diff options
| author | Remi Collet <remi@remirepo.net> | 2022-01-19 07:44:09 +0100 |
|---|---|---|
| committer | Remi Collet <remi@php.net> | 2022-01-19 07:44:09 +0100 |
| commit | 35feeb58839617bb65afb3bcbb36b27cbde74014 (patch) | |
| tree | 28a95c55715895b8a3b01215e48342435d519891 | |
| parent | 4f7a6de9b9ec811f181a81f7dc2227857d2d157e (diff) | |
Fix GH-7899 Regression in unpack for negative int value
Fix GH-7883 Segfault when INI file is not readable
| -rw-r--r-- | failed.txt | 2 | ||||
| -rw-r--r-- | php-upstream.patch | 130 | ||||
| -rw-r--r-- | php81.spec | 13 |
3 files changed, 142 insertions, 3 deletions
@@ -1,4 +1,4 @@ -===== 8.1.2RC1 (2022-01-06) +===== 8.1.2 (2022-01-20) $ grep -ar 'Tests failed' /var/lib/mock/*/build.log diff --git a/php-upstream.patch b/php-upstream.patch new file mode 100644 index 0000000..0f3ebd4 --- /dev/null +++ b/php-upstream.patch @@ -0,0 +1,130 @@ +From e31c54d02592caa31d6a59aaefeaa96aab2d7b27 Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Fri, 7 Jan 2022 15:04:36 +0100 +Subject: [PATCH] fix GH-7899 Regression in unpack for negative int value + +--- + NEWS | 3 +++ + ext/standard/pack.c | 11 +++++++++-- + ext/standard/tests/strings/pack64.phpt | 21 +++++++++++++++++++++ + 3 files changed, 33 insertions(+), 2 deletions(-) + +diff --git a/ext/standard/pack.c b/ext/standard/pack.c +index 46856874bc2a..8736d291fb24 100644 +--- a/ext/standard/pack.c ++++ b/ext/standard/pack.c +@@ -62,6 +62,7 @@ typedef ZEND_SET_ALIGNED(1, uint16_t unaligned_uint16_t); + typedef ZEND_SET_ALIGNED(1, uint32_t unaligned_uint32_t); + typedef ZEND_SET_ALIGNED(1, uint64_t unaligned_uint64_t); + typedef ZEND_SET_ALIGNED(1, unsigned int unaligned_uint); ++typedef ZEND_SET_ALIGNED(1, int unaligned_int); + + /* Mapping of byte from char (8bit) to long for machine endian */ + static int byte_map[1]; +@@ -1043,8 +1044,14 @@ PHP_FUNCTION(unpack) + + case 'i': /* signed integer, machine size, machine endian */ + case 'I': { /* unsigned integer, machine size, machine endian */ +- unsigned int x = *((unaligned_uint*) &input[inputpos]); +- zend_long v = (type == 'i') ? (int) x : x; ++ zend_long v; ++ if (type == 'i') { ++ int x = *((unaligned_int*) &input[inputpos]); ++ v = x; ++ } else { ++ unsigned int x = *((unaligned_uint*) &input[inputpos]); ++ v = x; ++ } + + ZVAL_LONG(&val, v); + zend_symtable_update(Z_ARRVAL_P(return_value), real_name, &val); +diff --git a/ext/standard/tests/strings/pack64.phpt b/ext/standard/tests/strings/pack64.phpt +index 753821f65429..84e69008284d 100644 +--- a/ext/standard/tests/strings/pack64.phpt ++++ b/ext/standard/tests/strings/pack64.phpt +@@ -31,6 +31,11 @@ print_r(unpack("q", pack("q", 0))); + print_r(unpack("q", pack("q", 0x8000000000000002))); + print_r(unpack("q", pack("q", -1))); + print_r(unpack("q", pack("q", 0x8000000000000000))); ++ ++print_r(unpack("i", pack("i", 2147483647))); // Max int32 ++print_r(unpack("i", pack("i", -2147483647))); ++print_r(unpack("i", pack("i", -2147483648))); // Min int32 ++print_r(unpack("I", pack("I", 4294967295))); // Max uint32 + ?> + --EXPECT-- + Array +@@ -113,3 +118,19 @@ Array + ( + [1] => -9223372036854775808 + ) ++Array ++( ++ [1] => 2147483647 ++) ++Array ++( ++ [1] => -2147483647 ++) ++Array ++( ++ [1] => -2147483648 ++) ++Array ++( ++ [1] => 4294967295 ++) +From cdfc4d3596d9f983b7395ee11641cbf37b77b46e Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Mon, 17 Jan 2022 10:23:15 +0100 +Subject: [PATCH] Fix GH-7883 don't close not open file handle don't create a + stream if file is not open + +--- + NEWS | 1 + + Zend/zend_stream.c | 5 ++++- + main/php_ini.c | 7 ++++--- + 3 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/Zend/zend_stream.c b/Zend/zend_stream.c +index aadc62558e60..ae2c734b09b4 100644 +--- a/Zend/zend_stream.c ++++ b/Zend/zend_stream.c +@@ -214,7 +214,10 @@ static void zend_file_handle_dtor(zend_file_handle *fh) /* {{{ */ + { + switch (fh->type) { + case ZEND_HANDLE_FP: +- fclose(fh->handle.fp); ++ if (fh->handle.fp) { ++ fclose(fh->handle.fp); ++ fh->handle.fp = NULL; ++ } + break; + case ZEND_HANDLE_STREAM: + if (fh->handle.stream.closer && fh->handle.stream.handle) { +diff --git a/main/php_ini.c b/main/php_ini.c +index fd6f36648821..136942896da4 100644 +--- a/main/php_ini.c ++++ b/main/php_ini.c +@@ -686,8 +686,9 @@ int php_init_config(void) + if (VCWD_STAT(ini_file, &sb) == 0) { + if (S_ISREG(sb.st_mode)) { + zend_file_handle fh; +- zend_stream_init_fp(&fh, VCWD_FOPEN(ini_file, "r"), ini_file); +- if (fh.handle.fp) { ++ FILE *file = VCWD_FOPEN(ini_file, "r"); ++ if (file) { ++ zend_stream_init_fp(&fh, file, ini_file); + if (zend_parse_ini_file(&fh, 1, ZEND_INI_SCANNER_NORMAL, (zend_ini_parser_cb_t) php_ini_parser_cb, &configuration_hash) == SUCCESS) { + /* Here, add it to the list of ini files read */ + l = (int)strlen(ini_file); +@@ -695,8 +696,8 @@ int php_init_config(void) + p = estrndup(ini_file, l); + zend_llist_add_element(&scanned_ini_list, &p); + } ++ zend_destroy_file_handle(&fh); + } +- zend_destroy_file_handle(&fh); + } + } + free(namelist[i]); @@ -112,8 +112,8 @@ %bcond_with zip %global upver 8.1.2 -%global rcver RC1 -%global lower RC1 +#global rcver RC1 +#global lower RC1 Summary: PHP scripting language for creating dynamic web sites Name: php @@ -179,6 +179,9 @@ Patch47: php-8.1.0-phpinfo.patch Patch91: php-7.2.0-oci8conf.patch # Upstream fixes (100+) +# Fixed bug GH-7899 Regression in unpack for negative int value +# Fixed bug GH-7883 Segfault when INI file is not readable +Patch100: php-upstream.patch # Security fixes (200+) @@ -1186,6 +1189,7 @@ in pure PHP. %patch91 -p1 -b .remi-oci8 # upstream patches +%patch100 -p1 -b .up # security patches @@ -2177,6 +2181,11 @@ fi %changelog +* Wed Jan 19 2022 Remi Collet <remi@remirepo.net> - 8.1.2-1 +- Update to 8.1.2 - http://www.php.net/releases/8_1_2.php +- Fix GH-7899 Regression in unpack for negative int value +- Fix GH-7883 Segfault when INI file is not readable + * Wed Jan 5 2022 Remi Collet <remi@remirepo.net> - 8.1.2~RC1-1 - update to 8.1.2RC1 |