ b/sapi/fpm/tests/getallheaders.phpt -@@ -0,0 +1,67 @@ -+--TEST-- -+FPM: Function getallheaders basic test -+--SKIPIF-- -+ -+--FILE-- -+start(); -+$tester->expectLogStartNotices(); -+$tester->request( -+ '', -+ [ -+ 'HTTP_X_FOO' => 'BAR', -+ 'HTTP_FOO' => 'foo' -+ ] -+ )->expectBody( -+ [ -+ 'Test Start', -+ 'array(4) {', -+ ' ["Foo"]=>', -+ ' string(3) "foo"', -+ ' ["X-Foo"]=>', -+ ' string(3) "BAR"', -+ ' ["Content-Length"]=>', -+ ' string(1) "0"', -+ ' ["Content-Type"]=>', -+ ' string(0) ""', -+ '}', -+ 'Test End', -+ ] -+ ); -+$tester->terminate(); -+$tester->expectLogTerminatingNotices(); -+$tester->close(); -+ -+?> -+Done -+--EXPECT-- -+Done -+--CLEAN-- -+ --- -2.1.4 - diff --git a/php-5.6.3-embed.patch b/php-8.0.0-embed.patch similarity index 44% rename from php-5.6.3-embed.patch rename to php-8.0.0-embed.patch index d9c04f6f3ff8aa444b63fbc3df96a4b332787d41..66a8c54a4338c3c2580b1bbb1e7200d2c63f27e0 100644 --- a/php-5.6.3-embed.patch +++ b/php-8.0.0-embed.patch @@ -1,24 +1,40 @@ ---- php-5.6.3/sapi/embed/config.m4.embed -+++ php-5.6.3/sapi/embed/config.m4 +From ead92ee44f66ad397fd986b8511536eaa0815764 Mon Sep 17 00:00:00 2001 +From: maminjie +Date: Mon, 30 Nov 2020 09:00:01 +0800 +Subject: [PATCH] port embed.patch to current version + +--- + sapi/embed/config.m4 | 3 ++- + scripts/php-config.in | 2 +- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/sapi/embed/config.m4 b/sapi/embed/config.m4 +index 39d7dcf0..b1962a24 100644 +--- a/sapi/embed/config.m4 ++++ b/sapi/embed/config.m4 @@ -12,7 +12,8 @@ if test "$PHP_EMBED" != "no"; then - case "$PHP_EMBED" in yes|shared) + LIBPHP_CFLAGS="-shared" PHP_EMBED_TYPE=shared - INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(prefix)/lib; \$(INSTALL) -m 0755 $SAPI_SHARED \$(INSTALL_ROOT)\$(prefix)/lib" + EXTRA_LDFLAGS="$EXTRA_LDFLAGS -release \$(PHP_MAJOR_VERSION).\$(PHP_MINOR_VERSION)" + INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(libdir); \$(LIBTOOL) --mode=install \$(INSTALL) -m 0755 \$(OVERALL_TARGET) \$(INSTALL_ROOT)\$(libdir)" ;; static) - PHP_EMBED_TYPE=static -diff -up php-5.5.30/scripts/php-config.in.old php-5.5.30/scripts/php-config.in ---- php-5.5.30/scripts/php-config.in.old 2015-10-19 15:17:31.944747715 +0200 -+++ php-5.5.30/scripts/php-config.in 2015-10-19 15:17:58.278858083 +0200 + LIBPHP_CFLAGS="-static" +diff --git a/scripts/php-config.in b/scripts/php-config.in +index 9271e872..4db305c4 100644 +--- a/scripts/php-config.in ++++ b/scripts/php-config.in @@ -18,7 +18,7 @@ exe_extension="@EXEEXT@" php_cli_binary=NONE php_cgi_binary=NONE configure_options="@CONFIGURE_OPTIONS@" -php_sapis="@PHP_INSTALLED_SAPIS@" -+php_sapis="apache2handler embed fpm @PHP_INSTALLED_SAPIS@" ++php_sapis="apache2handler fpm phpdbg @PHP_INSTALLED_SAPIS@" + ini_dir="@EXPANDED_PHP_CONFIG_FILE_SCAN_DIR@" + ini_path="@EXPANDED_PHP_CONFIG_FILE_PATH@" - # Set php_cli_binary and php_cgi_binary if available - for sapi in $php_sapis; do +-- +2.23.0 + diff --git a/php-7.2.10.tar.xz b/php-8.0.0.tar.xz similarity index 54% rename from php-7.2.10.tar.xz rename to php-8.0.0.tar.xz index f1cae0ba6eb3bd3fa124ad1e2025cbeeb3a628d4..38f8b184071ccf13118407a927edcbbb4fb7d7a5 100644 Binary files a/php-7.2.10.tar.xz and b/php-8.0.0.tar.xz differ diff --git a/php-CVE-2018-20783.patch b/php-CVE-2018-20783.patch deleted file mode 100644 index 7511507b9ad19331f6d194cba37b10460bc6362d..0000000000000000000000000000000000000000 --- a/php-CVE-2018-20783.patch +++ /dev/null @@ -1,146 +0,0 @@ -From e7c8e6cde021afd637ea535b0641a1851e57fb2a Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Mon, 12 Nov 2018 14:02:26 -0800 -Subject: [PATCH] Fix bug #77143 - add more checks to buffer reads - ---- - NEWS | 4 ++++ - ext/phar/phar.c | 30 +++++++++++++++++++++--------- - ext/phar/tests/bug73768.phpt | 2 +- - ext/phar/tests/bug77143.phar | Bin 0 -> 50 bytes - ext/phar/tests/bug77143.phpt | 18 ++++++++++++++++++ - 5 files changed, 44 insertions(+), 10 deletions(-) - create mode 100644 ext/phar/tests/bug77143.phar - create mode 100644 ext/phar/tests/bug77143.phpt - -diff -Nur php-7.2.10/NEWS php-7.2.10_bak/NEWS ---- php-7.2.10/NEWS 2018-09-11 15:06:00.000000000 +0800 -+++ php-7.2.10_bak/NEWS 2019-04-04 17:41:54.869000000 +0800 -@@ -136,6 +136,10 @@ - . Fixed bug #76477 (Opcache causes empty return value). - (Nikita, Laruence) - -+- Phar: -+ . Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile). -+ (Stas) -+ - - PGSQL: - . Fixed bug #76548 (pg_fetch_result did not fetch the next row). (Anatol) - -diff -Nur php-7.2.10/ext/phar/phar.c php-7.2.10_bak/ext/phar/phar.c ---- php-7.2.10/ext/phar/phar.c 2019-04-04 17:39:04.158000000 +0800 -+++ php-7.2.10_bak/ext/phar/phar.c 2019-04-04 17:49:51.807000000 +0800 -@@ -643,6 +643,18 @@ - /* }}}*/ - - /** -+ * Size of fixed fields in the manifest. -+ * See: http://php.net/manual/en/phar.fileformat.phar.php -+ */ -+#define MANIFEST_FIXED_LEN 18 -+ -+#define SAFE_PHAR_GET_32(buffer, endbuffer, var) \ -+ if (UNEXPECTED(buffer + 4 > endbuffer)) { \ -+ MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)"); \ -+ } \ -+ PHAR_GET_32(buffer, var); -+ -+/** - * Does not check for a previously opened phar in the cache. - * - * Parse a new one and add it to the cache, returning either SUCCESS or -@@ -725,7 +737,7 @@ - savebuf = buffer; - endbuffer = buffer + manifest_len; - -- if (manifest_len < 10 || manifest_len != php_stream_read(fp, buffer, manifest_len)) { -+ if (manifest_len < MANIFEST_FIXED_LEN || manifest_len != php_stream_read(fp, buffer, manifest_len)) { - MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)") - } - -@@ -750,7 +762,7 @@ - return FAILURE; - } - -- PHAR_GET_32(buffer, manifest_flags); -+ SAFE_PHAR_GET_32(buffer, endbuffer, manifest_flags); - - manifest_flags &= ~PHAR_HDR_COMPRESSION_MASK; - manifest_flags &= ~PHAR_FILE_COMPRESSION_MASK; -@@ -970,13 +982,13 @@ - } - - /* extract alias */ -- PHAR_GET_32(buffer, tmp_len); -+ SAFE_PHAR_GET_32(buffer, endbuffer, tmp_len); - - if (buffer + tmp_len > endbuffer) { - MAPPHAR_FAIL("internal corruption of phar \"%s\" (buffer overrun)"); - } - -- if (manifest_len < 10 + tmp_len) { -+ if (manifest_len < MANIFEST_FIXED_LEN + tmp_len) { - MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)") - } - -@@ -1014,7 +1026,7 @@ - } - - /* we have 5 32-bit items plus 1 byte at least */ -- if (manifest_count > ((manifest_len - 10 - tmp_len) / (5 * 4 + 1))) { -+ if (manifest_count > ((manifest_len - MANIFEST_FIXED_LEN - tmp_len) / (5 * 4 + 1))) { - /* prevent serious memory issues */ - MAPPHAR_FAIL("internal corruption of phar \"%s\" (too many manifest entries for size of manifest)") - } -@@ -1023,12 +1035,12 @@ - mydata->is_persistent = PHAR_G(persist); - - /* check whether we have meta data, zero check works regardless of byte order */ -- PHAR_GET_32(buffer, len); -+ SAFE_PHAR_GET_32(buffer, endbuffer, len); - if (mydata->is_persistent) { - mydata->metadata_len = len; -- if(!len) { -+ if (!len) { - /* FIXME: not sure why this is needed but removing it breaks tests */ -- PHAR_GET_32(buffer, len); -+ SAFE_PHAR_GET_32(buffer, endbuffer, len); - } - } - if(len > (size_t)(endbuffer - buffer)) { -diff -Nur php-7.2.10/ext/phar/tests/bug73768.phpt php-7.2.10_bak/ext/phar/tests/bug73768.phpt ---- php-7.2.10/ext/phar/tests/bug73768.phpt 2018-09-11 15:06:03.000000000 +0800 -+++ php-7.2.10_bak/ext/phar/tests/bug73768.phpt 2019-04-04 17:50:51.796000000 +0800 -@@ -13,4 +13,4 @@ - } - ?> - --EXPECTF-- --cannot load phar "%sbug73768.phar" with implicit alias "" under different alias "alias.phar" -+internal corruption of phar "%sbug73768.phar" (truncated manifest header) -diff --git a/ext/phar/tests/bug77143.phpt b/ext/phar/tests/bug77143.phpt -new file mode 100644 -index 0000000..f9f80fc ---- /dev/null -+++ b/ext/phar/tests/bug77143.phpt -@@ -0,0 +1,18 @@ -+--TEST-- -+PHP bug #77143: Heap Buffer Overflow (READ: 4) in phar_parse_pharfile -+--INI-- -+phar.readonly=0 -+--SKIPIF-- -+ -+--FILE-- -+getMessage(); -+} -+?> -+--EXPECTF-- -+internal corruption of phar "%sbug77143.phar" (truncated manifest header) --- -2.1.4 - diff --git a/php-CVE-2019-9641.patch b/php-CVE-2019-9641.patch deleted file mode 100644 index e49b455e44ebc11de19a5e56afb17a4b5695851a..0000000000000000000000000000000000000000 --- a/php-CVE-2019-9641.patch +++ /dev/null @@ -1,47 +0,0 @@ -commit 25aa5f434dfb3337a6617b46224f1b505053d8e9 -Author: Stanislav Malyshev -Date: Fri Mar 1 23:25:45 2019 -0800 - - Fix integer overflows on 32-bits - -diff --git a/ext/exif/exif.c b/ext/exif/exif.c -index cbde3effed..b4563927a5 100644 ---- a/ext/exif/exif.c -+++ b/ext/exif/exif.c -@@ -3567,10 +3567,10 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse - tag_table_type tag_table = exif_get_tag_table(section_index); - - if (ImageInfo->ifd_nesting_level > MAX_IFD_NESTING_LEVEL) { -- return FALSE; -- } -+ return FALSE; -+ } - -- if (ImageInfo->FileSize >= dir_offset+2) { -+ if (ImageInfo->FileSize >= 2 && ImageInfo->FileSize - 2 >= dir_offset) { - sn = exif_file_sections_add(ImageInfo, M_PSEUDO, 2, NULL); - #ifdef EXIF_DEBUG - exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, 2); -@@ -3578,8 +3578,8 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse - php_stream_seek(ImageInfo->infile, dir_offset, SEEK_SET); /* we do not know the order of sections */ - php_stream_read(ImageInfo->infile, (char*)ImageInfo->file.list[sn].data, 2); - num_entries = php_ifd_get16u(ImageInfo->file.list[sn].data, ImageInfo->motorola_intel); -- dir_size = 2/*num dir entries*/ +12/*length of entry*/*num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/; -- if (ImageInfo->FileSize >= dir_offset+dir_size) { -+ dir_size = 2/*num dir entries*/ +12/*length of entry*/*(size_t)num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/; -+ if (ImageInfo->FileSize >= dir_size && ImageInfo->FileSize - dir_size >= dir_offset) { - #ifdef EXIF_DEBUG - exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X), IFD entries(%d)", ImageInfo->FileSize, dir_offset+2, dir_size-2, num_entries); - #endif -@@ -3662,9 +3662,9 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse - } - } - } -- if (ImageInfo->FileSize >= dir_offset + ImageInfo->file.list[sn].size) { -+ if (ImageInfo->FileSize >= ImageInfo->file.list[sn].size && ImageInfo->FileSize - ImageInfo->file.list[sn].size >= dir_offset) { - if (ifd_size > dir_size) { -- if (dir_offset + ifd_size > ImageInfo->FileSize) { -+ if (ImageInfo->FileSize < ifd_size || dir_offset > ImageInfo->FileSize - ifd_size) { - exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Error in TIFF: filesize(x%04X) less than size of IFD(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, ifd_size); - return FALSE; - } diff --git a/php.spec b/php.spec index de97926cef331e584a3354dbe0dea39a700e9621..abdc56a92e30e6d5c1e446528a581a86ba200b91 100644 --- a/php.spec +++ b/php.spec @@ -1,9 +1,8 @@ -%global apiver 20170718 -%global zendver 20170718 +%global apiver 20200930 +%global zendver 20200930 %global pdover 20170320 -%global jsonver 1.6.0 %global _hardened_build 1 -%global embed_version 7.2 +%global embed_version 8.0 %global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock) %global mysql_config %{_libdir}/mysql/mysql_config @@ -24,11 +23,11 @@ %global with_sodium 0 %global with_pspell 0 %global with_lmdb 0 -%global upver 7.2.10 +%global upver 8.0.0 Name: php Version: %{upver}%{?rcver:~%{rcver}} -Release: 6 +Release: 1 Summary: PHP scripting language for creating dynamic web sites License: PHP and Zend and BSD and MIT and ASL 1.0 and NCSA URL: http://www.php.net/ @@ -47,52 +46,9 @@ Source13: nginx-fpm.conf Source14: nginx-php.conf Source50: 10-opcache.ini Source51: opcache-default.blacklist +Source52: 20-ffi.ini -Patch0001: php-7.1.7-httpd.patch -Patch0002: php-7.2.0-includedir.patch -Patch0003: php-5.6.3-embed.patch -Patch0004: php-5.3.0-recode.patch -Patch0005: php-7.2.0-libdb.patch -Patch0006: php-7.2.4-dlopen.patch -Patch0007: php-7.2.3-systzdata-v16.patch -Patch0008: php-5.4.0-phpize.patch -Patch0009: php-7.2.3-ldap_r.patch -Patch0010: php-7.2.4-fixheader.patch -Patch0011: php-5.6.3-phpinfo.patch -Patch0012: php-7.2.8-getallheaders.patch -Patch0013: https://github.com/php/php-src/commit/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch -Patch0014: https://github.com/php/php-src/commit/be50a72715c141befe6f34ece660745da894aaf3.patch -Patch0015: https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch -Patch0016: php-5.6.3-datetests.patch - -Patch6000: CVE-2019-9021.patch -Patch6001: CVE-2019-9022.patch -Patch6002: CVE-2019-9023.patch -Patch6003: CVE-2019-9024.patch -Patch6004: CVE-2019-9637.patch -Patch6005: CVE-2019-9638-CVE-2019-9639.patch -Patch6006: CVE-2019-9640.patch -Patch6007: php-CVE-2018-20783.patch -Patch6008: php-CVE-2019-9641.patch -Patch6009: CVE-2019-11034.patch -Patch6010: CVE-2019-11035.patch -Patch6011: CVE-2019-11036.patch -Patch6012: CVE-2019-11041.patch -Patch6013: CVE-2019-11042.patch -Patch6014: CVE-2019-11043.patch -Patch6015: CVE-2018-19935.patch -Patch6016: CVE-2019-11045.patch -Patch6017: CVE-2019-11046.patch -Patch6018: CVE-2019-11050.patch -Patch6019: CVE-2019-11047.patch -#git.php.net/?p=php-src.git;a=patch;h=336d2086a9189006909ae06c7e95902d7d5ff77e -Patch6020: CVE-2018-19518.patch -#git.php.net/?p=php-src.git;a=patch;h=a15af81b5f0058e020eda0f109f51a3c863f5212 -Patch6021: CVE-2019-6977.patch -Patch6022: CVE-2020-7064.patch -Patch6023: CVE-2020-7066.patch -Patch6024: CVE-2019-11048.patch -Patch6025: CVE-2020-7068.patch +Patch0001: php-8.0.0-embed.patch BuildRequires: bzip2-devel, curl-devel >= 7.9, httpd-devel >= 2.0.46-1, pam-devel, httpd-filesystem, nginx-filesystem BuildRequires: libstdc++-devel, openssl-devel, sqlite-devel >= 3.6.0, zlib-devel, smtpdaemon, libedit-devel @@ -112,7 +68,7 @@ Provides: php-zts = %{version}-%{release}, php-zts%{?_isa} = %{version}-%{releas Requires: httpd-mmn = %{_httpd_mmn}, php-common%{?_isa} = %{version}-%{release}, php-cli%{?_isa} = %{version}-%{release} Provides: mod_php = %{version}-%{release}, php(httpd) -#Recommends: php-fpm%{?_isa} = %{version}-%{release} +Recommends: php-fpm%{?_isa} = %{version}-%{release} Requires(pre): httpd-filesystem %description @@ -352,8 +308,9 @@ Summary: A module for PHP applications which use XML License: PHP Requires: php-common%{?_isa} = %{version}-%{release} Provides: php-dom, php-dom%{?_isa}, php-domxml, php-domxml%{?_isa}, php-simplexml, php-simplexml%{?_isa} -Provides: php-wddx, php-wddx%{?_isa}, php-xmlreader, php-xmlreader%{?_isa}, php-xmlwriter, php-xmlwriter%{?_isa} +Provides: php-xmlreader, php-xmlreader%{?_isa}, php-xmlwriter, php-xmlwriter%{?_isa} Provides: php-xsl, php-xsl%{?_isa} +Obsoletes: php-wddx < %{version}-%{release}, php-wddx%{?_isa} < %{version}-%{release} BuildRequires: libxslt-devel >= 1.0.18-1, libxml2-devel >= 2.4.14-1 %description xml @@ -361,15 +318,6 @@ The php-xml package contains dynamic shared objects which add support to PHP for manipulating XML documents using the DOM tree, and performing XSL transformations on XML documents. -%package xmlrpc -Summary: A module for PHP applications which use the XML-RPC protocol -License: PHP and BSD -Requires: php-xml%{?_isa} = %{version}-%{release} - -%description xmlrpc -The php-xmlrpc package contains a dynamic shared object that will add -support for the XML-RPC protocol to PHP. - %package mbstring Summary: A module for PHP applications which need multi-byte string handling License: PHP and LGPLv2 and OpenLDAP @@ -477,16 +425,6 @@ The php-pspell package contains a dynamic shared object that will add support for using the pspell library to PHP. %endif -%package recode -Summary: A module for PHP applications for using the recode library -License: PHP -Requires: php-common%{?_isa} = %{version}-%{release} -BuildRequires: recode-devel - -%description recode -The php-recode package contains a dynamic shared object that will add -support for using the recode library to PHP. - %package intl Summary: Internationalization extension for PHP applications License: PHP @@ -501,25 +439,12 @@ support for using the ICU library to PHP. Summary: Enchant spelling extension for PHP applications License: PHP Requires: php-common%{?_isa} = %{version}-%{release} -BuildRequires: enchant-devel >= 1.2.4 +BuildRequires: enchant2-devel %description enchant The php-enchant package contains a dynamic shared object that will add support for using the enchant library to PHP. -%package json -Summary: JavaScript Object Notation extension for PHP -License: PHP -Requires: php-common%{?_isa} = %{version}-%{release} -Obsoletes: php-pecl-json < %{jsonver} -Obsoletes: php-pecl-jsonc < %{jsonver} -Provides: php-pecl(json) = %{jsonver}, php-pecl(json)%{?_isa} = %{jsonver}, php-pecl-json = %{jsonver} -Provides: php-pecl-json%{?_isa} = %{jsonver} - -%description json -The php-json package provides an extension that will add -support for JavaScript Object Notation (JSON) to PHP. - %if %{with_sodium} %package sodium Summary: Wrapper for the Sodium cryptographic library @@ -535,6 +460,21 @@ The php-sodium package provides a simple, low-level PHP extension for the libsodium cryptographic library. %endif +%package ffi +Summary: Foreign Function Interface +# All files licensed under PHP version 3.0.1 +License: PHP +Group: System Environment/Libraries +BuildRequires: pkgconfig(libffi) +Requires: php-common%{?_isa} = %{version}-%{release} + +%description ffi +FFI is one of the features that made Python and LuaJIT very useful for fast +prototyping. It allows calling C functions and using C data types from pure +scripting language and therefore develop “system code” more productively. +For PHP, FFI opens a way to write PHP extensions and bindings to C libraries +in pure PHP. + %package help Summary: help @@ -552,10 +492,8 @@ cp ext/gd/libgd/COPYING libgd_COPYING %endif cp sapi/fpm/LICENSE fpm_LICENSE cp ext/mbstring/libmbfl/LICENSE libmbfl_LICENSE -cp ext/mbstring/ucgendat/OPENLDAP_LICENSE ucgendat_LICENSE cp ext/fileinfo/libmagic/LICENSE libmagic_LICENSE -cp ext/phar/LICENSE phar_LICENSE -cp ext/bcmath/libbcmath/COPYING.LIB libbcmath_COPYING +cp ext/bcmath/libbcmath/LICENSE libbcmath_LICENSE cp ext/date/lib/LICENSE.rst timelib_LICENSE mkdir build-cgi build-apache build-embedded \ @@ -570,6 +508,7 @@ rm ext/date/tests/timezone_version_get_basic1.phpt rm ext/sockets/tests/mcast_ipv?_recv.phpt rm Zend/tests/bug54268.phpt rm Zend/tests/bug68412.phpt +rm ext/zlib/tests/004-mb.phpt pver=$(sed -n '/#define PHP_VERSION /{s/.* "//;s/".*$//;p}' main/php_version.h) if test "x${pver}" != "x%{upver}%{?rcver}"; then @@ -599,20 +538,13 @@ if test "x${vpdo}" != "x%{pdover}"; then exit 1 fi -ver=$(sed -n '/#define PHP_JSON_VERSION /{s/.* "//;s/".*$//;p}' ext/json/php_json.h) -if test "$ver" != "%{jsonver}"; then - : Error: Upstream JSON version is now ${ver}, expecting %{jsonver}. - : Update the %{jsonver} macro and rebuild. - exit 1 -fi - rm -f TSRM/tsrm_win32.h TSRM/tsrm_config.w32.h Zend/zend_config.w32.h ext/mysqlnd/config-win.h \ ext/standard/winver.h main/win32_internal_function_disabled.h main/win95nt.h find . -name \*.[ch] -exec chmod 644 {} \; chmod 644 README.* -cp %{SOURCE50} 10-opcache.ini +cp %{SOURCE50} %{SOURCE51} %{SOURCE52} . %ifarch x86_64 sed -e '/opcache.huge_code_pages/s/0/1/' -i 10-opcache.ini @@ -641,12 +573,12 @@ mkdir Zend && cp ../Zend/zend_{language,ini}_{parser,scanner}.[ch] Zend ln -sf ../configure %configure \ + --enable-rtld-now \ --cache-file=../config.cache --with-libdir=%{_lib} --with-config-file-path=%{_sysconfdir} \ --with-config-file-scan-dir=%{_sysconfdir}/php.d --disable-debug --with-pic --disable-rpath \ - --without-pear --with-exec-dir=%{_bindir} --with-freetype-dir=%{_prefix} --with-png-dir=%{_prefix} \ - --with-xpm-dir=%{_prefix} --without-gdbm --with-jpeg-dir=%{_prefix} --with-openssl --with-system-ciphers \ - --with-pcre-regex=%{_prefix} --with-zlib --with-layout=GNU --with-kerberos --with-libxml-dir=%{_prefix} \ - --with-system-tzdata --with-mhash \ + --without-pear --with-exec-dir=%{_bindir} --without-gdbm --with-openssl \ + --with-system-ciphers --with-pcre-regex=%{_prefix} --with-zlib --with-layout=GNU --with-kerberos \ + --with-libxml-dir=%{_prefix} --with-system-tzdata --with-mhash \ %if %{with_argon2} --with-password-argon2 \ %endif @@ -665,28 +597,29 @@ make %{?_smp_mflags} pushd build-cgi -build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-opcache-file --enable-phpdbg \ +build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-phpdbg \ %if %{with_imap} --with-imap=shared --with-imap-ssl \ %endif - --enable-mbstring=shared --with-onig=%{_prefix} --enable-mbregex \ + --enable-mbstring=shared --enable-mbregex \ %if %{with_libgd} - --with-gd=shared,%{_prefix} \ + --enable-gd=shared,%{_prefix} \ %else - --with-gd=shared \ + --enable-gd=shared \ %endif + --with-external-gd \ --with-gmp=shared --enable-calendar=shared --enable-bcmath=shared --with-bz2=shared --enable-ctype=shared \ --enable-dba=shared --with-db4=%{_prefix} --with-tcadb=%{_prefix} \ %if %{with_lmdb} --with-lmdb=%{_prefix} \ %endif --enable-exif=shared --enable-ftp=shared --with-gettext=shared --with-iconv=shared --enable-sockets=shared \ - --enable-tokenizer=shared --with-xmlrpc=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \ + --enable-tokenizer=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \ --with-mysqli=shared,mysqlnd --with-mysql-sock=%{mysql_sock} \ %if %{with_firebird} - --with-interbase=shared --with-pdo-firebird=shared \ + --with-pdo-firebird=shared \ %endif - --enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared --enable-wddx=shared \ + --enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared \ --with-snmp=shared,%{_prefix} --enable-soap=shared --with-xsl=shared,%{_prefix} --enable-xmlreader=shared \ --enable-xmlwriter=shared --with-curl=shared,%{_prefix} --enable-pdo=shared \ --with-pdo-odbc=shared,unixODBC,%{_prefix} --with-pdo-mysql=shared,mysqlnd --with-pdo-pgsql=shared,%{_prefix} \ @@ -694,7 +627,7 @@ build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-opcache-f %if %{with_freetds} --with-pdo-dblib=shared,%{_prefix} \ %endif - --with-sqlite3=shared,%{_prefix} --enable-json=shared \ + --with-sqlite3=shared \ %if %{with_zip} --enable-zip=shared \ %if %{with_libzip} @@ -708,17 +641,19 @@ build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-opcache-f --enable-phar=shared --with-tidy=shared,%{_prefix} --enable-sysvmsg=shared --enable-sysvshm=shared \ --enable-sysvsem=shared --enable-shmop=shared --enable-posix=shared --with-unixODBC=shared,%{_prefix} \ --enable-fileinfo=shared \ + --with-ffi=shared \ %if %{with_sodium} --with-sodium=shared \ %else --without-sodium \ %endif - --enable-intl=shared --with-icu-dir=%{_prefix} --with-enchant=shared,%{_prefix} --with-recode=shared,%{_prefix} + --enable-intl=shared --with-enchant=shared,%{_prefix} popd -without_shared="--without-gd --disable-dom --disable-dba --without-unixODBC --disable-opcache --disable-json \ +without_shared="--without-gd --disable-dom --disable-dba --without-unixODBC --disable-opcache \ + --disable-opcache --disable-phpdbg --without-ffi \ --disable-xmlreader --disable-xmlwriter --without-sodium --without-sqlite3 --disable-phar --disable-fileinfo \ - --without-pspell --disable-wddx --without-curl --disable-posix --disable-xml --disable-simplexml --disable-exif \ + --without-pspell --without-curl --disable-posix --disable-xml --disable-simplexml --disable-exif \ --without-gettext --without-iconv --disable-ftp --without-bz2 --disable-ctype --disable-shmop --disable-sockets \ --disable-tokenizer --disable-sysvmsg --disable-sysvshm --disable-sysvsem" @@ -747,24 +682,25 @@ build --includedir=%{_includedir}/php-zts --libdir=%{_libdir}/php-zts --enable-m %if %{with_imap} --with-imap=shared --with-imap-ssl \ %endif - --enable-mbstring=shared --with-onig=%{_prefix} --enable-mbregex \ + --enable-mbstring=shared --enable-mbregex \ %if %{with_libgd} - --with-gd=shared,%{_prefix} \ + --enable-gd=shared,%{_prefix} \ %else - --with-gd=shared \ + --enable-gd=shared \ %endif + --with-external-gc \ --with-gmp=shared --enable-calendar=shared --enable-bcmath=shared --with-bz2=shared --enable-ctype=shared \ --enable-dba=shared --with-db4=%{_prefix} --with-tcadb=%{_prefix} \ %if %{with_lmdb} --with-lmdb=%{_prefix} \ %endif --with-gettext=shared --with-iconv=shared --enable-sockets=shared --enable-tokenizer=shared --enable-exif=shared \ - --enable-ftp=shared --with-xmlrpc=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \ + --enable-ftp=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \ --with-mysqli=shared,mysqlnd --with-mysql-sock=%{mysql_sock} --enable-mysqlnd-threading \ %if %{with_firebird} - --with-interbase=shared --with-pdo-firebird=shared \ + --with-pdo-firebird=shared \ %endif - --enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared --enable-wddx=shared \ + --enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared \ --with-snmp=shared,%{_prefix} --enable-soap=shared --with-xsl=shared,%{_prefix} --enable-xmlreader=shared \ --enable-xmlwriter=shared --with-curl=shared,%{_prefix} --enable-pdo=shared \ --with-pdo-odbc=shared,unixODBC,%{_prefix} --with-pdo-mysql=shared,mysqlnd --with-pdo-pgsql=shared,%{_prefix} \ @@ -772,7 +708,7 @@ build --includedir=%{_includedir}/php-zts --libdir=%{_libdir}/php-zts --enable-m %if %{with_freetds} --with-pdo-dblib=shared,%{_prefix} \ %endif - --with-sqlite3=shared,%{_prefix} --enable-json=shared \ + --with-sqlite3=shared \ %if %{with_zip} --enable-zip=shared \ %if %{with_libzip} @@ -786,12 +722,13 @@ build --includedir=%{_includedir}/php-zts --libdir=%{_libdir}/php-zts --enable-m --enable-phar=shared --with-tidy=shared,%{_prefix} --enable-sysvmsg=shared --enable-sysvshm=shared \ --enable-sysvsem=shared --enable-shmop=shared --enable-posix=shared --with-unixODBC=shared,%{_prefix} \ --enable-fileinfo=shared \ + --with-ffi=shared \ %if %{with_sodium} --with-sodium=shared \ %else --without-sodium \ %endif - --enable-intl=shared --with-icu-dir=%{_prefix} --with-enchant=shared,%{_prefix} --with-recode=shared,%{_prefix} + --enable-intl=shared --with-enchant=shared,%{_prefix} popd pushd build-zts @@ -840,16 +777,16 @@ make -C build-fpm install-fpm \ make -C build-cgi install \ INSTALL_ROOT=$RPM_BUILD_ROOT +install -m 755 build-embedded/scripts/php-config $RPM_BUILD_ROOT%{_bindir}/php-config + install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/ install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/php.ini -install -m 755 -d $RPM_BUILD_ROOT%{_httpd_contentdir}/icons -install -m 644 php.gif $RPM_BUILD_ROOT%{_httpd_contentdir}/icons/php.gif -install -m 755 -d $RPM_BUILD_ROOT%{_datadir}/php +install -m 755 -d $RPM_BUILD_ROOT%{_datadir}/php/preload install -m 755 -d $RPM_BUILD_ROOT%{_httpd_moddir} -install -m 755 build-apache/libs/libphp7.so $RPM_BUILD_ROOT%{_httpd_moddir} +install -m 755 build-apache/libs/libphp.so $RPM_BUILD_ROOT%{_httpd_moddir} %if %{with_zts} -install -m 755 build-zts/libs/libphp7.so $RPM_BUILD_ROOT%{_httpd_moddir}/libphp7-zts.so +install -m 755 build-zts/libs/libphp.so $RPM_BUILD_ROOT%{_httpd_moddir}/libphp-zts.so %endif install -D -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_httpd_modconfdir}/15-php.conf @@ -885,11 +822,10 @@ install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/php-fpm install -D -m 644 %{SOURCE13} $RPM_BUILD_ROOT%{_sysconfdir}/nginx/conf.d/php-fpm.conf install -D -m 644 %{SOURCE14} $RPM_BUILD_ROOT%{_sysconfdir}/nginx/default.d/php.conf -for mod in pgsql odbc ldap snmp xmlrpc \ +for mod in pgsql odbc ldap snmp \ %if %{with_imap} imap \ %endif - json \ mysqlnd mysqli pdo_mysql \ mbstring gd dom xsl soap bcmath dba xmlreader xmlwriter \ simplexml bz2 calendar ctype exif ftp gettext gmp iconv \ @@ -903,23 +839,23 @@ for mod in pgsql odbc ldap snmp xmlrpc \ %endif sqlite3 \ enchant phar fileinfo intl \ - tidy \ + tidy ffi \ %if %{with_freetds} pdo_dblib \ %endif %if %{with_pspell} pspell \ %endif - curl wddx \ + curl \ %if %{with_sodium} sodium \ %endif - posix shmop sysvshm sysvsem sysvmsg recode xml \ + posix shmop sysvshm sysvsem sysvmsg xml \ ; do case $mod in opcache) ini=10-${mod}.ini;; - pdo_*|mysqli|wddx|xmlreader|xmlrpc) + pdo_*|mysqli|xmlreader) ini=30-${mod}.ini;; *) ini=20-${mod}.ini;; @@ -951,7 +887,7 @@ EOF EOF done -cat files.dom files.xsl files.xml{reader,writer} files.wddx \ +cat files.dom files.xsl files.xml{reader,writer} \ files.simplexml >> files.xml cat files.mysqli \ @@ -997,7 +933,8 @@ rm -rf $RPM_BUILD_ROOT%{_libdir}/php/modules/*.a \ $RPM_BUILD_ROOT%{_libdir}/php-zts/modules/*.a \ $RPM_BUILD_ROOT%{_bindir}/{phptar} \ $RPM_BUILD_ROOT%{_datadir}/pear \ - $RPM_BUILD_ROOT%{_libdir}/libphp7.la + $RPM_BUILD_ROOT%{_libdir}/libphp.a \ + $RPM_BUILD_ROOT%{_libdir}/libphp.la rm -f README.{Zeus,QNX,CVS-RULES} @@ -1011,21 +948,19 @@ rm -f README.{Zeus,QNX,CVS-RULES} systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %files -%{_httpd_moddir}/libphp7.so +%{_httpd_moddir}/libphp.so %if %{with_zts} -%{_httpd_moddir}/libphp7-zts.so +%{_httpd_moddir}/libphp-zts.so %endif %attr(0770,root,apache) %dir %{_sharedstatedir}/php/session %attr(0770,root,apache) %dir %{_sharedstatedir}/php/wsdlcache %attr(0770,root,apache) %dir %{_sharedstatedir}/php/opcache %config(noreplace) %{_httpd_confdir}/php.conf %config(noreplace) %{_httpd_modconfdir}/15-php.conf -%{_httpd_contentdir}/icons/php.gif %files common -f files.common %license LICENSE TSRM_LICENSE %license libmagic_LICENSE -%license phar_LICENSE %license timelib_LICENSE %config(noreplace) %{_sysconfdir}/php.ini %dir %{_sysconfdir}/php.d @@ -1094,8 +1029,8 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %{_rpmconfigdir}/macros.d/macros.php %files embedded -%{_libdir}/libphp7.so -%{_libdir}/libphp7-%{embed_version}.so +%{_libdir}/libphp.so +%{_libdir}/libphp-%{embed_version}.so %files pgsql -f files.pgsql %files odbc -f files.odbc @@ -1105,10 +1040,8 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %files ldap -f files.ldap %files snmp -f files.snmp %files xml -f files.xml -%files xmlrpc -f files.xmlrpc %files mbstring -f files.mbstring %license libmbfl_LICENSE -%license ucgendat_LICENSE %files gd -f files.gd %if ! %{with_libgd} %license libgd_README @@ -1116,7 +1049,7 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %endif %files soap -f files.soap %files bcmath -f files.bcmath -%license libbcmath_COPYING +%license libbcmath_LICENSE %files gmp -f files.gmp %files dba -f files.dba %files pdo -f files.pdo @@ -1129,9 +1062,8 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %endif %files intl -f files.intl %files process -f files.process -%files recode -f files.recode %if %{with_firebird} -%files interbase -f files.interbase +%files pdo-firebird -f files.pdo_firebird %endif %files enchant -f files.enchant %files mysqlnd -f files.mysqlnd @@ -1140,19 +1072,23 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %if %{with_zts} %config(noreplace) %{_sysconfdir}/php-zts.d/opcache-default.blacklist %endif -%files json -f files.json %if %{with_sodium} %files sodium -f files.sodium %endif +%files ffi -f files.ffi +%dir %{_datadir}/php/preload %files help %defattr(-,root,root) -%doc CODING_STANDARDS CREDITS EXTENSIONS NEWS README* sapi/cgi/README* sapi/cli/README sapi/phpdbg/{README.md,CREDITS} -%doc php-fpm.conf.default www.conf.default php.ini-* +%doc EXTENSIONS NEWS README* UPGRADING* *md docs +%doc php-fpm.conf.default www.conf.default php.ini-* %{_mandir}/* %changelog +* Mon Nov 30 2020 maminjie - 8.0.0-1 +- upgrade to 8.0.0 + * Mon Sep 21 2020 shaoqiang kang - 7.2.10-6 - Fix CVE-2020-7068