Author: hawk Date: Wed Apr 26 14:01:47 2006 GMT Module: SOURCES Tag: RA-branch_general ---- Log message: - merged from php4.spec and adjusted for Ra
---- Files affected: SOURCES: php-zlib-for-getimagesize.patch (1.1 -> 1.1.4.1) , php-ini-search-path.patch (1.1 -> 1.1.4.1) , php-openssl-huge-hack.patch (1.1 -> 1.1.4.1) , php-CVE-2006-0996.patch (1.2 -> 1.2.6.1) , php-CVE-2006-1490.patch (1.1 -> 1.1.6.1) ---- Diffs: ================================================================ Index: SOURCES/php-zlib-for-getimagesize.patch diff -u SOURCES/php-zlib-for-getimagesize.patch:1.1 SOURCES/php-zlib-for-getimagesize.patch:1.1.4.1 --- SOURCES/php-zlib-for-getimagesize.patch:1.1 Fri Jan 6 19:23:20 2006 +++ SOURCES/php-zlib-for-getimagesize.patch Wed Apr 26 16:01:42 2006 @@ -2,6 +2,15 @@ link core php with -lz for getimagesize() see also http://bugs.php.net/bug.php?id=29611 +--- php-4.4.1/ext/zlib/config0.m4~ 2006-01-06 19:09:51.000000000 +0200 ++++ php-4.4.1/ext/zlib/config0.m4 2006-01-06 19:09:52.000000000 +0200 +@@ -49,5 +49,6 @@ + PHP_ZLIB_DIR=$ZLIB_DIR + PHP_ADD_LIBRARY(z,, ZLIB_SHARED_LIBADD) + PHP_ADD_INCLUDE($ZLIB_INCDIR) ++ EXTRA_LIBS="$EXTRA_LIBS $ZLIB_SHARED_LIBADD" + + fi --- php-4.4.1/ext/standard/image.c 2005-07-27 14:22:36.000000000 +0300 +++ /tmp/image.c 2006-01-06 19:14:00.000000000 +0200 @@ -31,7 +31,7 @@ ================================================================ Index: SOURCES/php-ini-search-path.patch diff -u SOURCES/php-ini-search-path.patch:1.1 SOURCES/php-ini-search-path.patch:1.1.4.1 --- SOURCES/php-ini-search-path.patch:1.1 Tue Jan 17 16:05:40 2006 +++ SOURCES/php-ini-search-path.patch Wed Apr 26 16:01:42 2006 @@ -1,32 +1,32 @@ see also http://bugs.php.net/bug.php?id=34793 ---- php-5.1.2/main/php_ini.c~ 2006-01-12 23:46:12.000000000 +0200 -+++ php-5.1.2/main/php_ini.c 2006-01-17 17:01:16.000000000 +0200 -@@ -330,6 +330,7 @@ - strcat(php_ini_search_path, env_location); - } +--- php-4.4.2/main/php_ini.c~ 2006-01-17 19:02:09.000000000 +0200 ++++ php-4.4.2/main/php_ini.c 2006-01-17 19:26:46.000000000 +0200 +@@ -19,7 +19,7 @@ + /* $Id$ */ -+#ifdef PHP_WIN32 - /* Add cwd (only with CLI) */ - if (strcmp(sapi_module.name, "cli") == 0) { - if (*php_ini_search_path) { -@@ -339,7 +340,6 @@ - } + /* Check CWD for php.ini */ +-#define INI_CHECK_CWD ++#undef INI_CHECK_CWD - /* Add binary directory */ --#ifdef PHP_WIN32 - binary_location = (char *) emalloc(MAXPATHLEN); - if (GetModuleFileName(0, binary_location, MAXPATHLEN) == 0) { + #include "php.h" + #include "ext/standard/info.h" +@@ -328,13 +327,13 @@ efree(binary_location); -@@ -356,6 +356,8 @@ binary_location = NULL; } - #endif +-#else ++ + if (sapi_module.executable_location) { + binary_location = estrdup(sapi_module.executable_location); + } else { + binary_location = NULL; + } +-#endif + -+#ifdef PHP_WIN32 if (binary_location) { char *separator_location = strrchr(binary_location, DEFAULT_SLASH); -@@ -370,7 +372,6 @@ +@@ -349,7 +348,6 @@ } /* Add default location */ ================================================================ Index: SOURCES/php-openssl-huge-hack.patch diff -u SOURCES/php-openssl-huge-hack.patch:1.1 SOURCES/php-openssl-huge-hack.patch:1.1.4.1 --- SOURCES/php-openssl-huge-hack.patch:1.1 Wed Jan 25 12:26:11 2006 +++ SOURCES/php-openssl-huge-hack.patch Wed Apr 26 16:01:42 2006 @@ -1,7 +1,7 @@ -diff -urN php-5.1.2.org/ext/curl/interface.c php-5.1.2/ext/curl/interface.c ---- php-5.1.2.org/ext/curl/interface.c 2006-01-05 19:07:55.000000000 +0100 -+++ php-5.1.2/ext/curl/interface.c 2006-01-25 14:42:08.980963000 +0100 -@@ -476,6 +476,8 @@ +diff -urN php-4.4.2.org/ext/curl/curl.c php-4.4.2/ext/curl/curl.c +--- php-4.4.2.org/ext/curl/curl.c 2006-01-05 19:03:18.000000000 +0100 ++++ php-4.4.2/ext/curl/curl.c 2006-01-25 22:23:03.429339500 +0100 +@@ -427,6 +427,8 @@ } /* }}} */ @@ -10,7 +10,7 @@ /* {{{ PHP_MSHUTDOWN_FUNCTION */ PHP_MSHUTDOWN_FUNCTION(curl) -@@ -486,6 +488,7 @@ +@@ -437,6 +439,7 @@ php_unregister_url_stream_wrapper("ftp" TSRMLS_CC); php_unregister_url_stream_wrapper("ldap" TSRMLS_CC); #endif @@ -18,7 +18,7 @@ curl_global_cleanup(); #ifdef PHP_CURL_NEED_SSL_TSL php_curl_ssl_cleanup(); -@@ -1621,9 +1624,8 @@ +@@ -1465,9 +1468,8 @@ for (i = 0; i < c; ++i) { php_curl_openssl_tsl[i] = tsrm_mutex_alloc(); } @@ -30,7 +30,7 @@ } static inline void php_curl_ssl_cleanup(void) -@@ -1645,6 +1647,17 @@ +@@ -1489,6 +1491,17 @@ #endif /* PHP_CURL_NEED_OPENSSL_TSL */ /* }}} */ ================================================================ Index: SOURCES/php-CVE-2006-0996.patch diff -u SOURCES/php-CVE-2006-0996.patch:1.2 SOURCES/php-CVE-2006-0996.patch:1.2.6.1 --- SOURCES/php-CVE-2006-0996.patch:1.2 Thu Apr 20 00:26:08 2006 +++ SOURCES/php-CVE-2006-0996.patch Wed Apr 26 16:01:42 2006 @@ -3,21 +3,23 @@ via long array variables, including (1) a large number of dimensions or (2) long values, which prevents HTML tags from being removed. -Patch pulled from cvs.php.net +Patch based on php-CVE-2006-0996.patch + gcc 2.95 compilation fix from PHP CVS ---- php-5.1.2/ext/standard/info.c 2006/01/01 12:50:15 1.249.2.7 -+++ php-5.1.2/ext/standard/info.c 2006/03/30 19:58:18 1.249.2.9 -@@ -58,6 +58,21 @@ +--- php-4.4.2/ext/standard/info.c 2006-04-19 18:55:10.405669500 +0200 ++++ php-4.4.2/ext/standard/info.c 2006-04-19 18:57:39.610994250 +0200 +@@ -58,6 +58,23 @@ PHPAPI extern char *php_ini_opened_path; PHPAPI extern char *php_ini_scanned_files; + +static int php_info_write_wrapper(const char *str, uint str_length) +{ ++ int new_len, written; ++ char *elem_esc; ++ + TSRMLS_FETCH(); + -+ int new_len, written; -+ char *elem_esc = php_escape_html_entities((char *)str, str_length, &new_len, 0, ENT_QUOTES, NULL TSRMLS_CC); ++ elem_esc = php_escape_html_entities((char *)str, str_length, &new_len, 0, ENT_QUOTES, NULL TSRMLS_CC); + + written = php_body_write(elem_esc, new_len TSRMLS_CC); + @@ -29,36 +31,30 @@ /* {{{ _display_module_info */ -@@ -135,30 +150,13 @@ +@@ -133,23 +148,12 @@ PUTS(" => "); } if (Z_TYPE_PP(tmp) == IS_ARRAY) { - zval *tmp3; -- - MAKE_STD_ZVAL(tmp3); -- if (!sapi_module.phpinfo_as_text) { PUTS("<pre>"); - } - php_start_ob_buffer(NULL, 4096, 1 TSRMLS_CC); -- -- zend_print_zval_r(*tmp, 0 TSRMLS_CC); -- +- zend_print_zval_r(*tmp, 0); - php_ob_get_buffer(tmp3 TSRMLS_CC); - php_end_ob_buffer(0, 0 TSRMLS_CC); - +- elem_esc = php_info_html_esc(Z_STRVAL_P(tmp3) TSRMLS_CC); +- PUTS(elem_esc); +- efree(elem_esc); +- zval_ptr_dtor(&tmp3); +- - if (!sapi_module.phpinfo_as_text) { -- elem_esc = php_info_html_esc(Z_STRVAL_P(tmp3) TSRMLS_CC); -- PUTS(elem_esc); -- efree(elem_esc); + zend_print_zval_ex((zend_write_func_t) php_info_write_wrapper, *tmp, 0); PUTS("</pre>"); - } else { -- PUTS(Z_STRVAL_P(tmp3)); -+ zend_print_zval_r(*tmp, 0 TSRMLS_CC); ++ } else { ++ zend_print_zval_r(*tmp, 0); } -- zval_ptr_dtor(&tmp3); -- } else if (Z_TYPE_PP(tmp) != IS_STRING) { tmp2 = **tmp; - zval_copy_ctor(&tmp2); ================================================================ Index: SOURCES/php-CVE-2006-1490.patch diff -u SOURCES/php-CVE-2006-1490.patch:1.1 SOURCES/php-CVE-2006-1490.patch:1.1.6.1 --- SOURCES/php-CVE-2006-1490.patch:1.1 Wed Apr 19 18:42:01 2006 +++ SOURCES/php-CVE-2006-1490.patch Wed Apr 26 16:01:42 2006 @@ -7,12 +7,12 @@ Patch pulled from cvs.php.net ---- php-5.1.2/ext/standard/html.c 2006/01/01 12:50:14 1.111.2.1 -+++ php-5.1.2/ext/standard/html.c 2006/02/25 21:32:11 1.111.2.2 -@@ -884,7 +884,7 @@ +--- php-4.4.2/ext/standard/html.c 2006/01/01 13:46:57 1.63.2.23.2.1 ++++ php-4.4.2/ext/standard/html.c 2006/02/25 21:33:06 1.63.2.23.2.2 +@@ -793,7 +793,7 @@ + enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC); unsigned char replacement[15]; - int replacement_len; - + - ret = estrdup(old); + ret = estrndup(old, oldlen); retlen = oldlen; ================================================================ ---- CVS-web: http://cvs.pld-linux.org/SOURCES/php-zlib-for-getimagesize.patch?r1=1.1&r2=1.1.4.1&f=u http://cvs.pld-linux.org/SOURCES/php-ini-search-path.patch?r1=1.1&r2=1.1.4.1&f=u http://cvs.pld-linux.org/SOURCES/php-openssl-huge-hack.patch?r1=1.1&r2=1.1.4.1&f=u http://cvs.pld-linux.org/SOURCES/php-CVE-2006-0996.patch?r1=1.2&r2=1.2.6.1&f=u http://cvs.pld-linux.org/SOURCES/php-CVE-2006-1490.patch?r1=1.1&r2=1.1.6.1&f=u _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit