diff options
-rw-r--r-- | php-bug67326.patch | 32 | ||||
-rw-r--r-- | php-reg67072.patch | 68 | ||||
-rw-r--r-- | php-reg67118.patch | 166 | ||||
-rw-r--r-- | php54.spec | 13 |
4 files changed, 5 insertions, 274 deletions
diff --git a/php-bug67326.patch b/php-bug67326.patch deleted file mode 100644 index 2e7b0b1..0000000 --- a/php-bug67326.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 4fcb9a9d1b1063a65fbeb27395de4979c75bd962 Mon Sep 17 00:00:00 2001 -From: Remi Collet <remi@php.net> -Date: Tue, 3 Jun 2014 11:05:00 +0200 -Subject: [PATCH] Fix bug #67326 fileinfo: cdf_read_short_sector insufficient - boundary check - -Upstream fix https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391.patch -Only revelant part applied ---- - ext/fileinfo/libmagic/cdf.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c -index 4712e84..16649f1 100644 ---- a/ext/fileinfo/libmagic/cdf.c -+++ b/ext/fileinfo/libmagic/cdf.c -@@ -365,10 +365,10 @@ cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs, - size_t ss = CDF_SHORT_SEC_SIZE(h); - size_t pos = CDF_SHORT_SEC_POS(h, id); - assert(ss == len); -- if (pos > CDF_SEC_SIZE(h) * sst->sst_len) { -+ if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) { - DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %" - SIZE_T_FORMAT "u\n", -- pos, CDF_SEC_SIZE(h) * sst->sst_len)); -+ pos + len, CDF_SEC_SIZE(h) * sst->sst_len)); - return -1; - } - (void)memcpy(((char *)buf) + offs, --- -1.9.2 - diff --git a/php-reg67072.patch b/php-reg67072.patch deleted file mode 100644 index 0258d95..0000000 --- a/php-reg67072.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 20568e502814fffc41d91a22edaf75ff5ae19d5c Mon Sep 17 00:00:00 2001 -From: Anatol Belski <ab@php.net> -Date: Tue, 3 Jun 2014 20:43:58 +0200 -Subject: [PATCH] Fixed regression introduced by patch for bug #67072 - -This applies to 5.4 and 5.5 only as a legacy fix. ---- - ext/standard/tests/serialize/005.phpt | 8 ++--- - ext/standard/var_unserializer.c | 68 ++++++++++++++++++----------------- - ext/standard/var_unserializer.re | 6 +++- - 3 files changed, 44 insertions(+), 38 deletions(-) - -diff --git a/ext/standard/tests/serialize/005.phpt b/ext/standard/tests/serialize/005.phpt -index 2df2701..07d47bd 100644 ---- a/ext/standard/tests/serialize/005.phpt -+++ b/ext/standard/tests/serialize/005.phpt -@@ -156,11 +156,9 @@ object(TestNAOld)#%d (0) { - } - ===NANew=== - unserializer(TestNANew) -- --Warning: Erroneous data format for unserializing 'TestNANew' in %s005.php on line %d -- --Notice: unserialize(): Error at offset 19 of 20 bytes in %s005.php on line %d --bool(false) -+TestNew::__wakeup() -+object(TestNANew)#1 (0) { -+} - ===NANew2=== - unserializer(TestNANew2) - TestNew::unserialize() -diff --git a/ext/standard/var_unserializer.c b/ext/standard/var_unserializer.c -index 003bac9..29d2e0f 100644 ---- a/ext/standard/var_unserializer.c -+++ b/ext/standard/var_unserializer.c -@@ -396,7 +396,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce) - - (*p) += 2; - -- if (ce->serialize == NULL) { -+ /* The internal class check here is a BC fix only, userspace classes implementing the -+ Serializable interface have eventually an inconsistent behavior at this place when -+ unserialized from a manipulated string. Additionaly the interal classes can possibly -+ crash PHP so they're still disabled here. */ -+ if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) { - object_init_ex(*rval, ce); - } else { - /* If this class implements Serializable, it should not land here but in object_custom(). The passed string -diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re -index b3f5d29..cd4d53b 100644 ---- a/ext/standard/var_unserializer.re -+++ b/ext/standard/var_unserializer.re -@@ -400,7 +400,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce) - - (*p) += 2; - -- if (ce->serialize == NULL) { -+ /* The internal class check here is a BC fix only, userspace classes implementing the -+ Serializable interface have eventually an inconsistent behavior at this place when -+ unserialized from a manipulated string. Additionaly the interal classes can possibly -+ crash PHP so they're still disabled here. */ -+ if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) { - object_init_ex(*rval, ce); - } else { - /* If this class implements Serializable, it should not land here but in object_custom(). The passed string --- -1.9.2 - diff --git a/php-reg67118.patch b/php-reg67118.patch deleted file mode 100644 index 744ae23..0000000 --- a/php-reg67118.patch +++ /dev/null @@ -1,166 +0,0 @@ -From 1fe9f1e4f572d7b4d5a3872f41ea61e71fb563bf Mon Sep 17 00:00:00 2001 -From: Remi Collet <remi@php.net> -Date: Thu, 5 Jun 2014 13:39:46 +0200 -Subject: [PATCH] Fix regression introduce in fix for bug #67118 - -The fix was correct but break some code (at least in Horde) -This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6 - -This make php_date_initialize more consistent -- on success return 1 + time initiliazed -- on failure return 0 + time = zero - which is check by DATE_CHECK_INITIALIZED by later method call - -Will restore consistency with other date classes in master. ---- - ext/date/php_date.c | 6 +++--- - ext/date/tests/bug67118.phpt | 18 +++++++++--------- - 2 files changed, 12 insertions(+), 12 deletions(-) - -diff --git a/ext/date/php_date.c b/ext/date/php_date.c -index a2bf001..595b0b0 100644 ---- a/ext/date/php_date.c -+++ b/ext/date/php_date.c -@@ -2441,6 +2441,8 @@ PHPAPI int php_date_initialize(php_date_obj *dateobj, /*const*/ char *time_str, - err->error_messages[0].position, err->error_messages[0].character, err->error_messages[0].message); - } - if (err && err->error_count) { -+ timelib_time_dtor(dateobj->time); -+ dateobj->time = 0; - return 0; - } - -@@ -2548,9 +2550,7 @@ PHP_METHOD(DateTime, __construct) - - zend_replace_error_handling(EH_THROW, NULL, &error_handling TSRMLS_CC); - if (SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|sO!", &time_str, &time_str_len, &timezone_object, date_ce_timezone)) { -- if (!php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC)) { -- ZVAL_NULL(getThis()); -- } -+ php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC); - } - zend_restore_error_handling(&error_handling TSRMLS_CC); - } -diff --git a/ext/date/tests/bug67118.phpt b/ext/date/tests/bug67118.phpt -index 6371757..973b4eb 100644 ---- a/ext/date/tests/bug67118.phpt -+++ b/ext/date/tests/bug67118.phpt -@@ -1,5 +1,5 @@ - --TEST-- --Bug #67118 php-cgi crashes regularly on IIS 7 -+Bug #67118 crashes in DateTime when this used after failed __construct - --INI-- - date.timezone=Europe/Berlin - --FILE-- -@@ -12,16 +12,16 @@ - $tz = new DateTimeZone($tz); - } - -- @parent::__construct($time, $tz); -+ try { -+ @parent::__construct($time, $tz); -+ } catch (Exception $e) { -+ echo "Bad date" . $this->format("Y") . "\n"; -+ } - } - - }; - - new mydt("Funktionsansvarig rÄdgivning och juridik", "UTC"); - --EXPECTF-- --Fatal error: Uncaught exception 'Exception' with message 'DateTime::__construct(): Failed to parse time string (Funktionsansvarig rÄdgivning och juridik) at position 0 (F): The timezone could not be found in the database' in %sbug67118.php:%d --Stack trace: --#0 %sbug67118.php(%d): DateTime->__construct('Funktionsansvar...', Object(DateTimeZone)) --#1 %sbug67118.php(%d): mydt->__construct('Funktionsansvar...', 'UTC') --#2 {main} -- thrown in %sbug67118.php on line %d -+Warning: DateTime::format(): The DateTime object has not been correctly initialized by its constructor in %sbug67118.php on line %d -+Bad date --- -1.9.2 - -From 15d8c80ead75be976c18a66b0933cf52f3e6579f Mon Sep 17 00:00:00 2001 -From: Remi Collet <remi@php.net> -Date: Thu, 5 Jun 2014 14:00:00 +0200 -Subject: [PATCH] add test for previous fix - ---- - ext/date/tests/bug67118_2.phpt | 35 +++++++++++++++++++++++++++++++++++ - 1 file changed, 35 insertions(+) - create mode 100644 ext/date/tests/bug67118_2.phpt - -diff --git a/ext/date/tests/bug67118_2.phpt b/ext/date/tests/bug67118_2.phpt -new file mode 100644 -index 0000000..b517a3b ---- /dev/null -+++ b/ext/date/tests/bug67118_2.phpt -@@ -0,0 +1,35 @@ -+--TEST-- -+Regression introduce in fix for Bug #67118 -+--INI-- -+date.timezone=Europe/Paris -+--FILE-- -+<?php -+class Foo extends DateTime { -+ public function __construct($time = null) { -+ $tz = new DateTimeZone('UTC'); -+ try { -+ echo "First try\n"; -+ parent::__construct($time, $tz); -+ return; -+ } catch (Exception $e) { -+ echo "Second try\n"; -+ parent::__construct($time.'C', $tz); -+ } -+ } -+} -+$date = '12 Sep 2007 15:49:12 UT'; -+var_dump(new Foo($date)); -+?> -+Done -+--EXPECTF-- -+First try -+Second try -+object(Foo)#1 (3) { -+ ["date"]=> -+ string(26) "2007-09-12 15:49:12.000000" -+ ["timezone_type"]=> -+ int(3) -+ ["timezone"]=> -+ string(3) "UTC" -+} -+Done -\ No newline at end of file --- -1.9.2 - -From 127651e9aeb4294c6be8c450fc1e7344570045f3 Mon Sep 17 00:00:00 2001 -From: Remi Collet <remi@php.net> -Date: Thu, 5 Jun 2014 17:33:40 +0200 -Subject: [PATCH] fix test for 5.4/5.5 - ---- - ext/date/tests/bug67118_2.phpt | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/ext/date/tests/bug67118_2.phpt b/ext/date/tests/bug67118_2.phpt -index b517a3b..b4904a1 100644 ---- a/ext/date/tests/bug67118_2.phpt -+++ b/ext/date/tests/bug67118_2.phpt -@@ -26,10 +26,10 @@ First try - Second try - object(Foo)#1 (3) { - ["date"]=> -- string(26) "2007-09-12 15:49:12.000000" -+ string(%d) "2007-09-12 15:49:%s" - ["timezone_type"]=> - int(3) - ["timezone"]=> - string(3) "UTC" - } --Done -\ No newline at end of file -+Done --- -1.9.2 - @@ -77,11 +77,11 @@ %endif #global snapdate 201201041830 -#global rcver RC1 +%global rcver RC1 Summary: PHP scripting language for creating dynamic web sites Name: php -Version: 5.4.29 +Version: 5.4.30 %if 0%{?snapdate:1}%{?rcver:1} Release: 0.1.%{?snapdate}%{?rcver}%{?dist} %else @@ -136,9 +136,6 @@ Patch46: php-5.4.9-fixheader.patch Patch47: php-5.4.9-phpinfo.patch # Upstream fixes -Patch100: php-reg67072.patch -Patch101: php-bug67326.patch -Patch102: php-reg67118.patch # Security fixes @@ -804,9 +801,6 @@ rm -f ext/json/utf8_to_utf16.* %patch91 -p1 -b .remi-oci8 # upstream patches -%patch100 -p1 -b .reg67072 -%patch101 -p1 -b .bug67326 -%patch102 -p1 -b .reg67118 # security patches @@ -1655,6 +1649,9 @@ fi %changelog +* Tue Jun 17 2014 Remi Collet <rcollet@redhat.com> 5.4.30-0.1.RC1 +- Test build of 5.4.30RC1 + * Thu Jun 5 2014 Remi Collet <rcollet@redhat.com> 5.4.29-3 - fix regression introduce in fix for #67118 |