[PHP-CVS] svn: /php/php-src/trunk/ext/openssl/ xp_ssl.c
shm Thu, 10 Nov 2011 10:33:07 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=318987
Log:
Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
ssl_handle of session_stream is not initialized.
Changed paths:
U php/php-src/trunk/ext/openssl/xp_ssl.c
Modified: php/php-src/trunk/ext/openssl/xp_ssl.c
===
--- php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 09:43:25 UTC (rev
318986)
+++ php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 10:33:07 UTC (rev
318987)
@@ -406,6 +406,8 @@
if (cparam-inputs.session) {
if (cparam-inputs.session-ops != php_openssl_socket_ops) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied
session stream must be an SSL enabled stream);
+ } else if
(((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle
== NULL) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied
SSL session stream is not initialized);
} else {
SSL_copy_session_id(sslsock-ssl_handle,
((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/trunk/ext/openssl/ xp_ssl.c
hi Mateusz,
Not necessary in 5.3 and 5.4?
Cheers,
On Thu, Nov 10, 2011 at 11:33 AM, Mateusz Kocielski s...@php.net wrote:
shm Thu, 10 Nov 2011 10:33:07 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=318987
Log:
Fixed NULL pointer dereference in stream_socket_enable_crypto, case when
ssl_handle of session_stream is not initialized.
Changed paths:
U php/php-src/trunk/ext/openssl/xp_ssl.c
Modified: php/php-src/trunk/ext/openssl/xp_ssl.c
===
--- php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 09:43:25 UTC (rev
318986)
+++ php/php-src/trunk/ext/openssl/xp_ssl.c 2011-11-10 10:33:07 UTC (rev
318987)
@@ -406,6 +406,8 @@
if (cparam-inputs.session) {
if (cparam-inputs.session-ops != php_openssl_socket_ops) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied
session stream must be an SSL enabled stream);
+ } else if
(((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle
== NULL) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, supplied
SSL session stream is not initialized);
} else {
SSL_copy_session_id(sslsock-ssl_handle,
((php_openssl_netstream_data_t*)cparam-inputs.session-abstract)-ssl_handle);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/exec.c ext/standard/tests/general_functions/bug60116.phpt
hirokawa Thu, 10 Nov 2011 14:19:06 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=318996
Log:
MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which
cause shell command injection).
Bug: https://bugs.php.net/60116 (error getting bug information)
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/exec.c
A
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60116.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:12:48 UTC (rev 318995)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev 318996)
@@ -24,8 +24,10 @@
. Fixed bug #60169 (Conjunction of ternary and list crashes PHP).
(Laruence)
. Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to
-is_a and is_subclass_of). (alan_k)
-
+is_a and is_subclass_of). (alan_k)
+ . Fixed bug #60116 (escapeshellcmd() cannot escape the characters
+ which cause shell command injection). (rui)
+
- Oracle Database extension (OCI8):
. Increased maxium Oracle error message buffer length for new 11.2.0.3 size
(Chris Jones)
Modified: php/php-src/branches/PHP_5_4/ext/standard/exec.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10 14:12:48 UTC
(rev 318995)
+++ php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10 14:19:06 UTC
(rev 318996)
@@ -50,6 +50,16 @@
#include unistd.h
#endif
+/* {{{ register_exec_constants
+ * */
+void register_exec_constants(INIT_FUNC_ARGS)
+{
+REGISTER_LONG_CONSTANT(ESCAPE_CMD_PAIR, ESCAPE_CMD_PAIR,
CONST_PERSISTENT|CONST_CS);
+REGISTER_LONG_CONSTANT(ESCAPE_CMD_END, ESCAPE_CMD_END,
CONST_PERSISTENT|CONST_CS);
+REGISTER_LONG_CONSTANT(ESCAPE_CMD_ALL, ESCAPE_CMD_ALL,
CONST_PERSISTENT|CONST_CS);
+}
+/* }}} */
+
/* {{{ php_exec
* If type==0, only last line of output is returned (exec)
* If type==1, all lines will be printed and last lined returned (system)
@@ -238,7 +248,7 @@
*NOT* safe for binary strings
*/
-PHPAPI char *php_escape_shell_cmd(char *str)
+PHPAPI char *php_escape_shell_cmd_ex(char *str, int flag)
{
register int x, y, l = strlen(str);
char *cmd;
@@ -266,14 +276,26 @@
#ifndef PHP_WIN32
case '':
case '\'':
- if (!p (p = memchr(str + x + 1, str[x], l -
x - 1))) {
- /* noop */
- } else if (p *p == str[x]) {
- p = NULL;
- } else {
+ if (flag == ESCAPE_CMD_ALL) {
cmd[y++] = '\\';
+ cmd[y++] = str[x];
+ } else if (flag == ESCAPE_CMD_END) {
+ if ((x == 0 || x == l - 1) (str[0]
== str[l-1])) {
+ cmd[y++] = str[x];
+} else {
+cmd[y++] = '\\';
+cmd[y++] = str[x];
+}
+ } else { /* ESCAPE_CMD_PAIR */
+ if (!p (p = memchr(str + x + 1,
str[x], l - x - 1))) {
+ /* noop */
+ } else if (p *p == str[x]) {
+ p = NULL;
+ } else {
+ cmd[y++] = '\\';
+ }
+ cmd[y++] = str[x];
}
- cmd[y++] = str[x];
break;
#else
/* % is Windows specific for enviromental variables,
^%PATH% will
@@ -327,6 +349,14 @@
}
/* }}} */
+/* {{{ php_escape_shell_cmd
+ */
+PHPAPI char *php_escape_shell_cmd(char *str)
+{
+return php_escape_shell_cmd_ex(str, ESCAPE_CMD_PAIR);
+}
+/* }}} */
+
/* {{{ php_escape_shell_arg
*/
PHPAPI char *php_escape_shell_arg(char *str)
@@ -397,14 +427,15 @@
{
char *command;
int command_len;
+ long flag = ESCAPE_CMD_PAIR;
char *cmd = NULL;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, command,
command_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|l, command,
command_len, flag) == FAILURE) {
return;
}
if (command_len) {
- cmd = php_escape_shell_cmd(command);
+ cmd = php_escape_shell_cmd_ex(command, flag);
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/tests/general_functions/bug60227.phpt main/SAPI.c
hirokawa Thu, 10 Nov 2011 14:24:31 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=318997
Log:
MFH: fixed bug #60227 (header() cannot detect the multi-line header with
CR(0x0D).)
Bug: https://bugs.php.net/60227 (error getting bug information)
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
A
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt
U php/php-src/branches/PHP_5_4/main/SAPI.c
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev 318996)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:24:31 UTC (rev 318997)
@@ -27,6 +27,8 @@
is_a and is_subclass_of). (alan_k)
. Fixed bug #60116 (escapeshellcmd() cannot escape the characters
which cause shell command injection). (rui)
+ . Fixed bug #60227 (header() cannot detect the multi-line header with
+ CR(0x0D)). (rui)
- Oracle Database extension (OCI8):
. Increased maxium Oracle error message buffer length for new 11.2.0.3 size
Added:
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt
===
---
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt
(rev 0)
+++
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt
2011-11-10 14:24:31 UTC (rev 318997)
@@ -0,0 +1,20 @@
+--TEST--
+Bug #60227 (header() cannot detect the multi-line header with CR)
+--FILE--
+?php
+header(X-Foo1: a);
+header(X-Foo2: b\n );
+header(X-Foo3: c\r\n );
+header(X-Foo4: d\r );
+header(X-Foo5: e\rSet-Cookie: ID=123);
+echo 'foo';
+?
+--EXPECTF--
+Warning: Header may not contain more than a single header, new line detected.
in %s on line %d
+foo
+--EXPECTHEADERS--
+X-Foo1: a
+X-Foo2: b
+X-Foo3: c
+X-Foo4: d
+
Property changes on:
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60227.phpt
___
Added: svn:keywords
+ Id Rev Revision
Added: svn:eol-style
+ native
Modified: php/php-src/branches/PHP_5_4/main/SAPI.c
===
--- php/php-src/branches/PHP_5_4/main/SAPI.c2011-11-10 14:19:06 UTC (rev
318996)
+++ php/php-src/branches/PHP_5_4/main/SAPI.c2011-11-10 14:24:31 UTC (rev
318997)
@@ -712,7 +712,7 @@
} else {
/* new line safety check */
char *s = header_line, *e = header_line + header_line_len, *p;
- while (s e (p = memchr(s, '\n', (e - s {
+ while (s e ((p = memchr(s, '\n', (e - s))) || (p =
memchr(s, '\r', (e - s) {
if (*(p + 1) == ' ' || *(p + 1) == '\t') {
s = p + 1;
continue;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /SVNROOT/ pear_avail
saltybeagle Thu, 10 Nov 2011 14:47:43 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318998 Log: Give Till Klampaeckel (till) access to pear-core for CI integration work Changed paths: U SVNROOT/pear_avail Modified: SVNROOT/pear_avail === --- SVNROOT/pear_avail 2011-11-10 14:24:31 UTC (rev 318997) +++ SVNROOT/pear_avail 2011-11-10 14:47:43 UTC (rev 318998) @@ -19,7 +19,7 @@ avail|ashnazg,clockwerx,cweiske,gauthierm,kguest,saltybeagle,shupp|pear # PEAR bits in the main php-src module -avail|mj,vblavet,dickmann,tal,jmcastagnetto,alexmerz,cellog,pajoye,timj,clay,dufuz,bjori,davidc,saltybeagle,derick,sebastian|pear/pear-core +avail|mj,vblavet,dickmann,tal,jmcastagnetto,alexmerz,cellog,pajoye,timj,clay,dufuz,bjori,davidc,saltybeagle,derick,sebastian,till|pear/pear-core # PEAR website avail|wez,alan_k,chagenbu,cmv,derick,dickmann,jon,mj,pajoye,richard,tal,antonio,alexmerz,jan,toby,draber,cellog,dufuz,danielc,lsmith,arnaud,davidc,wiesemann,jani,cweiske,saltybeagle,izi,clockwerx,till|pear/pearweb -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/exec.c ext/standard/tests/general_functions/bug60116.phpt
On Thu, Nov 10, 2011 at 3:19 PM, Rui Hirokawa hirok...@php.net wrote:
hirokawa Thu, 10 Nov 2011 14:19:06 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=318996
Log:
MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which
cause shell command injection).
Bug: https://bugs.php.net/60116 (error getting bug information)
Changed paths:
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/standard/exec.c
A
php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60116.phpt
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:12:48 UTC (rev
318995)
+++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev
318996)
@@ -24,8 +24,10 @@
. Fixed bug #60169 (Conjunction of ternary and list crashes PHP).
(Laruence)
. Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd
argument to
-is_a and is_subclass_of). (alan_k)
-
+is_a and is_subclass_of). (alan_k)
+ . Fixed bug #60116 (escapeshellcmd() cannot escape the characters
+ which cause shell command injection). (rui)
+
- Oracle Database extension (OCI8):
. Increased maxium Oracle error message buffer length for new 11.2.0.3
size
(Chris Jones)
Modified: php/php-src/branches/PHP_5_4/ext/standard/exec.c
===
--- php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10
14:12:48 UTC (rev 318995)
+++ php/php-src/branches/PHP_5_4/ext/standard/exec.c2011-11-10
14:19:06 UTC (rev 318996)
@@ -50,6 +50,16 @@
#include unistd.h
#endif
+/* {{{ register_exec_constants
+ * */
+void register_exec_constants(INIT_FUNC_ARGS)
+{
+REGISTER_LONG_CONSTANT(ESCAPE_CMD_PAIR, ESCAPE_CMD_PAIR,
CONST_PERSISTENT|CONST_CS);
+REGISTER_LONG_CONSTANT(ESCAPE_CMD_END, ESCAPE_CMD_END,
CONST_PERSISTENT|CONST_CS);
+REGISTER_LONG_CONSTANT(ESCAPE_CMD_ALL, ESCAPE_CMD_ALL,
CONST_PERSISTENT|CONST_CS);
+}
+/* }}} */
+
/* {{{ php_exec
* If type==0, only last line of output is returned (exec)
* If type==1, all lines will be printed and last lined returned (system)
@@ -238,7 +248,7 @@
*NOT* safe for binary strings
*/
-PHPAPI char *php_escape_shell_cmd(char *str)
+PHPAPI char *php_escape_shell_cmd_ex(char *str, int flag)
{
register int x, y, l = strlen(str);
char *cmd;
@@ -266,14 +276,26 @@
#ifndef PHP_WIN32
case '':
case '\'':
- if (!p (p = memchr(str + x + 1, str[x],
l - x - 1))) {
- /* noop */
- } else if (p *p == str[x]) {
- p = NULL;
- } else {
+ if (flag == ESCAPE_CMD_ALL) {
cmd[y++] = '\\';
+ cmd[y++] = str[x];
+ } else if (flag == ESCAPE_CMD_END) {
+ if ((x == 0 || x == l - 1)
(str[0] == str[l-1])) {
+ cmd[y++] = str[x];
+} else {
+cmd[y++] = '\\';
+cmd[y++] = str[x];
+}
+ } else { /* ESCAPE_CMD_PAIR */
+ if (!p (p = memchr(str + x + 1,
str[x], l - x - 1))) {
+ /* noop */
+ } else if (p *p == str[x]) {
+ p = NULL;
+ } else {
+ cmd[y++] = '\\';
+ }
+ cmd[y++] = str[x];
}
- cmd[y++] = str[x];
break;
#else
/* % is Windows specific for enviromental
variables, ^%PATH% will
@@ -327,6 +349,14 @@
}
/* }}} */
+/* {{{ php_escape_shell_cmd
+ */
+PHPAPI char *php_escape_shell_cmd(char *str)
+{
+return php_escape_shell_cmd_ex(str, ESCAPE_CMD_PAIR);
+}
+/* }}} */
+
/* {{{ php_escape_shell_arg
*/
PHPAPI char *php_escape_shell_arg(char *str)
@@ -397,14 +427,15 @@
{
char *command;
int command_len;
+ long flag = ESCAPE_CMD_PAIR;
char *cmd = NULL;
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s,
command, command_len) == FAILURE) {
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|l,
command, command_len, flag) == FAILURE) {
return;
}
if
[PHP-CVS] svn: /SVNROOT/ commit-bugs.php
bjoriThu, 10 Nov 2011 15:35:32 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=319000
Log:
This should work fine for pecl now
Changed paths:
U SVNROOT/commit-bugs.php
Modified: SVNROOT/commit-bugs.php
===
--- SVNROOT/commit-bugs.php 2011-11-10 15:06:46 UTC (rev 318999)
+++ SVNROOT/commit-bugs.php 2011-11-10 15:35:32 UTC (rev 319000)
@@ -55,8 +55,7 @@
// Make an RPC call for each bug
include __DIR__ . '/secret.inc';
foreach ($bug_list as $k = $bug) {
-// Only do this for core PHP bugs
-if ($bug['project'] !== '' $bug['project'] !== 'php') {
+if (!in_array($bug[project], array(php, pecl, ))) {
continue;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS ext/standard/exec.c ext/standard/tests/general_functions/bug60116.phpt
On Thu, Nov 10, 2011 at 15:19, Rui Hirokawa hirok...@php.net wrote: hirokawa Thu, 10 Nov 2011 14:19:06 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318996 Log: MFH: fixed bug #60116 (escapeshellcmd() cannot escape the characters which cause shell command injection). Bug: https://bugs.php.net/60116 (error getting bug information) Changed paths: U php/php-src/branches/PHP_5_4/NEWS U php/php-src/branches/PHP_5_4/ext/standard/exec.c A php/php-src/branches/PHP_5_4/ext/standard/tests/general_functions/bug60116.phpt Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:12:48 UTC (rev 318995) +++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 14:19:06 UTC (rev 318996) @@ -24,8 +24,10 @@ . Fixed bug #60169 (Conjunction of ternary and list crashes PHP). (Laruence) . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to - is_a and is_subclass_of). (alan_k) - + is_a and is_subclass_of). (alan_k) + . Fixed bug #60116 (escapeshellcmd() cannot escape the characters + which cause shell command injection). (rui) This is the wrong section, rc1 has been release already so this entry belongs at the top of the file, under rc2 -Hannes -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/standard/ exec.h
bjoriThu, 10 Nov 2011 17:20:09 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319002 Log: Fix build Changed paths: U php/php-src/branches/PHP_5_4/ext/standard/exec.h Modified: php/php-src/branches/PHP_5_4/ext/standard/exec.h === --- php/php-src/branches/PHP_5_4/ext/standard/exec.h2011-11-10 16:23:30 UTC (rev 319001) +++ php/php-src/branches/PHP_5_4/ext/standard/exec.h2011-11-10 17:20:09 UTC (rev 319002) @@ -21,6 +21,10 @@ #ifndef EXEC_H #define EXEC_H +#define ESCAPE_CMD_PAIR 0 +#define ESCAPE_CMD_END 1 +#define ESCAPE_CMD_ALL 2 + PHP_FUNCTION(system); PHP_FUNCTION(exec); PHP_FUNCTION(escapeshellcmd); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/standard/ basic_functions.c
bjoriThu, 10 Nov 2011 18:23:20 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319003 Log: register the new shell escape constants Changed paths: U php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c Modified: php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c === --- php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c 2011-11-10 17:20:09 UTC (rev 319002) +++ php/php-src/branches/PHP_5_4/ext/standard/basic_functions.c 2011-11-10 18:23:20 UTC (rev 319003) @@ -3583,6 +3583,7 @@ #endif register_phpinfo_constants(INIT_FUNC_ARGS_PASSTHRU); + register_exec_constants(INIT_FUNC_ARGS_PASSTHRU); register_html_constants(INIT_FUNC_ARGS_PASSTHRU); register_string_constants(INIT_FUNC_ARGS_PASSTHRU); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_4/README.RELEASE_PROCESS trunk/README.RELEASE_PROCESS
dsp Thu, 10 Nov 2011 21:42:04 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319009 Log: It is not longer required to update php_version.php in php-bugs/ The bugtracker fetches the version list from the qa site, updating php_version.php is not required anymore. Changed paths: U php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS U php/php-src/trunk/README.RELEASE_PROCESS Modified: php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS === --- php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS 2011-11-10 21:17:04 UTC (rev 319008) +++ php/php-src/branches/PHP_5_4/README.RELEASE_PROCESS 2011-11-10 21:42:04 UTC (rev 319009) @@ -113,20 +113,17 @@ Note: Remember to update the MD5 checksum information. +4. Update ``web/php/trunk/include/version.inc`` (x=major version number) -1. Update in ``web/php-bugs/trunk/include/php_versions.php`` to include the new RC and commit. - -2. Update ``web/php/trunk/include/version.inc`` (x=major version number) - a. ``$PHP_x_RC`` = 5.3.0RC1 b. ``$PHP_x_RC_DATE`` = 06 September 2007 -3. Commit those changes: +5. Commit those changes: a. ``svn commit web/qa/trunk web/php-bugs/trunk web/php/trunk`` -4. For the first RC, write the doc team (php...@lists.php.net) about updating the +6. For the first RC, write the doc team (php...@lists.php.net) about updating the INSTALL and win32/install.txt files which are generated from the PHP manual sources. Rolling a stable release Modified: php/php-src/trunk/README.RELEASE_PROCESS === --- php/php-src/trunk/README.RELEASE_PROCESS2011-11-10 21:17:04 UTC (rev 319008) +++ php/php-src/trunk/README.RELEASE_PROCESS2011-11-10 21:42:04 UTC (rev 319009) @@ -113,19 +113,17 @@ Note: Remember to update the MD5 checksum information. -1. Update in ``web/php-bugs/trunk/include/php_versions.php`` to include the new RC and commit. +4. Update ``web/php/trunk/include/version.inc`` (x=major version number) -2. Update ``web/php/trunk/include/version.inc`` (x=major version number) - a. ``$PHP_x_RC`` = 5.3.0RC1 b. ``$PHP_x_RC_DATE`` = 06 September 2007 -3. Commit those changes: +5. Commit those changes: a. ``svn commit web/qa/trunk web/php-bugs/trunk web/php/trunk`` -4. For the first RC, write the doc team (php...@lists.php.net) about updating the +6. For the first RC, write the doc team (php...@lists.php.net) about updating the INSTALL and win32/install.txt files which are generated from the PHP manual sources. Rolling a stable release -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ NEWS
hirokawa Thu, 10 Nov 2011 21:45:36 + Revision: http://svn.php.net/viewvc?view=revisionrevision=319010 Log: moved the new changes for RC2. Changed paths: U php/php-src/branches/PHP_5_4/NEWS Modified: php/php-src/branches/PHP_5_4/NEWS === --- php/php-src/branches/PHP_5_4/NEWS 2011-11-10 21:42:04 UTC (rev 319009) +++ php/php-src/branches/PHP_5_4/NEWS 2011-11-10 21:45:36 UTC (rev 319010) @@ -2,6 +2,12 @@ ||| ?? ??? 2011, PHP 5.4.0 RC2 +- Core: + . Fixed bug #60116 (escapeshellcmd() cannot escape the characters + which cause shell command injection). (rui) + . Fixed bug #60227 (header() cannot detect the multi-line header with + CR(0x0D)). (rui) + 11 Nov 2011, PHP 5.4.0 RC1 - General improvements: . Changed silent conversion of array to string to produce a notice. (Patrick) @@ -25,10 +31,6 @@ (Laruence) . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of). (alan_k) - . Fixed bug #60116 (escapeshellcmd() cannot escape the characters - which cause shell command injection). (rui) - . Fixed bug #60227 (header() cannot detect the multi-line header with - CR(0x0D)). (rui) - Oracle Database extension (OCI8): . Increased maxium Oracle error message buffer length for new 11.2.0.3 size -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/ext/oci8/oci8.c branches/PHP_5_3/ext/oci8/package.xml branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt branches/PHP_5_3/ext/oci8/
sixd Thu, 10 Nov 2011 22:47:00 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=319015
Log:
OCI8: Fixed bug #59985 (show normal warning text for OCI_NO_DATA). Sync NEWS.
Bug: https://bugs.php.net/59985 (Open) No ORA-error message when OCI_NO_DATA
Changed paths:
U php/php-src/branches/PHP_5_3/NEWS
U php/php-src/branches/PHP_5_3/ext/oci8/oci8.c
U php/php-src/branches/PHP_5_3/ext/oci8/package.xml
U php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt
U php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt
U php/php-src/branches/PHP_5_3/ext/oci8/tests/pecl_bug16842.phpt
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/oci8/oci8.c
U php/php-src/branches/PHP_5_4/ext/oci8/package.xml
U php/php-src/branches/PHP_5_4/ext/oci8/tests/array_bind_003.phpt
U php/php-src/branches/PHP_5_4/ext/oci8/tests/array_bind_004.phpt
U php/php-src/branches/PHP_5_4/ext/oci8/tests/pecl_bug16842.phpt
U php/php-src/trunk/ext/oci8/oci8.c
U php/php-src/trunk/ext/oci8/package.xml
U php/php-src/trunk/ext/oci8/tests/array_bind_003.phpt
U php/php-src/trunk/ext/oci8/tests/array_bind_004.phpt
U php/php-src/trunk/ext/oci8/tests/pecl_bug16842.phpt
Modified: php/php-src/branches/PHP_5_3/NEWS
===
--- php/php-src/branches/PHP_5_3/NEWS 2011-11-10 22:41:49 UTC (rev 319014)
+++ php/php-src/branches/PHP_5_3/NEWS 2011-11-10 22:47:00 UTC (rev 319015)
@@ -13,6 +13,9 @@
. Fixed bug #60160 (imagefill() doesn't work correctly
for small images). (Florian)
+- Oracle Database extension (OCI8):
+ . Fixed bug #59985 (show normal warning text for OCI_NO_DATA)
+(Chris Jones)
03 Nov 2011, PHP 5.3.9RC1
@@ -77,8 +80,9 @@
(Andrey)
- Oracle Database extension (OCI8):
- . Increased maxium Oracle error message buffer length for new 11.2.0.3 size.
+ . Increased maximum Oracle error message buffer length for new 11.2.0.3 size.
(Chris Jones)
+ . Improve internal initalization failure error messages (Chris Jones)
- PDO
. Fixed bug #55776 (PDORow to session bug). (Johannes)
Modified: php/php-src/branches/PHP_5_3/ext/oci8/oci8.c
===
--- php/php-src/branches/PHP_5_3/ext/oci8/oci8.c 2011-11-10 22:41:49 UTC (rev 319014)
+++ php/php-src/branches/PHP_5_3/ext/oci8/oci8.c 2011-11-10 22:47:00 UTC (rev 319015)
@@ -1632,9 +1632,9 @@
php_error_docref(NULL TSRMLS_CC, E_WARNING, OCI_NEED_DATA);
break;
case OCI_NO_DATA:
- php_error_docref(NULL TSRMLS_CC, E_WARNING, OCI_NO_DATA);
errcode = php_oci_fetch_errmsg(err_p, errbuf TSRMLS_CC);
if (errbuf) {
+php_error_docref(NULL TSRMLS_CC, E_WARNING, %s, errbuf);
efree(errbuf);
} else {
php_error_docref(NULL TSRMLS_CC, E_WARNING, OCI_NO_DATA: failed to fetch error message);
Modified: php/php-src/branches/PHP_5_3/ext/oci8/package.xml
===
--- php/php-src/branches/PHP_5_3/ext/oci8/package.xml 2011-11-10 22:41:49 UTC (rev 319014)
+++ php/php-src/branches/PHP_5_3/ext/oci8/package.xml 2011-11-10 22:47:00 UTC (rev 319015)
@@ -46,7 +46,8 @@
/stability
license uri=http://www.php.net/license;PHP/license
notes
- Increased maximum possible Oracle DB error message length
+ Fixed bug #59985 (show normal warning text for OCI_NO_DATA)
+ Increased maximum Oracle error message buffer length for new Oracle 11.2.0.3 size
Improve internal initalization failure error messages
/notes
contents
Modified: php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt
===
--- php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt 2011-11-10 22:41:49 UTC (rev 319014)
+++ php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_003.phpt 2011-11-10 22:47:00 UTC (rev 319015)
@@ -62,7 +62,9 @@
echo Done\n;
?
--EXPECTF--
-Warning: oci_execute(): OCI_NO_DATA in %s on line %d
+Warning: oci_execute(): ORA-01403: %s
+ORA-06512: at SYSTEM.ARRAYBINDPKG1, line %d
+ORA-06512: at line %d in %sarray_bind_003.php on line %d
array(4) {
[0]=
string(9) 06-DEC-05
Modified: php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt
===
--- php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt 2011-11-10 22:41:49 UTC (rev 319014)
+++ php/php-src/branches/PHP_5_3/ext/oci8/tests/array_bind_004.phpt 2011-11-10 22:47:00 UTC (rev 319015)
@@ -62,7 +62,9 @@
echo Done\n;
?
--EXPECTF--
-Warning: oci_execute(): OCI_NO_DATA in %s on line %d
+Warning: oci_execute(): ORA-01403: %s
+ORA-06512: at SYSTEM.ARRAYBINDPKG1, line %d
+ORA-06512: at line %d in %sarray_bind_004.php on line %d
array(0) {
}
Done
Modified:
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/mysql/tests/ bug55473.phpt
rasmus Fri, 11 Nov 2011 02:05:54 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=319024
Log:
Suppress lsof warnings here to avoid FUSE-related
warnings in certain environments. This doesn't
affect what is being tested.
Changed paths:
U php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt
Modified: php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt
===
--- php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11
01:57:11 UTC (rev 319023)
+++ php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11
02:05:54 UTC (rev 319024)
@@ -8,7 +8,7 @@
die(skip Test doesn't work on Windows);
}
-if (!($output = @exec(lsof -np . getmypid(
+if (!($output = @exec(lsof -nwp . getmypid(
die(skip Test can't find command line tool lsof);
?
--INI--
@@ -56,9 +56,9 @@
if ($opened_files == -1) {
- $opened_files = trim(exec(lsof -np . getmypid() .
| wc -l));
+ $opened_files = trim(exec(lsof -nwp . getmypid() .
| wc -l));
printf([005] Setting openened files...\n);
- } else if (($tmp = trim(exec(lsof -np . getmypid() . | wc
-l))) != $opened_files) {
+ } else if (($tmp = trim(exec(lsof -nwp . getmypid() . | wc
-l))) != $opened_files) {
printf([006] [%d] different number of opened_files :
expected %d, got %d, $i, $opened_files, $tmp);
} else {
printf([007] Opened files as expected\n);
@@ -76,4 +76,4 @@
[007] Opened files as expected
[003] reconnect 3
[007] Opened files as expected
-done!
\ No newline at end of file
+done!
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_4/ext/mysql/tests/ bug55473.phpt
rasmus Fri, 11 Nov 2011 02:18:24 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=319025
Log:
Typo
Changed paths:
U php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt
Modified: php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt
===
--- php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11
02:05:54 UTC (rev 319024)
+++ php/php-src/branches/PHP_5_4/ext/mysql/tests/bug55473.phpt 2011-11-11
02:18:24 UTC (rev 319025)
@@ -1,5 +1,5 @@
--TEST--
-Bug #5547 (mysql_pconnect leaks file descriptors on reconnect)
+Bug #55473 (mysql_pconnect leaks file descriptors on reconnect)
--SKIPIF--
?php
require_once('skipif.inc');
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
