OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 22-Jul-2004 16:29:38
Branch: OPENPKG_2_0_SOLID Handle: 2004072215293700
Added files: (Branch: OPENPKG_2_0_SOLID)
openpkg-src/apache apache.patch.php
Modified files: (Branch: OPENPKG_2_0_SOLID)
openpkg-src/apache apache.spec
Log:
SA-2004.034-php; CAN-2004-0594, CAN-2004-0595
Summary:
Revision Changes Path
1.2.2.1 +610 -0 openpkg-src/apache/apache.patch.php
1.211.2.7 +3 -1 openpkg-src/apache/apache.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/apache/apache.patch.php
============================================================================
$ cvs diff -u -r0 -r1.2.2.1 apache.patch.php
--- /dev/null 2004-07-22 16:29:38 +0200
+++ apache.patch.php 2004-07-22 16:29:38 +0200
@@ -0,0 +1,610 @@
+OpenPKG-SA-2004.034-php; CAN-2004-0594, CAN-2004-0595
+
+Index: php-4.3.4/Zend/zend_alloc.c
+===================================================================
+--- php-4.3.4.orig/Zend/zend_alloc.c 2004-07-14 12:48:39.063013753 +0200
++++ php-4.3.4/Zend/zend_alloc.c 2004-07-14 12:48:53.975006655 +0200
+@@ -67,7 +67,7 @@
+ #define _CHECK_MEMORY_LIMIT(s, rs, file, lineno) { AG(allocated_memory) += rs;\
+ if
(AG(memory_limit)<AG(allocated_memory)) {\
+ int
php_mem_limit = AG(memory_limit); \
+- if
(AG(memory_limit)+1048576 > AG(allocated_memory) - rs) { \
++ if
(EG(in_execution) && AG(memory_limit)+1048576 > AG(allocated_memory) - rs) { \
+
AG(memory_limit) = AG(allocated_memory) + 1048576; \
+ if
(file) { \
+
zend_error(E_ERROR,"Allowed memory size of %d bytes exhausted at %s:%d (tried to
allocate %d bytes)", php_mem_limit, file, lineno, s); \
+Index: php-4.3.4/Zend/zend_hash.c
+===================================================================
+--- php-4.3.4.orig/Zend/zend_hash.c 2004-07-14 13:14:45.475609161 +0200
++++ php-4.3.4/Zend/zend_hash.c 2004-07-14 13:14:55.865900116 +0200
+@@ -174,6 +174,7 @@
+ ZEND_API int zend_hash_init(HashTable *ht, uint nSize, hash_func_t pHashFunction,
dtor_func_t pDestructor, int persistent)
+ {
+ uint i = 3;
++ Bucket **tmp;
+
+ SET_INCONSISTENT(HT_OK);
+
+@@ -183,14 +184,6 @@
+
+ ht->nTableSize = 1 << i;
+ ht->nTableMask = ht->nTableSize - 1;
+-
+- /* Uses ecalloc() so that Bucket* == NULL */
+- ht->arBuckets = (Bucket **) pecalloc(ht->nTableSize, sizeof(Bucket *),
persistent);
+-
+- if (!ht->arBuckets) {
+- return FAILURE;
+- }
+-
+ ht->pDestructor = pDestructor;
+ ht->pListHead = NULL;
+ ht->pListTail = NULL;
+@@ -200,6 +193,16 @@
+ ht->persistent = persistent;
+ ht->nApplyCount = 0;
+ ht->bApplyProtection = 1;
++ ht->arBuckets = NULL;
++
++ /* Uses ecalloc() so that Bucket* == NULL */
++ tmp = (Bucket **) pecalloc(ht->nTableSize, sizeof(Bucket *), persistent);
++
++ if (!tmp) {
++ return FAILURE;
++ }
++ ht->arBuckets = tmp;
++
+ return SUCCESS;
+ }
+
+Index: php-4.3.4/Zend/zend_variables.c
+===================================================================
+--- php-4.3.4.orig/Zend/zend_variables.c 2004-07-14 13:14:45.481608752 +0200
++++ php-4.3.4/Zend/zend_variables.c 2004-07-14 13:14:55.865900116 +0200
+@@ -114,27 +114,31 @@
+ case IS_CONSTANT_ARRAY: {
+ zval *tmp;
+ HashTable *original_ht = zvalue->value.ht;
++ HashTable *tmp_ht = NULL;
+ TSRMLS_FETCH();
+
+ if (zvalue->value.ht == &EG(symbol_table)) {
+ return SUCCESS; /* do nothing */
+ }
+- ALLOC_HASHTABLE_REL(zvalue->value.ht);
+- zend_hash_init(zvalue->value.ht, 0, NULL,
ZVAL_PTR_DTOR, 0);
+- zend_hash_copy(zvalue->value.ht, original_ht,
(copy_ctor_func_t) zval_add_ref, (void *) &tmp, sizeof(zval *));
++ ALLOC_HASHTABLE_REL(tmp_ht);
++ zend_hash_init(tmp_ht, 0, NULL, ZVAL_PTR_DTOR, 0);
++ zend_hash_copy(tmp_ht, original_ht, (copy_ctor_func_t)
zval_add_ref, (void *) &tmp, sizeof(zval *));
++ zvalue->value.ht = tmp_ht;
+ }
+ break;
+ case IS_OBJECT: {
+ zval *tmp;
+ HashTable *original_ht = zvalue->value.obj.properties;
++ HashTable *tmp_ht = NULL;
+ TSRMLS_FETCH();
+
+ if (zvalue->value.obj.properties == &EG(symbol_table))
{
+ return SUCCESS; /* do nothing */
+ }
+- ALLOC_HASHTABLE_REL(zvalue->value.obj.properties);
+- zend_hash_init(zvalue->value.obj.properties, 0, NULL,
ZVAL_PTR_DTOR, 0);
+- zend_hash_copy(zvalue->value.obj.properties,
original_ht, (copy_ctor_func_t) zval_add_ref, (void *) &tmp, sizeof(zval *));
++ ALLOC_HASHTABLE_REL(tmp_ht);
++ zend_hash_init(tmp_ht, 0, NULL, ZVAL_PTR_DTOR, 0);
++ zend_hash_copy(tmp_ht, original_ht, (copy_ctor_func_t)
zval_add_ref, (void *) &tmp, sizeof(zval *));
++ zvalue->value.obj.properties = tmp_ht;
+ }
+ break;
+ }
+Index: php-4.3.4/ext/mssql/php_mssql.c
+===================================================================
+--- php-4.3.4.orig/ext/mssql/php_mssql.c 2004-07-14 13:14:45.428612368 +0200
++++ php-4.3.4/ext/mssql/php_mssql.c 2004-07-14 13:14:55.868899911 +0200
+@@ -343,6 +343,7 @@
+ PHP_RSHUTDOWN_FUNCTION(mssql)
+ {
+ STR_FREE(MS_SQL_G(appname));
++ MS_SQL_G(appname) = NULL;
+ if (MS_SQL_G(server_message)) {
+ STR_FREE(MS_SQL_G(server_message));
+ }
+Index: php-4.3.4/ext/session/session.c
+===================================================================
+--- php-4.3.4.orig/ext/session/session.c 2004-07-14 13:14:45.433612027 +0200
++++ php-4.3.4/ext/session/session.c 2004-07-14 13:14:55.869899843 +0200
+@@ -499,13 +499,16 @@
+
+ static void php_session_track_init(TSRMLS_D)
+ {
++ zval *session_vars = NULL;
++
+ /* Unconditionally destroy existing arrays -- possible dirty data */
+ zend_hash_del(&EG(symbol_table), "HTTP_SESSION_VARS",
+ sizeof("HTTP_SESSION_VARS"));
+ zend_hash_del(&EG(symbol_table), "_SESSION", sizeof("_SESSION"));
+
+- MAKE_STD_ZVAL(PS(http_session_vars));
+- array_init(PS(http_session_vars));
++ MAKE_STD_ZVAL(session_vars);
++ array_init(session_vars);
++ PS(http_session_vars) = session_vars;
+
+ ZEND_SET_GLOBAL_VAR_WITH_LENGTH("HTTP_SESSION_VARS",
sizeof("HTTP_SESSION_VARS"), PS(http_session_vars), 2, 1);
+ ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"),
PS(http_session_vars), 2, 1);
+Index: php-4.3.4/ext/sybase/php_sybase_db.c
+===================================================================
+--- php-4.3.4.orig/ext/sybase/php_sybase_db.c 2004-07-14 13:14:45.456610458
+0200
++++ php-4.3.4/ext/sybase/php_sybase_db.c 2004-07-14 13:14:55.871899707 +0200
+@@ -297,7 +297,9 @@
+ PHP_RSHUTDOWN_FUNCTION(sybase)
+ {
+ efree(php_sybase_module.appname);
++ php_sybase_module.appname = NULL;
+ STR_FREE(php_sybase_module.server_message);
++ php_sybase_module.server_message = NULL;
+ return SUCCESS;
+ }
+
+Index: php-4.3.4/ext/sybase_ct/php_sybase_ct.c
+===================================================================
+--- php-4.3.4.orig/ext/sybase_ct/php_sybase_ct.c 2004-07-14 13:14:45.470609502
+0200
++++ php-4.3.4/ext/sybase_ct/php_sybase_ct.c 2004-07-14 13:14:55.874899502 +0200
+@@ -407,11 +407,13 @@
+ PHP_RSHUTDOWN_FUNCTION(sybase)
+ {
+ efree(SybCtG(appname));
++ SybCtG(appname) = NULL;
+ if (SybCtG(callback_name)) {
+ zval_ptr_dtor(&SybCtG(callback_name));
+ SybCtG(callback_name)= NULL;
+ }
+ STR_FREE(SybCtG(server_message));
++ SybCtG(server_message) = NULL;
+ return SUCCESS;
+ }
+
+Index: php-4.3.4/ext/w32api/w32api.c
+===================================================================
+--- php-4.3.4.orig/ext/w32api/w32api.c 2004-07-14 13:14:45.450610867 +0200
++++ php-4.3.4/ext/w32api/w32api.c 2004-07-14 13:14:55.876899366 +0200
+@@ -290,20 +290,26 @@
+ */
+ PHP_RINIT_FUNCTION(w32api)
+ {
++ HashTable *tmp;
++ WG(funcs) = WG(libraries) = WG(callbacks) = WG(types) = NULL;
++
+ /* Allocate Request Specific HT's here
+ */
+- ALLOC_HASHTABLE(WG(funcs));
+- zend_hash_init(WG(funcs), 1, NULL, php_w32api_hash_func_dtor, 1);
+-
+- ALLOC_HASHTABLE(WG(libraries));
+- zend_hash_init(WG(libraries), 1, NULL, php_w32api_hash_lib_dtor, 1);
+-
+- ALLOC_HASHTABLE(WG(callbacks));
+- zend_hash_init(WG(callbacks), 1, NULL, php_w32api_hash_callback_dtor, 1);
+-
+- ALLOC_HASHTABLE(WG(types));
+- zend_hash_init(WG(types), 1, NULL, php_w32api_hash_type_dtor, 1);
+-
++ ALLOC_HASHTABLE(tmp);
++ zend_hash_init(tmp, 1, NULL, php_w32api_hash_func_dtor, 1);
++ WG(funcs) = tmp;
++
++ ALLOC_HASHTABLE(tmp);
++ zend_hash_init(tmp, 1, NULL, php_w32api_hash_lib_dtor, 1);
++ WG(libraries) = tmp;
++
++ ALLOC_HASHTABLE(tmp);
++ zend_hash_init(tmp, 1, NULL, php_w32api_hash_callback_dtor, 1);
++ WG(callbacks) = tmp;
++
++ ALLOC_HASHTABLE(tmp);
++ zend_hash_init(tmp, 1, NULL, php_w32api_hash_type_dtor, 1);
++ WG(types) = tmp;
+
+ return SUCCESS;
+
+@@ -330,6 +336,7 @@
+ zend_hash_destroy(WG(types));
+ FREE_HASHTABLE(WG(types));
+
++ WG(funcs) = WG(libraries) = WG(callbacks) = WG(types) = NULL;
+
+ return SUCCESS;
+ }
+Index: php-4.3.4/main/main.c
+===================================================================
+--- php-4.3.4.orig/main/main.c 2004-07-14 13:14:45.491608069 +0200
++++ php-4.3.4/main/main.c 2004-07-14 13:14:55.878899229 +0200
+@@ -1367,6 +1367,7 @@
+ int _gpc_flags[5] = {0, 0, 0, 0, 0};
+ zend_bool have_variables_order;
+ zval *dummy_track_vars_array = NULL;
++ zval *env_vars = NULL;
+ zend_bool initialized_dummy_track_vars_array=0;
+ int i;
+ char *variables_order;
+@@ -1399,9 +1400,10 @@
+ } else {
+ variables_order = PG(gpc_order);
+ have_variables_order=0;
+- ALLOC_ZVAL(PG(http_globals)[TRACK_VARS_ENV]);
+- array_init(PG(http_globals)[TRACK_VARS_ENV]);
+- INIT_PZVAL(PG(http_globals)[TRACK_VARS_ENV]);
++ ALLOC_ZVAL(env_vars);
++ array_init(env_vars);
++ INIT_PZVAL(env_vars);
++ PG(http_globals)[TRACK_VARS_ENV] = env_vars;
+ php_import_environment_variables(PG(http_globals)[TRACK_VARS_ENV]
TSRMLS_CC);
+ if (PG(register_globals)) {
+ php_autoglobal_merge(&EG(symbol_table),
Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_ENV]) TSRMLS_CC);
+@@ -1444,9 +1446,10 @@
+ case 'E':
+ if (!_gpc_flags[3]) {
+ if (have_variables_order) {
+-
ALLOC_ZVAL(PG(http_globals)[TRACK_VARS_ENV]);
+-
array_init(PG(http_globals)[TRACK_VARS_ENV]);
+-
INIT_PZVAL(PG(http_globals)[TRACK_VARS_ENV]);
++ ALLOC_ZVAL(env_vars);
++ array_init(env_vars);
++ INIT_PZVAL(env_vars);
++ PG(http_globals)[TRACK_VARS_ENV] =
env_vars;
+
php_import_environment_variables(PG(http_globals)[TRACK_VARS_ENV] TSRMLS_CC);
+ if (PG(register_globals)) {
+
php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_ENV])
TSRMLS_CC);
+Index: php-4.3.4/main/rfc1867.c
+===================================================================
+--- php-4.3.4.orig/main/rfc1867.c 2004-07-14 13:14:45.485608479 +0200
++++ php-4.3.4/main/rfc1867.c 2004-07-14 13:16:53.079904285 +0200
+@@ -693,7 +693,7 @@
+ char *boundary, *s=NULL, *boundary_end = NULL, *start_arr=NULL,
*array_index=NULL;
+ char *temp_filename=NULL, *lbuf=NULL, *abuf=NULL;
+ int boundary_len=0, total_bytes=0, cancel_upload=0, is_arr_upload=0,
array_len=0, max_file_size=0, skip_upload=0;
+- zval *http_post_files=NULL;
++ zval *http_post_files=NULL; HashTable *uploaded_files=NULL;
+ zend_bool magic_quotes_gpc;
+ multipart_buffer *mbuff;
+ zval *array_ptr = (zval *) arg;
+@@ -743,8 +743,9 @@
+ /* Initialize $_FILES[] */
+ zend_hash_init(&PG(rfc1867_protected_variables), 5, NULL, NULL, 0);
+
+- ALLOC_HASHTABLE(SG(rfc1867_uploaded_files));
+- zend_hash_init(SG(rfc1867_uploaded_files), 5, NULL, (dtor_func_t)
free_estring, 0);
++ ALLOC_HASHTABLE(uploaded_files);
++ zend_hash_init(uploaded_files, 5, NULL, (dtor_func_t) free_estring, 0);
++ SG(rfc1867_uploaded_files) = uploaded_files;
+
+ ALLOC_ZVAL(http_post_files);
+ array_init(http_post_files);
+Patches within this file... More or less security related
+---------------------------------------------------------
+
+Fixed: Alloca replaced by emalloc() where the size is user supplied
+
+ Zend/zend_constants.c
+ ext/msession/msession.c
+ ext/pcntl/pcntl.c
+ ext/session/mod_mm.c
+ ext/wddx/wddx.c
+
+Fixed: Off-By-One in memory allocation for IMAP addresses
+
+ ext/imap/php_imap.c
+
+Fixed: Correctly disable CLIENT_LOCAL_FILE option when open_basedir set
+
+ ext/mysql/php_mysql.c
+
+Fixed: Added missing safe_mode check
+
+ ext/standard/ftok.c
+ ext/standard/iptc.c
+
+Fixed: Made strip_slashes binary safe to work around an IE bug (feature?)
+
+ ext/standard/string.c
+
+ before strip_slashes($input, "<b>"); would believe <\0whatever>
+ is a valid tag (because it would search in "<b>" for "<\0"
+ and of course our friend internet explorer accepts <\0whatever>
+ as <whatever>
+
+
+
+Index: php-4.3.4/Zend/zend_constants.c
+===================================================================
+--- php-4.3.4.orig/Zend/zend_constants.c 2004-07-14 13:16:57.582597240 +0200
++++ php-4.3.4/Zend/zend_constants.c 2004-07-14 13:20:37.300623859 +0200
+@@ -220,8 +220,7 @@
+ int retval = 1;
+
+ if (zend_hash_find(EG(zend_constants), name, name_len+1, (void **) &c) ==
FAILURE) {
+- lookup_name = do_alloca(name_len+1);
+- memcpy(lookup_name, name, name_len+1);
++ lookup_name = estrndup(name, name_len);
+ zend_str_tolower(lookup_name, name_len);
+
+ if (zend_hash_find(EG(zend_constants), lookup_name, name_len+1, (void
**) &c)==SUCCESS) {
+@@ -231,7 +230,7 @@
+ } else {
+ retval=0;
+ }
+- free_alloca(lookup_name);
++ efree(lookup_name);
+ }
+
+ if (retval) {
+@@ -252,9 +251,7 @@
+ printf("Registering constant for module %d\n", c->module_number);
+ #endif
+
+- lowercase_name = do_alloca(c->name_len);
+-
+- memcpy(lowercase_name, c->name, c->name_len);
++ lowercase_name = estrndup(c->name, c->name_len);
+
+ if (!(c->flags & CONST_CS)) {
+ zend_str_tolower(lowercase_name, c->name_len);
+@@ -268,7 +265,7 @@
+ zend_error(E_NOTICE,"Constant %s already defined", lowercase_name);
+ ret = FAILURE;
+ }
+- free_alloca(lowercase_name);
++ efree(lowercase_name);
+ return ret;
+ }
+
+Index: php-4.3.4/ext/imap/php_imap.c
+===================================================================
+--- php-4.3.4.orig/ext/imap/php_imap.c 2004-07-14 13:16:57.532600650 +0200
++++ php-4.3.4/ext/imap/php_imap.c 2004-07-14 13:16:59.114492780 +0200
+@@ -3674,7 +3674,7 @@
+ addresstmp = addresslist;
+
+ if ((len = _php_imap_address_size(addresstmp))) {
+- tmpstr = (char *) malloc (len);
++ tmpstr = (char *) malloc(len + 1);
+ tmpstr[0] = '\0';
+ rfc822_write_address(tmpstr, addresstmp);
+ *fulladdress = tmpstr;
+Index: php-4.3.4/ext/msession/msession.c
+===================================================================
+--- php-4.3.4.orig/ext/msession/msession.c 2004-07-14 13:16:57.577597581 +0200
++++ php-4.3.4/ext/msession/msession.c 2004-07-14 13:16:59.116492644 +0200
+@@ -1266,7 +1266,7 @@
+ {
+ int port;
+ int len = strlen(save_path)+1;
+- char * path = alloca(len);
++ char * path = emalloc(len);
+ char * szport;
+
+ strcpy(path, save_path);
+@@ -1285,7 +1285,13 @@
+
+ ELOG( "ps_open_msession");
+ PS_SET_MOD_DATA((void *)1); /* session.c needs a non-zero here! */
+- return PHPMsessionConnect(path, port) ? SUCCESS : FAILURE;
++ if (PHPMsessionConnect(path, port)) {
++ efree(path);
++ return SUCCESS;
++ } else {
++ efree(path);
++ return FAILURE;
++ }
+ }
+
+ PS_CLOSE_FUNC(msession)
+Index: php-4.3.4/ext/mysql/php_mysql.c
+===================================================================
+--- php-4.3.4.orig/ext/mysql/php_mysql.c 2004-07-14 13:16:57.544599832 +0200
++++ php-4.3.4/ext/mysql/php_mysql.c 2004-07-14 13:16:59.118492507 +0200
+@@ -259,6 +259,9 @@
+ */
+ static void php_mysql_set_default_link(int id TSRMLS_DC)
+ {
++ if (MySG(default_link) != -1) {
++ zend_list_delete(MySG(default_link));
++ }
+ MySG(default_link) = id;
+ zend_list_addref(id);
+ }
+@@ -591,7 +594,7 @@
+ break;
+ }
+ /* disable local infile option for open_basedir */
+- if (PG(open_basedir) && strlen(PG(open_basedir))) {
++ if (PG(open_basedir) && strlen(PG(open_basedir)) && (client_flags &
CLIENT_LOCAL_FILES)) {
+ client_flags ^= CLIENT_LOCAL_FILES;
+ }
+
+Index: php-4.3.4/ext/pcntl/pcntl.c
+===================================================================
+--- php-4.3.4.orig/ext/pcntl/pcntl.c 2004-07-14 13:16:57.550599422 +0200
++++ php-4.3.4/ext/pcntl/pcntl.c 2004-07-14 13:16:59.119492439 +0200
+@@ -386,7 +386,7 @@
+ args_hash = HASH_OF(args);
+ argc = zend_hash_num_elements(args_hash);
+
+- argv = alloca((argc+2) * sizeof(char *));
++ argv = safe_emalloc((argc + 2), sizeof(char *), 0);
+ *argv = path;
+ for ( zend_hash_internal_pointer_reset(args_hash), current_arg =
argv+1;
+ (argi < argc && (zend_hash_get_current_data(args_hash, (void
**) &element) == SUCCESS));
+@@ -397,7 +397,7 @@
+ }
+ *(current_arg) = NULL;
+ } else {
+- argv = alloca(2 * sizeof(char *));
++ argv = emalloc(2 * sizeof(char *));
+ *argv = path;
+ *(argv+1) = NULL;
+ }
+@@ -407,13 +407,13 @@
+ envs_hash = HASH_OF(envs);
+ envc = zend_hash_num_elements(envs_hash);
+
+- envp = alloca((envc+1) * sizeof(char *));
++ envp = safe_emalloc((envc + 1), sizeof(char *), 0);
+ for ( zend_hash_internal_pointer_reset(envs_hash), pair = envp;
+ (envi < envc && (zend_hash_get_current_data(envs_hash, (void
**) &element) == SUCCESS));
+ (envi++, pair++, zend_hash_move_forward(envs_hash)) ) {
+ switch (return_val = zend_hash_get_current_key_ex(envs_hash,
&key, &key_length, &key_num, 0, NULL)) {
+ case HASH_KEY_IS_LONG:
+- key = alloca(101);
++ key = emalloc(101);
+ snprintf(key, 100, "%ld", key_num);
+ key_length = strlen(key);
+ break;
+@@ -432,7 +432,7 @@
+ strlcat(*pair, Z_STRVAL_PP(element), pair_length);
+
+ /* Cleanup */
+- if (return_val == HASH_KEY_IS_LONG) free_alloca(key);
++ if (return_val == HASH_KEY_IS_LONG) efree(key);
+ }
+ *(pair) = NULL;
+ }
+@@ -445,10 +445,10 @@
+ /* Cleanup */
+ if (envp != NULL) {
+ for (pair = envp; *pair != NULL; pair++) efree(*pair);
+- free_alloca(envp);
++ efree(envp);
+ }
+
+- free_alloca(argv);
++ efree(argv);
+
+ RETURN_FALSE;
+ }
+Index: php-4.3.4/ext/session/mod_mm.c
+===================================================================
+--- php-4.3.4.orig/ext/session/mod_mm.c 2004-07-14 13:16:57.555599082 +0200
++++ php-4.3.4/ext/session/mod_mm.c 2004-07-14 13:16:59.120492371 +0200
+@@ -16,7 +16,7 @@
+ +----------------------------------------------------------------------+
+ */
+
+-/* $Id: apache.patch.php,v 1.2.2.1 2004/07/22 14:29:37 thl Exp $ */
++/* $Id: apache.patch.php,v 1.2.2.1 2004/07/22 14:29:37 thl Exp $ */
+
+ #include "php.h"
+
+@@ -264,7 +264,7 @@
+ return FAILURE;
+
+ /* Directory + '/' + File + Module Name + Effective UID + \0 */
+- ps_mm_path =
do_alloca(save_path_len+1+sizeof(PS_MM_FILE)+mod_name_len+strlen(euid)+1);
++ ps_mm_path =
emalloc(save_path_len+1+sizeof(PS_MM_FILE)+mod_name_len+strlen(euid)+1);
+
+ memcpy(ps_mm_path, PS(save_path), save_path_len + 1);
+ if (save_path_len > 0 && ps_mm_path[save_path_len - 1] != DEFAULT_SLASH) {
+@@ -277,7 +277,7 @@
+
+ ret = ps_mm_initialize(ps_mm_instance, ps_mm_path);
+
+- free_alloca(ps_mm_path);
++ efree(ps_mm_path);
+
+ if (ret != SUCCESS) {
+ free(ps_mm_instance);
+Index: php-4.3.4/ext/standard/ftok.c
+===================================================================
+--- php-4.3.4.orig/ext/standard/ftok.c 2004-07-14 13:16:57.560598741 +0200
++++ php-4.3.4/ext/standard/ftok.c 2004-07-14 13:16:59.120492371 +0200
+@@ -16,7 +16,7 @@
+ +----------------------------------------------------------------------+
+ */
+
+-/* $Id: apache.patch.php,v 1.2.2.1 2004/07/22 14:29:37 thl Exp $ */
++/* $Id: apache.patch.php,v 1.2.2.1 2004/07/22 14:29:37 thl Exp $ */
+
+ #include "php.h"
+
+@@ -52,6 +52,10 @@
+ RETURN_LONG(-1);
+ }
+
++ if ((PG(safe_mode) && (!php_checkuid(Z_STRVAL_PP(pathname), NULL,
CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(Z_STRVAL_PP(pathname)
TSRMLS_CC)) {
++ RETURN_LONG(-1);
++ }
++
+ k = ftok(Z_STRVAL_PP(pathname),Z_STRVAL_PP(proj)[0]);
+
+ RETURN_LONG(k);
+Index: php-4.3.4/ext/standard/iptc.c
+===================================================================
+--- php-4.3.4.orig/ext/standard/iptc.c 2004-07-14 13:16:57.565598400 +0200
++++ php-4.3.4/ext/standard/iptc.c 2004-07-14 13:16:59.121492303 +0200
+@@ -208,6 +208,10 @@
+ break;
+ }
+
++ if (PG(safe_mode) && (!php_checkuid(Z_STRVAL_PP(jpeg_file), NULL,
CHECKUID_CHECK_FILE_AND_DIR))) {
++ RETURN_FALSE;
++ }
++
+ if (php_check_open_basedir(Z_STRVAL_PP(jpeg_file) TSRMLS_CC)) {
+ RETURN_FALSE;
+ }
+@@ -347,7 +351,7 @@
+ inx += 2;
+ }
+
+- sprintf(key, "%d#%03d", (unsigned int) dataset, (unsigned int) recnum);
++ snprintf(key, sizeof(key), "%d#%03d", (unsigned int) dataset,
(unsigned int) recnum);
+
+ if ((len > length) || (inx + len) > length)
+ break;
+Index: php-4.3.4/ext/standard/string.c
+===================================================================
+--- php-4.3.4.orig/ext/standard/string.c 2004-07-14 13:16:57.572597922 +0200
++++ php-4.3.4/ext/standard/string.c 2004-07-14 13:16:59.125492030 +0200
+@@ -3349,6 +3349,8 @@
+
+ while (i < len) {
+ switch (c) {
++ case '\0':
++ break;
+ case '<':
+ if (isspace(*(p + 1))) {
+ goto reg_char;
+Index: php-4.3.4/ext/wddx/wddx.c
+===================================================================
+--- php-4.3.4.orig/ext/wddx/wddx.c 2004-07-14 13:16:57.538600241 +0200
++++ php-4.3.4/ext/wddx/wddx.c 2004-07-14 13:16:59.126491962 +0200
+@@ -16,7 +16,7 @@
+ +----------------------------------------------------------------------+
+ */
+
+-/* $Id: apache.patch.php,v 1.2.2.1 2004/07/22 14:29:37 thl Exp $ */
++/* $Id: apache.patch.php,v 1.2.2.1 2004/07/22 14:29:37 thl Exp $ */
+
+ #include "php.h"
+ #include "php_wddx.h"
+@@ -1069,7 +1069,7 @@
+ case ST_DATETIME: {
+ char *tmp;
+
+- tmp = do_alloca(len + 1);
++ tmp = emalloc(len + 1);
+ memcpy(tmp, s, len);
+ tmp[len] = '\0';
+
+@@ -1080,7 +1080,7 @@
+ Z_STRLEN_P(ent->data) = len;
+ Z_STRVAL_P(ent->data) = estrndup(s, len);
+ }
+- free_alloca(tmp);
++ efree(tmp);
+ }
+ default:
+ break;
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/apache/apache.spec
============================================================================
$ cvs diff -u -r1.211.2.6 -r1.211.2.7 apache.spec
--- openpkg-src/apache/apache.spec 16 Jul 2004 09:55:21 -0000 1.211.2.6
+++ openpkg-src/apache/apache.spec 22 Jul 2004 14:29:37 -0000 1.211.2.7
@@ -64,7 +64,7 @@
Group: Web
License: ASF
Version: %{V_apache}
-Release: 2.0.4
+Release: 2.0.5
# package options (suexec related)
%option with_suexec yes
@@ -199,6 +199,7 @@
Source25: apache.sh
Patch0: apache.patch
Patch1: apache.patch.modssl
+Patch2: apache.patch.php
# build information
Prefix: %{l_prefix}
@@ -458,6 +459,7 @@
%if "%{with_mod_php}" == "yes"
%setup -q -T -D -a 3
( cd php-%{V_mod_php}
+ %patch -p1 -P 2
%{l_shtool} subst \
-e 's;\(/include\)/freetype2;\1;' \
configure \
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
