[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
stasWed Aug 1 23:52:43 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: revert wrong fix http://cvs.php.net/viewvc.cgi/php-src/main/main.c?r1=1.512.2.63.2.16r2=1.512.2.63.2.17diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.16 php-src/main/main.c:1.512.2.63.2.17 --- php-src/main/main.c:1.512.2.63.2.16 Tue Jul 10 18:35:13 2007 +++ php-src/main/main.c Wed Aug 1 23:52:43 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.16 2007/07/10 18:35:13 stas Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.17 2007/08/01 23:52:43 stas Exp $ */ /* {{{ includes */ @@ -384,14 +384,6 @@ return; } #endif - if (PG(safe_mode) (!php_checkuid(PG(error_log), NULL, CHECKUID_CHECK_FILE_AND_DIR|CHECKUID_NO_ERRORS))) { - return FAILURE; - } - - if (PG(open_basedir) php_check_open_basedir_ex(PG(error_log), 0 TSRMLS_CC)) { - return FAILURE; - } - log_file = VCWD_FOPEN(PG(error_log), ab); if (log_file != NULL) { time(error_time); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
stasTue Jul 10 18:35:13 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: check if write is allowed before writing to error log http://cvs.php.net/viewvc.cgi/php-src/main/main.c?r1=1.512.2.63.2.15r2=1.512.2.63.2.16diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.15 php-src/main/main.c:1.512.2.63.2.16 --- php-src/main/main.c:1.512.2.63.2.15 Tue May 22 18:16:37 2007 +++ php-src/main/main.c Tue Jul 10 18:35:13 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.15 2007/05/22 18:16:37 stas Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.16 2007/07/10 18:35:13 stas Exp $ */ /* {{{ includes */ @@ -384,6 +384,14 @@ return; } #endif + if (PG(safe_mode) (!php_checkuid(PG(error_log), NULL, CHECKUID_CHECK_FILE_AND_DIR|CHECKUID_NO_ERRORS))) { + return FAILURE; + } + + if (PG(open_basedir) php_check_open_basedir_ex(PG(error_log), 0 TSRMLS_CC)) { + return FAILURE; + } + log_file = VCWD_FOPEN(PG(error_log), ab); if (log_file != NULL) { time(error_time); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
On Tue, 10 Jul 2007, Stanislav Malyshev wrote: stas Tue Jul 10 18:35:13 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: check if write is allowed before writing to error log Could you please add a NEWS entry for this one as well? regards, Derick -- Derick Rethans http://derickrethans.nl | http://ez.no | http://xdebug.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c php_globals.h php_variables.c
stasTue May 22 18:16:38 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c php_globals.h php_variables.c Log: fix for CVE-2007-1285 - crash on deep input variable nesting http://cvs.php.net/viewvc.cgi/php-src/main/main.c?r1=1.512.2.63.2.14r2=1.512.2.63.2.15diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.14 php-src/main/main.c:1.512.2.63.2.15 --- php-src/main/main.c:1.512.2.63.2.14 Mon Jan 1 09:46:50 2007 +++ php-src/main/main.c Tue May 22 18:16:37 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.14 2007/01/01 09:46:50 sebastian Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.15 2007/05/22 18:16:37 stas Exp $ */ /* {{{ includes */ @@ -338,6 +338,7 @@ STD_PHP_INI_ENTRY(upload_max_filesize,2M, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateInt, upload_max_filesize,php_core_globals, core_globals) STD_PHP_INI_ENTRY(post_max_size, 8M, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateInt, post_max_size, sapi_globals_struct,sapi_globals) STD_PHP_INI_ENTRY(upload_tmp_dir, NULL, PHP_INI_SYSTEM, OnUpdateStringUnempty, upload_tmp_dir, php_core_globals, core_globals) + STD_PHP_INI_ENTRY(max_input_nesting_level, 500, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero, max_input_nesting_level,php_core_globals, core_globals) STD_PHP_INI_ENTRY(user_dir, NULL, PHP_INI_SYSTEM, OnUpdateString, user_dir, php_core_globals, core_globals) STD_PHP_INI_ENTRY(variables_order,NULL, PHP_INI_ALL,OnUpdateStringUnempty, variables_order, php_core_globals, core_globals) http://cvs.php.net/viewvc.cgi/php-src/main/php_globals.h?r1=1.84.2.6.8.2r2=1.84.2.6.8.3diff_format=u Index: php-src/main/php_globals.h diff -u php-src/main/php_globals.h:1.84.2.6.8.2 php-src/main/php_globals.h:1.84.2.6.8.3 --- php-src/main/php_globals.h:1.84.2.6.8.2 Mon Jan 1 09:46:50 2007 +++ php-src/main/php_globals.h Tue May 22 18:16:38 2007 @@ -141,6 +141,7 @@ zend_bool always_populate_raw_post_data; long serialize_precision; + long max_input_nesting_level; }; http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.45.2.13.2.10r2=1.45.2.13.2.11diff_format=u Index: php-src/main/php_variables.c diff -u php-src/main/php_variables.c:1.45.2.13.2.10 php-src/main/php_variables.c:1.45.2.13.2.11 --- php-src/main/php_variables.c:1.45.2.13.2.10 Fri Apr 13 00:42:48 2007 +++ php-src/main/php_variables.cTue May 22 18:16:38 2007 @@ -16,7 +16,7 @@ | Zeev Suraski [EMAIL PROTECTED]| +--+ */ -/* $Id: php_variables.c,v 1.45.2.13.2.10 2007/04/13 00:42:48 stas Exp $ */ +/* $Id: php_variables.c,v 1.45.2.13.2.11 2007/05/22 18:16:38 stas Exp $ */ #include stdio.h #include php.h @@ -66,6 +66,7 @@ zval *gpc_element, **gpc_element_p; zend_bool is_array; HashTable *symtable1=NULL; + int nest_level = 0; assert(var != NULL); @@ -128,6 +129,10 @@ char *escaped_index = NULL, *index_s; int new_idx_len = 0; + if(++nest_level PG(max_input_nesting_level)) { + /* too many levels of nesting */ + php_error_docref(NULL TSRMLS_CC, E_ERROR, Input variable nesting level more than allowed %d (change max_input_nesting_level in php.ini to increase the limit), PG(max_input_nesting_level)); + } ip++; index_s = ip; if (isspace(*ip)) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_4_4) /main main.c php_globals.h php_variables.c
Again, please use the [DOC] tag in your commit message to let the doc team know. And don't forget to update php.ini-dist/recommended NEWS Btw; did you really mean to set the default value to 500? (its 64 in 5.2) -Hannes On 5/22/07, Stanislav Malyshev [EMAIL PROTECTED] wrote: stasTue May 22 18:16:38 2007 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c php_globals.h php_variables.c Log: fix for CVE-2007-1285 - crash on deep input variable nesting http://cvs.php.net/viewvc.cgi/php-src/main/main.c?r1=1.512.2.63.2.14r2=1.512.2.63.2.15diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.14 php-src/main/main.c:1.512.2.63.2.15 --- php-src/main/main.c:1.512.2.63.2.14 Mon Jan 1 09:46:50 2007 +++ php-src/main/main.c Tue May 22 18:16:37 2007 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.14 2007/01/01 09:46:50 sebastian Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.15 2007/05/22 18:16:37 stas Exp $ */ /* {{{ includes */ @@ -338,6 +338,7 @@ STD_PHP_INI_ENTRY(upload_max_filesize,2M, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateInt,upload_max_filesize, php_core_globals, core_globals) STD_PHP_INI_ENTRY(post_max_size, 8M, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateInt,post_max_size, sapi_globals_struct,sapi_globals) STD_PHP_INI_ENTRY(upload_tmp_dir, NULL, PHP_INI_SYSTEM, OnUpdateStringUnempty, upload_tmp_dir, php_core_globals, core_globals) + STD_PHP_INI_ENTRY(max_input_nesting_level, 500, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero, max_input_nesting_level, php_core_globals, core_globals) STD_PHP_INI_ENTRY(user_dir, NULL, PHP_INI_SYSTEM, OnUpdateString, user_dir, php_core_globals, core_globals) STD_PHP_INI_ENTRY(variables_order,NULL, PHP_INI_ALL,OnUpdateStringUnempty, variables_order, php_core_globals, core_globals) http://cvs.php.net/viewvc.cgi/php-src/main/php_globals.h?r1=1.84.2.6.8.2r2=1.84.2.6.8.3diff_format=u Index: php-src/main/php_globals.h diff -u php-src/main/php_globals.h:1.84.2.6.8.2 php-src/main/php_globals.h:1.84.2.6.8.3 --- php-src/main/php_globals.h:1.84.2.6.8.2 Mon Jan 1 09:46:50 2007 +++ php-src/main/php_globals.h Tue May 22 18:16:38 2007 @@ -141,6 +141,7 @@ zend_bool always_populate_raw_post_data; long serialize_precision; + long max_input_nesting_level; }; http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.45.2.13.2.10r2=1.45.2.13.2.11diff_format=u Index: php-src/main/php_variables.c diff -u php-src/main/php_variables.c:1.45.2.13.2.10 php-src/main/php_variables.c:1.45.2.13.2.11 --- php-src/main/php_variables.c:1.45.2.13.2.10 Fri Apr 13 00:42:48 2007 +++ php-src/main/php_variables.cTue May 22 18:16:38 2007 @@ -16,7 +16,7 @@ | Zeev Suraski [EMAIL PROTECTED]| +--+ */ -/* $Id: php_variables.c,v 1.45.2.13.2.10 2007/04/13 00:42:48 stas Exp $ */ +/* $Id: php_variables.c,v 1.45.2.13.2.11 2007/05/22 18:16:38 stas Exp $ */ #include stdio.h #include php.h @@ -66,6 +66,7 @@ zval *gpc_element, **gpc_element_p; zend_bool is_array; HashTable *symtable1=NULL; + int nest_level = 0; assert(var != NULL); @@ -128,6 +129,10 @@ char *escaped_index = NULL, *index_s; int new_idx_len = 0; + if(++nest_level PG(max_input_nesting_level)) { + /* too many levels of nesting */ + php_error_docref(NULL TSRMLS_CC, E_ERROR, Input variable nesting level more than allowed %d (change max_input_nesting_level in php.ini to increase the limit), PG(max_input_nesting_level)); + } ip++; index_s = ip; if (isspace(*ip)) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
tony2001Thu Dec 28 12:03:00 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: MFH http://cvs.php.net/viewvc.cgi/php-src/main/main.c?r1=1.512.2.63.2.12r2=1.512.2.63.2.13diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.12 php-src/main/main.c:1.512.2.63.2.13 --- php-src/main/main.c:1.512.2.63.2.12 Tue Dec 26 17:33:12 2006 +++ php-src/main/main.c Thu Dec 28 12:02:59 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.12 2006/12/26 17:33:12 iliaa Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.13 2006/12/28 12:02:59 tony2001 Exp $ */ /* {{{ includes */ @@ -824,7 +824,7 @@ if ((EG(error_reporting)E_WARNING) PG(report_memleaks)) { #if ZEND_DEBUG - char memory_leak_buf[512]; + char memory_leak_buf[1024]; if (message==ZMSG_MEMORY_LEAK_DETECTED) { zend_mem_header *t = (zend_mem_header *) data; @@ -835,7 +835,7 @@ char relay_buf[512]; snprintf(relay_buf, 512, %s(%d) : Actual location (location was relayed)\n, t-orig_filename, t-orig_lineno); - strcat(memory_leak_buf, relay_buf); + strlcat(memory_leak_buf, relay_buf, sizeof(memory_leak_buf)); } } else { unsigned long leak_count = (unsigned long) data; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
tony2001Thu May 18 22:30:52 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: fix leak (and possible segfault?) see bug #30397 for more details, somebody should really consider doing MFH when fixing such critical things http://cvs.php.net/viewcvs.cgi/php-src/main/main.c?r1=1.512.2.63.2.9r2=1.512.2.63.2.10diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.9 php-src/main/main.c:1.512.2.63.2.10 --- php-src/main/main.c:1.512.2.63.2.9 Mon Jan 30 15:31:10 2006 +++ php-src/main/main.c Thu May 18 22:30:52 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.9 2006/01/30 15:31:10 iliaa Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.10 2006/05/18 22:30:52 tony2001 Exp $ */ /* {{{ includes */ @@ -1108,7 +1108,6 @@ sapi_module = *sf; php_output_startup(); - php_output_activate(TSRMLS_C); zuf.error_function = php_error_cb; zuf.printf_function = php_printf; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
tony2001Thu May 18 22:36:14 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: fix compile warning http://cvs.php.net/viewcvs.cgi/php-src/main/main.c?r1=1.512.2.63.2.10r2=1.512.2.63.2.11diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.10 php-src/main/main.c:1.512.2.63.2.11 --- php-src/main/main.c:1.512.2.63.2.10 Thu May 18 22:30:52 2006 +++ php-src/main/main.c Thu May 18 22:36:14 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.10 2006/05/18 22:30:52 tony2001 Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.11 2006/05/18 22:36:14 tony2001 Exp $ */ /* {{{ includes */ @@ -501,7 +501,7 @@ php_error(type, %s(%s): %s, get_active_function_name(TSRMLS_C), params, buffer); } else if (PG(html_errors)) { int len; - char *replace = php_escape_html_entities(params, strlen(params), len, 0, ENT_COMPAT, NULL TSRMLS_CC); + char *replace = php_escape_html_entities((unsigned char *)params, strlen(params), len, 0, ENT_COMPAT, NULL TSRMLS_CC); php_error(type, %s(%s) [a href='%s%s%s'%s/a]: %s, get_active_function_name(TSRMLS_C), replace, docref_root, docref, docref_target, docref, buffer); efree(replace); } else { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
iliaa Mon Jan 30 15:31:10 2006 UTC Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: Fixed error reporting logic for HTML errors http://cvs.php.net/viewcvs.cgi/php-src/main/main.c?r1=1.512.2.63.2.8r2=1.512.2.63.2.9diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.8 php-src/main/main.c:1.512.2.63.2.9 --- php-src/main/main.c:1.512.2.63.2.8 Sun Jan 1 13:46:59 2006 +++ php-src/main/main.c Mon Jan 30 15:31:10 2006 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.8 2006/01/01 13:46:59 sniper Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.9 2006/01/30 15:31:10 iliaa Exp $ */ /* {{{ includes */ @@ -496,7 +496,7 @@ } } } - if (!PG(html_errors) || !strlen(PG(docref_root))) { + if (!PG(html_errors) !strlen(PG(docref_root))) { /* no docref and no html errors - do not point to any documentation (e.g. production boxes) */ php_error(type, %s(%s): %s, get_active_function_name(TSRMLS_C), params, buffer); } else if (PG(html_errors)) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
hyanantha Thu Sep 15 10:06:18 2005 EDT Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: NetWare does not have sendmail binary to send mail. --Kamesh http://cvs.php.net/diff.php/php-src/main/main.c?r1=1.512.2.63.2.3r2=1.512.2.63.2.4ty=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.3 php-src/main/main.c:1.512.2.63.2.4 --- php-src/main/main.c:1.512.2.63.2.3 Wed Aug 17 11:34:24 2005 +++ php-src/main/main.c Thu Sep 15 10:06:15 2005 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.3 2005/08/17 15:34:24 iliaa Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.4 2005/09/15 14:06:15 hyanantha Exp $ */ /* {{{ includes */ @@ -257,7 +257,7 @@ # define PHP_SAFE_MODE_EXEC_DIR #endif -#ifdef PHP_PROG_SENDMAIL +#if defined(PHP_PROG_SENDMAIL) !defined(NETWARE) # define DEFAULT_SENDMAIL_PATH PHP_PROG_SENDMAIL -t -i #else # define DEFAULT_SENDMAIL_PATH NULL -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
iliaa Wed Aug 17 11:34:24 2005 EDT Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: MFH: Fix EOLs under windows http://cvs.php.net/diff.php/php-src/main/main.c?r1=1.512.2.63.2.2r2=1.512.2.63.2.3ty=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63.2.2 php-src/main/main.c:1.512.2.63.2.3 --- php-src/main/main.c:1.512.2.63.2.2 Tue Jul 26 09:51:31 2005 +++ php-src/main/main.c Wed Aug 17 11:34:24 2005 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63.2.2 2005/07/26 13:51:31 hyanantha Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.3 2005/08/17 15:34:24 iliaa Exp $ */ /* {{{ includes */ @@ -378,7 +378,7 @@ return; } #endif - log_file = VCWD_FOPEN(PG(error_log), a); + log_file = VCWD_FOPEN(PG(error_log), ab); if (log_file != NULL) { time(error_time); strftime(error_time_str, sizeof(error_time_str), %d-%b-%Y %H:%M:%S, php_localtime_r(error_time, tmbuf)); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_4_4) /main main.c
tony2001Mon Jun 20 15:59:43 2005 EDT Modified files: (Branch: PHP_4_4) /php-src/main main.c Log: MFH: reorder and prevent memleak: bailout after free() http://cvs.php.net/diff.php/php-src/main/main.c?r1=1.512.2.63r2=1.512.2.63.2.1ty=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.512.2.63 php-src/main/main.c:1.512.2.63.2.1 --- php-src/main/main.c:1.512.2.63 Mon May 16 04:55:31 2005 +++ php-src/main/main.c Mon Jun 20 15:59:43 2005 @@ -18,7 +18,7 @@ +--+ */ -/* $Id: main.c,v 1.512.2.63 2005/05/16 08:55:31 tony2001 Exp $ */ +/* $Id: main.c,v 1.512.2.63.2.1 2005/06/20 19:59:43 tony2001 Exp $ */ /* {{{ includes */ @@ -702,8 +702,8 @@ /* restore memory limit */ AG(memory_limit) = PG(memory_limit); #endif - zend_bailout(); efree(buffer); + zend_bailout(); return; } break; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php