Re: [PHP-CVS] com php-src: - Fixed bug #61978 (Object recursion not detected for classes that implement JsonSerializable): ext/json/json.c ext/json/tests/bug61978.phpt
This should probably not just insert null but let the whole function
fail. Otherwise one has to add additional error checks on every call.
Nikita
On Wed, May 9, 2012 at 2:05 AM, Felipe Pena wrote:
> Commit: 92bc49b2b06417f86dc0fc537326e60f4d0a0c0b
> Author: Felipe Pena Tue, 8 May 2012 21:05:51
> -0300
> Parents: 2cb0ed1328da3bca00990648c3dfc90c957395f1
> Branches: PHP-5.4 master
>
> Link:
> http://git.php.net/?p=php-src.git;a=commitdiff;h=92bc49b2b06417f86dc0fc537326e60f4d0a0c0b
>
> Log:
> - Fixed bug #61978 (Object recursion not detected for classes that implement
> JsonSerializable)
>
> Bugs:
> https://bugs.php.net/61978
>
> Changed paths:
> M ext/json/json.c
> A ext/json/tests/bug61978.phpt
>
>
> Diff:
> diff --git a/ext/json/json.c b/ext/json/json.c
> index fc1fcb7..557fbc3 100644
> --- a/ext/json/json.c
> +++ b/ext/json/json.c
> @@ -513,6 +513,19 @@ static void json_encode_serializable_object(smart_str
> *buf, zval *val, int optio
> {
> zend_class_entry *ce = Z_OBJCE_P(val);
> zval *retval = NULL, fname;
> + HashTable* myht;
> +
> + if (Z_TYPE_P(val) == IS_ARRAY) {
> + myht = HASH_OF(val);
> + } else {
> + myht = Z_OBJPROP_P(val);
> + }
> +
> + if (myht && myht->nApplyCount > 1) {
> + php_error_docref(NULL TSRMLS_CC, E_WARNING, "recursion
> detected");
> + smart_str_appendl(buf, "null", 4);
> + return;
> + }
>
> ZVAL_STRING(&fname, "jsonSerialize", 0);
>
> diff --git a/ext/json/tests/bug61978.phpt b/ext/json/tests/bug61978.phpt
> new file mode 100644
> index 000..2c73297
> --- /dev/null
> +++ b/ext/json/tests/bug61978.phpt
> @@ -0,0 +1,47 @@
> +--TEST--
> +Bug #61978 (Object recursion not detected for classes that implement
> JsonSerializable)
> +--SKIPIF--
> +
> +--FILE--
> + +
> +class JsonTest1 {
> + public $test;
> + public $me;
> + public function __construct() {
> + $this->test = '123';
> + $this->me = $this;
> + }
> +}
> +
> +class JsonTest2 implements JsonSerializable {
> + public $test;
> + public function __construct() {
> + $this->test = '123';
> + }
> + public function jsonSerialize() {
> + return array(
> + 'test' => $this->test,
> + 'me' => $this
> + );
> + }
> +}
> +
> +
> +$obj1 = new JsonTest1();
> +var_dump(json_encode($obj1));
> +
> +echo "\n==\n";
> +
> +$obj2 = new JsonTest2();
> +var_dump(json_encode($obj2));
> +
> +?>
> +--EXPECTF--
> +Warning: json_encode(): recursion detected in %s on line %d
> +string(44) "{"test":"123","me":{"test":"123","me":null}}"
> +
> +==
> +
> +Warning: json_encode(): recursion detected in %s on line %d
> +string(44) "{"test":"123","me":{"test":"123","me":null}}"
>
>
> --
> PHP CVS Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Correct test title: sapi/cli/tests/bug61977.phpt
Commit:d394c17293df2405b10aaec1804edd65e1d8efe8 Author:Xinchen Hui Wed, 9 May 2012 11:28:57 +0800 Parents: 1e60d0c105f065f395b5ae02608eaec9b42708f8 Branches: PHP-5.4 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=d394c17293df2405b10aaec1804edd65e1d8efe8 Log: Correct test title Changed paths: M sapi/cli/tests/bug61977.phpt Diff: diff --git a/sapi/cli/tests/bug61977.phpt b/sapi/cli/tests/bug61977.phpt index edb7b78..2f19806 100644 --- a/sapi/cli/tests/bug61977.phpt +++ b/sapi/cli/tests/bug61977.phpt @@ -1,5 +1,5 @@ --TEST-- -Bug #60159 (Router returns false, but POST is not passed to requested resource) +Bug #61977 (Need CLI web-server support for files with .htm & svg extensions) --SKIPIF-- http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implemented FR #61977 (Need CLI web-server support for files with .htm & svg extensions): NEWS sapi/cli/php_cli_server.c sapi/cli/tests/bug61977.phpt
Commit:1e60d0c105f065f395b5ae02608eaec9b42708f8
Author:Xinchen Hui Wed, 9 May 2012 11:27:39 +0800
Parents: 7b2ab569976f63b22ba1c69e78e782a693d5076a
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=1e60d0c105f065f395b5ae02608eaec9b42708f8
Log:
Implemented FR #61977 (Need CLI web-server support for files with .htm & svg
extensions)
Bugs:
https://bugs.php.net/61977
Changed paths:
M NEWS
M sapi/cli/php_cli_server.c
A sapi/cli/tests/bug61977.phpt
Diff:
diff --git a/NEWS b/NEWS
index d989f34..cb00f7a 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,8 @@ PHP
NEWS
?? ??? 2012, PHP 5.4.2
- CLI Server:
+ . Implemented FR #61977 (Need CLI web-server support for files with .htm &
+svg extensions). (Sixd, Laruence)
. Fixed bug #61546 (functions related to current script failed when chdir()
in cli sapi). (Laruence, reeze@gmail.com)
. Improved performance while sending error page, this also fixed
diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c
index e052aa8..87ab7b4 100644
--- a/sapi/cli/php_cli_server.c
+++ b/sapi/cli/php_cli_server.c
@@ -251,15 +251,17 @@ static php_cli_server_http_reponse_status_code_pair
template_map[] = {
};
static php_cli_server_ext_mime_type_pair mime_type_map[] = {
+ { "html", "text/html" },
+ { "htm", "text/html" },
+ { "js", "text/javascript" },
+ { "css", "text/css" },
{ "gif", "image/gif" },
- { "png", "image/png" },
- { "jpe", "image/jpeg" },
{ "jpg", "image/jpeg" },
{ "jpeg", "image/jpeg" },
- { "css", "text/css" },
- { "html", "text/html" },
+ { "png", "image/png" },
+ { "jpe", "image/jpeg" },
+ { "svg", "image/svg+xml" },
{ "txt", "text/plain" },
- { "js", "text/javascript" },
{ NULL, NULL }
};
diff --git a/sapi/cli/tests/bug61977.phpt b/sapi/cli/tests/bug61977.phpt
new file mode 100644
index 000..edb7b78
--- /dev/null
+++ b/sapi/cli/tests/bug61977.phpt
@@ -0,0 +1,157 @@
+--TEST--
+Bug #60159 (Router returns false, but POST is not passed to requested resource)
+--SKIPIF--
+
+--FILE--
+', true);
+$doc_root = __DIR__;
+
+list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
+$port = intval($port)?:80;
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+
+file_put_contents($doc_root . '/foo.html', '');
+if(fwrite($fp, << ", $text;
+}
+ }
+}
+@unlink($doc_root . '/foo.html');
+fclose($fp);
+
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+file_put_contents($doc_root . '/foo.htm', '');
+if(fwrite($fp, << ", $text;
+}
+ }
+}
+@unlink($doc_root . '/foo.htm');
+fclose($fp);
+
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+file_put_contents($doc_root . '/foo.svg', '');
+if(fwrite($fp, << ", $text;
+}
+ }
+}
+@unlink($doc_root . '/foo.svg');
+fclose($fp);
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+file_put_contents($doc_root . '/foo.css', '');
+if(fwrite($fp, << ", $text;
+}
+ }
+}
+@unlink($doc_root . '/foo.css');
+fclose($fp);
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+file_put_contents($doc_root . '/foo.js', '');
+if(fwrite($fp, << ", $text;
+}
+ }
+}
+@unlink($doc_root . '/foo.js');
+fclose($fp);
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+file_put_contents($doc_root . '/foo.png', '');
+if(fwrite($fp, << ", $text;
+}
+ }
+}
+@unlink($doc_root . '/foo.png');
+fclose($fp);
+?>
+--EXPECTF--
+foo.html => Content-Type: text/html; charset=UTF-8
+foo.htm => Content-Type: text/html; charset=UTF-8
+foo.svg => Content-Type: image/svg+xml
+foo.css => Content-Type: text/css; charset=UTF-8
+foo.js => Content-Type: text/javascript; charset=UTF-8
+foo.png => Content-Type: image/png
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix test failed, the fsockopen will be refused immediately if the server is not set up.: sapi/cli/tests/php_cli_server.inc
Commit:7b2ab569976f63b22ba1c69e78e782a693d5076a
Author:Xinchen Hui Wed, 9 May 2012 11:21:24 +0800
Parents: f46a064760bd99223d8a8aec9df9807bab262022
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=7b2ab569976f63b22ba1c69e78e782a693d5076a
Log:
Fix test failed, the fsockopen will be refused immediately if the server is
not set up.
Changed paths:
M sapi/cli/tests/php_cli_server.inc
Diff:
diff --git a/sapi/cli/tests/php_cli_server.inc
b/sapi/cli/tests/php_cli_server.inc
index d24a679..3479cd0 100644
--- a/sapi/cli/tests/php_cli_server.inc
+++ b/sapi/cli/tests/php_cli_server.inc
@@ -37,16 +37,14 @@ function php_cli_server_start($code = 'echo "Hello
world";', $no_router = FALSE)
// note: even when server prints 'Listening on localhost:8964...Press
Ctrl-C to quit.'
// it might not be listening yet...need to wait until fsockopen()
call returns
- $fp = fsockopen(PHP_CLI_SERVER_HOSTNAME, PHP_CLI_SERVER_PORT);
- if ($fp) {
- // server will report Unexpected EOF error (socket opened,
closed without writing
- // anything) but that can be ignored
- fclose($fp);
- } else {
- // test will fail to connect if server doesn't start
listening/accepting
- // in the next few microseconds
- }
+$i = 0;
+while (($i++ < 5) && !($fp = @fsockopen(PHP_CLI_SERVER_HOSTNAME,
PHP_CLI_SERVER_PORT))) {
+usleep(1);
+}
+if ($fp) {
+fclose($fp);
+}
register_shutdown_function(
function($handle) use($router) {
@@ -56,7 +54,6 @@ function php_cli_server_start($code = 'echo "Hello world";',
$no_router = FALSE)
$handle
);
// don't bother sleeping, server is already up
- //usleep(5);
// server can take a variable amount of time to be up, so just sleeping
a guessed amount of time
// does not work. this is why tests sometimes pass and sometimes fail.
to get a reliable pass
// sleeping doesn't work.
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: Typo: sapi/cli/php_cli_server.c
Hi:
sorry for the typo, didn't test windows build , thanks for the fix ;)
thanks
On Wed, May 9, 2012 at 4:08 AM, David Soria Parra wrote:
> Commit: 2cb0ed1328da3bca00990648c3dfc90c957395f1
> Author: David Soria Parra Tue, 8 May 2012 22:08:54
> +0200
> Parents: 87fa84abde7bb49e58136ea239ce4d25d211bb7e
> Branches: PHP-5.4 master
>
> Link:
> http://git.php.net/?p=php-src.git;a=commitdiff;h=2cb0ed1328da3bca00990648c3dfc90c957395f1
>
> Log:
> Typo
>
> Changed paths:
> M sapi/cli/php_cli_server.c
>
>
> Diff:
> diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c
> index 0850425..e052aa8 100644
> --- a/sapi/cli/php_cli_server.c
> +++ b/sapi/cli/php_cli_server.c
> @@ -1356,7 +1356,7 @@ static void
> php_cli_server_request_translate_vpath(php_cli_server_request *reque
> if (prev_path) {
> request->path_info_len = prev_path_len;
> #ifdef PHP_WIN32
> - while (prev_pach_len--) {
> + while (prev_path_len--) {
> if (prev_path[prev_path_len] == '\\') {
> prev_path[prev_path_len] = '/';
> }
>
>
> --
> PHP CVS Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
Laruence Xinchen Hui
http://www.laruence.com/
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: - BFN: NEWS
Commit:f46a064760bd99223d8a8aec9df9807bab262022 Author:Felipe Pena Tue, 8 May 2012 21:07:29 -0300 Parents: 92bc49b2b06417f86dc0fc537326e60f4d0a0c0b Branches: PHP-5.4 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=f46a064760bd99223d8a8aec9df9807bab262022 Log: - BFN Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index 6008f42..d989f34 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,8 @@ PHP NEWS (Laruence) - Core: + . Fixed bug #61978 (Object recursion not detected for classes that implement +JsonSerializable). (Felipe) . Fixed bug #61730 (Segfault from array_walk modifying an array passed by reference). (Laruence) . Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config). -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: - Fixed bug #61978 (Object recursion not detected for classes that implement JsonSerializable): ext/json/json.c ext/json/tests/bug61978.phpt
Commit:92bc49b2b06417f86dc0fc537326e60f4d0a0c0b
Author:Felipe Pena Tue, 8 May 2012 21:05:51
-0300
Parents: 2cb0ed1328da3bca00990648c3dfc90c957395f1
Branches: PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=92bc49b2b06417f86dc0fc537326e60f4d0a0c0b
Log:
- Fixed bug #61978 (Object recursion not detected for classes that implement
JsonSerializable)
Bugs:
https://bugs.php.net/61978
Changed paths:
M ext/json/json.c
A ext/json/tests/bug61978.phpt
Diff:
diff --git a/ext/json/json.c b/ext/json/json.c
index fc1fcb7..557fbc3 100644
--- a/ext/json/json.c
+++ b/ext/json/json.c
@@ -513,6 +513,19 @@ static void json_encode_serializable_object(smart_str
*buf, zval *val, int optio
{
zend_class_entry *ce = Z_OBJCE_P(val);
zval *retval = NULL, fname;
+ HashTable* myht;
+
+ if (Z_TYPE_P(val) == IS_ARRAY) {
+ myht = HASH_OF(val);
+ } else {
+ myht = Z_OBJPROP_P(val);
+ }
+
+ if (myht && myht->nApplyCount > 1) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "recursion
detected");
+ smart_str_appendl(buf, "null", 4);
+ return;
+ }
ZVAL_STRING(&fname, "jsonSerialize", 0);
diff --git a/ext/json/tests/bug61978.phpt b/ext/json/tests/bug61978.phpt
new file mode 100644
index 000..2c73297
--- /dev/null
+++ b/ext/json/tests/bug61978.phpt
@@ -0,0 +1,47 @@
+--TEST--
+Bug #61978 (Object recursion not detected for classes that implement
JsonSerializable)
+--SKIPIF--
+
+--FILE--
+test = '123';
+$this->me = $this;
+}
+}
+
+class JsonTest2 implements JsonSerializable {
+public $test;
+public function __construct() {
+$this->test = '123';
+}
+public function jsonSerialize() {
+return array(
+'test' => $this->test,
+'me' => $this
+);
+}
+}
+
+
+$obj1 = new JsonTest1();
+var_dump(json_encode($obj1));
+
+echo "\n==\n";
+
+$obj2 = new JsonTest2();
+var_dump(json_encode($obj2));
+
+?>
+--EXPECTF--
+Warning: json_encode(): recursion detected in %s on line %d
+string(44) "{"test":"123","me":{"test":"123","me":null}}"
+
+==
+
+Warning: json_encode(): recursion detected in %s on line %d
+string(44) "{"test":"123","me":{"test":"123","me":null}}"
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Typo: sapi/cli/php_cli_server.c
Commit:2cb0ed1328da3bca00990648c3dfc90c957395f1
Author:David Soria Parra Tue, 8 May 2012 22:08:54
+0200
Parents: 87fa84abde7bb49e58136ea239ce4d25d211bb7e
Branches: PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=2cb0ed1328da3bca00990648c3dfc90c957395f1
Log:
Typo
Changed paths:
M sapi/cli/php_cli_server.c
Diff:
diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c
index 0850425..e052aa8 100644
--- a/sapi/cli/php_cli_server.c
+++ b/sapi/cli/php_cli_server.c
@@ -1356,7 +1356,7 @@ static void
php_cli_server_request_translate_vpath(php_cli_server_request *reque
if (prev_path) {
request->path_info_len = prev_path_len;
#ifdef PHP_WIN32
- while (prev_pach_len--) {
+ while (prev_path_len--) {
if (prev_path[prev_path_len] == '\\') {
prev_path[prev_path_len] = '/';
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix bug 61746 Failing tests in ext/standard/tests/file/windows_links/*: ext/standard/tests/file/windows_links/bug48746.phpt ext/standard/tests/file/windows_links/bug48746_1.phpt
Commit:c12fdbde5fe1da3f5ddd3be70a807b46755ff118
Author:Matt Ficken Tue, 8 May 2012 19:31:41
+0200
Committer: Anatoliy Belsky Tue, 8 May 2012 19:31:41 +0200
Parents: 838b4b8ff7d78dfb0da99e0b17568558a85a1c2a
Branches: PHP-5.3 PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=c12fdbde5fe1da3f5ddd3be70a807b46755ff118
Log:
Fix bug 61746 Failing tests in ext/standard/tests/file/windows_links/*
Fixed that again for systems having their %SYSTEMROOT% not in
c:\windows
Bugs:
https://bugs.php.net/61746
Changed paths:
M ext/standard/tests/file/windows_links/bug48746.phpt
M ext/standard/tests/file/windows_links/bug48746_1.phpt
M ext/standard/tests/file/windows_links/bug48746_2.phpt
M ext/standard/tests/file/windows_links/bug48746_3.phpt
A ext/standard/tests/file/windows_links/common.inc
Diff:
diff --git a/ext/standard/tests/file/windows_links/bug48746.phpt
b/ext/standard/tests/file/windows_links/bug48746.phpt
index a47b7cb..55465ae 100644
--- a/ext/standard/tests/file/windows_links/bug48746.phpt
+++ b/ext/standard/tests/file/windows_links/bug48746.phpt
@@ -9,7 +9,8 @@ Venkat Raman Don (don.ra...@microsoft.com)
if(substr(PHP_OS, 0, 3) != 'WIN' ) {
die('skip windows only test');
}
-$cmd = "mklink.exe /?";
+include_once __DIR__ . '/common.inc';
+$cmd = "mklink /?";
$ret = @exec($cmd, $output, $return_val);
if (count($output) == 0) {
die("mklink.exe not found in PATH");
@@ -17,7 +18,8 @@ if (count($output) == 0) {
?>
--FILE--
--FILE--
&1', $out);
if (strpos($ret, 'privilege')) {
die('skip. SeCreateSymbolicLinkPrivilege not enable for this user.');
}
-unlink('mklink bug48746_tmp.lnk');
+unlink('bug48746_tmp.lnk');
?>
--FILE--
..
[2] => a.php
[3] => b.php
-)
+)
diff --git a/ext/standard/tests/file/windows_links/bug48746_3.phpt
b/ext/standard/tests/file/windows_links/bug48746_3.phpt
index a0dcbdc..b88ab76 100644
--- a/ext/standard/tests/file/windows_links/bug48746_3.phpt
+++ b/ext/standard/tests/file/windows_links/bug48746_3.phpt
@@ -9,7 +9,8 @@ Venkat Raman Don (don.ra...@microsoft.com)
if(substr(PHP_OS, 0, 3) != 'WIN' ) {
die('skip windows only test');
}
-$ret = exec('junction /? 2>&1', $out);
+include_once __DIR__ . '/common.inc';
+$ret = exec(get_junction().' /? 2>&1', $out);
if (strpos($out[0], 'recognized')) {
die('skip. junction.exe not found in PATH.');
}
@@ -17,11 +18,12 @@ if (strpos($out[0], 'recognized')) {
?>
--FILE--
");
file_put_contents("junction\\b.php", "");
include "junction/a.php";
@@ -45,4 +47,4 @@ Array
[1] => ..
[2] => a.php
[3] => b.php
-)
+)
diff --git a/ext/standard/tests/file/windows_links/common.inc
b/ext/standard/tests/file/windows_links/common.inc
new file mode 100644
index 000..2d4b47c
--- /dev/null
+++ b/ext/standard/tests/file/windows_links/common.inc
@@ -0,0 +1,23 @@
+http://technet.microsoft.com/en-us/sysinternals/bb896768
+
+ // install somewhere that is on %path% or added to %path%
+ return "junction.exe";
+}
+
+function get_mountvol() {
+ $sysroot = get_sysroot();
+
+ return "$sysroot\\System32\\mountvol.exe";
+}
+
+?>
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Merge branch 'PHP-5.4': sapi/cgi/cgi_main.c
Commit:08779069e86d72336f52078276c3296455fae4f7 Author:Stanislav Malyshev Tue, 8 May 2012 10:21:10 -0700 Parents: eafc567213886cc049fdbca147ab5d84dd93b117 057f4719d3825fff3f0cfe0f263168b227d93205 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=08779069e86d72336f52078276c3296455fae4f7 Log: Merge branch 'PHP-5.4' * PHP-5.4: c++ comments restore BC ws + restore BC to apache_request_headers fix bug #61807 - Buffer Overflow in apache_request_headers Bugs: https://bugs.php.net/61807 Changed paths: MM sapi/cgi/cgi_main.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: fix bug #61807 - Buffer Overflow in apache_request_headers: sapi/cgi/cgi_main.c sapi/cgi/tests/apache_request_headers.phpt
Commit:20364bcff9f38bed83245d785cc8ec3a072e4da5
Author:Stanislav Malyshev Mon, 7 May 2012 12:24:22
-0700
Parents: 0b4d7a455d8f2bffaa9c4f9cbd7aff8e3e740fe8
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=20364bcff9f38bed83245d785cc8ec3a072e4da5
Log:
fix bug #61807 - Buffer Overflow in apache_request_headers
Bugs:
https://bugs.php.net/61807
Changed paths:
M sapi/cgi/cgi_main.c
A sapi/cgi/tests/apache_request_headers.phpt
Diff:
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index d25cad4..a0a1ada 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1615,15 +1615,21 @@ PHP_FUNCTION(apache_request_headers) /* {{{ */
p = var + 5;
var = q = t;
+// First char keep uppercase
*q++ = *p++;
while (*p) {
- if (*p == '_') {
+ if (*p == '=') {
+ // End of name
+ break;
+} else if (*p == '_') {
*q++ = '-';
p++;
- if (*p) {
+// First char after - keep
uppercase
+ if (*p && *p!='=' && *p!='_') {
*q++ = *p++;
}
} else if (*p >= 'A' && *p <= 'Z') {
+// lowercase
*q++ = (*p++ - 'A' + 'a');
} else {
*q++ = *p++;
diff --git a/sapi/cgi/tests/apache_request_headers.phpt
b/sapi/cgi/tests/apache_request_headers.phpt
new file mode 100644
index 000..37e077e
--- /dev/null
+++ b/sapi/cgi/tests/apache_request_headers.phpt
@@ -0,0 +1,49 @@
+--TEST--
+apache_request_headers() stack overflow.
+--SKIPIF--
+
+--FILE--
+');
+
+passthru("$php $file");
+
+$names = array('HTTP_X_TEST', 'HTTP_X__TEST', 'HTTP_X_');
+foreach ($names as $name) {
+ putenv($name."=".str_repeat("A", 256));
+ passthru("$php -q $file");
+ putenv($name);
+}
+unlink($file);
+
+echo "Done\n";
+?>
+--EXPECTF--
+X-Powered-By: PHP/%s
+Content-type: text/html
+
+Array
+(
+)
+Array
+(
+[X-Test] =>
+)
+Array
+(
+[X--Test] =>
+)
+Array
+(
+[X-] =>
+)
+Done
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: c++ comments: sapi/cgi/cgi_main.c
Commit:057f4719d3825fff3f0cfe0f263168b227d93205
Author:Stanislav Malyshev Tue, 8 May 2012 10:18:06
-0700
Parents: 1919ec5a55d971610eab86eb64b18b7eacfefe81
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=057f4719d3825fff3f0cfe0f263168b227d93205
Log:
c++ comments
Changed paths:
M sapi/cgi/cgi_main.c
Diff:
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index ba89c54..7856e0c 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1615,21 +1615,21 @@ PHP_FUNCTION(apache_request_headers) /* {{{ */
p = var + 5;
var = q = t;
- // First char keep uppercase
+ /* First char keep uppercase */
*q++ = *p++;
while (*p) {
if (*p == '=') {
- // End of name
+ /* End of name */
break;
} else if (*p == '_') {
*q++ = '-';
p++;
- // First char after - keep
uppercase
+ /* First char after - keep
uppercase */
if (*p && *p!='=') {
*q++ = *p++;
}
} else if (*p >= 'A' && *p <= 'Z') {
- // lowercase
+ /* lowercase */
*q++ = (*p++ - 'A' + 'a');
} else {
*q++ = *p++;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: ws + restore BC to apache_request_headers: sapi/cgi/cgi_main.c
Commit:bd8912e47c8a74406fe49555a3eb76a8c3197b27
Author:Stanislav Malyshev Mon, 7 May 2012 21:54:19
-0700
Parents: 20364bcff9f38bed83245d785cc8ec3a072e4da5
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=bd8912e47c8a74406fe49555a3eb76a8c3197b27
Log:
ws + restore BC to apache_request_headers
Changed paths:
M sapi/cgi/cgi_main.c
Diff:
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index a0a1ada..ba89c54 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1615,21 +1615,21 @@ PHP_FUNCTION(apache_request_headers) /* {{{ */
p = var + 5;
var = q = t;
-// First char keep uppercase
+ // First char keep uppercase
*q++ = *p++;
while (*p) {
if (*p == '=') {
- // End of name
- break;
-} else if (*p == '_') {
+ // End of name
+ break;
+ } else if (*p == '_') {
*q++ = '-';
p++;
-// First char after - keep
uppercase
- if (*p && *p!='=' && *p!='_') {
+ // First char after - keep
uppercase
+ if (*p && *p!='=') {
*q++ = *p++;
}
} else if (*p >= 'A' && *p <= 'Z') {
-// lowercase
+ // lowercase
*q++ = (*p++ - 'A' + 'a');
} else {
*q++ = *p++;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: restore BC: sapi/cgi/tests/apache_request_headers.phpt
Commit:1919ec5a55d971610eab86eb64b18b7eacfefe81 Author:Stanislav Malyshev Mon, 7 May 2012 22:22:56 -0700 Parents: bd8912e47c8a74406fe49555a3eb76a8c3197b27 Branches: PHP-5.4 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=1919ec5a55d971610eab86eb64b18b7eacfefe81 Log: restore BC Changed paths: M sapi/cgi/tests/apache_request_headers.phpt Diff: diff --git a/sapi/cgi/tests/apache_request_headers.phpt b/sapi/cgi/tests/apache_request_headers.phpt index 37e077e..2c82d57 100644 --- a/sapi/cgi/tests/apache_request_headers.phpt +++ b/sapi/cgi/tests/apache_request_headers.phpt @@ -40,7 +40,7 @@ Array ) Array ( -[X--Test] => +[X-_test] => ) Array ( -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: updated NEWS: NEWS
Commit:838b4b8ff7d78dfb0da99e0b17568558a85a1c2a
Author:Anatoliy Belsky Tue, 8 May 2012 18:51:49 +0200
Parents: d776a933eb270c7aa094c937168966fa89e2fa5c
Branches: PHP-5.3 PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=838b4b8ff7d78dfb0da99e0b17568558a85a1c2a
Log:
updated NEWS
Changed paths:
M NEWS
Diff:
diff --git a/NEWS b/NEWS
index c354b39..bd194be 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,8 @@ PHP
NEWS
. Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)
. Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename
set to null). (Anatoliy)
+ . Fixed bug #61713 (Logic error in charset detection for htmlentities).
+(Anatoliy)
- Fileinfo:
. Fixed bug #61812 (Uninitialised value used in libmagic).
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix bug 61713 check also that mbstring's found any internal_encoding: ext/standard/html.c
Commit:d776a933eb270c7aa094c937168966fa89e2fa5c
Author:Anatoliy Belsky Tue, 8 May 2012 18:31:11 +0200
Parents: 3a4a25358fe3f389c434f68e59bfd70b25b93b29
Branches: PHP-5.3 PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=d776a933eb270c7aa094c937168966fa89e2fa5c
Log:
Fix bug 61713 check also that mbstring's found any internal_encoding
Bugs:
https://bugs.php.net/61713
Changed paths:
M ext/standard/html.c
Diff:
diff --git a/ext/standard/html.c b/ext/standard/html.c
index c813af5..058708e 100644
--- a/ext/standard/html.c
+++ b/ext/standard/html.c
@@ -785,18 +785,20 @@ static enum entity_charset determine_charset(char
*charset_hint TSRMLS_DC)
charset_hint = Z_STRVAL_P(uf_result);
len = Z_STRLEN_P(uf_result);
- if (len == 4) { /* sizeof(none|auto|pass)-1 */
- if (!memcmp("pass", charset_hint,
sizeof("pass") - 1) ||
- !memcmp("auto", charset_hint,
sizeof("auto") - 1) ||
- !memcmp("none", charset_hint,
sizeof("none") - 1)) {
-
- charset_hint = NULL;
- len = 0;
+ if (charset_hint != NULL && len != 0) {
+ if (len == 4) { /* sizeof(none|auto|pass)-1 */
+ if (!memcmp("pass", charset_hint,
sizeof("pass") - 1) ||
+ !memcmp("auto", charset_hint,
sizeof("auto") - 1) ||
+ !memcmp("none", charset_hint,
sizeof("none") - 1)) {
+
+ charset_hint = NULL;
+ len = 0;
+ }
+ } else {
+ /* Jump to det_charset only if mbstring
isn't one of above eq pass, auto, none.
+ Otherwise try default_charset next */
+ goto det_charset;
}
- } else {
- /* Jump to det_charset only if mbstring isn't
one of above eq pass, auto, none.
- Otherwise try default_charset next */
- goto det_charset;
}
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix bug #61713 ext\standard\tests\strings\htmlentities10.phpt fails: ext/standard/html.c
Commit:3a4a25358fe3f389c434f68e59bfd70b25b93b29
Author:Anatoliy Belsky Tue, 8 May 2012 17:42:01 +0200
Parents: e120a0c7f30953774d3ff2ac1a14b2ab623a047c
Branches: PHP-5.3 PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=3a4a25358fe3f389c434f68e59bfd70b25b93b29
Log:
Fix bug #61713 ext\standard\tests\strings\htmlentities10.phpt fails
There is a logic error in charset detection part for htmlentities.
When mbstring is compiled shared and mbstring.internal_encoding
is set to pass, it prevents default_charset from being checked
resulting iso-8859-1 being choosed.
Bugs:
https://bugs.php.net/61713
Changed paths:
M ext/standard/html.c
Diff:
diff --git a/ext/standard/html.c b/ext/standard/html.c
index 81c69de..c813af5 100644
--- a/ext/standard/html.c
+++ b/ext/standard/html.c
@@ -793,8 +793,11 @@ static enum entity_charset determine_charset(char
*charset_hint TSRMLS_DC)
charset_hint = NULL;
len = 0;
}
+ } else {
+ /* Jump to det_charset only if mbstring isn't
one of above eq pass, auto, none.
+ Otherwise try default_charset next */
+ goto det_charset;
}
- goto det_charset;
}
}
#endif
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: fix bug #61807 - Buffer Overflow in apache_request_headers: NEWS sapi/cgi/cgi_main.c sapi/cgi/tests/apache_request_headers.phpt
2012/5/7 Stanislav Malyshev :
> Commit: eb8f3b025b0a6dbbf6b44bf51d8cf345437b7354
> Author: Stanislav Malyshev Mon, 7 May 2012 12:24:22
> -0700
> Parents: fc3ba0552fd5c2d7b5870f3e2fec0a9a2d2996f4
> Branches: PHP-5.4.3
>
> Link:
> http://git.php.net/?p=php-src.git;a=commitdiff;h=eb8f3b025b0a6dbbf6b44bf51d8cf345437b7354
>
> Log:
> fix bug #61807 - Buffer Overflow in apache_request_headers
>
> Bugs:
> https://bugs.php.net/61807
>
> Changed paths:
> M NEWS
> M sapi/cgi/cgi_main.c
> A sapi/cgi/tests/apache_request_headers.phpt
>
>
> Diff:
> diff --git a/NEWS b/NEWS
> index a41a5d1..7603cfb 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -5,6 +5,7 @@ PHP
> NEWS
> - CGI
> . Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823.
> (Stas)
> + . Fix bug #61807 - Buffer Overflow in apache_request_headers.
>
> 03 May 2012, PHP 5.4.2
>
> diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
> index 71404a4..a1690b1 100644
> --- a/sapi/cgi/cgi_main.c
> +++ b/sapi/cgi/cgi_main.c
> @@ -1614,15 +1614,21 @@ PHP_FUNCTION(apache_request_headers) /* {{{ */
> p = var + 5;
>
> var = q = t;
> + // First char keep uppercase
> *q++ = *p++;
> while (*p) {
> - if (*p == '_') {
> + if (*p == '=') {
> + // End of name
> + break;
> + } else if (*p == '_') {
> *q++ = '-';
> p++;
> - if (*p) {
> + // First char after - keep
> uppercase
> + if (*p && *p!='=' && *p!='_')
> {
> *q++ = *p++;
> }
> } else if (*p >= 'A' && *p <= 'Z') {
> + // lowercase
> *q++ = (*p++ - 'A' + 'a');
> } else {
> *q++ = *p++;
I see C++ comments.
--
Regards,
Felipe Pena
[PHP-CVS] com php-src: Fix #61704 (Crash apache, phpinfo() threading issue): NEWS ext/mysqlnd/mysqlnd_plugin.c ext/mysqlnd/php_mysqlnd.c
Commit:e8e661128a4dcee9d2f35ed3443d567ba2ad7870
Author:Johannes Schlüter Tue, 8 May 2012
17:30:05 +0200
Parents: fb3b6bcf8384c375ddffce85d5e652ec609ccf7a
Branches: PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=e8e661128a4dcee9d2f35ed3443d567ba2ad7870
Log:
Fix #61704 (Crash apache, phpinfo() threading issue)
Bugs:
https://bugs.php.net/61704
Changed paths:
M NEWS
M ext/mysqlnd/mysqlnd_plugin.c
M ext/mysqlnd/php_mysqlnd.c
Diff:
diff --git a/NEWS b/NEWS
index f88bf70..6008f42 100644
--- a/NEWS
+++ b/NEWS
@@ -110,6 +110,7 @@ PHP
NEWS
. Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes).
- mysqlnd
+ . Fixed bug #61704 (Crash apache, phpinfo() threading issue). (Johannes)
. Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled).
(Johannes)
diff --git a/ext/mysqlnd/mysqlnd_plugin.c b/ext/mysqlnd/mysqlnd_plugin.c
index 457596f..2dbb57d 100644
--- a/ext/mysqlnd/mysqlnd_plugin.c
+++ b/ext/mysqlnd/mysqlnd_plugin.c
@@ -169,7 +169,24 @@ PHPAPI void * _mysqlnd_plugin_find(const char * const name
TSRMLS_DC)
/* {{{ _mysqlnd_plugin_apply_with_argument */
PHPAPI void _mysqlnd_plugin_apply_with_argument(apply_func_arg_t apply_func,
void * argument TSRMLS_DC)
{
- zend_hash_apply_with_argument(&mysqlnd_registered_plugins, apply_func,
argument TSRMLS_CC);
+ /* Note: We want to be thread-safe (read-only), so we can use neither
+* zend_hash_apply_with_argument nor zend_hash_internal_pointer_reset
and
+* friends
+*/
+ Bucket *p;
+
+ p = mysqlnd_registered_plugins.pListHead;
+ while (p != NULL) {
+ int result = apply_func(p->pData, argument TSRMLS_CC);
+
+ if (result & ZEND_HASH_APPLY_REMOVE) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
"mysqlnd_plugin_apply_with_argument must not remove table entries");
+ }
+ p = p->pListNext;
+ if (result & ZEND_HASH_APPLY_STOP) {
+ break;
+ }
+ }
}
/* }}} */
diff --git a/ext/mysqlnd/php_mysqlnd.c b/ext/mysqlnd/php_mysqlnd.c
index 1022285..20fcc5e 100644
--- a/ext/mysqlnd/php_mysqlnd.c
+++ b/ext/mysqlnd/php_mysqlnd.c
@@ -135,16 +135,22 @@ mysqlnd_minfo_dump_loaded_plugins(void *pDest, void * buf
TSRMLS_DC)
/* }}} */
/* {{{ mysqlnd_minfo_dump_api_plugins */
-static int
-mysqlnd_minfo_dump_api_plugins(void * pDest, void * buf TSRMLS_DC)
+static void
+mysqlnd_minfo_dump_api_plugins(smart_str * buffer TSRMLS_DC)
{
- smart_str * buffer = (smart_str *) buf;
- MYSQLND_REVERSE_API * ext = *(MYSQLND_REVERSE_API **) pDest;
- if (buffer->len) {
- smart_str_appendc(buffer, ',');
+ HashTable *ht = mysqlnd_reverse_api_get_api_list(TSRMLS_C);
+ Bucket *p;
+
+ p = ht->pListHead;
+ while(p != NULL) {
+ MYSQLND_REVERSE_API * ext = *(MYSQLND_REVERSE_API **) p->pData;
+ if (buffer->len) {
+ smart_str_appendc(buffer, ',');
+ }
+ smart_str_appends(buffer, ext->module->name);
+
+ p = p->pListNext;
}
- smart_str_appends(buffer, ext->module->name);
- return ZEND_HASH_APPLY_KEEP;
}
/* }}} */
@@ -189,7 +195,7 @@ PHP_MINFO_FUNCTION(mysqlnd)
php_info_print_table_row(2, "Loaded plugins", tmp_str.c);
smart_str_free(&tmp_str);
-
zend_hash_apply_with_argument(mysqlnd_reverse_api_get_api_list(TSRMLS_C),
mysqlnd_minfo_dump_api_plugins, &tmp_str TSRMLS_CC);
+ mysqlnd_minfo_dump_api_plugins(&tmp_str TSRMLS_CC);
smart_str_0(&tmp_str);
php_info_print_table_row(2, "API Extensions", tmp_str.c);
smart_str_free(&tmp_str);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix folding marks: ext/mysqlnd/mysqlnd_plugin.c
Commit:fb3b6bcf8384c375ddffce85d5e652ec609ccf7a
Author:Johannes Schlüter Tue, 8 May 2012
15:18:33 +0200
Parents: 340091469a2838ee633764279d988e830f40acde
Branches: PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=fb3b6bcf8384c375ddffce85d5e652ec609ccf7a
Log:
Fix folding marks
Changed paths:
M ext/mysqlnd/mysqlnd_plugin.c
Diff:
diff --git a/ext/mysqlnd/mysqlnd_plugin.c b/ext/mysqlnd/mysqlnd_plugin.c
index b295ad7..457596f 100644
--- a/ext/mysqlnd/mysqlnd_plugin.c
+++ b/ext/mysqlnd/mysqlnd_plugin.c
@@ -65,7 +65,7 @@ static struct st_mysqlnd_typeii_plugin_example
mysqlnd_example_plugin =
};
-/* {{{ mysqlnd_plugin_subsystem_init */
+/* {{{ mysqlnd_example_plugin_end */
static
enum_func_status mysqlnd_example_plugin_end(void * p TSRMLS_DC)
{
@@ -78,7 +78,7 @@ enum_func_status mysqlnd_example_plugin_end(void * p
TSRMLS_DC)
/* }}} */
-/* {{{ mysqlnd_plugin_subsystem_init */
+/* {{{ mysqlnd_example_plugin_register */
void
mysqlnd_example_plugin_register(TSRMLS_D)
{
@@ -104,7 +104,7 @@ mysqlnd_plugin_subsystem_init(TSRMLS_D)
/* }}} */
-/* {{{ mysqlnd_plugin_subsystem_init */
+/* {{{ mysqlnd_plugin_end_apply_func */
int
mysqlnd_plugin_end_apply_func(void *pDest TSRMLS_DC)
{
@@ -136,7 +136,7 @@ PHPAPI unsigned int mysqlnd_plugin_register()
/* }}} */
-/* {{{ mysqlnd_plugin_register */
+/* {{{ mysqlnd_plugin_register_ex */
PHPAPI unsigned int mysqlnd_plugin_register_ex(struct st_mysqlnd_plugin_header
* plugin TSRMLS_DC)
{
if (plugin) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: This will be PHP 5.3.14: NEWS configure.in main/php_version.h
Commit:e120a0c7f30953774d3ff2ac1a14b2ab623a047c
Author:Johannes Schlüter Tue, 8 May 2012
11:28:15 +0200
Parents: 000e84aa88ce16deabbf61e7086fc8db63ca88aa
Branches: PHP-5.3 PHP-5.4 master
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=e120a0c7f30953774d3ff2ac1a14b2ab623a047c
Log:
This will be PHP 5.3.14
Changed paths:
M NEWS
M configure.in
M main/php_version.h
Diff:
diff --git a/NEWS b/NEWS
index c2b10e5..c354b39 100644
--- a/NEWS
+++ b/NEWS
@@ -40,13 +40,19 @@ PHP
NEWS
. Fixed bug #61961 (file_get_contents leaks when access empty file with
maxlen set). (Reeze)
-(merge after 5.3.11 release)
+08 May 2012, PHP 5.3.13
+- CGI
+ . Improve fix for PHP-CGI query string parameter vulnerability,
CVE-2012-2311.
+(Stas)
+
+03 May 2012, PHP 5.3.12
+- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)
+
+26 Apr 2012, PHP 5.3.11
- Core:
- . Fixed bug #61605 (header_remove() does not remove all headers).
-(Laruence)
- . Fixed bug #61541 (Segfault when using ob_* in output_callback).
-(reeze@gmail.com)
+ . Fixed bug #61650 (ini parser crashes when using ${} ini variables
+(without apache2)). (Laruence)
. Fixed bug #61273 (call_user_func_array with more than 16333 arguments
leaks / crashes). (Laruence)
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
@@ -93,14 +99,17 @@ PHP
NEWS
. Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
- Fileinfo
+ . Upgraded libmagic to 5.11 (Pierre, Anatoliy)
+ . Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a
+directory descriptor under windows. (Anatoliy)
+ . Fixed bug #61566 failure caused by the posix lseek and read versions
+under windows in cdf_read(). (Anatoliy)
. Fixed bug #61173 (Unable to detect error from finfo constructor). (Gustavo)
- Firebird Database extension (ibase):
. Fixed bug #60802 (ibase_trans() gives segfault when passing params).
- Libxml:
- . Fixed bug #61617 (Libxml tests failed(ht is already destroyed)).
-(Laruence)
. Fixed bug #61367 (open_basedir bypass using libxml RSHUTDOWN).
(Tim Starling)
@@ -123,6 +132,10 @@ PHP
NEWS
- PDO_Sqlite extension:
. Add createCollation support. (Damien)
+- pgsql:
+ . Fixed bug #60718 (Compile problem with libpq (PostgreSQL 7.3 or less).
+(Yasuo Ohgaki)
+
- Phar:
. Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL
bytes). (Nikic)
diff --git a/configure.in b/configure.in
index b257cbb..35356d0 100644
--- a/configure.in
+++ b/configure.in
@@ -41,7 +41,7 @@ AC_CONFIG_HEADER(main/php_config.h)
PHP_MAJOR_VERSION=5
PHP_MINOR_VERSION=3
-PHP_RELEASE_VERSION=13
+PHP_RELEASE_VERSION=14
PHP_EXTRA_VERSION="-dev"
PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION"
PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \*
100 + [$]PHP_RELEASE_VERSION`
diff --git a/main/php_version.h b/main/php_version.h
index 358c6c0..0b523d7 100644
--- a/main/php_version.h
+++ b/main/php_version.h
@@ -2,7 +2,7 @@
/* edit configure.in to change version number */
#define PHP_MAJOR_VERSION 5
#define PHP_MINOR_VERSION 3
-#define PHP_RELEASE_VERSION 13
+#define PHP_RELEASE_VERSION 14
#define PHP_EXTRA_VERSION "-dev"
-#define PHP_VERSION "5.3.13-dev"
-#define PHP_VERSION_ID 50313
+#define PHP_VERSION "5.3.14-dev"
+#define PHP_VERSION_ID 50314
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: improve fix for CVE-2012-1823 (cherry picked from commit fc3ba0552fd5c2d7b5870f3e2fec0a9a2d2996f4): sapi/cgi/cgi_main.c
Commit:46d9cc3de9f2def8ab84d0b83cc89b6f85d7506a
Author:Stanislav Malyshev Mon, 7 May 2012 12:08:36
-0700
Committer: Johannes Schlüter Tue, 8 May 2012 11:15:23
+0200
Parents: 03cb63bc1da6344f65a075f25721d29b59670cfe
Branches: PHP-5.3.13
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=46d9cc3de9f2def8ab84d0b83cc89b6f85d7506a
Log:
improve fix for CVE-2012-1823
(cherry picked from commit fc3ba0552fd5c2d7b5870f3e2fec0a9a2d2996f4)
Changed paths:
M sapi/cgi/cgi_main.c
Diff:
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index bb37aba..62ccbf2 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1560,10 +1560,15 @@ int main(int argc, char *argv[])
}
}
- if(query_string = getenv("QUERY_STRING")) {
+ if((query_string = getenv("QUERY_STRING")) != NULL &&
strchr(query_string, '=') == NULL) {
+ /* we've got query string that has no = - apache CGI will pass
it to command line */
+ unsigned char *p;
decoded_query_string = strdup(query_string);
php_url_decode(decoded_query_string,
strlen(decoded_query_string));
- if(*decoded_query_string == '-' && strchr(decoded_query_string,
'=') == NULL) {
+ for (p = decoded_query_string; *p && *p <= ' '; p++) {
+ /* skip all leading spaces */
+ }
+ if(*p == '-') {
skip_getopt = 1;
}
free(decoded_query_string);
@@ -1818,7 +1823,7 @@ consult the installation file that came with this
distribution, or visit \n\
}
zend_first_try {
- while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg,
&php_optind, 1, 2)) != -1) {
+ while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS,
&php_optarg, &php_optind, 1, 2)) != -1) {
switch (c) {
case 'T':
benchmark = 1;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: PHP 5.3.13: NEWS configure.in main/php_version.h
Commit:e9354b53665e2d313f07d48ce3d227cc61a068dc Author:Johannes Schlüter Tue, 8 May 2012 11:22:27 +0200 Parents: 46d9cc3de9f2def8ab84d0b83cc89b6f85d7506a Branches: PHP-5.3.13 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e9354b53665e2d313f07d48ce3d227cc61a068dc Log: PHP 5.3.13 Changed paths: M NEWS M configure.in M main/php_version.h Diff: diff --git a/NEWS b/NEWS index 6d95962..124054e 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,11 @@ PHPNEWS ||| -03 Mar 2012, PHP 5.3.12 +08 May 2012, PHP 5.3.13 +- CGI + . Improve fix for PHP-CGI query string parameter vulnerability, CVE-2012-2311. +(Stas) + +03 May 2012, PHP 5.3.12 - Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus) 26 Apr 2012, PHP 5.3.11 diff --git a/configure.in b/configure.in index e9cf322..f8241e6 100644 --- a/configure.in +++ b/configure.in @@ -41,7 +41,7 @@ AC_CONFIG_HEADER(main/php_config.h) PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=3 -PHP_RELEASE_VERSION=12 +PHP_RELEASE_VERSION=13 PHP_EXTRA_VERSION="" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 1 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` diff --git a/main/php_version.h b/main/php_version.h index 5103b1c..f4753a2 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -4,5 +4,5 @@ #define PHP_MINOR_VERSION 3 #define PHP_RELEASE_VERSION 12 #define PHP_EXTRA_VERSION "" -#define PHP_VERSION "5.3.12" -#define PHP_VERSION_ID 50312 +#define PHP_VERSION "5.3.13" +#define PHP_VERSION_ID 50313 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] tag php-src: create tag php-5.3.13
Tag php-5.3.13 in php-src.git was created Tag: ce915805eb49518a83d8ce04eeca5f89e32a616c Tagger: Johannes Schlüter Tue May 8 11:22:55 2012 +0200 Log: PHP 5.3.13 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (SunOS) iQEcBAABAgAGBQJPqOX4AAoJEH3sTmn8nIPXsCwIAMacmignMUwFQeRAPZDIgVNp 5lpUEm99Q5WJI0SphOFKw6CD7g32p/fXbkSZClK7huPCRa9xYo3DPBjxPyQn0UC0 yPPKp+7mn+kn/pZTGJwWDGW4socqJV7/WLL+RSJ+WJml/82m+XGMbef1BydQPRZr Vgv2H45gvxqAzuuIvl/GyCpH+wHlKD0v7FLXcvvusQTkPC6HDrUME/ILlqCvl0od cp2fXqS2zf5N4lWnoZbqUtw3bOrTgdQmhpWdJw936bjK1dKg5J2rhM0F1pafxmTd /ku/+5/1v86LHQWPcJTSr1UMrzY1FcyQkp526Z79rdwbxqW2CTekXM7yvoBeA0w= =mgA1 -END PGP SIGNATURE- Link: http://git.php.net/?p=php-src.git;a=tag;h=ce915805eb49518a83d8ce04eeca5f89e32a616c Target: e9354b53665e2d313f07d48ce3d227cc61a068dc Author: Johannes Schlüter Tue, 8 May 2012 11:22:27 +0200 Parents: 46d9cc3de9f2def8ab84d0b83cc89b6f85d7506a Target link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e9354b53665e2d313f07d48ce3d227cc61a068dc Target log: PHP 5.3.13 Changed paths: M NEWS M configure.in M main/php_version.h -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
