Re: [PHP-CVS] com php-src: Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config): NEWS Zend/zend.c
On Sat, May 5, 2012 at 2:36 PM, Dmitry Stogov wrote:
> Hi Laruence,
>
> Thank you for sending this.
>
> I'm not sure if the patch is completely correct.
> With the patch all the threads share the single copy of script_encoding_list
> and when one thread terminates it calls compiler_globals_dtor() and frees
> the script_encoding_list. But other threads still keep reference to it.
>
> I think we have to duplicate script_encoding_list for each thread in the
> same way as we do for CG(function_table).
right, thanks
>
> Also I noticed a related issue. At zend.c compiler_globals_dtor()
> CG(script_encoding_list) deallocated using free() and in zend_multibyte.c
> zend_multibyte_set_script_encoding() using efree().
>
> I suppose the second place has to be fixed.
>
> I would appreciate if you could look into the problems.
okey, I will, thanks :)
>
> Thanks. Dmitry.
>
>
>
> On 05/03/2012 06:51 PM, Laruence wrote:
>>
>> Hi, Dmitry:
>>
>> you may want to review this, :)
>>
>> thanks
>> On Thu, May 3, 2012 at 10:39 PM, Xinchen Hui wrote:
>>>
>>> Commit: 72f19e9a8bcf5712b24fa333a26616eff19ac1ce
>>> Author: Xinchen Hui Thu, 3 May 2012
>>> 22:39:53 +0800
>>> Parents: d74d88fbb9c29b1dd5ff05a54b72cf7c9250955c
>>> Branches: PHP-5.4
>>>
>>> Link:
>>> http://git.php.net/?p=php-src.git;a=commitdiff;h=72f19e9a8bcf5712b24fa333a26616eff19ac1ce
>>>
>>> Log:
>>> Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config)
>>>
>>> Bugs:
>>> https://bugs.php.net/61922
>>>
>>> Changed paths:
>>> M NEWS
>>> M Zend/zend.c
>>>
>>>
>>> Diff:
>>> diff --git a/NEWS b/NEWS
>>> index 8796cf4..9ef6abf 100644
>>> --- a/NEWS
>>> +++ b/NEWS
>>> @@ -10,6 +10,8 @@ PHP
>>> NEWS
>>> (Laruence)
>>>
>>> - Core:
>>> + . Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding
>>> config).
>>> + (Laruence)
>>> . Fixed missing bound check in iptcparse(). (chris at chiappa.net)
>>> . Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)
>>> . Fixed bug #61761 ('Overriding' a private static method with a
>>> different
>>> diff --git a/Zend/zend.c b/Zend/zend.c
>>> index dd299f1..37a1a27 100644
>>> --- a/Zend/zend.c
>>> +++ b/Zend/zend.c
>>> @@ -781,6 +781,8 @@ void zend_register_standard_ini_entries(TSRMLS_D) /*
>>> {{{ */
>>> void zend_post_startup(TSRMLS_D) /* {{{ */
>>> {
>>> #ifdef ZTS
>>> + zend_encoding **script_encoding_list;
>>> +
>>> zend_compiler_globals *compiler_globals =
>>> ts_resource(compiler_globals_id);
>>> zend_executor_globals *executor_globals =
>>> ts_resource(executor_globals_id);
>>>
>>> @@ -795,7 +797,12 @@ void zend_post_startup(TSRMLS_D) /* {{{ */
>>> zend_destroy_rsrc_list(&EG(persistent_list) TSRMLS_CC);
>>> free(compiler_globals->function_table);
>>> free(compiler_globals->class_table);
>>> - compiler_globals_ctor(compiler_globals, tsrm_ls);
>>> + if ((script_encoding_list = (zend_encoding
>>> **)compiler_globals->script_encoding_list)) {
>>> + compiler_globals_ctor(compiler_globals, tsrm_ls);
>>> + compiler_globals->script_encoding_list = (const
>>> zend_encoding **)script_encoding_list;
>>> + } else {
>>> + compiler_globals_ctor(compiler_globals, tsrm_ls);
>>> + }
>>> free(EG(zend_constants));
>>> executor_globals_ctor(executor_globals, tsrm_ls);
>>> global_persistent_list =&EG(persistent_list);
>>>
>>>
>>> --
>>> PHP CVS Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>
>>
>>
>
--
Laruence Xinchen Hui
http://www.laruence.com/
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: Bug 61504 updated libmagic.patch: ext/fileinfo/libmagic.patch
hi,
On Sat, May 5, 2012 at 12:10 AM, Sean Coates wrote:
> In my opinion, it is too late to revert the new behaviour.
Agreed.
> I currently have this in my codebase:
>
> if (version_compare(PHP_VERSION, '5.3.11') >= 0) {
> $magicfile = 'magic_php-gte-5_3_11.mgc';
> } else {
> $magicfile = 'magic_php-lt-5-3-11.mgc';
> }
> $magicpath = __DIR__ . "/../../../config/{$magicfile}";
> $finfo = new finfo(FILEINFO_MIME_TYPE, $magicpath);
>
> Adding additional ifelse clauses for (e.g.) 5.3.13 and 5.4.2, etc. sounds
> like a nightmare.
Right, but I do not understand why you do that in the 1st place. Is
there anything in the bundled DB that does not fit your needs? Despite
that this break was not intentional, using the bundled DB was and
remains the recommended way.
> The only way I could see this working is if the magic db parser somehow tries
> *both* the old and new methods, and frankly, I don't think it's worth it at
> this point.
> This really should never have gone into .11 in the first place. The damage is
> done; let's not make it worse.
Agreed too.
Also please use the bug report to discuss issues, so we don't have
many places to look at to get the backlog about this problem.
Cheers,
--
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config): NEWS Zend/zend.c
Hi Dmitry:
On Sat, May 5, 2012 at 6:38 PM, Laruence wrote:
> On Sat, May 5, 2012 at 2:36 PM, Dmitry Stogov wrote:
>> Hi Laruence,
>>
>> Thank you for sending this.
>>
>> I'm not sure if the patch is completely correct.
>> With the patch all the threads share the single copy of script_encoding_list
>> and when one thread terminates it calls compiler_globals_dtor() and frees
>> the script_encoding_list. But other threads still keep reference to it.
>>
>> I think we have to duplicate script_encoding_list for each thread in the
>> same way as we do for CG(function_table).
after a further exam, this is right, there is a mechanism for new
thread re-configure inis(zend_ini_refresh_caches). then new thread
will have a copy.
> right, thanks
>>
>> Also I noticed a related issue. At zend.c compiler_globals_dtor()
>> CG(script_encoding_list) deallocated using free() and in zend_multibyte.c
>> zend_multibyte_set_script_encoding() using efree().
>>
>> I suppose the second place has to be fixed.
>>
>> I would appreciate if you could look into the problems.
and this should use free, I will fix it . however for now it's dead
codes, so no bug feedback. :)
thanks
> okey, I will, thanks :)
>
>>
>> Thanks. Dmitry.
>>
>>
>>
>> On 05/03/2012 06:51 PM, Laruence wrote:
>>>
>>> Hi, Dmitry:
>>>
>>> you may want to review this, :)
>>>
>>> thanks
>>> On Thu, May 3, 2012 at 10:39 PM, Xinchen Hui wrote:
Commit: 72f19e9a8bcf5712b24fa333a26616eff19ac1ce
Author: Xinchen Hui Thu, 3 May 2012
22:39:53 +0800
Parents: d74d88fbb9c29b1dd5ff05a54b72cf7c9250955c
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=72f19e9a8bcf5712b24fa333a26616eff19ac1ce
Log:
Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config)
Bugs:
https://bugs.php.net/61922
Changed paths:
M NEWS
M Zend/zend.c
Diff:
diff --git a/NEWS b/NEWS
index 8796cf4..9ef6abf 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,8 @@ PHP
NEWS
(Laruence)
- Core:
+ . Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding
config).
+ (Laruence)
. Fixed missing bound check in iptcparse(). (chris at chiappa.net)
. Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)
. Fixed bug #61761 ('Overriding' a private static method with a
different
diff --git a/Zend/zend.c b/Zend/zend.c
index dd299f1..37a1a27 100644
--- a/Zend/zend.c
+++ b/Zend/zend.c
@@ -781,6 +781,8 @@ void zend_register_standard_ini_entries(TSRMLS_D) /*
{{{ */
void zend_post_startup(TSRMLS_D) /* {{{ */
{
#ifdef ZTS
+ zend_encoding **script_encoding_list;
+
zend_compiler_globals *compiler_globals =
ts_resource(compiler_globals_id);
zend_executor_globals *executor_globals =
ts_resource(executor_globals_id);
@@ -795,7 +797,12 @@ void zend_post_startup(TSRMLS_D) /* {{{ */
zend_destroy_rsrc_list(&EG(persistent_list) TSRMLS_CC);
free(compiler_globals->function_table);
free(compiler_globals->class_table);
- compiler_globals_ctor(compiler_globals, tsrm_ls);
+ if ((script_encoding_list = (zend_encoding
**)compiler_globals->script_encoding_list)) {
+ compiler_globals_ctor(compiler_globals, tsrm_ls);
+ compiler_globals->script_encoding_list = (const
zend_encoding **)script_encoding_list;
+ } else {
+ compiler_globals_ctor(compiler_globals, tsrm_ls);
+ }
free(EG(zend_constants));
executor_globals_ctor(executor_globals, tsrm_ls);
global_persistent_list =&EG(persistent_list);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>>
>>>
>>
>
>
>
> --
> Laruence Xinchen Hui
> http://www.laruence.com/
--
Laruence Xinchen Hui
http://www.laruence.com/
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix for CVE-2012-1823 (cherry picked from commit 29300b1f9dab068d477b241d8fd872e3a7c829b3): sapi/cgi/cgi_main.c
Commit:168e8920be77f3b55a3ae688270b752579681f6e
Author:Rasmus Lerdorf Thu, 3 May 2012 15:51:52
+0200
Committer: David Soria Parra Sat, 5 May 2012 17:34:07 +0200
Parents: 8a10259642f05b11f5fefa1399605a08957f5e59
Branches: PHP-5.3 PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=168e8920be77f3b55a3ae688270b752579681f6e
Log:
Fix for CVE-2012-1823
(cherry picked from commit 29300b1f9dab068d477b241d8fd872e3a7c829b3)
Changed paths:
M sapi/cgi/cgi_main.c
Diff:
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index 56c736f..760ad66 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -70,6 +70,7 @@
#include "php_main.h"
#include "fopen_wrappers.h"
#include "ext/standard/php_standard.h"
+#include "ext/standard/url.h"
#ifdef PHP_WIN32
# include
@@ -1508,6 +1509,9 @@ int main(int argc, char *argv[])
#ifndef PHP_WIN32
int status = 0;
#endif
+ char *query_string;
+ char *decoded_query_string;
+ int skip_getopt = 0;
#if 0 && defined(PHP_DEBUG)
/* IIS is always making things more difficult. This allows
@@ -1557,7 +1561,16 @@ int main(int argc, char *argv[])
}
}
- while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind,
0, 2)) != -1) {
+ if(query_string = getenv("QUERY_STRING")) {
+ decoded_query_string = strdup(query_string);
+ php_url_decode(decoded_query_string,
strlen(decoded_query_string));
+ if(*decoded_query_string == '-' && strchr(decoded_query_string,
'=') == NULL) {
+ skip_getopt = 1;
+ }
+ free(decoded_query_string);
+ }
+
+ while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS,
&php_optarg, &php_optind, 0, 2)) != -1) {
switch (c) {
case 'c':
if (cgi_sapi_module.php_ini_path_override) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merge branch 'PHP-5.4': sapi/cgi/cgi_main.c
Commit:d3a13c2a108fd9edbab93dc4656979c6ccaff1fb Author:David Soria Parra Sat, 5 May 2012 17:37:35 +0200 Parents: 56ac0e71bbcc593dd3893b7986e51698bc18e38e 948ab62c253de1460ca91874cb209961cad7bdd9 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=d3a13c2a108fd9edbab93dc4656979c6ccaff1fb Log: Merge branch 'PHP-5.4' By Rasmus Lerdorf * PHP-5.4: Fix for CVE-2012-1823 (cherry picked from commit 29300b1f9dab068d477b241d8fd872e3a7c829b3) Fix for CVE-2012-1823 Changed paths: MM sapi/cgi/cgi_main.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction): NEWS ext/curl/interface.c ext/curl/tests/bug61948.phpt
Commit:035ce937e13d8496795cef9899cc5c5afe9daab7
Author:Xinchen Hui Sun, 6 May 2012 00:40:49 +0800
Parents: 168e8920be77f3b55a3ae688270b752579681f6e
Branches: PHP-5.3
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=035ce937e13d8496795cef9899cc5c5afe9daab7
Log:
Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
Bugs:
https://bugs.php.net/61948
Changed paths:
M NEWS
M ext/curl/interface.c
A ext/curl/tests/bug61948.phpt
Diff:
diff --git a/NEWS b/NEWS
index 7bb6cc0..e4bc495 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,10 @@ PHP
NEWS
. Fixed bug #61546 (functions related to current script failed when chdir()
in cli sapi). (Laruence, reeze@gmail.com)
+- CURL
+ . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
+(Laruence)
+
- Core:
. Fixed missing bound check in iptcparse(). (chris at chiappa.net)
. Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)
diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index 66aafc0..270a7dd 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -2167,7 +2167,7 @@ string_copy:
convert_to_string_ex(zvalue);
- if (php_check_open_basedir(Z_STRVAL_PP(zvalue)
TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(Z_STRVAL_PP(zvalue), "rb+",
CHECKUID_CHECK_MODE_PARAM))) {
+ if (!Z_STRLEN_PP(zvalue) ||
php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC) || (PG(safe_mode) &&
!php_checkuid(Z_STRVAL_PP(zvalue), "rb+", CHECKUID_CHECK_MODE_PARAM))) {
RETVAL_FALSE;
return 1;
}
diff --git a/ext/curl/tests/bug61948.phpt b/ext/curl/tests/bug61948.phpt
new file mode 100644
index 000..a03fc3b
--- /dev/null
+++ b/ext/curl/tests/bug61948.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
+--SKIPIF--
+
+--INI--
+open_basedir="/tmp"
+--FILE--
+
+--EXPECTF--
+bool(false)
+bool(true)
+
+Warning: curl_setopt(): open_basedir restriction in effect. File(/xxx/bar) is
not within the allowed path(s): (/tmp) in %sbug61948.php on line %d
+bool(false)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction): NEWS ext/curl/interface.c
Commit:19632ae7dcdbbb7c34bf0ffde9fb7858f55424cd
Author:Xinchen Hui Sun, 6 May 2012 00:50:37 +0800
Parents: 948ab62c253de1460ca91874cb209961cad7bdd9
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=19632ae7dcdbbb7c34bf0ffde9fb7858f55424cd
Log:
Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
Bugs:
https://bugs.php.net/61948
Changed paths:
M NEWS
M ext/curl/interface.c
Diff:
diff --git a/NEWS b/NEWS
index 9ef6abf..8b82237 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,10 @@ PHP
NEWS
bug #61785 (Memory leak when access a non-exists file without router).
(Laruence)
+- CURL:
+ . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
+(Laruence)
+
- Core:
. Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config).
(Laruence)
diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index b359952..b03f346 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -2177,7 +2177,7 @@ string_copy:
convert_to_string_ex(zvalue);
- if (php_check_open_basedir(Z_STRVAL_PP(zvalue)
TSRMLS_CC)) {
+ if (!Z_STRLEN_PP(zvalue) ||
php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC)) {
RETVAL_FALSE;
return 1;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: correct NEWS: NEWS
Commit:4632fe0eefb749da5c6bfdf22beaf2ffa80c3a56 Author:Xinchen Hui Sun, 6 May 2012 00:51:20 +0800 Parents: 035ce937e13d8496795cef9899cc5c5afe9daab7 Branches: PHP-5.3 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=4632fe0eefb749da5c6bfdf22beaf2ffa80c3a56 Log: correct NEWS Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index e4bc495..5dee737 100644 --- a/NEWS +++ b/NEWS @@ -6,7 +6,7 @@ PHP NEWS . Fixed bug #61546 (functions related to current script failed when chdir() in cli sapi). (Laruence, reeze@gmail.com) -- CURL +- CURL: . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction). (Laruence) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merge branch 'PHP-5.4': ext/curl/interface.c
Commit:71e7c854b15db08c7bd9355791f859b5cea6e490 Author:Xinchen Hui Sun, 6 May 2012 00:53:47 +0800 Parents: d3a13c2a108fd9edbab93dc4656979c6ccaff1fb 0747b29bdf43be0682d10bdfc788f12f19ccf443 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=71e7c854b15db08c7bd9355791f859b5cea6e490 Log: Merge branch 'PHP-5.4' * PHP-5.4: correct NEWS Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction) Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction) Bugs: https://bugs.php.net/61948 Changed paths: MM ext/curl/interface.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
