[PHP-CVS] svn: /php/php-src/trunk/ext/openssl/ xp_ssl.c
shm Thu, 10 Nov 2011 10:33:07 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318987 Log: Fixed NULL pointer dereference in stream_socket_enable_crypto, case when ssl_handle of session_stream is not initialized. Changed paths: U php/php-src/trunk/ext/openssl/xp_ssl.c Modified: php/php-src/trunk/ext/openssl/xp_ssl.c === --- php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 09:43:25 UTC (rev 318986) +++ php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 10:33:07 UTC (rev 318987) @@ -406,6 +406,8 @@ if (cparam-inputs.session) { if (cparam-inputs.session-ops != php_openssl_socket_ops) { php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied session stream must be an SSL enabled stream); + } else if (((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle == NULL) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied SSL session stream is not initialized); } else { SSL_copy_session_id(sslsock-ssl_handle, ((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/trunk/ext/openssl/ xp_ssl.c
hi Mateusz, Not necessary in 5.3 and 5.4? Cheers, On Thu, Nov 10, 2011 at 11:33 AM, Mateusz Kocielski s...@php.net wrote: shm Thu, 10 Nov 2011 10:33:07 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318987 Log: Fixed NULL pointer dereference in stream_socket_enable_crypto, case when ssl_handle of session_stream is not initialized. Changed paths: U php/php-src/trunk/ext/openssl/xp_ssl.c Modified: php/php-src/trunk/ext/openssl/xp_ssl.c === --- php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 09:43:25 UTC (rev 318986) +++ php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 10:33:07 UTC (rev 318987) @@ -406,6 +406,8 @@ if (cparam-inputs.session) { if (cparam-inputs.session-ops != php_openssl_socket_ops) { php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied session stream must be an SSL enabled stream); + } else if (((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle == NULL) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied SSL session stream is not initialized); } else { SSL_copy_session_id(sslsock-ssl_handle, ((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/exec.c ext/standard/tests/general_functions/bug60116.phpt
hirokawa Thu, 10 Nov 2011 14:19:06 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318996 Log: MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection). Bug: https://bugs.php.net/60116 (error getting bug information) Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/standard/exec.c A php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60116.phpt Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:12:48 UTC (rev 318995) +++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev 318996) @@ -24,8 +24,10 @@ . Fixed bug #60169 (Conjunction of ternary and list crashes PHP). (Laruence) . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to -is_a and is_subclass_of). (alan_k) - +is_a and is_subclass_of). (alan_k) + . Fixed bug #60116 (escapeshellcmd() cannot escape the characters + which cause shell command injection). (rui) + - Oracle Database extension (OCI8): . Increased maxium Oracle error message buffer length for new 11.2.0.3 size (Chris Jones) Modified: php/php-src/branches/PHP_5_4/ext/standard/exec.c === --- php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10 14:12:48 UTC (rev 318995) +++ php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10 14:19:06 UTC (rev 318996) @@ -50,6 +50,16 @@ #include unistd.h #endif +/* {{{ register_exec_constants + * */ +void register_exec_constants(INIT_FUNC_ARGS) +{ +REGISTER_LONG_CONSTANT(ESCAPE_CMD_PAIR, ESCAPE_CMD_PAIR, CONST_PERSISTENT|CONST_CS); +REGISTER_LONG_CONSTANT(ESCAPE_CMD_END, ESCAPE_CMD_END, CONST_PERSISTENT|CONST_CS); +REGISTER_LONG_CONSTANT(ESCAPE_CMD_ALL, ESCAPE_CMD_ALL, CONST_PERSISTENT|CONST_CS); +} +/* }}} */ + /* {{{ php_exec * If type==0, only last line of output is returned (exec) * If type==1, all lines will be printed and last lined returned (system) @@ -238,7 +248,7 @@ *NOT* safe for binary strings */ -PHPAPI char *php_escape_shell_cmd(char *str) +PHPAPI char *php_escape_shell_cmd_ex(char *str, int flag) { register int x, y, l = strlen(str); char *cmd; @@ -266,14 +276,26 @@ #ifndef PHP_WIN32 case '': case '\'': - if (!p (p = memchr(str + x + 1, str[x], l - x - 1))) { - /* noop */ - } else if (p *p == str[x]) { - p = NULL; - } else { + if (flag == ESCAPE_CMD_ALL) { cmd[y++] = '\\'; + cmd[y++] = str[x]; + } else if (flag == ESCAPE_CMD_END) { + if ((x == 0 || x == l - 1) (str[0] == str[l-1])) { + cmd[y++] = str[x]; +} else { +cmd[y++] = '\\'; +cmd[y++] = str[x]; +} + } else { /* ESCAPE_CMD_PAIR */ + if (!p (p = memchr(str + x + 1, str[x], l - x - 1))) { + /* noop */ + } else if (p *p == str[x]) { + p = NULL; + } else { + cmd[y++] = '\\'; + } + cmd[y++] = str[x]; } - cmd[y++] = str[x]; break; #else /* % is Windows specific for enviromental variables, ^%PATH% will @@ -327,6 +349,14 @@ } /* }}} */ +/* {{{ php_escape_shell_cmd + */ +PHPAPI char *php_escape_shell_cmd(char *str) +{ +return php_escape_shell_cmd_ex(str, ESCAPE_CMD_PAIR); +} +/* }}} */ + /* {{{ php_escape_shell_arg */ PHPAPI char *php_escape_shell_arg(char *str) @@ -397,14 +427,15 @@ { char *command; int command_len; + long flag = ESCAPE_CMD_PAIR; char *cmd = NULL; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, command, command_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|l, command, command_len, flag) == FAILURE) { return; } if (command_len) { - cmd = php_escape_shell_cmd(command); + cmd = php_escape_shell_cmd_ex(command, flag);
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/tests/general_functions/bug60227.phpt main/SAPI.c
hirokawa Thu, 10 Nov 2011 14:24:31 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318997 Log: MFH: fixed bug #60227 (header() cannot detect the multi-line header with CR(0x0D).) Bug: https://bugs.php.net/60227 (error getting bug information) Changed paths: U php/php-src/branches/PHP_5_4/NEWS A php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt U php/php-src/branches/PHP_5_4/main/SAPI.c Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev 318996) +++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:24:31 UTC (rev 318997) @@ -27,6 +27,8 @@ is_a and is_subclass_of). (alan_k) . Fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection). (rui) + . Fixed bug #60227 (header() cannot detect the multi-line header with + CR(0x0D)). (rui) - Oracle Database extension (OCI8): . Increased maxium Oracle error message buffer length for new 11.2.0.3 size Added: php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt === --- php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt (rev 0) +++ php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt 2011-11-10 14:24:31 UTC (rev 318997) @@ -0,0 +1,20 @@ +--TEST-- +Bug #60227 (header() cannot detect the multi-line header with CR) +--FILE-- +?php +header(X-Foo1: a); +header(X-Foo2: b\n ); +header(X-Foo3: c\r\n ); +header(X-Foo4: d\r ); +header(X-Foo5: e\rSet-Cookie: ID=123); +echo 'foo'; +? +--EXPECTF-- +Warning: Header may not contain more than a single header, new line detected. in %s on line %d +foo +--EXPECTHEADERS-- +X-Foo1: a +X-Foo2: b +X-Foo3: c +X-Foo4: d + Property changes on: php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt ___ Added: svn:keywords + Id Rev Revision Added: svn:eol-style + native Modified: php/php-src/branches/PHP_5_4/main/SAPI.c === --- php/php-src/branches/PHP_5_4/main/SAPI.c2011-11-10 14:19:06 UTC (rev 318996) +++ php/php-src/branches/PHP_5_4/main/SAPI.c2011-11-10 14:24:31 UTC (rev 318997) @@ -712,7 +712,7 @@ } else { /* new line safety check */ char *s = header_line, *e = header_line + header_line_len, *p; - while (s e (p = memchr(s, '\n', (e - s { + while (s e ((p = memchr(s, '\n', (e - s))) || (p = memchr(s, '\r', (e - s) { if (*(p + 1) == ' ' || *(p + 1) == '\t') { s = p + 1; continue; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /SVNROOT/ pear_avail
saltybeagle Thu, 10 Nov 2011 14:47:43 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318998 Log: Give Till Klampaeckel (till) access to pear-core for CI integration work Changed paths: U SVNROOT/pear_avail Modified: SVNROOT/pear_avail === --- SVNROOT/pear_avail 2011-11-10 14:24:31 UTC (rev 318997) +++ SVNROOT/pear_avail 2011-11-10 14:47:43 UTC (rev 318998) @@ -19,7 +19,7 @@ avail|ashnazg,clockwerx,cweiske,gauthierm,kguest,saltybeagle,shupp|pear # PEAR bits in the main php-src module -avail|mj,vblavet,dickmann,tal,jmcastagnetto,alexmerz,cellog,pajoye,timj,clay,dufuz,bjori,davidc,saltybeagle,derick,sebastian|pear/pear-core +avail|mj,vblavet,dickmann,tal,jmcastagnetto,alexmerz,cellog,pajoye,timj,clay,dufuz,bjori,davidc,saltybeagle,derick,sebastian,till|pear/pear-core # PEAR website avail|wez,alan_k,chagenbu,cmv,derick,dickmann,jon,mj,pajoye,richard,tal,antonio,alexmerz,jan,toby,draber,cellog,dufuz,danielc,lsmith,arnaud,davidc,wiesemann,jani,cweiske,saltybeagle,izi,clockwerx,till|pear/pearweb -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/exec.c ext/standard/tests/general_functions/bug60116.phpt
On Thu, Nov 10, 2011 at 3:19 PM, Rui Hirokawa hirok...@php.net wrote: hirokawa Thu, 10 Nov 2011 14:19:06 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318996 Log: MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection). Bug: https://bugs.php.net/60116 (error getting bug information) Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/standard/exec.c A php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60116.phpt Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:12:48 UTC (rev 318995) +++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev 318996) @@ -24,8 +24,10 @@ . Fixed bug #60169 (Conjunction of ternary and list crashes PHP). (Laruence) . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to -is_a and is_subclass_of). (alan_k) - +is_a and is_subclass_of). (alan_k) + . Fixed bug #60116 (escapeshellcmd() cannot escape the characters + which cause shell command injection). (rui) + - Oracle Database extension (OCI8): . Increased maxium Oracle error message buffer length for new 11.2.0.3 size (Chris Jones) Modified: php/php-src/branches/PHP_5_4/ext/standard/exec.c === --- php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10 14:12:48 UTC (rev 318995) +++ php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10 14:19:06 UTC (rev 318996) @@ -50,6 +50,16 @@ #include unistd.h #endif +/* {{{ register_exec_constants + * */ +void register_exec_constants(INIT_FUNC_ARGS) +{ +REGISTER_LONG_CONSTANT(ESCAPE_CMD_PAIR, ESCAPE_CMD_PAIR, CONST_PERSISTENT|CONST_CS); +REGISTER_LONG_CONSTANT(ESCAPE_CMD_END, ESCAPE_CMD_END, CONST_PERSISTENT|CONST_CS); +REGISTER_LONG_CONSTANT(ESCAPE_CMD_ALL, ESCAPE_CMD_ALL, CONST_PERSISTENT|CONST_CS); +} +/* }}} */ + /* {{{ php_exec * If type==0, only last line of output is returned (exec) * If type==1, all lines will be printed and last lined returned (system) @@ -238,7 +248,7 @@ *NOT* safe for binary strings */ -PHPAPI char *php_escape_shell_cmd(char *str) +PHPAPI char *php_escape_shell_cmd_ex(char *str, int flag) { register int x, y, l = strlen(str); char *cmd; @@ -266,14 +276,26 @@ #ifndef PHP_WIN32 case '': case '\'': - if (!p (p = memchr(str + x + 1, str[x], l - x - 1))) { - /* noop */ - } else if (p *p == str[x]) { - p = NULL; - } else { + if (flag == ESCAPE_CMD_ALL) { cmd[y++] = '\\'; + cmd[y++] = str[x]; + } else if (flag == ESCAPE_CMD_END) { + if ((x == 0 || x == l - 1) (str[0] == str[l-1])) { + cmd[y++] = str[x]; +} else { +cmd[y++] = '\\'; +cmd[y++] = str[x]; +} + } else { /* ESCAPE_CMD_PAIR */ + if (!p (p = memchr(str + x + 1, str[x], l - x - 1))) { + /* noop */ + } else if (p *p == str[x]) { + p = NULL; + } else { + cmd[y++] = '\\'; + } + cmd[y++] = str[x]; } - cmd[y++] = str[x]; break; #else /* % is Windows specific for enviromental variables, ^%PATH% will @@ -327,6 +349,14 @@ } /* }}} */ +/* {{{ php_escape_shell_cmd + */ +PHPAPI char *php_escape_shell_cmd(char *str) +{ +return php_escape_shell_cmd_ex(str, ESCAPE_CMD_PAIR); +} +/* }}} */ + /* {{{ php_escape_shell_arg */ PHPAPI char *php_escape_shell_arg(char *str) @@ -397,14 +427,15 @@ { char *command; int command_len; + long flag = ESCAPE_CMD_PAIR; char *cmd = NULL; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, command, command_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|l, command, command_len, flag) == FAILURE) { return; } if
[PHP-CVS] svn: /SVNROOT/ commit-bugs.php
bjoriThu, 10 Nov 2011 15:35:32 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319000 Log: This should work fine for pecl now Changed paths: U SVNROOT/commit-bugs.php Modified: SVNROOT/commit-bugs.php === --- SVNROOT/commit-bugs.php 2011-11-10 15:06:46 UTC (rev 318999) +++ SVNROOT/commit-bugs.php 2011-11-10 15:35:32 UTC (rev 319000) @@ -55,8 +55,7 @@ // Make an RPC call for each bug include __DIR__ . '/secret.inc'; foreach ($bug_list as $k = $bug) { -// Only do this for core PHP bugs -if ($bug['project'] !== '' $bug['project'] !== 'php') { +if (!in_array($bug[project], array(php, pecl, ))) { continue; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/exec.c ext/standard/tests/general_functions/bug60116.phpt
On Thu, Nov 10, 2011 at 15:19, Rui Hirokawa hirok...@php.net wrote: hirokawa Thu, 10 Nov 2011 14:19:06 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318996 Log: MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection). Bug: https://bugs.php.net/60116 (error getting bug information) Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/standard/exec.c A php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60116.phpt Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:12:48 UTC (rev 318995) +++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev 318996) @@ -24,8 +24,10 @@ . Fixed bug #60169 (Conjunction of ternary and list crashes PHP). (Laruence) . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to - is_a and is_subclass_of). (alan_k) - + is_a and is_subclass_of). (alan_k) + . Fixed bug #60116 (escapeshellcmd() cannot escape the characters + which cause shell command injection). (rui) This is the wrong section, rc1 has been release already so this entry belongs at the top of the file, under rc2 -Hannes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/standard/ exec.h
bjoriThu, 10 Nov 2011 17:20:09 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319002 Log: Fix build Changed paths: U php/php-src/branches/PHP_5_4/ext/standard/exec.h Modified: php/php-src/branches/PHP_5_4/ext/standard/exec.h === --- php/php-src/branches/PHP_5_4/ext/standard/exec.h2011-11-10 16:23:30 UTC (rev 319001) +++ php/php-src/branches/PHP_5_4/ext/standard/exec.h2011-11-10 17:20:09 UTC (rev 319002) @@ -21,6 +21,10 @@ #ifndef EXEC_H #define EXEC_H +#define ESCAPE_CMD_PAIR 0 +#define ESCAPE_CMD_END 1 +#define ESCAPE_CMD_ALL 2 + PHP_FUNCTION(system); PHP_FUNCTION(exec); PHP_FUNCTION(escapeshellcmd); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/standard/ basic_functions.c
bjoriThu, 10 Nov 2011 18:23:20 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319003 Log: register the new shell escape constants Changed paths: U php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c Modified: php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c === --- php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c 2011-11-10 17:20:09 UTC (rev 319002) +++ php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c 2011-11-10 18:23:20 UTC (rev 319003) @@ -3583,6 +3583,7 @@ #endif register_phpinfo_constants(INIT_FUNC_ARGS_PASSTHRU); + register_exec_constants(INIT_FUNC_ARGS_PASSTHRU); register_html_constants(INIT_FUNC_ARGS_PASSTHRU); register_string_constants(INIT_FUNC_ARGS_PASSTHRU); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/README.RELEASE_PROCESS trunk/README.RELEASE_PROCESS
dsp Thu, 10 Nov 2011 21:42:04 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319009 Log: It is not longer required to update php_version.php in php-bugs/ The bugtracker fetches the version list from the qa site, updating php_version.php is not required anymore. Changed paths: U php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS U php/php-src/trunk/README.RELEASE_PROCESS Modified: php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS === --- php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS 2011-11-10 21:17:04 UTC (rev 319008) +++ php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS 2011-11-10 21:42:04 UTC (rev 319009) @@ -113,20 +113,17 @@ Note: Remember to update the MD5 checksum information. +4. Update ``web/php/trunk/include/version.inc`` (x=major version number) -1. Update in ``web/php-bugs/trunk/include/php_versions.php`` to include the new RC and commit. - -2. Update ``web/php/trunk/include/version.inc`` (x=major version number) - a. ``$PHP_x_RC`` = 5.3.0RC1 b. ``$PHP_x_RC_DATE`` = 06 September 2007 -3. Commit those changes: +5. Commit those changes: a. ``svn commit web/qa/trunk web/php-bugs/trunk web/php/trunk`` -4. For the first RC, write the doc team (php...@lists.php.net) about updating the +6. For the first RC, write the doc team (php...@lists.php.net) about updating the INSTALL and win32/install.txt files which are generated from the PHP manual sources. Rolling a stable release Modified: php/php-src/trunk/README.RELEASE_PROCESS === --- php/php-src/trunk/README.RELEASE_PROCESS2011-11-10 21:17:04 UTC (rev 319008) +++ php/php-src/trunk/README.RELEASE_PROCESS2011-11-10 21:42:04 UTC (rev 319009) @@ -113,19 +113,17 @@ Note: Remember to update the MD5 checksum information. -1. Update in ``web/php-bugs/trunk/include/php_versions.php`` to include the new RC and commit. +4. Update ``web/php/trunk/include/version.inc`` (x=major version number) -2. Update ``web/php/trunk/include/version.inc`` (x=major version number) - a. ``$PHP_x_RC`` = 5.3.0RC1 b. ``$PHP_x_RC_DATE`` = 06 September 2007 -3. Commit those changes: +5. Commit those changes: a. ``svn commit web/qa/trunk web/php-bugs/trunk web/php/trunk`` -4. For the first RC, write the doc team (php...@lists.php.net) about updating the +6. For the first RC, write the doc team (php...@lists.php.net) about updating the INSTALL and win32/install.txt files which are generated from the PHP manual sources. Rolling a stable release -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
hirokawa Thu, 10 Nov 2011 21:45:36 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319010 Log: moved the new changes for RC2. Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 21:42:04 UTC (rev 319009) +++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 21:45:36 UTC (rev 319010) @@ -2,6 +2,12 @@ ||| ?? ??? 2011, PHP 5.4.0 RC2 +- Core: + . Fixed bug #60116 (escapeshellcmd() cannot escape the characters + which cause shell command injection). (rui) + . Fixed bug #60227 (header() cannot detect the multi-line header with + CR(0x0D)). (rui) + 11 Nov 2011, PHP 5.4.0 RC1 - General improvements: . Changed silent conversion of array to string to produce a notice. (Patrick) @@ -25,10 +31,6 @@ (Laruence) . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of). (alan_k) - . Fixed bug #60116 (escapeshellcmd() cannot escape the characters - which cause shell command injection). (rui) - . Fixed bug #60227 (header() cannot detect the multi-line header with - CR(0x0D)). (rui) - Oracle Database extension (OCI8): . Increased maxium Oracle error message buffer length for new 11.2.0.3 size -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/ext/oci8/oci8.c branches/PHP_5_3/ext/oci8/package.xml branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt branches/PHP_5_3/ext/oci8/
sixd Thu, 10 Nov 2011 22:47:00 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319015 Log: OCI8: Fixed bug #59985 (show normal warning text for OCI_NO_DATA). Sync NEWS. Bug: https://bugs.php.net/59985 (Open) No ORA-error message when OCI_NO_DATA Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/oci8/oci8.c U php/php-src/branches/PHP_5_3/ext/oci8/package.xml U php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt U php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt U php/php-src/branches/PHP_5_3/ext/oci8/tests/pecl_bug16842.phpt U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/oci8/oci8.c U php/php-src/branches/PHP_5_4/ext/oci8/package.xml U php/php-src/branches/PHP_5_4/ext/oci8/tests/array_bind_003.phpt U php/php-src/branches/PHP_5_4/ext/oci8/tests/array_bind_004.phpt U php/php-src/branches/PHP_5_4/ext/oci8/tests/pecl_bug16842.phpt U php/php-src/trunk/ext/oci8/oci8.c U php/php-src/trunk/ext/oci8/package.xml U php/php-src/trunk/ext/oci8/tests/array_bind_003.phpt U php/php-src/trunk/ext/oci8/tests/array_bind_004.phpt U php/php-src/trunk/ext/oci8/tests/pecl_bug16842.phpt Modified: php/php-src/branches/PHP_5_3/NEWS === --- php/php-src/branches/PHP_5_3/NEWS 2011-11-10 22:41:49 UTC (rev 319014) +++ php/php-src/branches/PHP_5_3/NEWS 2011-11-10 22:47:00 UTC (rev 319015) @@ -13,6 +13,9 @@ . Fixed bug #60160 (imagefill() doesn't work correctly for small images). (Florian) +- Oracle Database extension (OCI8): + . Fixed bug #59985 (show normal warning text for OCI_NO_DATA) +(Chris Jones) 03 Nov 2011, PHP 5.3.9RC1 @@ -77,8 +80,9 @@ (Andrey) - Oracle Database extension (OCI8): - . Increased maxium Oracle error message buffer length for new 11.2.0.3 size. + . Increased maximum Oracle error message buffer length for new 11.2.0.3 size. (Chris Jones) + . Improve internal initalization failure error messages (Chris Jones) - PDO . Fixed bug #55776 (PDORow to session bug). (Johannes) Modified: php/php-src/branches/PHP_5_3/ext/oci8/oci8.c === --- php/php-src/branches/PHP_5_3/ext/oci8/oci8.c 2011-11-10 22:41:49 UTC (rev 319014) +++ php/php-src/branches/PHP_5_3/ext/oci8/oci8.c 2011-11-10 22:47:00 UTC (rev 319015) @@ -1632,9 +1632,9 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, OCI_NEED_DATA); break; case OCI_NO_DATA: - php_error_docref(NULL TSRMLS_CC, E_WARNING, OCI_NO_DATA); errcode = php_oci_fetch_errmsg(err_p, errbuf TSRMLS_CC); if (errbuf) { +php_error_docref(NULL TSRMLS_CC, E_WARNING, %s, errbuf); efree(errbuf); } else { php_error_docref(NULL TSRMLS_CC, E_WARNING, OCI_NO_DATA: failed to fetch error message); Modified: php/php-src/branches/PHP_5_3/ext/oci8/package.xml === --- php/php-src/branches/PHP_5_3/ext/oci8/package.xml 2011-11-10 22:41:49 UTC (rev 319014) +++ php/php-src/branches/PHP_5_3/ext/oci8/package.xml 2011-11-10 22:47:00 UTC (rev 319015) @@ -46,7 +46,8 @@ /stability license uri=http://www.php.net/license;PHP/license notes - Increased maximum possible Oracle DB error message length + Fixed bug #59985 (show normal warning text for OCI_NO_DATA) + Increased maximum Oracle error message buffer length for new Oracle 11.2.0.3 size Improve internal initalization failure error messages /notes contents Modified: php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt === --- php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt 2011-11-10 22:41:49 UTC (rev 319014) +++ php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt 2011-11-10 22:47:00 UTC (rev 319015) @@ -62,7 +62,9 @@ echo Done\n; ? --EXPECTF-- -Warning: oci_execute(): OCI_NO_DATA in %s on line %d +Warning: oci_execute(): ORA-01403: %s +ORA-06512: at SYSTEM.ARRAYBINDPKG1, line %d +ORA-06512: at line %d in %sarray_bind_003.php on line %d array(4) { [0]= string(9) 06-DEC-05 Modified: php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt === --- php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt 2011-11-10 22:41:49 UTC (rev 319014) +++ php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt 2011-11-10 22:47:00 UTC (rev 319015) @@ -62,7 +62,9 @@ echo Done\n; ? --EXPECTF-- -Warning: oci_execute(): OCI_NO_DATA in %s on line %d +Warning: oci_execute(): ORA-01403: %s +ORA-06512: at SYSTEM.ARRAYBINDPKG1, line %d +ORA-06512: at line %d in %sarray_bind_004.php on line %d array(0) { } Done Modified:
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/mysql/tests/ bug55473.phpt
rasmus Fri, 11 Nov 2011 02:05:54 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319024 Log: Suppress lsof warnings here to avoid FUSE-related warnings in certain environments. This doesn't affect what is being tested. Changed paths: U php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt Modified: php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt === --- php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11 01:57:11 UTC (rev 319023) +++ php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11 02:05:54 UTC (rev 319024) @@ -8,7 +8,7 @@ die(skip Test doesn't work on Windows); } -if (!($output = @exec(lsof -np . getmypid( +if (!($output = @exec(lsof -nwp . getmypid( die(skip Test can't find command line tool lsof); ? --INI-- @@ -56,9 +56,9 @@ if ($opened_files == -1) { - $opened_files = trim(exec(lsof -np . getmypid() . | wc -l)); + $opened_files = trim(exec(lsof -nwp . getmypid() . | wc -l)); printf([005] Setting openened files...\n); - } else if (($tmp = trim(exec(lsof -np . getmypid() . | wc -l))) != $opened_files) { + } else if (($tmp = trim(exec(lsof -nwp . getmypid() . | wc -l))) != $opened_files) { printf([006] [%d] different number of opened_files : expected %d, got %d, $i, $opened_files, $tmp); } else { printf([007] Opened files as expected\n); @@ -76,4 +76,4 @@ [007] Opened files as expected [003] reconnect 3 [007] Opened files as expected -done! \ No newline at end of file +done! -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/mysql/tests/ bug55473.phpt
rasmus Fri, 11 Nov 2011 02:18:24 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319025 Log: Typo Changed paths: U php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt Modified: php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt === --- php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11 02:05:54 UTC (rev 319024) +++ php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11 02:18:24 UTC (rev 319025) @@ -1,5 +1,5 @@ --TEST-- -Bug #5547 (mysql_pconnect leaks file descriptors on reconnect) +Bug #55473 (mysql_pconnect leaks file descriptors on reconnect) --SKIPIF-- ?php require_once('skipif.inc'); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php