summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--php-5.4.16-CVE-2013-4248.patch211
-rw-r--r--php-5.4.16-CVE-2013-6420.patch90
-rw-r--r--php-5.4.16-fpm.patch31
-rw-r--r--php-5.4.16-gc.patch83
-rw-r--r--php-5.4.16-iniscan.patch159
-rw-r--r--php-5.4.16-man.patch668
-rw-r--r--php-5.4.16-pdopgsql.patch33
-rw-r--r--php-5.4.16-pdotests.patch34
-rw-r--r--php-5.4.17-CVE-2013-4013.patch181
-rw-r--r--php.spec9
10 files changed, 167 insertions, 1332 deletions
diff --git a/php-5.4.16-CVE-2013-4248.patch b/php-5.4.16-CVE-2013-4248.patch
deleted file mode 100644
index c5da270..0000000
--- a/php-5.4.16-CVE-2013-4248.patch
+++ /dev/null
@@ -1,211 +0,0 @@
-From 2874696a5a8d46639d261571f915c493cd875897 Mon Sep 17 00:00:00 2001
-From: Stanislav Malyshev <stas@php.net>
-Date: Tue, 13 Aug 2013 22:20:33 -0700
-Subject: [PATCH] Fix CVE-2013-4073 - handling of certs with null bytes
-
----
- NEWS | 4 ++
- ext/openssl/openssl.c | 86 ++++++++++++++++++++++++++++++++++++-
- ext/openssl/tests/cve2013_4073.pem | 28 ++++++++++++
- ext/openssl/tests/cve2013_4073.phpt | 19 ++++++++
- 4 files changed, 135 insertions(+), 2 deletions(-)
- create mode 100644 ext/openssl/tests/cve2013_4073.pem
- create mode 100644 ext/openssl/tests/cve2013_4073.phpt
-
-diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
-index d7ac117..c32748c 100644
---- a/ext/openssl/openssl.c
-+++ b/ext/openssl/openssl.c
-@@ -1398,6 +1398,74 @@ PHP_FUNCTION(openssl_x509_check_private_key)
- }
- /* }}} */
-
-+/* Special handling of subjectAltName, see CVE-2013-4073
-+ * Christian Heimes
-+ */
-+
-+static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
-+{
-+ GENERAL_NAMES *names;
-+ const X509V3_EXT_METHOD *method = NULL;
-+ long i, length, num;
-+ const unsigned char *p;
-+
-+ method = X509V3_EXT_get(extension);
-+ if (method == NULL) {
-+ return -1;
-+ }
-+
-+ p = extension->value->data;
-+ length = extension->value->length;
-+ if (method->it) {
-+ names = (GENERAL_NAMES*)(ASN1_item_d2i(NULL, &p, length,
-+ ASN1_ITEM_ptr(method->it)));
-+ } else {
-+ names = (GENERAL_NAMES*)(method->d2i(NULL, &p, length));
-+ }
-+ if (names == NULL) {
-+ return -1;
-+ }
-+
-+ num = sk_GENERAL_NAME_num(names);
-+ for (i = 0; i < num; i++) {
-+ GENERAL_NAME *name;
-+ ASN1_STRING *as;
-+ name = sk_GENERAL_NAME_value(names, i);
-+ switch (name->type) {
-+ case GEN_EMAIL:
-+ BIO_puts(bio, "email:");
-+ as = name->d.rfc822Name;
-+ BIO_write(bio, ASN1_STRING_data(as),
-+ ASN1_STRING_length(as));
-+ break;
-+ case GEN_DNS:
-+ BIO_puts(bio, "DNS:");
-+ as = name->d.dNSName;
-+ BIO_write(bio, ASN1_STRING_data(as),
-+ ASN1_STRING_length(as));
-+ break;
-+ case GEN_URI:
-+ BIO_puts(bio, "URI:");
-+ as = name->d.uniformResourceIdentifier;
-+ BIO_write(bio, ASN1_STRING_data(as),
-+ ASN1_STRING_length(as));
-+ break;
-+ default:
-+ /* use builtin print for GEN_OTHERNAME, GEN_X400,
-+ * GEN_EDIPARTY, GEN_DIRNAME, GEN_IPADD and GEN_RID
-+ */
-+ GENERAL_NAME_print(bio, name);
-+ }
-+ /* trailing ', ' except for last element */
-+ if (i < (num - 1)) {
-+ BIO_puts(bio, ", ");
-+ }
-+ }
-+ sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
-+
-+ return 0;
-+}
-+
- /* {{{ proto array openssl_x509_parse(mixed x509 [, bool shortnames=true])
- Returns an array of the fields/values of the CERT */
- PHP_FUNCTION(openssl_x509_parse)
-@@ -1494,15 +1562,29 @@ PHP_FUNCTION(openssl_x509_parse)
-
-
- for (i = 0; i < X509_get_ext_count(cert); i++) {
-+ int nid;
- extension = X509_get_ext(cert, i);
-- if (OBJ_obj2nid(X509_EXTENSION_get_object(extension)) != NID_undef) {
-+ nid = OBJ_obj2nid(X509_EXTENSION_get_object(extension));
-+ if (nid != NID_undef) {
- extname = (char *)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
- } else {
- OBJ_obj2txt(buf, sizeof(buf)-1, X509_EXTENSION_get_object(extension), 1);
- extname = buf;
- }
- bio_out = BIO_new(BIO_s_mem());
-- if (X509V3_EXT_print(bio_out, extension, 0, 0)) {
-+ if (nid == NID_subject_alt_name) {
-+ if (openssl_x509v3_subjectAltName(bio_out, extension) == 0) {
-+ add_assoc_stringl(subitem, extname, bio_buf->data, bio_buf->length, 1);
-+ } else {
-+ zval_dtor(return_value);
-+ if (certresource == -1 && cert) {
-+ X509_free(cert);
-+ }
-+ BIO_free(bio_out);
-+ RETURN_FALSE;
-+ }
-+ }
-+ else if (X509V3_EXT_print(bio_out, extension, 0, 0)) {
- BIO_get_mem_ptr(bio_out, &bio_buf);
- add_assoc_stringl(subitem, extname, bio_buf->data, bio_buf->length, 1);
- } else {
-diff --git a/ext/openssl/tests/cve2013_4073.pem b/ext/openssl/tests/cve2013_4073.pem
-new file mode 100644
-index 0000000..7ebb994
---- /dev/null
-+++ b/ext/openssl/tests/cve2013_4073.pem
-@@ -0,0 +1,28 @@
-+-----BEGIN CERTIFICATE-----
-+MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx
-+DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ
-+eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg
-+RGV2ZWxvcG1lbnQxJDAiBgNVBAMMG251bGwucHl0aG9uLm9yZwBleGFtcGxlLm9y
-+ZzEkMCIGCSqGSIb3DQEJARYVcHl0aG9uLWRldkBweXRob24ub3JnMB4XDTEzMDgw
-+NzEzMTE1MloXDTEzMDgwNzEzMTI1MlowgcUxCzAJBgNVBAYTAlVTMQ8wDQYDVQQI
-+DAZPcmVnb24xEjAQBgNVBAcMCUJlYXZlcnRvbjEjMCEGA1UECgwaUHl0aG9uIFNv
-+ZnR3YXJlIEZvdW5kYXRpb24xIDAeBgNVBAsMF1B5dGhvbiBDb3JlIERldmVsb3Bt
-+ZW50MSQwIgYDVQQDDBtudWxsLnB5dGhvbi5vcmcAZXhhbXBsZS5vcmcxJDAiBgkq
-+hkiG9w0BCQEWFXB5dGhvbi1kZXZAcHl0aG9uLm9yZzCCASIwDQYJKoZIhvcNAQEB
-+BQADggEPADCCAQoCggEBALXq7cn7Rn1vO3aA3TrzA5QLp6bb7B3f/yN0CJ2XFj+j
-+pHs+Gw6WWSUDpybiiKnPec33BFawq3kyblnBMjBU61ioy5HwQqVkJ8vUVjGIUq3P
-+vX/wBmQfzCe4o4uM89gpHyUL9UYGG8oCRa17dgqcv7u5rg0Wq2B1rgY+nHwx3JIv
-+KRrgSwyRkGzpN8WQ1yrXlxWjgI9de0mPVDDUlywcWze1q2kwaEPTM3hLAmD1PESA
-+oY/n8A/RXoeeRs9i/Pm/DGUS8ZPINXk/yOzsR/XvvkTVroIeLZqfmFpnZeF0cHzL
-+08LODkVJJ9zjLdT7SA4vnne4FEbAxDbKAq5qkYzaL4UCAwEAAaOB0DCBzTAMBgNV
-+HRMBAf8EAjAAMB0GA1UdDgQWBBSIWlXAUv9hzVKjNQ/qWpwkOCL3XDALBgNVHQ8E
-+BAMCBeAwgZAGA1UdEQSBiDCBhYIeYWx0bnVsbC5weXRob24ub3JnAGV4YW1wbGUu
-+Y29tgSBudWxsQHB5dGhvbi5vcmcAdXNlckBleGFtcGxlLm9yZ4YpaHR0cDovL251
-+bGwucHl0aG9uLm9yZwBodHRwOi8vZXhhbXBsZS5vcmeHBMAAAgGHECABDbgAAAAA
-+AAAAAAAAAAEwDQYJKoZIhvcNAQEFBQADggEBAKxPRe99SaghcI6IWT7UNkJw9aO9
-+i9eo0Fj2MUqxpKbdb9noRDy2CnHWf7EIYZ1gznXPdwzSN4YCjV5d+Q9xtBaowT0j
-+HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk
-+kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx
-+VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW
-+RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ=
-+-----END CERTIFICATE-----
-diff --git a/ext/openssl/tests/cve2013_4073.phpt b/ext/openssl/tests/cve2013_4073.phpt
-new file mode 100644
-index 0000000..e676ddf
---- /dev/null
-+++ b/ext/openssl/tests/cve2013_4073.phpt
-@@ -0,0 +1,19 @@
-+--TEST--
-+CVE 2013-4073: Null-byte certificate handling
-+--SKIPIF--
-+<?php
-+if (!extension_loaded("openssl")) die("skip");
-+--FILE--
-+<?php
-+$cert = file_get_contents(__DIR__ . '/cve2013_4073.pem');
-+$info = openssl_x509_parse($cert);
-+var_export($info['extensions']);
-+
-+--EXPECTF--
-+array (
-+ 'basicConstraints' => 'CA:FALSE',
-+ 'subjectKeyIdentifier' => '88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C',
-+ 'keyUsage' => 'Digital Signature, Non Repudiation, Key Encipherment',
-+ 'subjectAltName' => 'DNS:altnull.python.org' . "\0" . 'example.com, email:null@python.org' . "\0" . 'user@example.org, URI:http://null.python.org' . "\0" . 'http://example.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1
-+',
-+)
---
-1.7.11.5
-
-From c1c49d6e3983c9ce0b43ffe7bf6e03b809ed048b Mon Sep 17 00:00:00 2001
-From: Stanislav Malyshev <stas@php.net>
-Date: Mon, 19 Aug 2013 01:02:12 -0700
-Subject: [PATCH] fix using wrong buffer pointer
-
----
- ext/openssl/openssl.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
-index c7a9f5c..e7672e4 100644
---- a/ext/openssl/openssl.c
-+++ b/ext/openssl/openssl.c
-@@ -1502,6 +1502,7 @@ PHP_FUNCTION(openssl_x509_parse)
- bio_out = BIO_new(BIO_s_mem());
- if (nid == NID_subject_alt_name) {
- if (openssl_x509v3_subjectAltName(bio_out, extension) == 0) {
-+ BIO_get_mem_ptr(bio_out, &bio_buf);
- add_assoc_stringl(subitem, extname, bio_buf->data, bio_buf->length, 1);
- } else {
- zval_dtor(return_value);
---
-1.7.11.5
-
diff --git a/php-5.4.16-CVE-2013-6420.patch b/php-5.4.16-CVE-2013-6420.patch
deleted file mode 100644
index df64151..0000000
--- a/php-5.4.16-CVE-2013-6420.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-diff -up php-5.4.16/ext/openssl/openssl.c.cve6420 php-5.4.16/ext/openssl/openssl.c
---- php-5.4.16/ext/openssl/openssl.c.cve6420 2013-12-06 07:05:06.870106576 +0100
-+++ php-5.4.16/ext/openssl/openssl.c 2013-12-06 07:05:06.872106575 +0100
-@@ -656,18 +656,28 @@ static time_t asn1_time_to_time_t(ASN1_U
- char * thestr;
- long gmadjust = 0;
-
-- if (timestr->length < 13) {
-+ if (ASN1_STRING_type(timestr) != V_ASN1_UTCTIME) {
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "illegal ASN1 data type for timestamp");
-+ return (time_t)-1;
-+ }
-+
-+ if (ASN1_STRING_length(timestr) != strlen(ASN1_STRING_data(timestr))) {
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "illegal length in timestamp");
-+ return (time_t)-1;
-+ }
-+
-+ if (ASN1_STRING_length(timestr) < 13) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "extension author too lazy to parse %s correctly", timestr->data);
- return (time_t)-1;
- }
-
-- strbuf = estrdup((char *)timestr->data);
-+ strbuf = estrdup((char *)ASN1_STRING_data(timestr));
-
- memset(&thetime, 0, sizeof(thetime));
-
- /* we work backwards so that we can use atoi more easily */
-
-- thestr = strbuf + timestr->length - 3;
-+ thestr = strbuf + ASN1_STRING_length(timestr) - 3;
-
- thetime.tm_sec = atoi(thestr);
- *thestr = '\0';
-diff -up php-5.4.16/ext/openssl/tests/cve-2013-6420.crt.cve6420 php-5.4.16/ext/openssl/tests/cve-2013-6420.crt
---- php-5.4.16/ext/openssl/tests/cve-2013-6420.crt.cve6420 2013-12-06 07:05:06.872106575 +0100
-+++ php-5.4.16/ext/openssl/tests/cve-2013-6420.crt 2013-12-06 07:05:06.872106575 +0100
-@@ -0,0 +1,29 @@
-+-----BEGIN CERTIFICATE-----
-+MIIEpDCCA4ygAwIBAgIJAJzu8r6u6eBcMA0GCSqGSIb3DQEBBQUAMIHDMQswCQYD
-+VQQGEwJERTEcMBoGA1UECAwTTm9yZHJoZWluLVdlc3RmYWxlbjEQMA4GA1UEBwwH
-+S8ODwrZsbjEUMBIGA1UECgwLU2VrdGlvbkVpbnMxHzAdBgNVBAsMFk1hbGljaW91
-+cyBDZXJ0IFNlY3Rpb24xITAfBgNVBAMMGG1hbGljaW91cy5zZWt0aW9uZWlucy5k
-+ZTEqMCgGCSqGSIb3DQEJARYbc3RlZmFuLmVzc2VyQHNla3Rpb25laW5zLmRlMHUY
-+ZDE5NzAwMTAxMDAwMDAwWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAXDTE0MTEyODExMzkzNVowgcMxCzAJBgNVBAYTAkRFMRwwGgYDVQQIDBNO
-+b3JkcmhlaW4tV2VzdGZhbGVuMRAwDgYDVQQHDAdLw4PCtmxuMRQwEgYDVQQKDAtT
-+ZWt0aW9uRWluczEfMB0GA1UECwwWTWFsaWNpb3VzIENlcnQgU2VjdGlvbjEhMB8G
-+A1UEAwwYbWFsaWNpb3VzLnNla3Rpb25laW5zLmRlMSowKAYJKoZIhvcNAQkBFhtz
-+dGVmYW4uZXNzZXJAc2VrdGlvbmVpbnMuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-+DwAwggEKAoIBAQDDAf3hl7JY0XcFniyEJpSSDqn0OqBr6QP65usJPRt/8PaDoqBu
-+wEYT/Na+6fsgPjC0uK9DZgWg2tHWWoanSblAMoz5PH6Z+S4SHRZ7e2dDIjPjdhjh
-+0mLg2UMO5yp0V797Ggs9lNt6JRfH81MN2obXWs4NtztLMuD6egqpr8dDbr34aOs8
-+pkdui5UawTZksy5pLPHq5cMhFGm06v65CLo0V2Pd9+KAokPrPcN5KLKebz7mLpk6
-+SMeEXOKP4idEqxyQ7O7fBuHMedsQhu+prY3si3BUyKfQtP5CZnX2bp0wKHxX12DX
-+1nfFIt9DbGvHTcyOuN+nZLPBm3vWxntyIIvVAgMBAAGjQjBAMAkGA1UdEwQCMAAw
-+EQYJYIZIAYb4QgEBBAQDAgeAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEF
-+BQcDAjANBgkqhkiG9w0BAQUFAAOCAQEAG0fZYYCTbdj1XYc+1SnoaPR+vI8C8CaD
-+8+0UYhdnyU4gga0BAcDrY9e94eEAu6ZqycF6FjLqXXdAboppWocr6T6GD1x33Ckl
-+VArzG/KxQohGD2JeqkhIMlDomxHO7ka39+Oa8i2vWLVyjU8AZvWMAruHa4EENyG7
-+lW2AagaFKFCr9TnXTfrdxGVEbv7KVQ6bdhg5p5SjpWH1+Mq03uR3ZXPBYdyV8319
-+o0lVj1KFI2DCL/liWisJRoof+1cR35Ctd0wYBcpB6TZslMcOPl76dwKwJgeJo2Qg
-+Zsfmc2vC1/qOlNuNq/0TzzkVGv8ETT3CgaU+UXe4XOVvkccebJn2dg==
-+-----END CERTIFICATE-----
-+
-+
-diff -up php-5.4.16/ext/openssl/tests/cve-2013-6420.phpt.cve6420 php-5.4.16/ext/openssl/tests/cve-2013-6420.phpt
---- php-5.4.16/ext/openssl/tests/cve-2013-6420.phpt.cve6420 2013-12-06 07:05:06.872106575 +0100
-+++ php-5.4.16/ext/openssl/tests/cve-2013-6420.phpt 2013-12-06 07:05:06.872106575 +0100
-@@ -0,0 +1,18 @@
-+--TEST--
-+CVE-2013-6420
-+--SKIPIF--
-+<?php
-+if (!extension_loaded("openssl")) die("skip");
-+?>
-+--FILE--
-+<?php
-+$crt = substr(__FILE__, 0, -4).'.crt';
-+$info = openssl_x509_parse("file://$crt");
-+var_dump($info['issuer']['emailAddress'], $info["validFrom_time_t"]);
-+?>
-+Done
-+--EXPECTF--
-+%s openssl_x509_parse(): illegal ASN1 data type for timestamp in %s/cve-2013-6420.php on line 3
-+string(27) "stefan.esser@sektioneins.de"
-+int(-1)
-+Done
diff --git a/php-5.4.16-fpm.patch b/php-5.4.16-fpm.patch
deleted file mode 100644
index 4a32fcf..0000000
--- a/php-5.4.16-fpm.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 9f6ca9bc6400fc9c8eaebf963f6eb048dde4b34f Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Fri, 24 May 2013 12:09:05 +0200
-Subject: [PATCH] Fixed Bug #64915 (error_log ignored when daemonize=0)
-
-Use configured error_log file when stderr is not a tty.
-So only use tty during interactive debug run.
----
- NEWS | 3 +++
- sapi/fpm/fpm/fpm_stdio.c | 4 ++++
- 2 files changed, 7 insertions(+)
-
-diff --git a/sapi/fpm/fpm/fpm_stdio.c b/sapi/fpm/fpm/fpm_stdio.c
-index 10b867d..d81e101 100644
---- a/sapi/fpm/fpm/fpm_stdio.c
-+++ b/sapi/fpm/fpm/fpm_stdio.c
-@@ -291,7 +291,11 @@ int fpm_stdio_open_error_log(int reopen) /* {{{ */
- fd = fpm_globals.error_log_fd; /* for FD_CLOSEXEC to work */
- } else {
- fpm_globals.error_log_fd = fd;
-+#if HAVE_UNISTD_H
-+ if (fpm_global_config.daemonize || !isatty(STDERR_FILENO)) {
-+#else
- if (fpm_global_config.daemonize) {
-+#endif
- zlog_set_fd(fpm_globals.error_log_fd);
- }
- }
---
-1.7.11.5
-
diff --git a/php-5.4.16-gc.patch b/php-5.4.16-gc.patch
deleted file mode 100644
index a1f4323..0000000
--- a/php-5.4.16-gc.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From 3c87945c95c9c31986e690bb046c70e58c8d8896 Mon Sep 17 00:00:00 2001
-From: Xinchen Hui <laruence@php.net>
-Date: Wed, 5 Jun 2013 17:25:00 +0800
-Subject: [PATCH] Fixed bug #64960 (Segfault in gc_zval_possible_root)
-
----
- NEWS | 2 ++
- Zend/tests/bug64960.phpt | 40 ++++++++++++++++++++++++++++++++++++++++
- Zend/zend_execute_API.c | 6 ++----
- 3 files changed, 44 insertions(+), 4 deletions(-)
- create mode 100644 Zend/tests/bug64960.phpt
-
-diff --git a/Zend/tests/bug64960.phpt b/Zend/tests/bug64960.phpt
-new file mode 100644
-index 0000000..b31cca3
---- /dev/null
-+++ b/Zend/tests/bug64960.phpt
-@@ -0,0 +1,40 @@
-+--TEST--
-+Bug #64960 (Segfault in gc_zval_possible_root)
-+--FILE--
-+<?php
-+// this makes ob_end_clean raise an error
-+ob_end_flush();
-+
-+class ExceptionHandler {
-+ public function __invoke (Exception $e)
-+ {
-+ // this triggers the custom error handler
-+ ob_end_clean();
-+ }
-+}
-+
-+// this must be a class, closure does not trigger segfault
-+set_exception_handler(new ExceptionHandler());
-+
-+// exception must be throwed from error handler.
-+set_error_handler(function()
-+{
-+ $e = new Exception;
-+ $e->_trace = debug_backtrace();
-+
-+ throw $e;
-+});
-+
-+// trigger error handler
-+$a['waa'];
-+?>
-+--EXPECTF--
-+Notice: ob_end_flush(): failed to delete and flush buffer. No buffer to delete or flush in %sbug64960.php on line 3
-+
-+Fatal error: Uncaught exception 'Exception' in %sbug64960.php:19
-+Stack trace:
-+#0 [internal function]: {closure}(8, 'ob_end_clean():...', '%s', 9, Array)
-+#1 %sbug64960.php(9): ob_end_clean()
-+#2 [internal function]: ExceptionHandler->__invoke(Object(Exception))
-+#3 {main}
-+ thrown in %sbug64960.php on line 19
-diff --git a/Zend/zend_execute_API.c b/Zend/zend_execute_API.c
-index 9781889..687520d 100644
---- a/Zend/zend_execute_API.c
-+++ b/Zend/zend_execute_API.c
-@@ -263,15 +263,13 @@ void shutdown_executor(TSRMLS_D) /* {{{ */
- if (EG(user_error_handler)) {
- zeh = EG(user_error_handler);
- EG(user_error_handler) = NULL;
-- zval_dtor(zeh);
-- FREE_ZVAL(zeh);
-+ zval_ptr_dtor(&zeh);
- }
-
- if (EG(user_exception_handler)) {
- zeh = EG(user_exception_handler);
- EG(user_exception_handler) = NULL;
-- zval_dtor(zeh);
-- FREE_ZVAL(zeh);
-+ zval_ptr_dtor(&zeh);
- }
-
- zend_stack_destroy(&EG(user_error_handlers_error_reporting));
---
-1.7.11.5
-
diff --git a/php-5.4.16-iniscan.patch b/php-5.4.16-iniscan.patch
new file mode 100644
index 0000000..237c09f
--- /dev/null
+++ b/php-5.4.16-iniscan.patch
@@ -0,0 +1,159 @@
+From da84f3af751aa9bbf76bc22924a488f981d47088 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@php.net>
+Date: Wed, 29 Jan 2014 09:53:22 +0100
+Subject: [PATCH] Fixed Request #66574 Allow multiple paths in
+ php_ini_scanned_path
+
+php_ini_scanned_path, from --with-config-file-scan-dir option or
+from PHP_INI_SCAN_DIR environment variable allow a single path.
+
+In some case it could be useful to allow multiple.
+
+In the proposed patch, multiple paths are allow, using syntax inspired
+from Unix MANPATH (: separated list, empty string for builtin value).
+
+For example, this allow to use:
+PHP_INI_SCAN_DIR=/foo/php.d:/bar/php.d php
+PHP_INI_SCAN_DIR=:/myproject/php.d php
+PHP_INI_SCAN_DIR=/myproject/php.d: php
+
+Real use case: in SCL for dependent collections where each collection
+provides a separate tree for extensions, libraries and ini files.
+---
+ NEWS | 3 ++
+ main/php_ini.c | 106 +++++++++++++++++++++++++++++++++------------------------
+ 2 files changed, 65 insertions(+), 44 deletions(-)
+
+diff --git a/main/php_ini.c b/main/php_ini.c
+index 1faec68..e20ba4b 100644
+--- a/main/php_ini.c
++++ b/main/php_ini.c
+@@ -613,63 +613,81 @@ int php_init_config(TSRMLS_D)
+ zend_llist scanned_ini_list;
+ zend_llist_element *element;
+ int l, total_l = 0;
++ char *bufpath, *debpath, *endpath;
++ int lenpath;
+
+- if ((ndir = php_scandir(php_ini_scanned_path, &namelist, 0, php_alphasort)) > 0) {
+- zend_llist_init(&scanned_ini_list, sizeof(char *), (llist_dtor_func_t) free_estring, 1);
+- memset(&fh2, 0, sizeof(fh2));
++ zend_llist_init(&scanned_ini_list, sizeof(char *), (llist_dtor_func_t) free_estring, 1);
++ memset(&fh2, 0, sizeof(fh2));
+
+- for (i = 0; i < ndir; i++) {
++ bufpath = estrdup(php_ini_scanned_path);
++ for (debpath = bufpath ; debpath ; debpath=endpath) {
++ endpath = strchr(debpath, DEFAULT_DIR_SEPARATOR);
++ if (endpath) {
++ *(endpath++) = 0;
++ }
++ if (!debpath[0]) {
++ /* empty string means default builtin value
++ to allow "/foo/phd.d:" or ":/foo/php.d" */
++ debpath = PHP_CONFIG_FILE_SCAN_DIR;
++ }
++ lenpath = strlen(debpath);
+
+- /* check for any file with .ini extension */
+- if (!(p = strrchr(namelist[i]->d_name, '.')) || (p && strcmp(p, ".ini"))) {
+- free(namelist[i]);
+- continue;
+- }
+- /* Reset active ini section */
+- RESET_ACTIVE_INI_HASH();
++ if (lenpath > 0 && (ndir = php_scandir(debpath, &namelist, 0, php_alphasort)) > 0) {
+
+- if (IS_SLASH(php_ini_scanned_path[php_ini_scanned_path_len - 1])) {
+- snprintf(ini_file, MAXPATHLEN, "%s%s", php_ini_scanned_path, namelist[i]->d_name);
+- } else {
+- snprintf(ini_file, MAXPATHLEN, "%s%c%s", php_ini_scanned_path, DEFAULT_SLASH, namelist[i]->d_name);
+- }
+- if (VCWD_STAT(ini_file, &sb) == 0) {
+- if (S_ISREG(sb.st_mode)) {
+- if ((fh2.handle.fp = VCWD_FOPEN(ini_file, "r"))) {
+- fh2.filename = ini_file;
+- fh2.type = ZEND_HANDLE_FP;
+-
+- if (zend_parse_ini_file(&fh2, 1, ZEND_INI_SCANNER_NORMAL, (zend_ini_parser_cb_t) php_ini_parser_cb, &configuration_hash TSRMLS_CC) == SUCCESS) {
+- /* Here, add it to the list of ini files read */
+- l = strlen(ini_file);
+- total_l += l + 2;
+- p = estrndup(ini_file, l);
+- zend_llist_add_element(&scanned_ini_list, &p);
++ for (i = 0; i < ndir; i++) {
++
++ /* check for any file with .ini extension */
++ if (!(p = strrchr(namelist[i]->d_name, '.')) || (p && strcmp(p, ".ini"))) {
++ free(namelist[i]);
++ continue;
++ }
++ /* Reset active ini section */
++ RESET_ACTIVE_INI_HASH();
++
++ if (IS_SLASH(debpath[lenpath - 1])) {
++ snprintf(ini_file, MAXPATHLEN, "%s%s", debpath, namelist[i]->d_name);
++ } else {
++ snprintf(ini_file, MAXPATHLEN, "%s%c%s", debpath, DEFAULT_SLASH, namelist[i]->d_name);
++ }
++ if (VCWD_STAT(ini_file, &sb) == 0) {
++ if (S_ISREG(sb.st_mode)) {
++ if ((fh2.handle.fp = VCWD_FOPEN(ini_file, "r"))) {
++ fh2.filename = ini_file;
++ fh2.type = ZEND_HANDLE_FP;
++
++ if (zend_parse_ini_file(&fh2, 1, ZEND_INI_SCANNER_NORMAL, (zend_ini_parser_cb_t) php_ini_parser_cb, &configuration_hash TSRMLS_CC) == SUCCESS) {
++ /* Here, add it to the list of ini files read */
++ l = strlen(ini_file);
++ total_l += l + 2;
++ p = estrndup(ini_file, l);
++ zend_llist_add_element(&scanned_ini_list, &p);
++ }
+ }
+ }
+ }
++ free(namelist[i]);
+ }
+- free(namelist[i]);
++ free(namelist);
+ }
+- free(namelist);
++ }
++ efree(bufpath);
+
+- if (total_l) {
+- int php_ini_scanned_files_len = (php_ini_scanned_files) ? strlen(php_ini_scanned_files) + 1 : 0;
+- php_ini_scanned_files = (char *) realloc(php_ini_scanned_files, php_ini_scanned_files_len + total_l + 1);
+- if (!php_ini_scanned_files_len) {
+- *php_ini_scanned_files = '\0';
+- }
+- total_l += php_ini_scanned_files_len;
+- for (element = scanned_ini_list.head; element; element = element->next) {
+- if (php_ini_scanned_files_len) {
+- strlcat(php_ini_scanned_files, ",\n", total_l);
+- }
+- strlcat(php_ini_scanned_files, *(char **)element->data, total_l);
+- strlcat(php_ini_scanned_files, element->next ? ",\n" : "\n", total_l);
++ if (total_l) {
++ int php_ini_scanned_files_len = (php_ini_scanned_files) ? strlen(php_ini_scanned_files) + 1 : 0;
++ php_ini_scanned_files = (char *) realloc(php_ini_scanned_files, php_ini_scanned_files_len + total_l + 1);
++ if (!php_ini_scanned_files_len) {
++ *php_ini_scanned_files = '\0';
++ }
++ total_l += php_ini_scanned_files_len;
++ for (element = scanned_ini_list.head; element; element = element->next) {
++ if (php_ini_scanned_files_len) {
++ strlcat(php_ini_scanned_files, ",\n", total_l);
+ }
++ strlcat(php_ini_scanned_files, *(char **)element->data, total_l);
++ strlcat(php_ini_scanned_files, element->next ? ",\n" : "\n", total_l);
+ }
+- zend_llist_destroy(&scanned_ini_list);
+ }
++ zend_llist_destroy(&scanned_ini_list);
+ } else {
+ /* Make sure an empty php_ini_scanned_path ends up as NULL */
+ php_ini_scanned_path = NULL;
+--
+1.8.4.3
+
diff --git a/php-5.4.16-man.patch b/php-5.4.16-man.patch
deleted file mode 100644
index 6bd0577..0000000
--- a/php-5.4.16-man.patch
+++ /dev/null
@@ -1,668 +0,0 @@
-From c940aab7895fa4cb109e7790ae14080090b04959 Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Tue, 2 Jul 2013 10:42:47 +0200
-Subject: [PATCH] Fixed Bug #65143 Missing php-cgi man page
-
-Currently php-cgi man page is a simple redirect to
-php (CLI) man page.
-
-Could be splited / improved in the future.
----
- sapi/cgi/Makefile.frag | 3 +++
- sapi/cgi/config9.m4 | 2 ++
- sapi/cgi/php-cgi.1.in | 1 +
- sapi/cli/php.1.in | 2 ++
- 4 files changed, 8 insertions(+)
- create mode 100644 sapi/cgi/php-cgi.1.in
-
-diff --git a/sapi/cgi/Makefile.frag b/sapi/cgi/Makefile.frag
-index 505119e..d54dd40 100644
---- a/sapi/cgi/Makefile.frag
-+++ b/sapi/cgi/Makefile.frag
-@@ -6,4 +6,7 @@ $(SAPI_CGI_PATH): $(PHP_GLOBAL_OBJS) $(PHP_BINARY_OBJS) $(PHP_CGI_OBJS)
- install-cgi: $(SAPI_CGI_PATH)
- @echo "Installing PHP CGI binary: $(INSTALL_ROOT)$(bindir)/"
- @$(INSTALL) -m 0755 $(SAPI_CGI_PATH) $(INSTALL_ROOT)$(bindir)/$(program_prefix)php-cgi$(program_suffix)$(EXEEXT)
-+ @echo "Installing PHP CGI man page: $(INSTALL_ROOT)$(mandir)/man1/"
-+ @$(mkinstalldirs) $(INSTALL_ROOT)$(mandir)/man1
-+ @$(INSTALL_DATA) sapi/cgi/php-cgi.1 $(INSTALL_ROOT)$(mandir)/man1/$(program_prefix)php-cgi$(program_suffix).1
-
-diff --git a/sapi/cgi/config9.m4 b/sapi/cgi/config9.m4
-index 67251ae..49e61c8 100644
---- a/sapi/cgi/config9.m4
-+++ b/sapi/cgi/config9.m4
-@@ -71,6 +71,8 @@ if test "$PHP_CGI" != "no"; then
- dnl Expose to Makefile
- PHP_SUBST(SAPI_CGI_PATH)
- PHP_SUBST(BUILD_CGI)
-+
-+ PHP_OUTPUT(sapi/cgi/php-cgi.1)
- else
- AC_MSG_RESULT(yes)
- fi
-diff --git a/sapi/cgi/php-cgi.1.in b/sapi/cgi/php-cgi.1.in
-new file mode 100644
-index 0000000..340e6c5
---- /dev/null
-+++ b/sapi/cgi/php-cgi.1.in
-@@ -0,0 +1 @@
-+.so man1/php.1
-diff --git a/sapi/cli/php.1.in b/sapi/cli/php.1.in
-index 0e9d07a..6f0266d 100644
---- a/sapi/cli/php.1.in
-+++ b/sapi/cli/php.1.in
-@@ -1,6 +1,8 @@
- .TH PHP 1 "2013" "The PHP Group" "Scripting Language"
- .SH NAME
- php \- PHP Command Line Interface 'CLI'
-+.P
-+php-cgi \- PHP Command Gateway Interface 'CGI'
- .SH SYNOPSIS
- .B php
- [options] [
---
-1.7.11.5
-
-From f4ce5e7fb65ce215ea5fd182a90aaa4d634f6023 Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Tue, 2 Jul 2013 10:46:50 +0200
-Subject: [PATCH] Fixed Bug #65142 Missing phar man page
-
-Simple man page from phar help output.
----
- NEWS | 3 +
- ext/phar/Makefile.frag | 4 +
- ext/phar/config.m4 | 2 +
- ext/phar/phar.1.in | 523 ++++++++++++++++++++++++++++++++++++++++++++++++
- ext/phar/phar.phar.1.in | 1 +
- 5 files changed, 533 insertions(+)
- create mode 100644 ext/phar/phar.1.in
- create mode 100644 ext/phar/phar.phar.1.in
-
-diff --git a/ext/phar/Makefile.frag b/ext/phar/Makefile.frag
-index b1c820f..ed6de9f 100644
---- a/ext/phar/Makefile.frag
-+++ b/ext/phar/Makefile.frag
-@@ -40,3 +40,7 @@ install-pharcmd: pharcmd
- $(INSTALL) $(builddir)/phar.phar $(INSTALL_ROOT)$(bindir)
- -@rm -f $(INSTALL_ROOT)$(bindir)/phar
- $(LN_S) -f $(bindir)/phar.phar $(INSTALL_ROOT)$(bindir)/phar
-+ @$(mkinstalldirs) $(INSTALL_ROOT)$(mandir)/man1
-+ @$(INSTALL_DATA) $(builddir)/phar.1 $(INSTALL_ROOT)$(mandir)/man1/phar.1
-+ @$(INSTALL_DATA) $(builddir)/phar.phar.1 $(INSTALL_ROOT)$(mandir)/man1/phar.phar.1
-+
-diff --git a/ext/phar/config.m4 b/ext/phar/config.m4
-index 2ac7f3d..d424060 100644
---- a/ext/phar/config.m4
-+++ b/ext/phar/config.m4
-@@ -27,4 +27,6 @@ if test "$PHP_PHAR" != "no"; then
- PHP_ADD_EXTENSION_DEP(phar, hash, true)
- PHP_ADD_EXTENSION_DEP(phar, spl, true)
- PHP_ADD_MAKEFILE_FRAGMENT
-+
-+ PHP_OUTPUT(ext/phar/phar.1 ext/phar/phar.phar.1)
- fi
-diff --git a/ext/phar/phar.1.in b/ext/phar/phar.1.in
-new file mode 100644
-index 0000000..259a2ba
---- /dev/null
-+++ b/ext/phar/phar.1.in
-@@ -0,0 +1,523 @@
-+.TH PHAR 1 "2013" "The PHP Group" "User Commands"
-+.SH NAME
-+phar, phar.phar \- PHAR (PHP archive) command line tool
-+.SH SYNOPSIS
-+.B phar
-+<command> [options] ...
-+.LP
-+.SH DESCRIPTION
-+The \fBPHAR\fP file format provides a way to put entire PHP applications into a single
-+file called a "phar" (PHP Archive) for easy distribution and installation.
-+.P
-+With the \fBphar\fP command you can create, update or extract PHP archives.
-+.P
-+Commands:
-+add compress delete extract help help-list info list meta-del
-+meta-get meta-set pack sign stub-get stub-set tree version
-+
-+.SH add command
-+Add entries to a PHAR package.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B ...
-+Any number of input files and directories. If -i is in
-+use then ONLY files and matching the given regular
-+expression are being packed. If -x is given then files
-+matching that regular expression are NOT being packed.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-a \fIalias\fP
-+Provide an \fIalias\fP name for the phar file.
-+.TP
-+.PD
-+.B \-c \fIalgo\fP
-+Compression algorithm (see
-+.SM
-+.B COMPRESSION
-+)
-+.TP
-+.PD
-+.B \-i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B \-l \fIlevel\fP
-+Number of preceding subdirectories to strip from file entries
-+.TP
-+.PD
-+.B \-x \fIregex\fP
-+Regular expression for input files to exclude.
-+
-+.SH compress command
-+Compress or uncompress all files or a selected entry.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B \-c \fIalgo\fP
-+Compression algorithm (see
-+.SM
-+.B COMPRESSION
-+)
-+.TP
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+
-+.SH delete command
-+Delete entry from a PHAR archive
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B \-e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+
-+.SH extract command
-+Extract a PHAR package to a directory.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B -x \fIregex\fP
-+Regular expression for input files to exclude.
-+.TP
-+.PD
-+.B ...
-+Directory to extract to (defaults to '.').
-+
-+
-+.SH help command
-+This help or help for a selected command.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B ...
-+Optional command to retrieve help for.
-+
-+.SH help-list command
-+Lists available commands.
-+
-+.SH info command
-+Get information about a PHAR package.
-+.P
-+By using -k it is possible to return a single value.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH list command
-+List contents of a PHAR archive.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B -x \fIregex\fP
-+Regular expression for input files to exclude.
-+
-+
-+.SH meta-del command
-+Delete meta information of a PHAR entry or a PHAR package.
-+.P
-+If -k is given then the metadata is expected to be an array and the
-+given index is being deleted.
-+.P
-+If something was deleted the return value is 0 otherwise it is 1.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH meta-get command
-+Get meta information of a PHAR entry or a PHAR package in serialized from. If
-+no output file is specified for meta data then stdout is being used.
-+You can also specify a particular index using -k. In that case the
-+metadata is expected to be an array and the value of the given index
-+is returned using echo rather than using serialize. If that index does
-+not exist or no meta data is present then the return value is 1.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH meta-set command
-+Set meta data of a PHAR entry or a PHAR package using serialized input. If no
-+input file is specified for meta data then stdin is being used. You can
-+also specify a particular index using -k. In that case the metadata is
-+expected to be an array and the value of the given index is being set.
-+If the metadata is not present or empty a new array will be created.
-+If the metadata is present and a flat value then the return value is
-+1. Also using -k the input is been taken directly rather then being
-+serialized.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B -m \fImeta\fP
-+Meta data to store with entry (serialized php data).
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH pack command
-+Pack files into a PHAR archive.
-+.P
-+When using -s <stub>, then the stub file is being excluded from the
-+list of input files/dirs.To create an archive that contains PEAR class
-+PHP_Archive then point -p argument to PHP/Archive.php.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B ...
-+Any number of input files and directories. If -i is in
-+use then ONLY files and matching the given regular
-+expression are being packed. If -x is given then files
-+matching that regular expression are NOT being packed.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-a \fIalias\fP
-+Provide an \fIalias\fP name for the phar file.
-+.TP
-+.PD
-+.B \-b \fIbang\fP
-+Hash-bang line to start the archive (e.g. #!/usr/bin/php).
-+The hash mark itself '#!' and the newline character are optional.
-+.TP
-+.PD
-+.B \-c \fIalgo\fP
-+Compression algorithm (see
-+.SM
-+.B COMPRESSION
-+)
-+.TP
-+.PD
-+.B \-h \fIhash\fP
-+Selects the \fIhash\fP algorithm (see
-+.SM
-+.B HASH
-+)
-+.TP
-+.PD
-+.B \-i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B \-l \fIlevel\fP
-+Number of preceding subdirectories to strip from file entries
-+.TP
-+.PD
-+.B \-p \fIloader\fP
-+Location of PHP_Archive class file (pear list-files
-+PHP_Archive).You can use '0' or '1' to locate it
-+automatically using the mentioned pear command. When
-+using '0' the command does not error out when the class
-+file cannot be located. This switch also adds some code
-+around the stub so that class PHP_Archive gets
-+registered as phar:// stream wrapper if necessary. And
-+finally this switch will add the file phar.inc from
-+this package and load it to ensure class Phar is
-+present.
-+.TP
-+.PD
-+.B \-s \fIstub\fP
-+Select the \fIstub\fP file.
-+.TP
-+.PD
-+.B \-x \fIregex\fP
-+Regular expression for input files to exclude.
-+.TP
-+.PD
-+.B \-y \fIkey\fP
-+Private \fIkey\fP for OpenSSL signing.
-+
-+.SH sign command
-+Set signature hash algorithm.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B \-h \fIhash\fP
-+Selects the \fIhash\fP algorithm (see
-+.SM
-+.B HASH
-+)
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-y \fIkey\fP
-+Private \fIkey\fP for OpenSSL signing.
-+
-+.SH stub-get command
-+Get the stub of a PHAR file. If no output file is specified as stub then stdout
-+is being used.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-s \fIstub\fP
-+Select the \fIstub\fP file.
-+
-+.SH stub-set command
-+Set the stub of a PHAR file. If no input file is specified as stub then stdin
-+is being used.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-b \fIbang\fP
-+Hash-bang line to start the archive (e.g. #!/usr/bin/php).
-+The hash mark itself '#!' and the newline character are optional.
-+.TP
-+.PD
-+.B \-p \fIloader\fP
-+Location of PHP_Archive class file (pear list-files
-+PHP_Archive).You can use '0' or '1' to locate it
-+automatically using the mentioned pear command. When
-+using '0' the command does not error out when the class
-+file cannot be located. This switch also adds some code
-+around the stub so that class PHP_Archive gets
-+registered as phar:// stream wrapper if necessary. And
-+finally this switch will add the file phar.inc from
-+this package and load it to ensure class Phar is
-+present.
-+.TP
-+.PD
-+.B \-s \fIstub\fP
-+Select the \fIstub\fP file.
-+
-+
-+.SH tree command
-+Get a directory tree for a PHAR archive.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B \-x \fIregex\fP
-+Regular expression for input files to exclude.
-+
-+.SH version command
-+Get information about the PHAR environment and the tool version.
-+
-+
-+.SH COMPRESSION
-+Algorithms:
-+.TP 15
-+.PD
-+.B 0
-+No compression
-+.TP
-+.PD
-+.B none
-+No compression
-+.TP
-+.PD
-+.B auto
-+Automatically select compression algorithm
-+.TP
-+.PD
-+.B gz
-+GZip compression
-+.TP
-+.PD
-+.B gzip
-+GZip compression
-+.TP
-+.PD
-+.B bz2
-+BZip2 compression
-+.TP
-+.PD
-+.B bzip2
-+BZip2 compression
-+
-+.SH HASH
-+Algorithms:
-+.TP 15
-+.PD
-+.TP
-+.PD
-+.B md5
-+MD5
-+.TP
-+.PD
-+.B sha1
-+SHA1
-+.TP
-+.PD
-+.B sha256
-+SHA256
-+.TP
-+.PD
-+.B sha512
-+SHA512
-+.TP
-+.PD
-+.B openssl
-+OpenSSL
-+
-+.SH SEE ALSO
-+For a more or less complete description of PHAR look here:
-+.PD 0
-+.P
-+.B http://php.net/phar
-+.PD 1
-+.P
-+.SH BUGS
-+You can view the list of known bugs or report any new bug you
-+found at:
-+.PD 0
-+.P
-+.B http://bugs.php.net
-+.PD 1
-+.SH AUTHORS
-+The PHP Group: Thies C. Arntzen, Stig Bakken, Andi Gutmans, Rasmus Lerdorf, Sam Ruby, Sascha Schumann, Zeev Suraski, Jim Winstead, Andrei Zmievski.
-+.P
-+Work for the PHP archive was done by Gregory Beaver, Marcus Boerger.
-+.P
-+A List of active developers can be found here:
-+.PD 0
-+.P
-+.B http://www.php.net/credits.php
-+.PD 1
-+.P
-+And last but not least PHP was developed with the help of a huge amount of
-+contributors all around the world.
-+.SH VERSION INFORMATION
-+This manpage describes \fBphar\fP, version @PHP_VERSION@.
-+.SH COPYRIGHT
-+Copyright \(co 1997\-2013 The PHP Group
-+.LP
-+This source file is subject to version 3.01 of the PHP license,
-+that is bundled with this package in the file LICENSE, and is
-+available through the world-wide-web at the following url:
-+.PD 0
-+.P
-+.B http://www.php.net/license/3_01.txt
-+.PD 1
-+.P
-+If you did not receive a copy of the PHP license and are unable to
-+obtain it through the world-wide-web, please send a note to
-+.B license@php.net
-+so we can mail you a copy immediately.
-diff --git a/ext/phar/phar.phar.1.in b/ext/phar/phar.phar.1.in
-new file mode 100644
-index 0000000..b5eecbf
---- /dev/null
-+++ b/ext/phar/phar.phar.1.in
-@@ -0,0 +1 @@
-+.so man1/phar.1
---
-1.7.11.5
-
-From 67817a199ca4c8bcff163cb005287c0087db6bf3 Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Tue, 2 Jul 2013 12:19:09 +0200
-Subject: [PATCH] fix typo in php man page
-
----
- sapi/cli/php.1.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sapi/cli/php.1.in b/sapi/cli/php.1.in
-index 6f0266d..749baa8 100644
---- a/sapi/cli/php.1.in
-+++ b/sapi/cli/php.1.in
-@@ -2,7 +2,7 @@
- .SH NAME
- php \- PHP Command Line Interface 'CLI'
- .P
--php-cgi \- PHP Command Gateway Interface 'CGI'
-+php-cgi \- PHP Common Gateway Interface 'CGI' command
- .SH SYNOPSIS
- .B php
- [options] [
---
-1.7.11.5
-
diff --git a/php-5.4.16-pdopgsql.patch b/php-5.4.16-pdopgsql.patch
deleted file mode 100644
index eff1edb..0000000
--- a/php-5.4.16-pdopgsql.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 1c623e3b07128e78362911ff5754e7eee57fa8bb Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Fri, 31 May 2013 08:39:32 +0200
-Subject: [PATCH] Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error)
-
-There is a lot of call such as:
- pdo_pgsql_error(dbh, PGRES_FATAL_ERROR, "Copy command failed");
-Where the 3rd paramater is a error message string where a sqlstate (5 chars)
-is expected. This cause a segfault in copy_from.phpt and copy_to.phpt.
-
-This is only a sanity check to avoid buffer overflow, but obviously this
-calls need to be fixed (using NULL or a correct sqlstate).
----
- NEWS | 3 +++
- ext/pdo_pgsql/pgsql_driver.c | 2 +-
- 2 files changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/ext/pdo_pgsql/pgsql_driver.c b/ext/pdo_pgsql/pgsql_driver.c
-index 645fd36..55f4418 100644
---- a/ext/pdo_pgsql/pgsql_driver.c
-+++ b/ext/pdo_pgsql/pgsql_driver.c
-@@ -76,7 +76,7 @@ int _pdo_pgsql_error(pdo_dbh_t *dbh, pdo_stmt_t *stmt, int errcode, const char *
- einfo->errmsg = NULL;
- }
-
-- if (sqlstate == NULL) {
-+ if (sqlstate == NULL || strlen(sqlstate) >= sizeof(pdo_error_type)) {
- strcpy(*pdo_err, "HY000");
- }
- else {
---
-1.7.11.5
-
diff --git a/php-5.4.16-pdotests.patch b/php-5.4.16-pdotests.patch
deleted file mode 100644
index 7371798..0000000
--- a/php-5.4.16-pdotests.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From c08e1d2be948d63f7a9309344a0ed4092ac8dace Mon Sep 17 00:00:00 2001
-From: Nikita Popov <nikic@php.net>
-Date: Sun, 24 Mar 2013 17:52:16 +0100
-Subject: [PATCH] Fix PDO::inTransaction() test for pgsql
-
-inTransaction() nowadays casts the in_transaction result to boolean.
-I'm not sure whether the INERROR state should result in true or false.
-For now I went with the result that we actually get.
----
- ext/pdo_pgsql/tests/is_in_transaction.phpt | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/ext/pdo_pgsql/tests/is_in_transaction.phpt b/ext/pdo_pgsql/tests/is_in_transaction.phpt
-index 99ff561..72da4f4 100644
---- a/ext/pdo_pgsql/tests/is_in_transaction.phpt
-+++ b/ext/pdo_pgsql/tests/is_in_transaction.phpt
-@@ -57,10 +57,10 @@ var_dump($db->inTransaction());
- ?>
- --EXPECT--
- Test PDO::PGSQL_TRANSACTION_INTRANS
--int(2)
-+bool(true)
- Test PDO::PGSQL_TRANSACTION_IDLE
--int(0)
-+bool(false)
- Test PDO::PGSQL_TRANSACTION_INERROR
--int(3)
-+bool(true)
- Test PDO::PGSQL_TRANSACTION_IDLE
--int(0)
-+bool(false)
---
-1.7.11.5
-
diff --git a/php-5.4.17-CVE-2013-4013.patch b/php-5.4.17-CVE-2013-4013.patch
deleted file mode 100644
index dfa2c86..0000000
--- a/php-5.4.17-CVE-2013-4013.patch
+++ /dev/null
@@ -1,181 +0,0 @@
-From 7d163e8a0880ae8af2dd869071393e5dc07ef271 Mon Sep 17 00:00:00 2001
-From: Rob Richards <rrichards@php.net>
-Date: Sat, 6 Jul 2013 07:53:07 -0400
-Subject: [PATCH] truncate results at depth of 255 to prevent corruption
-
----
- ext/xml/xml.c | 90 +++++++++++++++++++++++++++++++++--------------------------
- 1 file changed, 50 insertions(+), 40 deletions(-)
-
-diff --git a/ext/xml/xml.c b/ext/xml/xml.c
-index 1f0480b..9f0bc30 100644
---- a/ext/xml/xml.c
-+++ b/ext/xml/xml.c
-@@ -428,7 +428,7 @@ static void xml_parser_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC)
- }
- if (parser->ltags) {
- int inx;
-- for (inx = 0; inx < parser->level; inx++)
-+ for (inx = 0; ((inx < parser->level) && (inx < XML_MAXLEVEL)); inx++)
- efree(parser->ltags[ inx ]);
- efree(parser->ltags);
- }
-@@ -805,45 +805,50 @@ void _xml_startElementHandler(void *userData, const XML_Char *name, const XML_Ch
- }
-
- if (parser->data) {
-- zval *tag, *atr;
-- int atcnt = 0;
-+ if (parser->level <= XML_MAXLEVEL) {
-+ zval *tag, *atr;
-+ int atcnt = 0;
-
-- MAKE_STD_ZVAL(tag);
-- MAKE_STD_ZVAL(atr);
-+ MAKE_STD_ZVAL(tag);
-+ MAKE_STD_ZVAL(atr);
-
-- array_init(tag);
-- array_init(atr);
-+ array_init(tag);
-+ array_init(atr);
-
-- _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
-+ _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
-
-- add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
-- add_assoc_string(tag,"type","open",1);
-- add_assoc_long(tag,"level",parser->level);
-+ add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
-+ add_assoc_string(tag,"type","open",1);
-+ add_assoc_long(tag,"level",parser->level);
-
-- parser->ltags[parser->level-1] = estrdup(tag_name);
-- parser->lastwasopen = 1;
-+ parser->ltags[parser->level-1] = estrdup(tag_name);
-+ parser->lastwasopen = 1;
-
-- attributes = (const XML_Char **) attrs;
-+ attributes = (const XML_Char **) attrs;
-
-- while (attributes && *attributes) {
-- att = _xml_decode_tag(parser, attributes[0]);
-- val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
--
-- add_assoc_stringl(atr,att,val,val_len,0);
-+ while (attributes && *attributes) {
-+ att = _xml_decode_tag(parser, attributes[0]);
-+ val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
-
-- atcnt++;
-- attributes += 2;
-+ add_assoc_stringl(atr,att,val,val_len,0);
-
-- efree(att);
-- }
-+ atcnt++;
-+ attributes += 2;
-
-- if (atcnt) {
-- zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
-- } else {
-- zval_ptr_dtor(&atr);
-- }
-+ efree(att);
-+ }
-+
-+ if (atcnt) {
-+ zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
-+ } else {
-+ zval_ptr_dtor(&atr);
-+ }
-
-- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
-+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
-+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
-+ TSRMLS_FETCH();
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
-+ }
- }
-
- efree(tag_name);
-@@ -895,7 +900,7 @@ void _xml_endElementHandler(void *userData, const XML_Char *name)
-
- efree(tag_name);
-
-- if (parser->ltags) {
-+ if ((parser->ltags) && (parser->level <= XML_MAXLEVEL)) {
- efree(parser->ltags[parser->level-1]);
- }
-
-@@ -979,18 +984,23 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)
- }
- }
-
-- MAKE_STD_ZVAL(tag);
--
-- array_init(tag);
--
-- _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
-+ if (parser->level <= XML_MAXLEVEL) {
-+ MAKE_STD_ZVAL(tag);
-
-- add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
-- add_assoc_string(tag,"value",decoded_value,0);
-- add_assoc_string(tag,"type","cdata",1);
-- add_assoc_long(tag,"level",parser->level);
-+ array_init(tag);
-
-- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
-+ _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
-+
-+ add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
-+ add_assoc_string(tag,"value",decoded_value,0);
-+ add_assoc_string(tag,"type","cdata",1);
-+ add_assoc_long(tag,"level",parser->level);
-+
-+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
-+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
-+ TSRMLS_FETCH();
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
-+ }
- }
- } else {
- efree(decoded_value);
---
-1.7.11.5
-
-From 710eee5555bc5c95692bd3c84f5d2b5d687349b6 Mon Sep 17 00:00:00 2001
-From: =?utf8?q?Johannes=20Schl=C3=BCter?= <johannes@php.net>
-Date: Wed, 10 Jul 2013 19:35:18 +0200
-Subject: [PATCH] add test for bug #65236
-
----
- ext/xml/tests/bug65236.phpt | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
- create mode 100644 ext/xml/tests/bug65236.phpt
-
-diff --git a/ext/xml/tests/bug65236.phpt b/ext/xml/tests/bug65236.phpt
-new file mode 100644
-index 0000000..67b26d6
---- /dev/null
-+++ b/ext/xml/tests/bug65236.phpt
-@@ -0,0 +1,15 @@
-+--TEST--
-+Bug #65236 (heap corruption in xml parser)
-+--SKIPIF--
-+<?php
-+require_once("skipif.inc");
-+?>
-+--FILE--
-+<?php
-+xml_parse_into_struct(xml_parser_create_ns(), str_repeat("<blah>", 1000), $a);
-+
-+echo "Done\n";
-+?>
-+--EXPECTF--
-+Warning: xml_parse_into_struct(): Maximum depth exceeded - Results truncated in %s on line %d
-+Done
---
-1.7.11.5
-
diff --git a/php.spec b/php.spec
index 362dd84..c35f8f6 100644
--- a/php.spec
+++ b/php.spec
@@ -109,7 +109,7 @@
Summary: PHP scripting language for creating dynamic web sites
Name: %{?scl_prefix}php
Version: 5.4.36
-Release: 1%{?dist}
+Release: 1%{?dist}.1
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
# TSRM is licensed under BSD
@@ -152,6 +152,8 @@ Patch45: php-5.4.8-ldap_r.patch
Patch46: php-5.4.9-fixheader.patch
# drop "Configure command" from phpinfo output
Patch47: php-5.4.9-phpinfo.patch
+# Allow multiple paths in ini_scan_dir
+Patch48: php-5.4.16-iniscan.patch
# RC Patch
Patch91: php-5.3.7-oci8conf.patch
@@ -780,6 +782,7 @@ support for using the enchant library to PHP.
%endif
%patch46 -p1 -b .fixheader
%patch47 -p1 -b .phpinfo
+%patch48 -p1 -b .iniscan
%patch91 -p1 -b .remi-oci8
@@ -1579,6 +1582,10 @@ fi
%changelog
+* Mon Dec 22 2014 Remi Collet <remi@fedoraproject.org> 5.4.36-1.1
+- allow multiple paths in ini_scan_dir, backported from 5.5
+ and applied in RHSCL packages
+
* Fri Dec 19 2014 Remi Collet <remi@fedoraproject.org> 5.4.36-1
- Update to 5.4.36
http://www.php.net/releases/5_4_36.php