diff options
| -rw-r--r-- | 0001-fix-172-provider-token-may-be-not-nul-terminated.patch | 35 | ||||
| -rw-r--r-- | php-pecl-yar.spec | 12 |
2 files changed, 44 insertions, 3 deletions
diff --git a/0001-fix-172-provider-token-may-be-not-nul-terminated.patch b/0001-fix-172-provider-token-may-be-not-nul-terminated.patch new file mode 100644 index 0000000..4170681 --- /dev/null +++ b/0001-fix-172-provider-token-may-be-not-nul-terminated.patch @@ -0,0 +1,35 @@ +From bef13789e0f6b8cb54015504752036f5a197d3fa Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Thu, 5 May 2022 09:01:46 +0200 +Subject: [PATCH] fix #172 provider/token may be not nul terminated + +--- + yar_server.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/yar_server.c b/yar_server.c +index 331284b..b66124e 100644 +--- a/yar_server.c ++++ b/yar_server.c +@@ -525,8 +525,16 @@ static inline int php_yar_server_auth(zval *obj, yar_header_t *header, yar_respo + YAR_TRY { + zval auth_params[2]; + +- ZVAL_STRINGL(&auth_params[0], (char*)header->provider, MIN(strlen(header->provider), 32)); +- ZVAL_STRINGL(&auth_params[1], (char*)header->token, MIN(strlen(header->token), 32)); ++ if (memchr(header->provider, 0, 32)) { ++ ZVAL_STRINGL(&auth_params[0], (char*)header->provider, strlen((char *)header->provider)); ++ } else { ++ ZVAL_STRINGL(&auth_params[0], (char*)header->provider, 32); ++ } ++ if (memchr(header->token, 0, 32)) { ++ ZVAL_STRINGL(&auth_params[1], (char*)header->token, strlen((char*)header->token)); ++ } else { ++ ZVAL_STRINGL(&auth_params[1], (char*)header->token, 32); ++ } + + #if PHP_VERSION_ID < 80000 + zend_call_method_with_2_params(obj, ce, NULL, "__auth", &ret, auth_params, auth_params + 1); +-- +2.35.1 + diff --git a/php-pecl-yar.spec b/php-pecl-yar.spec index 3576c5f..fd2b70f 100644 --- a/php-pecl-yar.spec +++ b/php-pecl-yar.spec @@ -30,12 +30,14 @@ Version: 2.3.0 Release: 0.14.%{gh_date}git%{gh_short}%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}} Source0: https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{pecl_name}-%{version}-%{gh_short}.tar.gz %else -Release: 1%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}} +Release: 2%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}} Source0: https://pecl.php.net/get/%{pecl_name}-%{version}.tgz %endif License: PHP URL: https://pecl.php.net/package/%{pecl_name} +Patch0: 0001-fix-172-provider-token-may-be-not-nul-terminated.patch + BuildRequires: %{?dtsprefix}gcc BuildRequires: make BuildRequires: curl-devel @@ -96,6 +98,8 @@ sed -e 's/role="test"/role="src"/' \ -i package.xml cd NTS +%patch0 -p1 -b pr174 + # Sanity check, really often broken extver=$(sed -n '/#define PHP_YAR_VERSION/{s/.* "//;s/".*$//;p}' php_yar.h) if test "x${extver}" != "x%{version}%{?prever:-%{prever}}%{?gh_date:-dev}"; then @@ -222,8 +226,6 @@ rm ?TS/tests/022.phpt %if %{with tests} cd NTS -: erratic results -#rm tests/047.phpt : Create test configuration export TEST_PHP_EXECUTABLE=%{__php} @@ -255,6 +257,10 @@ export YAR_API_PORT=$(%{__php} -r 'echo 8960 + PHP_MAJOR_VERSION*100 + PHP_MINOR %changelog +* Thu May 5 2022 Remi Collet <remi@remirepo.net> - 2.3.0-2 +- add fix for https://github.com/laruence/yar/issues/172 + using patch from https://github.com/laruence/yar/pull/174 + * Mon Apr 25 2022 Remi Collet <remi@remirepo.net> - 2.3.0-1 - update to 2.3.0 |