diff options
-rw-r--r-- | php-reg67072.patch | 50 | ||||
-rw-r--r-- | php-reg67118.patch | 136 | ||||
-rw-r--r-- | php55.spec | 7 |
3 files changed, 188 insertions, 5 deletions
diff --git a/php-reg67072.patch b/php-reg67072.patch index 6905db8..0258d95 100644 --- a/php-reg67072.patch +++ b/php-reg67072.patch @@ -1,26 +1,68 @@ +From 20568e502814fffc41d91a22edaf75ff5ae19d5c Mon Sep 17 00:00:00 2001 +From: Anatol Belski <ab@php.net> +Date: Tue, 3 Jun 2014 20:43:58 +0200 +Subject: [PATCH] Fixed regression introduced by patch for bug #67072 + +This applies to 5.4 and 5.5 only as a legacy fix. +--- + ext/standard/tests/serialize/005.phpt | 8 ++--- + ext/standard/var_unserializer.c | 68 ++++++++++++++++++----------------- + ext/standard/var_unserializer.re | 6 +++- + 3 files changed, 44 insertions(+), 38 deletions(-) + +diff --git a/ext/standard/tests/serialize/005.phpt b/ext/standard/tests/serialize/005.phpt +index 2df2701..07d47bd 100644 +--- a/ext/standard/tests/serialize/005.phpt ++++ b/ext/standard/tests/serialize/005.phpt +@@ -156,11 +156,9 @@ object(TestNAOld)#%d (0) { + } + ===NANew=== + unserializer(TestNANew) +- +-Warning: Erroneous data format for unserializing 'TestNANew' in %s005.php on line %d +- +-Notice: unserialize(): Error at offset 19 of 20 bytes in %s005.php on line %d +-bool(false) ++TestNew::__wakeup() ++object(TestNANew)#1 (0) { ++} + ===NANew2=== + unserializer(TestNANew2) + TestNew::unserialize() diff --git a/ext/standard/var_unserializer.c b/ext/standard/var_unserializer.c -index 003bac9..ed6a69c 100644 +index 003bac9..29d2e0f 100644 --- a/ext/standard/var_unserializer.c +++ b/ext/standard/var_unserializer.c -@@ -396,7 +396,7 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce) +@@ -396,7 +396,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce) (*p) += 2; - if (ce->serialize == NULL) { ++ /* The internal class check here is a BC fix only, userspace classes implementing the ++ Serializable interface have eventually an inconsistent behavior at this place when ++ unserialized from a manipulated string. Additionaly the interal classes can possibly ++ crash PHP so they're still disabled here. */ + if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) { object_init_ex(*rval, ce); } else { /* If this class implements Serializable, it should not land here but in object_custom(). The passed string diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re -index b3f5d29..b5f092b 100644 +index b3f5d29..cd4d53b 100644 --- a/ext/standard/var_unserializer.re +++ b/ext/standard/var_unserializer.re -@@ -400,7 +400,7 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce) +@@ -400,7 +400,11 @@ static inline long object_common1(UNSERIALIZE_PARAMETER, zend_class_entry *ce) (*p) += 2; - if (ce->serialize == NULL) { ++ /* The internal class check here is a BC fix only, userspace classes implementing the ++ Serializable interface have eventually an inconsistent behavior at this place when ++ unserialized from a manipulated string. Additionaly the interal classes can possibly ++ crash PHP so they're still disabled here. */ + if (ce->serialize == NULL || ZEND_INTERNAL_CLASS != ce->type) { object_init_ex(*rval, ce); } else { /* If this class implements Serializable, it should not land here but in object_custom(). The passed string +-- +1.9.2 + diff --git a/php-reg67118.patch b/php-reg67118.patch new file mode 100644 index 0000000..2c64c06 --- /dev/null +++ b/php-reg67118.patch @@ -0,0 +1,136 @@ +From 1fe9f1e4f572d7b4d5a3872f41ea61e71fb563bf Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@php.net> +Date: Thu, 5 Jun 2014 13:39:46 +0200 +Subject: [PATCH] Fix regression introduce in fix for bug #67118 + +The fix was correct but break some code (at least in Horde) +This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6 + +This make php_date_initialize more consistent +- on success return 1 + time initiliazed +- on failure return 0 + time = zero + which is check by DATE_CHECK_INITIALIZED by later method call + +Will restore consistency with other date classes in master. +--- + ext/date/php_date.c | 6 +++--- + ext/date/tests/bug67118.phpt | 18 +++++++++--------- + 2 files changed, 12 insertions(+), 12 deletions(-) + +diff --git a/ext/date/php_date.c b/ext/date/php_date.c +index a2bf001..595b0b0 100644 +--- a/ext/date/php_date.c ++++ b/ext/date/php_date.c +@@ -2441,6 +2441,8 @@ PHPAPI int php_date_initialize(php_date_obj *dateobj, /*const*/ char *time_str, + err->error_messages[0].position, err->error_messages[0].character, err->error_messages[0].message); + } + if (err && err->error_count) { ++ timelib_time_dtor(dateobj->time); ++ dateobj->time = 0; + return 0; + } + +@@ -2548,9 +2550,7 @@ PHP_METHOD(DateTime, __construct) + + zend_replace_error_handling(EH_THROW, NULL, &error_handling TSRMLS_CC); + if (SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|sO!", &time_str, &time_str_len, &timezone_object, date_ce_timezone)) { +- if (!php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC)) { +- ZVAL_NULL(getThis()); +- } ++ php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC); + } + zend_restore_error_handling(&error_handling TSRMLS_CC); + } +diff --git a/ext/date/tests/bug67118.phpt b/ext/date/tests/bug67118.phpt +index 6371757..973b4eb 100644 +--- a/ext/date/tests/bug67118.phpt ++++ b/ext/date/tests/bug67118.phpt +@@ -1,5 +1,5 @@ + --TEST-- +-Bug #67118 php-cgi crashes regularly on IIS 7 ++Bug #67118 crashes in DateTime when this used after failed __construct + --INI-- + date.timezone=Europe/Berlin + --FILE-- +@@ -12,16 +12,16 @@ + $tz = new DateTimeZone($tz); + } + +- @parent::__construct($time, $tz); ++ try { ++ @parent::__construct($time, $tz); ++ } catch (Exception $e) { ++ echo "Bad date" . $this->format("Y") . "\n"; ++ } + } + + }; + + new mydt("Funktionsansvarig rÄdgivning och juridik", "UTC"); + --EXPECTF-- +-Fatal error: Uncaught exception 'Exception' with message 'DateTime::__construct(): Failed to parse time string (Funktionsansvarig rÄdgivning och juridik) at position 0 (F): The timezone could not be found in the database' in %sbug67118.php:%d +-Stack trace: +-#0 %sbug67118.php(%d): DateTime->__construct('Funktionsansvar...', Object(DateTimeZone)) +-#1 %sbug67118.php(%d): mydt->__construct('Funktionsansvar...', 'UTC') +-#2 {main} +- thrown in %sbug67118.php on line %d ++Warning: DateTime::format(): The DateTime object has not been correctly initialized by its constructor in %sbug67118.php on line %d ++Bad date +-- +1.9.2 + +From 15d8c80ead75be976c18a66b0933cf52f3e6579f Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@php.net> +Date: Thu, 5 Jun 2014 14:00:00 +0200 +Subject: [PATCH] add test for previous fix + +--- + ext/date/tests/bug67118_2.phpt | 35 +++++++++++++++++++++++++++++++++++ + 1 file changed, 35 insertions(+) + create mode 100644 ext/date/tests/bug67118_2.phpt + +diff --git a/ext/date/tests/bug67118_2.phpt b/ext/date/tests/bug67118_2.phpt +new file mode 100644 +index 0000000..b517a3b +--- /dev/null ++++ b/ext/date/tests/bug67118_2.phpt +@@ -0,0 +1,35 @@ ++--TEST-- ++Regression introduce in fix for Bug #67118 ++--INI-- ++date.timezone=Europe/Paris ++--FILE-- ++<?php ++class Foo extends DateTime { ++ public function __construct($time = null) { ++ $tz = new DateTimeZone('UTC'); ++ try { ++ echo "First try\n"; ++ parent::__construct($time, $tz); ++ return; ++ } catch (Exception $e) { ++ echo "Second try\n"; ++ parent::__construct($time.'C', $tz); ++ } ++ } ++} ++$date = '12 Sep 2007 15:49:12 UT'; ++var_dump(new Foo($date)); ++?> ++Done ++--EXPECTF-- ++First try ++Second try ++object(Foo)#1 (3) { ++ ["date"]=> ++ string(26) "2007-09-12 15:49:12.000000" ++ ["timezone_type"]=> ++ int(3) ++ ["timezone"]=> ++ string(3) "UTC" ++} ++Done +\ No newline at end of file +-- +1.9.2 + @@ -126,7 +126,7 @@ Version: 5.5.13 %if 0%{?snapdate:1}%{?rcver:1} Release: 0.1.%{?snapdate}%{?rcver}%{?dist} %else -Release: 2%{?dist} +Release: 3%{?dist} %endif # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -189,6 +189,7 @@ Patch91: php-5.3.7-oci8conf.patch # Upstream fixes (100+) Patch100: php-reg67072.patch Patch101: php-bug67326.patch +Patch102: php-reg67118.patch # Security fixes (200+) @@ -908,6 +909,7 @@ rm -rf ext/json # upstream patches %patch100 -p1 -b .reg67072 %patch101 -p1 -b .bug67326 +%patch102 -p1 -b .reg67118 # security patches @@ -1898,6 +1900,9 @@ fi %changelog +* Thu Jun 5 2014 Remi Collet <rcollet@redhat.com> 5.5.13-3 +- fix regression introduce in fix for #67118 + * Tue Jun 3 2014 Remi Collet <remi@fedoraproject.org> 5.5.13-2 - fileinfo: fix insufficient boundary check - workaround regression introduce in fix for 67072 in |