Bug #39388 [Com]: provide --with-libzip-dir configure option to allow usage of system's libzip
Edit report at http://bugs.php.net/bug.php?id=39388edit=1 ID: 39388 Comment by: oeriksson at mandriva dot com Reported by:judas dot iscariote at gmail dot com Summary:provide --with-libzip-dir configure option to allow usage of system's libzip Status: Bogus Type: Bug Package:Zip Related Operating System: Linux PHP Version:5CVS-2006-11-05 (CVS) Assigned To:pajoye Block user comment: N Private report: N New Comment: With the recent security flaws related to libzip it's desirable to enable this option. Isn't the latest http://www.nih.at/libzip/libzip-0.10.tar.bz2 going to work fine now? Previous Comments: [2006-11-05 19:21:28] paj...@php.net There is no need of it. And no, you should *really* not use an external library. The version bundled have more fixes and features than the released lib. Most of them are already in the libzip cvs, other not. [2006-11-05 03:50:59] judas dot iscariote at gmail dot com Description: Currently there is no --with-libzip-dir to easily allow distributions to use independantly packaged system libraries. Reproduce code: --- ./configure --help | grep zip Expected result: --enable-zipInclude Zip read/write support. --with-zlib-dir=DIR zip: Set the path to libz install prefix. --with-libzip=DIR zip : path to libzip sources if not using the bundled library. Actual result: -- --enable-zipInclude Zip read/write support. --with-zlib-dir=DIR zip: Set the path to libz install prefix. -- Edit this bug report at http://bugs.php.net/bug.php?id=39388edit=1
#48619 [Com]: imap_search() ALL causing segfault
ID: 48619 Comment by: oeriksson at mandriva dot com Reported By: andy at webtatic dot com Status: Assigned Bug Type: IMAP related Operating System: CentOS 5.3 i386 PHP Version: 5.2.10 Assigned To: pajoye New Comment: That patch did not help for me. Previous Comments: [2009-06-20 22:08:38] andy at webtatic dot com oops, should have used | not :) it prob makes a bit more sense then http://pastebin.com/m33a7819b [2009-06-20 21:58:44] andy at webtatic dot com sorry for intruding again, but I thought this patch might be more ideal for the imap_sort, as it'd be hard to compare the flag when its still in its PHP wrapper. http://pastebin.com/m2325a4b4 [2009-06-20 21:36:30] andy at webtatic dot com ah right ok. yep, it doesn't really make sense to add in a constant that can only be used (or not used in this case) to create a memory leak. [2009-06-20 21:33:26] paj...@php.net Sorry, I should have been more clear, this patch is not tested (did not even compile it, no vc at hand :), it was only for the idea. Yes, the free mode is also a constant as well as some other, so a bit comparison is necessary. That being said, I'm not sure to understand why we exposed SE_FREE in the 1st place... [2009-06-20 21:26:44] andy at webtatic dot com SE_FREE is also a PHP constant, so the user (for some reason), might pass in the flag SE_FREE | SE_UID, which a direct != will not match SE_FREE on, causing the same issue. You should probably do a bitwise check for the flag in your case. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/48619 -- Edit this bug report at http://bugs.php.net/?id=48619edit=1
#47812 [Asn]: undefined symbol: gdJpegGetVersionInt
ID: 47812 User updated by: oeriksson at mandriva dot com Reported By: oeriksson at mandriva dot com Status: Assigned Bug Type: GD related Operating System: Mandriva Linux PHP Version: 5.3.0RC1 Assigned To: pajoye New Comment: Seems OK with 5.3.0RC2 that now also is in Mandriva Cooker. Thanks Pierre. Previous Comments: [2009-05-03 22:15:16] paj...@php.net For your information, the gdJpegGetVersionInt error is fixed in CVS, I keep this bug open as it reflects what I'm working on: allows to use either the bundled library or a decent external version without loosing features. [2009-04-15 01:00:00] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to Open. [2009-04-07 09:27:23] paj...@php.net Please try using this CVS snapshot: http://snaps.php.net/php5.3-latest.tar.gz For Windows: http://windows.php.net/snapshots/ [2009-03-30 17:45:13] paj...@php.net The private changes in the bundled libmagic library (file-5.x) is also quite annoying. It will end like mod_mime, to only use the DB. [2009-03-30 17:38:58] oeriksson at mandriva dot com Thanks Pierre, I'm looking forward to a gd with all the bling-bling that's in the bundled gd in php, as well as with libzip. The private changes in the bundled libmagic library (file-5.x) is also quite annoying. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/47812 -- Edit this bug report at http://bugs.php.net/?id=47812edit=1
#47812 [Com]: undefined symbol: gdJpegGetVersionInt
ID: 47812 Comment by: oeriksson at mandriva dot com Reported By: oeriksson at mandriva dot com Status: Assigned Bug Type: GD related Operating System: Mandriva Linux PHP Version: 5.3.0RC1 Assigned To: pajoye New Comment: Thanks Pierre, I'm looking forward to a gd with all the bling-bling that's in the bundled gd in php, as well as with libzip. The private changes in the bundled libmagic library (file-5.x) is also quite annoying. Previous Comments: [2009-03-27 21:29:40] paj...@php.net Please do not use this report to discuss other topics. But to answer your questions, yes, they are provided as patch upstream as well and we try to keep everything synced as much as possible. But they tend to stay behind for some fixes, especially edge cases for crashes or windows support. You can follow the libzip mailing list if you are interested. [2009-03-27 21:10:56] oeriksson at mandriva dot com Thanks Pierre, What about the private changes in libzip? Will you be able to sync that with upstream as well? [2009-03-27 20:55:35] paj...@php.net There is work being done in libgd.org to bring 2.1.0 out (which should be synced with php). All fixes are done in both libraries (thanks Tabe for taking care of most of them) and many features have made their way. By the way, if the tempo is too slow, you can always give us a hand. I'm not willing to begin again a discussion with the Debian maintainer, I tried many times without success. [2009-03-27 20:40:39] oeriksson at mandriva dot com Excuse me for bothering you with petty issues. Why is it the bundled libgd is not in sync with the more official libgd as you are the sole upstream maintainer? gd hasn't had a new release since 2007-11-28, and none of the bling-bling found in the bundled libgd has found its way into any official libgd release. There are other bundled libraries. What about them then and private changes? [2009-03-27 20:33:12] crrodriguez at opensuse dot org Pierre: is there any summary on what has to be done exactly to sync both libraries so distributions can just ship one copy of libgd ? Maybe all interested parties can hack into it. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/47812 -- Edit this bug report at http://bugs.php.net/?id=47812edit=1
#47826 [NEW]: undefined symbol: sqlite3_enable_load_extension
From: oeriksson at mandriva dot com Operating system: Mandriva Linux PHP version: 5.3.0RC1 PHP Bug Type: SQLite related Bug description: undefined symbol: sqlite3_enable_load_extension Description: On Mandriva Linux Cooker I get: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/extensions/sqlite3.so' - /usr/lib/php/extensions/sqlite3.so: undefined symbol: sqlite3_enable_load_extension in Unknown on line 0 We have sqlite3-3.6.11 I noticed that SQLITE_OMIT_LOAD_EXTENSION is unset in main/php_config.h and should in this case be set to 1. $ grep SQLITE_OMIT_LOAD_EXTENSION main/php_config.h /* #undef SQLITE_OMIT_LOAD_EXTENSION */ Reproduce code: --- Just running php-cli Expected result: It should work Actual result: -- PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/extensions/sqlite3.so' - /usr/lib/php/extensions/sqlite3.so: undefined symbol: sqlite3_enable_load_extension in Unknown on line 0 -- Edit bug report at http://bugs.php.net/?id=47826edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=47826r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=47826r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=47826r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=47826r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=47826r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=47826r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=47826r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=47826r=needscript Try newer version: http://bugs.php.net/fix.php?id=47826r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=47826r=support Expected behavior: http://bugs.php.net/fix.php?id=47826r=notwrong Not enough info: http://bugs.php.net/fix.php?id=47826r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=47826r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=47826r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47826r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=47826r=dst IIS Stability: http://bugs.php.net/fix.php?id=47826r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=47826r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=47826r=float No Zend Extensions: http://bugs.php.net/fix.php?id=47826r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=47826r=mysqlcfg
#47812 [NEW]: undefined symbol: gdJpegGetVersionInt
From: oeriksson at mandriva dot com Operating system: Mandriva Linux PHP version: 5.3.0RC1 PHP Bug Type: GD related Bug description: undefined symbol: gdJpegGetVersionInt Description: I get an unresolved symbol when linking against system libgd. Reproduce code: --- Just running php-cli Expected result: Should work. Actual result: -- PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/extensions/gd.so' - /usr/lib64/php/extensions/gd.so: undefined symbol: gdJpegGetVersionInt in Unknown on line 0 -- Edit bug report at http://bugs.php.net/?id=47812edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=47812r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=47812r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=47812r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=47812r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=47812r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=47812r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=47812r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=47812r=needscript Try newer version: http://bugs.php.net/fix.php?id=47812r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=47812r=support Expected behavior: http://bugs.php.net/fix.php?id=47812r=notwrong Not enough info: http://bugs.php.net/fix.php?id=47812r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=47812r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=47812r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47812r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=47812r=dst IIS Stability: http://bugs.php.net/fix.php?id=47812r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=47812r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=47812r=float No Zend Extensions: http://bugs.php.net/fix.php?id=47812r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=47812r=mysqlcfg
#47812 [Fbk-Opn]: undefined symbol: gdJpegGetVersionInt
ID: 47812 User updated by: oeriksson at mandriva dot com Reported By: oeriksson at mandriva dot com -Status: Feedback +Status: Open Bug Type: GD related Operating System: Mandriva Linux PHP Version: 5.3.0RC1 New Comment: I described it in Description: :-) Here's a proposed fix: --- ext/gd/gd.c 2009-01-31 16:27:52.0 +0100 +++ ext/gd/gd.c.oden2009-03-27 20:27:14.0 +0100 @@ -55,6 +55,15 @@ #if HAVE_LIBGD +#ifdef HAVE_GD_PNG +/* needs to be first */ +# include png.h +#endif + +#ifdef HAVE_GD_JPG +# include jpeglib.h +#endif + static int le_gd, le_gd_font; #if HAVE_LIBT1 #include t1lib.h @@ -1293,8 +1302,13 @@ PHP_MINFO_FUNCTION(gd) #endif #ifdef HAVE_GD_JPG { +#if HAVE_GD_BUNDLED char tmp[12]; snprintf(tmp, sizeof(tmp), %d, gdJpegGetVersionInt()); +#else + char tmp[256]; + snprintf(tmp, sizeof(tmp), %d, JPEG_LIB_VERSION); +#endif php_info_print_table_row(2, JPG Support, enabled); php_info_print_table_row(2, libJPEG Version, tmp); } @@ -1302,7 +1316,11 @@ PHP_MINFO_FUNCTION(gd) #ifdef HAVE_GD_PNG php_info_print_table_row(2, PNG Support, enabled); +#if HAVE_GD_BUNDLED php_info_print_table_row(2, libPNG Version, gdPngGetVersionString()); +#else + php_info_print_table_row(2, libPNG Version, PNG_LIBPNG_VER_STRING); +#endif #endif #ifdef HAVE_GD_WBMP php_info_print_table_row(2, WBMP Support, enabled); Previous Comments: [2009-03-27 19:36:56] der...@php.net Are you using the bundled libgd, or an external one? [2009-03-27 19:16:37] oeriksson at mandriva dot com Description: I get an unresolved symbol when linking against system libgd. Reproduce code: --- Just running php-cli Expected result: Should work. Actual result: -- PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/extensions/gd.so' - /usr/lib64/php/extensions/gd.so: undefined symbol: gdJpegGetVersionInt in Unknown on line 0 -- Edit this bug report at http://bugs.php.net/?id=47812edit=1
#47812 [Com]: undefined symbol: gdJpegGetVersionInt
ID: 47812 Comment by: oeriksson at mandriva dot com Reported By: oeriksson at mandriva dot com Status: Assigned Bug Type: GD related Operating System: Mandriva Linux PHP Version: 5.3.0RC1 Assigned To: pajoye New Comment: The PHP devs should try harder to not bundle common libraries and instead push private changes upstream (IMHO). Previous Comments: [2009-03-27 19:49:27] paj...@php.net You should really not use the system libgd, especially not on the following systems: - debian - RHEL - Centos The problem still has to be fixed tho' :) [2009-03-27 19:45:31] oeriksson at mandriva dot com I described it in Description: :-) Here's a proposed fix: --- ext/gd/gd.c 2009-01-31 16:27:52.0 +0100 +++ ext/gd/gd.c.oden2009-03-27 20:27:14.0 +0100 @@ -55,6 +55,15 @@ #if HAVE_LIBGD +#ifdef HAVE_GD_PNG +/* needs to be first */ +# include png.h +#endif + +#ifdef HAVE_GD_JPG +# include jpeglib.h +#endif + static int le_gd, le_gd_font; #if HAVE_LIBT1 #include t1lib.h @@ -1293,8 +1302,13 @@ PHP_MINFO_FUNCTION(gd) #endif #ifdef HAVE_GD_JPG { +#if HAVE_GD_BUNDLED char tmp[12]; snprintf(tmp, sizeof(tmp), %d, gdJpegGetVersionInt()); +#else + char tmp[256]; + snprintf(tmp, sizeof(tmp), %d, JPEG_LIB_VERSION); +#endif php_info_print_table_row(2, JPG Support, enabled); php_info_print_table_row(2, libJPEG Version, tmp); } @@ -1302,7 +1316,11 @@ PHP_MINFO_FUNCTION(gd) #ifdef HAVE_GD_PNG php_info_print_table_row(2, PNG Support, enabled); +#if HAVE_GD_BUNDLED php_info_print_table_row(2, libPNG Version, gdPngGetVersionString()); +#else + php_info_print_table_row(2, libPNG Version, PNG_LIBPNG_VER_STRING); +#endif #endif #ifdef HAVE_GD_WBMP php_info_print_table_row(2, WBMP Support, enabled); [2009-03-27 19:36:56] der...@php.net Are you using the bundled libgd, or an external one? [2009-03-27 19:16:37] oeriksson at mandriva dot com Description: I get an unresolved symbol when linking against system libgd. Reproduce code: --- Just running php-cli Expected result: Should work. Actual result: -- PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/extensions/gd.so' - /usr/lib64/php/extensions/gd.so: undefined symbol: gdJpegGetVersionInt in Unknown on line 0 -- Edit this bug report at http://bugs.php.net/?id=47812edit=1
#47812 [Com]: undefined symbol: gdJpegGetVersionInt
ID: 47812 Comment by: oeriksson at mandriva dot com Reported By: oeriksson at mandriva dot com Status: Assigned Bug Type: GD related Operating System: Mandriva Linux PHP Version: 5.3.0RC1 Assigned To: pajoye New Comment: Upstream gd is nowadays libgd.org and I read there The library was originally developped by Thomas Boutell and is now maintained by Pierre-A. Joye under the umbrella of PHP.net.. Is this a problem? Previous Comments: [2009-03-27 20:05:33] paj...@php.net You missed my point. These distributions do not have updated libraries, or even worst for debian, they break the compatibility with the normal GD. I'm working to sync the external gd and php's gd so both can be used smoothly, but I have serious doubts that Debian will change, for example. [2009-03-27 20:04:23] ras...@php.net That argument completely falls apart if you do a bit of research on who the upstream for the gd library is. [2009-03-27 19:59:07] oeriksson at mandriva dot com The PHP devs should try harder to not bundle common libraries and instead push private changes upstream (IMHO). [2009-03-27 19:49:27] paj...@php.net You should really not use the system libgd, especially not on the following systems: - debian - RHEL - Centos The problem still has to be fixed tho' :) [2009-03-27 19:45:31] oeriksson at mandriva dot com I described it in Description: :-) Here's a proposed fix: --- ext/gd/gd.c 2009-01-31 16:27:52.0 +0100 +++ ext/gd/gd.c.oden2009-03-27 20:27:14.0 +0100 @@ -55,6 +55,15 @@ #if HAVE_LIBGD +#ifdef HAVE_GD_PNG +/* needs to be first */ +# include png.h +#endif + +#ifdef HAVE_GD_JPG +# include jpeglib.h +#endif + static int le_gd, le_gd_font; #if HAVE_LIBT1 #include t1lib.h @@ -1293,8 +1302,13 @@ PHP_MINFO_FUNCTION(gd) #endif #ifdef HAVE_GD_JPG { +#if HAVE_GD_BUNDLED char tmp[12]; snprintf(tmp, sizeof(tmp), %d, gdJpegGetVersionInt()); +#else + char tmp[256]; + snprintf(tmp, sizeof(tmp), %d, JPEG_LIB_VERSION); +#endif php_info_print_table_row(2, JPG Support, enabled); php_info_print_table_row(2, libJPEG Version, tmp); } @@ -1302,7 +1316,11 @@ PHP_MINFO_FUNCTION(gd) #ifdef HAVE_GD_PNG php_info_print_table_row(2, PNG Support, enabled); +#if HAVE_GD_BUNDLED php_info_print_table_row(2, libPNG Version, gdPngGetVersionString()); +#else + php_info_print_table_row(2, libPNG Version, PNG_LIBPNG_VER_STRING); +#endif #endif #ifdef HAVE_GD_WBMP php_info_print_table_row(2, WBMP Support, enabled); The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/47812 -- Edit this bug report at http://bugs.php.net/?id=47812edit=1
#47812 [Com]: undefined symbol: gdJpegGetVersionInt
ID: 47812 Comment by: oeriksson at mandriva dot com Reported By: oeriksson at mandriva dot com Status: Assigned Bug Type: GD related Operating System: Mandriva Linux PHP Version: 5.3.0RC1 Assigned To: pajoye New Comment: Excuse me for bothering you with petty issues. Why is it the bundled libgd is not in sync with the more official libgd as you are the sole upstream maintainer? gd hasn't had a new release since 2007-11-28, and none of the bling-bling found in the bundled libgd has found its way into any official libgd release. There are other bundled libraries. What about them then and private changes? Previous Comments: [2009-03-27 20:33:12] crrodriguez at opensuse dot org Pierre: is there any summary on what has to be done exactly to sync both libraries so distributions can just ship one copy of libgd ? Maybe all interested parties can hack into it. [2009-03-27 20:18:51] ras...@php.net Right, so you figured it out. You are talking to Pierre here. He is the upstream maintainer of the library. And the library is a PHP project. Telling us to do a better job pushing changes upstream (to ourselves?) doesn't make much sense. [2009-03-27 20:14:17] oeriksson at mandriva dot com Upstream gd is nowadays libgd.org and I read there The library was originally developped by Thomas Boutell and is now maintained by Pierre-A. Joye under the umbrella of PHP.net.. Is this a problem? [2009-03-27 20:05:33] paj...@php.net You missed my point. These distributions do not have updated libraries, or even worst for debian, they break the compatibility with the normal GD. I'm working to sync the external gd and php's gd so both can be used smoothly, but I have serious doubts that Debian will change, for example. [2009-03-27 20:04:23] ras...@php.net That argument completely falls apart if you do a bit of research on who the upstream for the gd library is. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/47812 -- Edit this bug report at http://bugs.php.net/?id=47812edit=1
#47812 [Com]: undefined symbol: gdJpegGetVersionInt
ID: 47812 Comment by: oeriksson at mandriva dot com Reported By: oeriksson at mandriva dot com Status: Assigned Bug Type: GD related Operating System: Mandriva Linux PHP Version: 5.3.0RC1 Assigned To: pajoye New Comment: Thanks Pierre, What about the private changes in libzip? Will you be able to sync that with upstream as well? Previous Comments: [2009-03-27 20:55:35] paj...@php.net There is work being done in libgd.org to bring 2.1.0 out (which should be synced with php). All fixes are done in both libraries (thanks Tabe for taking care of most of them) and many features have made their way. By the way, if the tempo is too slow, you can always give us a hand. I'm not willing to begin again a discussion with the Debian maintainer, I tried many times without success. [2009-03-27 20:40:39] oeriksson at mandriva dot com Excuse me for bothering you with petty issues. Why is it the bundled libgd is not in sync with the more official libgd as you are the sole upstream maintainer? gd hasn't had a new release since 2007-11-28, and none of the bling-bling found in the bundled libgd has found its way into any official libgd release. There are other bundled libraries. What about them then and private changes? [2009-03-27 20:33:12] crrodriguez at opensuse dot org Pierre: is there any summary on what has to be done exactly to sync both libraries so distributions can just ship one copy of libgd ? Maybe all interested parties can hack into it. [2009-03-27 20:18:51] ras...@php.net Right, so you figured it out. You are talking to Pierre here. He is the upstream maintainer of the library. And the library is a PHP project. Telling us to do a better job pushing changes upstream (to ourselves?) doesn't make much sense. [2009-03-27 20:14:17] oeriksson at mandriva dot com Upstream gd is nowadays libgd.org and I read there The library was originally developped by Thomas Boutell and is now maintained by Pierre-A. Joye under the umbrella of PHP.net.. Is this a problem? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/47812 -- Edit this bug report at http://bugs.php.net/?id=47812edit=1
#46887 [NEW]: -Werror=format-security
From: oeriksson at mandriva dot com Operating system: Mandriva Cooker PHP version: 5.2.8 PHP Bug Type: Compile Failure Bug description: -Werror=format-security Description: I get a build error when using -Werror=format-security with php_xmlwriter.c Reproduce code: --- Proposed fix: [o...@oe BUILD]$ cat php-5.2.8-format_not_a_string_literal_and_no_format_arguments.diff --- ext/xmlwriter/php_xmlwriter.c 2008-12-16 17:31:11.0 +0100 +++ ext/xmlwriter/php_xmlwriter.c.oden 2008-12-16 17:31:54.0 +0100 @@ -168,7 +168,7 @@ static zend_object_value xmlwriter_objec #define XMLW_NAME_CHK(__err) \ if (xmlValidateName((xmlChar *) name, 0) != 0) {\ - php_error_docref(NULL TSRMLS_CC, E_WARNING, __err); \ + php_error_docref(NULL TSRMLS_CC, E_WARNING, %s, __err); \ RETURN_FALSE; \ } \ Expected result: It should build? Actual result: -- /home/oden/RPM/BUILD/php-5.2.8/ext/xmlwriter/php_xmlwriter.c: In function 'php_xmlwriter_string_arg': /home/oden/RPM/BUILD/php-5.2.8/ext/xmlwriter/php_xmlwriter.c:441: error: format not a string literal and no format arguments -- Edit bug report at http://bugs.php.net/?id=46887edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=46887r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=46887r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=46887r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=46887r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=46887r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=46887r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=46887r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=46887r=needscript Try newer version: http://bugs.php.net/fix.php?id=46887r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=46887r=support Expected behavior: http://bugs.php.net/fix.php?id=46887r=notwrong Not enough info: http://bugs.php.net/fix.php?id=46887r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=46887r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=46887r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=46887r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=46887r=dst IIS Stability: http://bugs.php.net/fix.php?id=46887r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=46887r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=46887r=float No Zend Extensions: http://bugs.php.net/fix.php?id=46887r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=46887r=mysqlcfg
#43487 [Com]: Wrong conversion of float to string
ID: 43487 Comment by: oeriksson at mandriva dot com Reported By: jm at wo dot cz Status: Open Bug Type: Strings related Operating System: Linux PHP Version: 5.2.5 New Comment: Here's a shorter URL that hopefully won't wrap: http://n1.nux.se/php-5.2.5-use-volatile-to-force-float-store.patch Previous Comments: [2008-02-01 12:07:10] oeriksson at mandriva dot com Pascal Rigaux at Mandriva has a patch for this, please review it. http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/php/current/SOURCES/php-5.2.5-use-volatile-to-force-float-store.patch?revision=161099view=markup [2008-01-31 15:42:55] oeriksson at mandriva dot com Update; taken from our bugzilla: as peroyvind found, the miscompilation is inside Zend/zend_strtod.c, and -no-ftree-vrp workaround the bug. [2008-01-30 19:41:18] oeriksson at mandriva dot com I think I found the problem. On Mandriva Linux Cooker we are using: gcc (GCC) 4.2.2 20071128 (prerelease) (4.2.2-2mdv2008.1) glibc-2.7-1mdv2008.1 If I change the optimization from -O2 to -O0 (-O+zero) the bug goes away on x86_32. [2008-01-28 21:30:37] jm at wo dot cz The CVS snapshot makes no difference, still getting the same incorrect strings. [EMAIL PROTECTED] ~]$ php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach ($f as $fval) echo $fval, \n;' 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 [EMAIL PROTECTED] ~]$ php -v PHP 5.2.6-dev (cli) (built: Jan 28 2008 16:13:46) Copyright (c) 1997-2008 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies Previous poster suggested a CPU-related issue. I have encountered this issue on the following CPUs: vendor_id : AuthenticAMD cpu family : 15 model : 5 model name : AMD Opteron(tm) Processor 248 stepping: 8 cpu MHz : 2205.074 vendor_id : GenuineIntel cpu family : 6 model : 13 model name : Intel(R) Pentium(R) M processor 1.80GHz stepping: 6 cpu MHz : 1800.000 vendor_id : AuthenticAMD cpu family : 15 model : 37 model name : AMD Opteron(tm) Processor 252 stepping: 1 cpu MHz : 2606.078 [2008-01-28 07:59:48] oeriksson at mandriva dot com I get the same problem, but it seems related to what CPU is used. http://qa.mandriva.com/show_bug.cgi?id=37171 $ uname -a Linux foo.nux.se 2.6.24-server-0.rc8.2mdv #1 SMP Wed Jan 23 17:15:33 UTC 2008 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GNU/Linux $ php -r var_dump(11.1/111); float(0.0:) $ uname -a Linux oe.nux.tld 2.6.24-desktop-0.rc8.2mdv #1 SMP Wed Jan 23 18:12:45 CET 2008 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ GNU/Linux $ php -r var_dump(11.1/111); float(0.1) It works with 5.1.6 though. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/43487 -- Edit this bug report at http://bugs.php.net/?id=43487edit=1
#43487 [Com]: Wrong conversion of float to string
ID: 43487 Comment by: oeriksson at mandriva dot com Reported By: jm at wo dot cz Status: Open Bug Type: Strings related Operating System: Linux PHP Version: 5.2.5 New Comment: Pascal Rigaux at Mandriva has a patch for this, please review it. http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/php/current/SOURCES/php-5.2.5-use-volatile-to-force-float-store.patch?revision=161099view=markup Previous Comments: [2008-01-31 15:42:55] oeriksson at mandriva dot com Update; taken from our bugzilla: as peroyvind found, the miscompilation is inside Zend/zend_strtod.c, and -no-ftree-vrp workaround the bug. [2008-01-30 19:41:18] oeriksson at mandriva dot com I think I found the problem. On Mandriva Linux Cooker we are using: gcc (GCC) 4.2.2 20071128 (prerelease) (4.2.2-2mdv2008.1) glibc-2.7-1mdv2008.1 If I change the optimization from -O2 to -O0 (-O+zero) the bug goes away on x86_32. [2008-01-28 21:30:37] jm at wo dot cz The CVS snapshot makes no difference, still getting the same incorrect strings. [EMAIL PROTECTED] ~]$ php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach ($f as $fval) echo $fval, \n;' 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 [EMAIL PROTECTED] ~]$ php -v PHP 5.2.6-dev (cli) (built: Jan 28 2008 16:13:46) Copyright (c) 1997-2008 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies Previous poster suggested a CPU-related issue. I have encountered this issue on the following CPUs: vendor_id : AuthenticAMD cpu family : 15 model : 5 model name : AMD Opteron(tm) Processor 248 stepping: 8 cpu MHz : 2205.074 vendor_id : GenuineIntel cpu family : 6 model : 13 model name : Intel(R) Pentium(R) M processor 1.80GHz stepping: 6 cpu MHz : 1800.000 vendor_id : AuthenticAMD cpu family : 15 model : 37 model name : AMD Opteron(tm) Processor 252 stepping: 1 cpu MHz : 2606.078 [2008-01-28 07:59:48] oeriksson at mandriva dot com I get the same problem, but it seems related to what CPU is used. http://qa.mandriva.com/show_bug.cgi?id=37171 $ uname -a Linux foo.nux.se 2.6.24-server-0.rc8.2mdv #1 SMP Wed Jan 23 17:15:33 UTC 2008 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GNU/Linux $ php -r var_dump(11.1/111); float(0.0:) $ uname -a Linux oe.nux.tld 2.6.24-desktop-0.rc8.2mdv #1 SMP Wed Jan 23 18:12:45 CET 2008 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ GNU/Linux $ php -r var_dump(11.1/111); float(0.1) It works with 5.1.6 though. [2008-01-26 01:12:23] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.2-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.2-win32-installer-latest.msi The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/43487 -- Edit this bug report at http://bugs.php.net/?id=43487edit=1
#43487 [Com]: Wrong conversion of float to string
ID: 43487 Comment by: oeriksson at mandriva dot com Reported By: jm at wo dot cz Status: Open Bug Type: Strings related Operating System: Linux PHP Version: 5.2.5 New Comment: Update; taken from our bugzilla: as peroyvind found, the miscompilation is inside Zend/zend_strtod.c, and -no-ftree-vrp workaround the bug. Previous Comments: [2008-01-30 19:41:18] oeriksson at mandriva dot com I think I found the problem. On Mandriva Linux Cooker we are using: gcc (GCC) 4.2.2 20071128 (prerelease) (4.2.2-2mdv2008.1) glibc-2.7-1mdv2008.1 If I change the optimization from -O2 to -O0 (-O+zero) the bug goes away on x86_32. [2008-01-28 21:30:37] jm at wo dot cz The CVS snapshot makes no difference, still getting the same incorrect strings. [EMAIL PROTECTED] ~]$ php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach ($f as $fval) echo $fval, \n;' 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 [EMAIL PROTECTED] ~]$ php -v PHP 5.2.6-dev (cli) (built: Jan 28 2008 16:13:46) Copyright (c) 1997-2008 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies Previous poster suggested a CPU-related issue. I have encountered this issue on the following CPUs: vendor_id : AuthenticAMD cpu family : 15 model : 5 model name : AMD Opteron(tm) Processor 248 stepping: 8 cpu MHz : 2205.074 vendor_id : GenuineIntel cpu family : 6 model : 13 model name : Intel(R) Pentium(R) M processor 1.80GHz stepping: 6 cpu MHz : 1800.000 vendor_id : AuthenticAMD cpu family : 15 model : 37 model name : AMD Opteron(tm) Processor 252 stepping: 1 cpu MHz : 2606.078 [2008-01-28 07:59:48] oeriksson at mandriva dot com I get the same problem, but it seems related to what CPU is used. http://qa.mandriva.com/show_bug.cgi?id=37171 $ uname -a Linux foo.nux.se 2.6.24-server-0.rc8.2mdv #1 SMP Wed Jan 23 17:15:33 UTC 2008 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GNU/Linux $ php -r var_dump(11.1/111); float(0.0:) $ uname -a Linux oe.nux.tld 2.6.24-desktop-0.rc8.2mdv #1 SMP Wed Jan 23 18:12:45 CET 2008 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ GNU/Linux $ php -r var_dump(11.1/111); float(0.1) It works with 5.1.6 though. [2008-01-26 01:12:23] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.2-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.2-win32-installer-latest.msi [2008-01-16 09:20:36] lmalgras at tennaxia dot com I have the same problem with PHP 5.2.4 on Linux Reproduce code: --- php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach($f as $fval) echo $fval, \n;' Expected result: 0.0001 1.0E-5 1.0E-6 1.0E-7 1.0E-8 Actual result: -- 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 I have test this code on several configurations with the following results : PHP 5.2.0 (Linux) : Actual result PHP 5.2.2 (Linux) : Actual result PHP 5.2.3 (Windows): Actual result The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/43487 -- Edit this bug report at http://bugs.php.net/?id=43487edit=1
#43487 [Com]: Wrong conversion of float to string
ID: 43487 Comment by: oeriksson at mandriva dot com Reported By: jm at wo dot cz Status: Open Bug Type: Strings related Operating System: Linux PHP Version: 5.2.5 New Comment: I think I found the problem. On Mandriva Linux Cooker we are using: gcc (GCC) 4.2.2 20071128 (prerelease) (4.2.2-2mdv2008.1) glibc-2.7-1mdv2008.1 If I change the optimization from -O2 to -O0 (-O+zero) the bug goes away on x86_32. Previous Comments: [2008-01-28 21:30:37] jm at wo dot cz The CVS snapshot makes no difference, still getting the same incorrect strings. [EMAIL PROTECTED] ~]$ php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach ($f as $fval) echo $fval, \n;' 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 [EMAIL PROTECTED] ~]$ php -v PHP 5.2.6-dev (cli) (built: Jan 28 2008 16:13:46) Copyright (c) 1997-2008 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies Previous poster suggested a CPU-related issue. I have encountered this issue on the following CPUs: vendor_id : AuthenticAMD cpu family : 15 model : 5 model name : AMD Opteron(tm) Processor 248 stepping: 8 cpu MHz : 2205.074 vendor_id : GenuineIntel cpu family : 6 model : 13 model name : Intel(R) Pentium(R) M processor 1.80GHz stepping: 6 cpu MHz : 1800.000 vendor_id : AuthenticAMD cpu family : 15 model : 37 model name : AMD Opteron(tm) Processor 252 stepping: 1 cpu MHz : 2606.078 [2008-01-28 07:59:48] oeriksson at mandriva dot com I get the same problem, but it seems related to what CPU is used. http://qa.mandriva.com/show_bug.cgi?id=37171 $ uname -a Linux foo.nux.se 2.6.24-server-0.rc8.2mdv #1 SMP Wed Jan 23 17:15:33 UTC 2008 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GNU/Linux $ php -r var_dump(11.1/111); float(0.0:) $ uname -a Linux oe.nux.tld 2.6.24-desktop-0.rc8.2mdv #1 SMP Wed Jan 23 18:12:45 CET 2008 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ GNU/Linux $ php -r var_dump(11.1/111); float(0.1) It works with 5.1.6 though. [2008-01-26 01:12:23] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.2-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.2-win32-installer-latest.msi [2008-01-16 09:20:36] lmalgras at tennaxia dot com I have the same problem with PHP 5.2.4 on Linux Reproduce code: --- php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach($f as $fval) echo $fval, \n;' Expected result: 0.0001 1.0E-5 1.0E-6 1.0E-7 1.0E-8 Actual result: -- 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 I have test this code on several configurations with the following results : PHP 5.2.0 (Linux) : Actual result PHP 5.2.2 (Linux) : Actual result PHP 5.2.3 (Windows): Actual result [2007-12-06 23:59:16] jm at wo dot cz Obviously, I meant to say, the problem is with TWO numbers only: 1E-6 and 1E-7. J. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/43487 -- Edit this bug report at http://bugs.php.net/?id=43487edit=1
#43487 [Com]: Wrong conversion of float to string
ID: 43487 Comment by: oeriksson at mandriva dot com Reported By: jm at wo dot cz Status: Feedback Bug Type: Strings related Operating System: Linux PHP Version: 5.2.5 New Comment: I get the same problem, but it seems related to what CPU is used. http://qa.mandriva.com/show_bug.cgi?id=37171 $ uname -a Linux foo.nux.se 2.6.24-server-0.rc8.2mdv #1 SMP Wed Jan 23 17:15:33 UTC 2008 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GNU/Linux $ php -r var_dump(11.1/111); float(0.0:) $ uname -a Linux oe.nux.tld 2.6.24-desktop-0.rc8.2mdv #1 SMP Wed Jan 23 18:12:45 CET 2008 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ GNU/Linux $ php -r var_dump(11.1/111); float(0.1) It works with 5.1.6 though. Previous Comments: [2008-01-26 01:12:23] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.2-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.2-win32-installer-latest.msi [2008-01-16 09:20:36] lmalgras at tennaxia dot com I have the same problem with PHP 5.2.4 on Linux Reproduce code: --- php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach($f as $fval) echo $fval, \n;' Expected result: 0.0001 1.0E-5 1.0E-6 1.0E-7 1.0E-8 Actual result: -- 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 I have test this code on several configurations with the following results : PHP 5.2.0 (Linux) : Actual result PHP 5.2.2 (Linux) : Actual result PHP 5.2.3 (Windows): Actual result [2007-12-06 23:59:16] jm at wo dot cz Obviously, I meant to say, the problem is with TWO numbers only: 1E-6 and 1E-7. J. [2007-12-06 23:55:54] jm at wo dot cz I got the same problem on another machine too, again PHP 5.2.5 with pretty much the same configuration. In fact, the problem exhibits also for version 5.2.4 on my machines. About the unknown configuration options: Thanks, I had seen the warning but did not have the time to edit my scripts and based on the message it seemed harmless to leave the options be for now. I am thinking that the problem and your inability to reproduce it could be due to some libraries that PHP uses that may be buggy in the versions on my systems. Can you please tell me what libraries, if any, to look for? Although the installed version of software are generally the latest stable releases, it is possible that a patch or a downgrade may be in order on some library/tool. Finally, the problem has so far appeared for 3 numbers only: $ php -n -r '$f=array(1E-4, 1E-5, 1E-6, 1E-7, 1E-8); foreach ($f as $fval) echo $fval, \n;' 0.0001 1.0E-5 :.0E-7 :.0E-8 1.0E-8 Jan [2007-12-04 12:33:38] [EMAIL PROTECTED] I can't reproduce either: ]# php -r '$f=1E-6; echo $f, \n;' 1.0E-6 And pretty much the same configure options. btw. Many of the options you used don't even exist, did you pay attention to the last lines of the output after running configure? (it warns you about unknown options) Try this yourself: # php -n -r '$f=1E-6; echo $f, \n;' (-n makes sure you don't use any php.ini which might have different precision set) The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/43487 -- Edit this bug report at http://bugs.php.net/?id=43487edit=1