packages/php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!27 Update to 8.0.0

Browse Source 
From: @panxh_purple
Reviewed-by: @small_leek
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2021-01-05 16:31:12 +08:00 committed by Gitee
commit 523e16cb0f
47 changed files with 337 additions and 2364 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
20-ffi.ini Normal file
View File

@ -0,0 +1,13 @@
; Enable ffi extension module
extension=ffi
; FFI API restriction. Possibe values:
; "preload" - enabled in CLI scripts and preloaded files (default)
; "false" - always disabled
; "true" - always enabled
;ffi.enable=preload
; List of headers files to preload, wildcard patterns allowed.
; /usr/share/php/preload used by for RPM packages
; /usr/local/share/php/preload may be used for local files
ffi.preload=/usr/share/php/preload/*.h:/usr/local/share/php/preload/*.h

103
CVE-2018-19518.patch
View File

@ -1,103 +0,0 @@
From 336d2086a9189006909ae06c7e95902d7d5ff77e Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 18 Nov 2018 17:10:43 -0800
Subject: [PATCH] Disable rsh/ssh functionality in imap by default (bug #77153)
---
NEWS | 4 ++++
UPGRADING | 7 +++++++
ext/imap/php_imap.c | 17 +++++++++++++++++
ext/imap/php_imap.h | 1 +
ext/imap/tests/bug77153.phpt | 24 ++++++++++++++++++++++++
5 files changed, 53 insertions(+)
create mode 100644 ext/imap/tests/bug77153.phpt
index ec2d8f46ed..52968a3857 100644
diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c
index e1adcf2264..42e7d8611c 100644
--- a/ext/imap/php_imap.c
+++ b/ext/imap/php_imap.c
@@ -562,6 +562,15 @@ static const zend_module_dep imap_deps[] = {
};
/* }}} */
+
+/* {{{ PHP_INI
+ */
+PHP_INI_BEGIN()
+STD_PHP_INI_BOOLEAN("imap.enable_insecure_rsh", "0", PHP_INI_SYSTEM, OnUpdateBool, enable_rsh, zend_imap_globals, imap_globals)
+PHP_INI_END()
+/* }}} */
+
+
/* {{{ imap_module_entry
*/
zend_module_entry imap_module_entry = {
@@ -832,6 +841,8 @@ PHP_MINIT_FUNCTION(imap)
{
unsigned long sa_all = SA_MESSAGES | SA_RECENT | SA_UNSEEN | SA_UIDNEXT | SA_UIDVALIDITY;
+ REGISTER_INI_ENTRIES();
+
#ifndef PHP_WIN32
mail_link(&unixdriver); /* link in the unix driver */
mail_link(&mhdriver); /* link in the mh driver */
@@ -1049,6 +1060,12 @@ PHP_MINIT_FUNCTION(imap)
GC_TEXTS texts
*/
+ if (!IMAPG(enable_rsh)) {
+ /* disable SSH and RSH, see https://bugs.php.net/bug.php?id=77153 */
+ mail_parameters (NIL, SET_RSHTIMEOUT, 0);
+ mail_parameters (NIL, SET_SSHTIMEOUT, 0);
+ }
+
le_imap = zend_register_list_destructors_ex(mail_close_it, NULL, "imap", module_number);
return SUCCESS;
}
diff --git a/ext/imap/php_imap.h b/ext/imap/php_imap.h
index 7691d1fdd7..556163ed2d 100644
--- a/ext/imap/php_imap.h
+++ b/ext/imap/php_imap.h
@@ -231,6 +231,7 @@ ZEND_BEGIN_MODULE_GLOBALS(imap)
#endif
/* php_stream for php_mail_gets() */
php_stream *gets_stream;
+ zend_bool enable_rsh;
ZEND_END_MODULE_GLOBALS(imap)
#ifdef ZTS
diff --git a/ext/imap/tests/bug77153.phpt b/ext/imap/tests/bug77153.phpt
new file mode 100644
index 0000000000..63590aee1d
--- /dev/null
+++ b/ext/imap/tests/bug77153.phpt
@@ -0,0 +1,24 @@
+--TEST--
+Bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter)
+--SKIPIF--
+<?php
+ if (!extension_loaded("imap")) {
+ die("skip imap extension not available");
+ }
+?>
+--FILE--
+<?php
+$payload = "echo 'BUG'> " . __DIR__ . '/__bug';
+$payloadb64 = base64_encode($payload);
+$server = "x -oProxyCommand=echo\t$payloadb64|base64\t-d|sh}";
+@imap_open('{'.$server.':143/imap}INBOX', '', '');
+// clean
+imap_errors();
+var_dump(file_exists(__DIR__ . '/__bug'));
+?>
+--EXPECT--
+bool(false)
+--CLEAN--
+<?php
+if(file_exists(__DIR__ . '/__bug')) unlink(__DIR__ . '/__bug');
+?>
\ No newline at end of file
--
2.11.0

50
CVE-2018-19935.patch
View File

@ -1,50 +0,0 @@
From 3329e30a0c631753980757045ddfcc7b356a34a2 Mon Sep 17 00:00:00 2001
Date: Wed, 4 Dec 2019 17:50:56 +0800
Subject: Fix #77020: null pointer dereference in imap_mail
If an empty $message is passed to imap_mail(), we must not set message
to NULL, since _php_imap_mail() is not supposed to handle NULL pointers
(opposed to pointers to NUL).
---
ext/imap/php_imap.c | 1 -
ext/imap/tests/bug77020.phpt | 15 +++++++++++++++
2 files changed, 15 insertions(+), 1 deletion(-)
create mode 100644 php-7.2.10/ext/imap/tests/bug77020.phpt
diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c
index e1adcf22..56126a0c 100644
--- a/ext/imap/php_imap.c
+++ b/ext/imap/php_imap.c
@@ -4106,7 +4106,6 @@ PHP_FUNCTION(imap_mail)
if (!ZSTR_LEN(message)) {
/* this is not really an error, so it is allowed. */
php_error_docref(NULL, E_WARNING, "No message string in mail command");
- message = NULL;
}
if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message), headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL,
diff --git a/ext/imap/tests/bug77020.phpt b/ext/imap/tests/bug77020.phpt
new file mode 100644
index 00000000..76386a09
--- /dev/null
+++ b/ext/imap/tests/bug77020.phpt
@@ -0,0 +1,15 @@
+ --TEST--
+Bug #77020 (null pointer dereference in imap_mail)
+--SKIPIF--
+<?php
+if (!extension_loaded('imap')) die('skip imap extension not available');
+?>
+--FILE--
+<?php
+imap_mail('1', 1, NULL);
+?>
+===DONE===
+--EXPECTF--
+Warning: imap_mail(): No message string in mail command in %s on line %d
+%s
+===DONE===
--
2.19.1

55
CVE-2019-11034.patch
View File

@ -1,55 +0,0 @@
From f3aefc6d071b807ddacae0a0bc49f09c38e18490 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 17 Mar 2019 22:54:46 -0700
Subject: [PATCH] Fix bug #77753 - Heap-buffer-overflow in php_ifd_get32s
---
ext/exif/exif.c | 4 ++++
ext/exif/tests/bug77753.phpt | 16 ++++++++++++++++
ext/exif/tests/bug77753.tiff | Bin 0 -> 873 bytes
3 files changed, 20 insertions(+)
create mode 100644 ext/exif/tests/bug77753.phpt
create mode 100644 ext/exif/tests/bug77753.tiff
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index fe89b85..0b5bb5a 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -2802,6 +2802,10 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu
exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 2 + 0x%04X*12 = 0x%04X > 0x%04X", NumDirEntries, 2+NumDirEntries*12, value_len);
return FALSE;
}
+ if ((dir_start - value_ptr) > value_len - (2+NumDirEntries*12)) {
+ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Illegal IFD size: 0x%04X > 0x%04X", (dir_start - value_ptr) + (2+NumDirEntries*12), value_len);
+ return FALSE;
+ }
for (de=0;de<NumDirEntries;de++) {
if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de,
diff --git a/ext/exif/tests/bug77753.phpt b/ext/exif/tests/bug77753.phpt
new file mode 100644
index 0000000..d987a5c
--- /dev/null
+++ b/ext/exif/tests/bug77753.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Bug #77753 (Heap-buffer-overflow in php_ifd_get32s)
+--SKIPIF--
+<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
+--FILE--
+<?php
+var_dump(exif_read_data(__DIR__."/bug77753.tiff"));
+?>
+DONE
+--EXPECTF--
+%A
+Warning: exif_read_data(bug77753.tiff): Illegal IFD size: 0x006A > 0x0065 in %sbug77753.php on line %d
+
+Warning: exif_read_data(bug77753.tiff): Invalid TIFF file in %sbug77753.php on line %d
+bool(false)
+DONE
\ No newline at end of file
--
2.1.4

185
CVE-2019-11035.patch
View File

@ -1,185 +0,0 @@
From 887a7b571407f7a49a5e7cf1e612d21ef83fedb4 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Tue, 2 Apr 2019 00:12:26 -0700
Subject: [PATCH] Fixed bug #77831 - Heap-buffer-overflow in exif_iif_add_value
in EXIF
---
NEWS | 1 +
ext/exif/exif.c | 43 ++++++++++++++++++++++++++++---------------
ext/exif/tests/bug77831.phpt | 13 +++++++++++++
ext/exif/tests/bug77831.tiff | Bin 0 -> 49 bytes
4 files changed, 42 insertions(+), 15 deletions(-)
create mode 100644 ext/exif/tests/bug77831.phpt
create mode 100644 ext/exif/tests/bug77831.tiff
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 0b5bb5a..408bf03 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -1654,10 +1654,10 @@ static int exif_file_sections_free(image_info_type *ImageInfo)
/* {{{ exif_iif_add_value
Add a value to image_info
*/
-static void exif_iif_add_value(image_info_type *image_info, int section_index, char *name, int tag, int format, int length, void* value, int motorola_intel)
+static void exif_iif_add_value(image_info_type *image_info, int section_index, char *name, int tag, int format, int length, void* value, size_t value_len, int motorola_intel)
{
size_t idex;
- void *vptr;
+ void *vptr, *vptr_end;
image_info_value *info_value;
image_info_data *info_data;
image_info_data *list;
@@ -1679,8 +1679,12 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
switch (format) {
case TAG_FMT_STRING:
+ if (length > value_len) {
+ exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length, value_len);
+ value = NULL;
+ }
if (value) {
- length = php_strnlen(value, length);
+ length = (int)php_strnlen(value, length);
info_value->s = estrndup(value, length);
info_data->length = length;
} else {
@@ -1702,6 +1706,10 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
if (!length)
break;
case TAG_FMT_UNDEFINED:
+ if (length > value_len) {
+ exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "length > value_len: %d > %zu", length, value_len);
+ value = NULL;
+ }
if (value) {
if (tag == TAG_MAKER_NOTE) {
length = (int) php_strnlen(value, length);
@@ -1732,7 +1740,12 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
} else {
info_value = &info_data->value;
}
+ vptr_end = value+value_len;
for (idex=0,vptr=value; idex<(size_t)length; idex++,vptr=(char *) vptr + php_tiff_bytes_per_format[format]) {
+ if (vptr_end - vptr < php_tiff_bytes_per_format[format]) {
+ exif_error_docref("exif_iif_add_value" EXIFERR_CC, image_info, E_WARNING, "Value too short");
+ break;
+ }
if (length>1) {
info_value = &info_data->value.list[idex];
}
@@ -1768,7 +1781,7 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
php_error_docref(NULL, E_WARNING, "Found value of type single");
#endif
info_value->f = *(float *)value;
-
+ break;
case TAG_FMT_DOUBLE:
#ifdef EXIF_DEBUG
php_error_docref(NULL, E_WARNING, "Found value of type double");
@@ -1786,9 +1799,9 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
/* {{{ exif_iif_add_tag
Add a tag from IFD to image_info
*/
-static void exif_iif_add_tag(image_info_type *image_info, int section_index, char *name, int tag, int format, size_t length, void* value)
+static void exif_iif_add_tag(image_info_type *image_info, int section_index, char *name, int tag, int format, size_t length, void* value, size_t value_len)
{
- exif_iif_add_value(image_info, section_index, name, tag, format, (int)length, value, image_info->motorola_intel);
+ exif_iif_add_value(image_info, section_index, name, tag, format, (int)length, value, value_len, image_info->motorola_intel);
}
/* }}} */
@@ -2209,7 +2222,7 @@ static void add_assoc_image_info(zval *value, int sub_array, image_info_type *im
*/
static void exif_process_COM (image_info_type *image_info, char *value, size_t length)
{
- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2);
+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length-2, value+2, length-2);
}
/* }}} */
@@ -2224,17 +2237,17 @@ static void exif_process_CME (image_info_type *image_info, char *value, size_t l
if (length>3) {
switch(value[2]) {
case 0:
- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value);
+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, length, value), length;
break;
case 1:
- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value);
+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_STRING, length, value, length);
break;
default:
php_error_docref(NULL, E_NOTICE, "Undefined JPEG2000 comment encoding");
break;
}
} else {
- exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL);
+ exif_iif_add_tag(image_info, SECTION_COMMENT, "Comment", TAG_COMPUTED_VALUE, TAG_FMT_UNDEFINED, 0, NULL, 0);
php_error_docref(NULL, E_NOTICE, "JPEG2000 comment section too small");
}
}
@@ -2827,7 +2840,7 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu
static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, char *offset_base, size_t IFDlength, size_t displacement, int section_index, int ReadNextIFD, tag_table_type tag_table)
{
size_t length;
- int tag, format, components;
+ unsigned int tag, format, components;
char *value_ptr, tagname[64], cbuf[32], *outside=NULL;
size_t byte_count, offset_val, fpos, fgot;
int64_t byte_count_signed;
@@ -3138,7 +3151,7 @@ static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, cha
}
}
}
- exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag, tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr);
+ exif_iif_add_tag(ImageInfo, section_index, exif_get_tagname(tag, tagname, sizeof(tagname), tag_table), tag, format, components, value_ptr, byte_count);
EFREE_IF(outside);
return TRUE;
}
@@ -3296,10 +3309,10 @@ static void exif_process_APP12(image_info_type *ImageInfo, char *buffer, size_t
size_t l1, l2=0;
if ((l1 = php_strnlen(buffer+2, length-2)) > 0) {
- exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE, TAG_FMT_STRING, l1, buffer+2);
+ exif_iif_add_tag(ImageInfo, SECTION_APP12, "Company", TAG_NONE, TAG_FMT_STRING, l1, buffer+2, l1);
if (length > 2+l1+1) {
l2 = php_strnlen(buffer+2+l1+1, length-2-l1-1);
- exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info", TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1);
+ exif_iif_add_tag(ImageInfo, SECTION_APP12, "Info", TAG_NONE, TAG_FMT_STRING, l2, buffer+2+l1+1, l2);
}
}
#ifdef EXIF_DEBUG
@@ -4100,7 +4113,7 @@ PHP_FUNCTION(exif_read_data)
if (ImageInfo.Thumbnail.size) {
if (read_thumbnail) {
/* not exif_iif_add_str : this is a buffer */
- exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL, "THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size, ImageInfo.Thumbnail.data);
+ exif_iif_add_tag(&ImageInfo, SECTION_THUMBNAIL, "THUMBNAIL", TAG_NONE, TAG_FMT_UNDEFINED, ImageInfo.Thumbnail.size, ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size);
}
if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) {
/* try to evaluate if thumbnail data is present */
diff --git a/ext/exif/tests/bug77831.phpt b/ext/exif/tests/bug77831.phpt
new file mode 100644
index 0000000..d868d47
--- /dev/null
+++ b/ext/exif/tests/bug77831.phpt
@@ -0,0 +1,13 @@
+--TEST--
+Bug #77831 (Heap-buffer-overflow in exif_iif_add_value in EXIF)
+--SKIPIF--
+<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
+--FILE--
+<?php
+var_dump(exif_read_data(__DIR__."/bug77831.tiff"));
+?>
+DONE
+--EXPECTF--
+%A
+bool(false)
+DONE
\ No newline at end of file
--
2.1.4

27
CVE-2019-11036.patch
View File

@ -1,27 +0,0 @@
From f80ad18afae2230c2c1802c7d829100af646874e Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Mon, 29 Apr 2019 23:38:12 -0700
Subject: [PATCH] Fix bug #77950 - Heap-buffer-overflow in _estrndup via
exif_process_IFD_TAG
I do not completely understand what is going on there, but I am pretty
sure dir_entry <= offset_base if not a normal situation, so we better not
to rely on such dir_entry.
---
ext/exif/exif.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index a763f6c..d174def 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -2891,7 +2891,7 @@ static int exif_process_IFD_TAG(image_info_type *ImageInfo, char *dir_entry, cha
offset_base is ImageInfo->file.list[sn].data-dir_offset
dir_entry - offset_base is dir_offset+2+i*12
*/
- if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base)) {
+ if (byte_count > IFDlength || offset_val > IFDlength-byte_count || value_ptr < dir_entry || offset_val < (size_t)(dir_entry-offset_base) || dir_entry <= offset_base) {
/* It is important to check for IMAGE_FILETYPE_TIFF
* JPEG does not use absolute pointers instead its pointers are
* relative to the start of the TIFF header in APP1 section. */

45
CVE-2019-11041.patch
View File

@ -1,45 +0,0 @@
From dea2989ab8ba87a6180af497b2efaf0527e985c5 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 7 Jul 2019 17:01:01 -0700
Subject: [PATCH] Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
---
ext/exif/exif.c | 2 +-
ext/exif/tests/bug78222.phpt | 11 +++++++++++
2 files changed, 12 insertions(+), 1 deletion(-)
create mode 100644 ext/exif/tests/bug78222.phpt
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 605b37923f..cd7975a9f5 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3498,7 +3498,7 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo)
size_t length=2, pos=0;
jpeg_sof_info sof_info;
- if (!data) {
+ if (!data || ImageInfo->Thumbnail.size < 4) {
return FALSE; /* nothing to do here */
}
if (memcmp(data, "\xFF\xD8\xFF", 3)) {
diff --git a/ext/exif/tests/bug78222.phpt b/ext/exif/tests/bug78222.phpt
new file mode 100644
index 0000000000..0e4ead33e4
--- /dev/null
+++ b/ext/exif/tests/bug78222.phpt
@@ -0,0 +1,11 @@
+--TEST--
+Bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
+--SKIPIF--
+<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
+--FILE--
+<?php
+exif_read_data(__DIR__."/bug78222.jpg", 'THUMBNAIL', FALSE, TRUE);
+?>
+DONE
+--EXPECTF--
+DONE
\ No newline at end of file
--
2.21.0

51
CVE-2019-11042.patch
View File

@ -1,51 +0,0 @@
From 99b7ef940e04cd273d03c5fa93bf182db2d7ce8d Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 7 Jul 2019 17:39:59 -0700
Subject: [PATCH] Fix bug #78256 (heap-buffer-overflow on
exif_process_user_comment)
---
ext/exif/exif.c | 4 ++--
ext/exif/tests/bug78256.phpt | 11 +++++++++++
2 files changed, 13 insertions(+), 2 deletions(-)
create mode 100644 ext/exif/tests/bug78256.phpt
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 77a11300..a80f2c2a 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3040,11 +3040,11 @@ static int exif_process_user_comment(image_info_type *ImageInfo, char **pszInfoP
/* First try to detect BOM: ZERO WIDTH NOBREAK SPACE (FEFF 16)
* since we have no encoding support for the BOM yet we skip that.
*/
- if (!memcmp(szValuePtr, "\xFE\xFF", 2)) {
+ if (ByteCount >=2 && !memcmp(szValuePtr, "\xFE\xFF", 2)) {
decode = "UCS-2BE";
szValuePtr = szValuePtr+2;
ByteCount -= 2;
- } else if (!memcmp(szValuePtr, "\xFF\xFE", 2)) {
+ } else if (ByteCount >=2 && !memcmp(szValuePtr, "\xFF\xFE", 2)) {
decode = "UCS-2LE";
szValuePtr = szValuePtr+2;
ByteCount -= 2;
diff --git a/ext/exif/tests/bug78256.phpt b/ext/exif/tests/bug78256.phpt
new file mode 100644
index 00000000..37a3f1d8
--- /dev/null
+++ b/ext/exif/tests/bug78256.phpt
@@ -0,0 +1,11 @@
+--TEST--
+Bug #78256 (heap-buffer-overflow on exif_process_user_comment)
+--SKIPIF--
+<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
+--FILE--
+<?php
+@exif_read_data(__DIR__."/bug78256.jpg", 'COMMENT', FALSE, TRUE);
+?>
+DONE
+--EXPECTF--
+DONE
\ No newline at end of file
--
2.21.0

131
CVE-2019-11043.patch
View File

@ -1,131 +0,0 @@
From ab061f95ca966731b1c84cf5b7b20155c0a1c06a Mon Sep 17 00:00:00 2001
From: Jakub Zelenka <bukka@php.net>
Date: Sat, 12 Oct 2019 15:56:16 +0100
Subject: [PATCH] Fix bug #78599 (env_path_info underflow can lead to RCE)
(CVE-2019-11043)
---
sapi/fpm/fpm/fpm_main.c | 4 +-
.../tests/bug78599-path-info-underflow.phpt | 61 +++++++++++++++++++
sapi/fpm/tests/tester.inc | 11 +++-
3 files changed, 72 insertions(+), 4 deletions(-)
create mode 100644 sapi/fpm/tests/bug78599-path-info-underflow.phpt
diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
index 24a7e5d56ac6..50f92981f1fb 100644
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@@ -1209,8 +1209,8 @@ static void init_request_info(void)
path_info = script_path_translated + ptlen;
tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0));
} else {
- path_info = env_path_info ? env_path_info + pilen - slen : NULL;
- tflag = (orig_path_info != path_info);
+ path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL;
+ tflag = path_info && (orig_path_info != path_info);
}
if (tflag) {
diff --git a/sapi/fpm/tests/bug78599-path-info-underflow.phpt b/sapi/fpm/tests/bug78599-path-info-underflow.phpt
new file mode 100644
index 000000000000..edd4e0d49699
--- /dev/null
+++ b/sapi/fpm/tests/bug78599-path-info-underflow.phpt
@@ -0,0 +1,61 @@
+--TEST--
+FPM: bug78599 - env_path_info underflow - CVE-2019-11043
+--SKIPIF--
+<?php include "skipif.inc"; ?>
+--FILE--
+<?php
+
+require_once "tester.inc";
+
+$cfg = <<<EOT
+[global]
+error_log = {{FILE:LOG}}
+[unconfined]
+listen = {{ADDR}}
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 1
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+EOT;
+
+$code = <<<EOT
+<?php
+echo "Test Start\n";
+var_dump(\$_SERVER["PATH_INFO"]);
+echo "Test End\n";
+EOT;
+
+$tester = new FPM\Tester($cfg, $code);
+$tester->start();
+$tester->expectLogStartNotices();
+$uri = $tester->makeSourceFile();
+$tester
+ ->request(
+ '',
+ [
+ 'SCRIPT_FILENAME' => $uri . "/" . str_repeat('A', 35),
+ 'PATH_INFO' => '',
+ 'HTTP_HUI' => str_repeat('PTEST', 1000),
+ ],
+ $uri
+ )
+ ->expectBody(
+ [
+ 'Test Start',
+ 'string(0) ""',
+ 'Test End'
+ ]
+ );
+$tester->terminate();
+$tester->close();
+
+?>
+Done
+--EXPECT--
+Done
+--CLEAN--
+<?php
+require_once "tester.inc";
+FPM\Tester::clean();
+?>
diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc
index 70c03ad70f1c..3b6702866cc1 100644
--- a/sapi/fpm/tests/tester.inc
+++ b/sapi/fpm/tests/tester.inc
@@ -513,7 +513,7 @@ class Tester
return new Response(null, true);
}
if (is_null($uri)) {
- $uri = $this->makeFile('src.php', $this->code);
+ $uri = $this->makeSourceFile();
}
$params = array_merge(
@@ -538,7 +538,6 @@ class Tester
],
$headers
);
-
try {
$this->response = new Response(
$this->getClient($address, $connKeepAlive)->request_data($params, false)
@@ -944,6 +943,14 @@ class Tester
return $filePath;
}
+ /**
+ * @return string
+ */
+ public function makeSourceFile()
+ {
+ return $this->makeFile('src.php', $this->code);
+ }
+
/**
* @param string|null $msg
*/

72
CVE-2019-11045.patch
View File

@ -1,72 +0,0 @@
From a5a15965da23c8e97657278fc8dfbf1dfb20c016 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Mon, 25 Nov 2019 16:56:34 +0100
Subject: [PATCH] Fix #78863: DirectoryIterator class silently truncates after
a null byte
Since the constructor of DirectoryIterator and friends is supposed to
accepts paths (i.e. strings without NUL bytes), we must not accept
arbitrary strings.
---
ext/spl/spl_directory.c | 4 ++--
ext/spl/tests/bug78863.phpt | 31 +++++++++++++++++++++++++++++++
2 files changed, 33 insertions(+), 2 deletions(-)
create mode 100644 ext/spl/tests/bug78863.phpt
diff --git a/ext/spl/spl_directory.c b/ext/spl/spl_directory.c
index 91ea2e0265..56e809b1c7 100644
--- a/ext/spl/spl_directory.c
+++ b/ext/spl/spl_directory.c
@@ -701,10 +701,10 @@ void spl_filesystem_object_construct(INTERNAL_FUNCTION_PARAMETERS, zend_long cto
if (SPL_HAS_FLAG(ctor_flags, DIT_CTOR_FLAGS)) {
flags = SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_FILEINFO;
- parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s|l", &path, &len, &flags);
+ parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p|l", &path, &len, &flags);
} else {
flags = SPL_FILE_DIR_KEY_AS_PATHNAME|SPL_FILE_DIR_CURRENT_AS_SELF;
- parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "s", &path, &len);
+ parsed = zend_parse_parameters(ZEND_NUM_ARGS(), "p", &path, &len);
}
if (SPL_HAS_FLAG(ctor_flags, SPL_FILE_DIR_SKIPDOTS)) {
flags |= SPL_FILE_DIR_SKIPDOTS;
diff --git a/ext/spl/tests/bug78863.phpt b/ext/spl/tests/bug78863.phpt
new file mode 100644
index 0000000000..dc88d98dee
--- /dev/null
+++ b/ext/spl/tests/bug78863.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Bug #78863 (DirectoryIterator class silently truncates after a null byte)
+--FILE--
+<?php
+$dir = __DIR__ . '/bug78863';
+mkdir($dir);
+touch("$dir/bad");
+mkdir("$dir/sub");
+touch("$dir/sub/good");
+
+$it = new DirectoryIterator(__DIR__ . "/bug78863\0/sub");
+foreach ($it as $fileinfo) {
+ if (!$fileinfo->isDot()) {
+ var_dump($fileinfo->getFilename());
+ }
+}
+?>
+--EXPECTF--
+Fatal error: Uncaught UnexpectedValueException: DirectoryIterator::__construct() expects parameter 1 to be a valid path, string given in %s:%d
+Stack trace:
+#0 %s(%d): DirectoryIterator->__construct('%s')
+#1 {main}
+ thrown in %s on line %d
+--CLEAN--
+<?php
+$dir = __DIR__ . '/bug78863';
+unlink("$dir/sub/good");
+rmdir("$dir/sub");
+unlink("$dir/bad");
+rmdir($dir);
+?>
--
2.19.1

51
CVE-2019-11046.patch
View File

@ -1,51 +0,0 @@
From eb23c6008753b1cdc5359dead3a096dce46c9018 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Sat, 30 Nov 2019 12:26:37 +0100
Subject: [PATCH] Fix #78878: Buffer underflow in bc_shift_addsub
We must not rely on `isdigit()` to detect digits, since we only support
decimal ASCII digits in the following processing.
---
ext/bcmath/libbcmath/src/str2num.c | 4 ++--
ext/bcmath/tests/bug78878.phpt | 13 +++++++++++++
2 files changed, 15 insertions(+), 2 deletions(-)
create mode 100644 ext/bcmath/tests/bug78878.phpt
diff --git a/ext/bcmath/libbcmath/src/str2num.c b/ext/bcmath/libbcmath/src/str2num.c
index f38d341570..03aec15930 100644
--- a/ext/bcmath/libbcmath/src/str2num.c
+++ b/ext/bcmath/libbcmath/src/str2num.c
@@ -57,9 +57,9 @@ bc_str2num (bc_num *num, char *str, int scale)
zero_int = FALSE;
if ( (*ptr == '+') || (*ptr == '-')) ptr++; /* Sign */
while (*ptr == '0') ptr++; /* Skip leading zeros. */
- while (isdigit((int)*ptr)) ptr++, digits++; /* digits */
+ while (*ptr >= '0' && *ptr <= '9') ptr++, digits++; /* digits */
if (*ptr == '.') ptr++; /* decimal point */
- while (isdigit((int)*ptr)) ptr++, strscale++; /* digits */
+ while (*ptr >= '0' && *ptr <= '9') ptr++, strscale++; /* digits */
if ((*ptr != '\0') || (digits+strscale == 0))
{
*num = bc_copy_num (BCG(_zero_));
diff --git a/ext/bcmath/tests/bug78878.phpt b/ext/bcmath/tests/bug78878.phpt
new file mode 100644
index 0000000000..2c9d72b946
--- /dev/null
+++ b/ext/bcmath/tests/bug78878.phpt
@@ -0,0 +1,13 @@
+--TEST--
+Bug #78878 (Buffer underflow in bc_shift_addsub)
+--SKIPIF--
+<?php
+if (!extension_loaded('bcmath')) die('skip bcmath extension not available');
+?>
+--FILE--
+<?php
+print @bcmul("\xB26483605105519922841849335928742092", bcpowmod(2, 65535, -4e-4));
+?>
+--EXPECT--
+bc math warning: non-zero scale in modulus
+0
--
2.19.1

50
CVE-2019-11047.patch
View File

@ -1,50 +0,0 @@
From d348cfb96f2543565691010ade5e0346338be5a7 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Mon, 16 Dec 2019 00:10:39 -0800
Subject: [PATCH] Fixed bug #78910
---
ext/exif/exif.c | 3 ++-
ext/exif/tests/bug78910.phpt | 17 +++++++++++++++++
2 files changed, 19 insertions(+), 1 deletion(-)
create mode 100644 ext/exif/tests/bug78910.phpt
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index f961f44a46c..c0be05922fb 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3154,7 +3154,8 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu
continue;
if (maker_note->model && (!ImageInfo->model || strcmp(maker_note->model, ImageInfo->model)))
continue;
- if (maker_note->id_string && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len))
+ if (maker_note->id_string && value_len >= maker_note->id_string_len
+ && strncmp(maker_note->id_string, value_ptr, maker_note->id_string_len))
continue;
break;
}
diff --git a/ext/exif/tests/bug78910.phpt b/ext/exif/tests/bug78910.phpt
new file mode 100644
index 00000000000..f5b1c32c1bd
--- /dev/null
+++ b/ext/exif/tests/bug78910.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #78910: Heap-buffer-overflow READ in exif (OSS-Fuzz #19044)
+--FILE--
+<?php
+
+var_dump(exif_read_data('data:image/jpg;base64,TU0AKgAAAAwgICAgAAIBDwAEAAAAAgAAACKSfCAgAAAAAEZVSklGSUxN'));
+
+?>
+--EXPECTF--
+Notice: exif_read_data(): Read from TIFF: tag(0x927C, MakerNote ): Illegal format code 0x2020, switching to BYTE in %s on line %d
+
+Warning: exif_read_data(): Process tag(x927C=MakerNote ): Illegal format code 0x2020, suppose BYTE in %s on line %d
+
+Warning: exif_read_data(): IFD data too short: 0x0000 offset 0x000C in %s on line %d
+
+Warning: exif_read_data(): Invalid TIFF file in %s on line %d
+bool(false)
--
2.11.0

36
CVE-2019-11048.patch
View File

@ -1,36 +0,0 @@
From 1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Wed, 18 Mar 2020 10:26:53 +0100
Subject: [PATCH] Fix #78875: Long filenames cause OOM and temp files are not
cleaned
We must not cast `size_t` to `int` (unless the `size_t` value is
guaranteed to be less than or equal to `INT_MAX`). In this case we can
declare `array_len` as `size_t` in the first place.
---
main/rfc1867.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/main/rfc1867.c b/main/rfc1867.c
index bd01b34cf070..783eab4175d5 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -692,7 +692,8 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL;
char *lbuf = NULL, *abuf = NULL;
zend_string *temp_filename = NULL;
- int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0, array_len = 0;
+ int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0;
+ size_t array_len = 0;
int64_t total_bytes = 0, max_file_size = 0;
int skip_upload = 0, anonindex = 0, is_anonymous;
HashTable *uploaded_files = NULL;
@@ -1126,7 +1127,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */
is_arr_upload = (start_arr = strchr(param,'[')) && (param[strlen(param)-1] == ']');
if (is_arr_upload) {
- array_len = (int)strlen(start_arr);
+ array_len = strlen(start_arr);
if (array_index) {
efree(array_index);
}

48
CVE-2019-11050.patch
View File

@ -1,48 +0,0 @@
From c14eb8de974fc8a4d74f3515424c293bc7a40fba Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Mon, 16 Dec 2019 01:14:38 -0800
Subject: [PATCH] Fix bug #78793
---
ext/exif/exif.c | 5 +++--
ext/exif/tests/bug78793.phpt | 12 ++++++++++++
2 files changed, 15 insertions(+), 2 deletions(-)
create mode 100644 ext/exif/tests/bug78793.phpt
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index c0be05922f..7fe055f381 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3235,8 +3235,9 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu
}
for (de=0;de<NumDirEntries;de++) {
- if (!exif_process_IFD_TAG(ImageInfo, dir_start + 2 + 12 * de,
- offset_base, data_len, displacement, section_index, 0, maker_note->tag_table)) {
+ size_t offset = 2 + 12 * de;
+ if (!exif_process_IFD_TAG(ImageInfo, dir_start + offset,
+ offset_base, data_len - offset, displacement, section_index, 0, maker_note->tag_table)) {
return FALSE;
}
}
diff --git a/ext/exif/tests/bug78793.phpt b/ext/exif/tests/bug78793.phpt
new file mode 100644
index 0000000000..033f255ace
--- /dev/null
+++ b/ext/exif/tests/bug78793.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Bug #78793: Use-after-free in exif parsing under memory sanitizer
+--FILE--
+<?php
+$f = "ext/exif/tests/bug77950.tiff";
+for ($i = 0; $i < 10; $i++) {
+ @exif_read_data($f);
+}
+?>
+===DONE===
+--EXPECT--
+===DONE===
--
2.19.1

59
CVE-2019-6977.patch
View File

@ -1,59 +0,0 @@
From a15af81b5f0058e020eda0f109f51a3c863f5212 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Sun, 30 Dec 2018 13:59:26 +0100
Subject: [PATCH] Fix #77270: imagecolormatch Out Of Bounds Write on Heap
At least some of the image reading functions may return images which
use color indexes greater than or equal to im->colorsTotal. We cater
to this by always using a buffer size which is sufficient for
`gdMaxColors` in `gdImageColorMatch()`.
(cherry picked from commit 7a12dad4dd6c370835b13afae214b240082c7538)
---
NEWS | 1 +
ext/gd/libgd/gd_color_match.c | 4 ++--
ext/gd/tests/bug77270.phpt | 18 ++++++++++++++++++
3 files changed, 21 insertions(+), 2 deletions(-)
create mode 100644 ext/gd/tests/bug77270.phpt
diff --git a/ext/gd/libgd/gd_color_match.c b/ext/gd/libgd/gd_color_match.c
index a4e56b1c40..e6f539bc75 100644
--- a/ext/gd/libgd/gd_color_match.c
+++ b/ext/gd/libgd/gd_color_match.c
@@ -33,8 +33,8 @@ int gdImageColorMatch (gdImagePtr im1, gdImagePtr im2)
return -4; /* At least 1 color must be allocated */
}
- buf = (unsigned long *)safe_emalloc(sizeof(unsigned long), 5 * im2->colorsTotal, 0);
- memset( buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal );
+ buf = (unsigned long *)safe_emalloc(sizeof(unsigned long), 5 * gdMaxColors, 0);
+ memset( buf, 0, sizeof(unsigned long) * 5 * gdMaxColors );
for (x=0; x<im1->sx; x++) {
for( y=0; y<im1->sy; y++ ) {
diff --git a/ext/gd/tests/bug77270.phpt b/ext/gd/tests/bug77270.phpt
new file mode 100644
index 0000000000..1c4555a64d
--- /dev/null
+++ b/ext/gd/tests/bug77270.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Bug #77270 (imagecolormatch Out Of Bounds Write on Heap)
+--SKIPIF--
+<?php
+if (!extension_loaded('gd')) die('skip gd extension not available');
+if (!GD_BUNDLED && version_compare(GD_VERSION, '2.2.5', '<=')) die('skip upstream bugfix has not been released');
+?>
+--FILE--
+<?php
+$img1 = imagecreatetruecolor(0xfff, 0xfff);
+$img2 = imagecreate(0xfff, 0xfff);
+imagecolorallocate($img2, 0, 0, 0);
+imagesetpixel($img2, 0, 0, 255);
+imagecolormatch($img1, $img2);
+?>
+===DONE===
+--EXPECT--
+===DONE===
--
2.11.0

14
CVE-2019-9021.patch
View File

@ -1,14 +0,0 @@
diff --git a/ext/phar/phar.c b/ext/phar/phar.c
index 4d5988eaa9..812720a011 100644
--- a/ext/phar/phar.c
+++ b/ext/phar/phar.c
@@ -2026,7 +2026,7 @@ next_extension:
}
while (pos != filename && (*(pos - 1) == '/' || *(pos - 1) == '\0')) {
- pos = memchr(pos + 1, '.', filename_len - (pos - filename) + 1);
+ pos = memchr(pos + 1, '.', filename_len - (pos - filename) - 1);
if (!pos) {
return FAILURE;
}

37
CVE-2019-9022.patch
View File

@ -1,37 +0,0 @@
From 8d3dfabef459fe7815e8ea2fd68753fd17859d7b Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sat, 29 Dec 2018 20:39:08 -0800
Subject: [PATCH] Fix #77369 - memcpy with negative length via crafted DNS
response
---
ext/standard/dns.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/ext/standard/dns.c b/ext/standard/dns.c
index 8e102f8..b5fbcb9 100644
--- a/ext/standard/dns.c
+++ b/ext/standard/dns.c
@@ -459,6 +459,10 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t
GETLONG(ttl, cp);
GETSHORT(dlen, cp);
CHECKCP(dlen);
+ if (dlen == 0) {
+ /* No data in the response - nothing to do */
+ return NULL;
+ }
if (type_to_fetch != T_ANY && type != type_to_fetch) {
cp += dlen;
return cp;
@@ -549,6 +553,9 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t
CHECKCP(n);
add_assoc_stringl(subarray, "tag", (char*)cp, n);
cp += n;
+ if ( (size_t) dlen < ((size_t)n) + 2 ) {
+ return NULL;
+ }
n = dlen - n - 2;
CHECKCP(n);
add_assoc_stringl(subarray, "value", (char*)cp, n);
--
2.1.4

91
CVE-2019-9023.patch
View File

@ -1,91 +0,0 @@
From 9a96e864885ccc3b19d360ba410a562eb7c5dc45 Mon Sep 17 00:00:00 2001
From: gwx620998 <gulining1@huawei.com>
Date: Sat, 23 Mar 2019 03:34:11 -0400
Subject: [PATCH] CVE-2019-9023
Signed-off-by: gwx620998 <gulining1@huawei.com>
---
ext/mbstring/oniguruma/src/regcomp.c | 3 +++
ext/mbstring/oniguruma/src/regparse.c | 2 ++
ext/mbstring/oniguruma/src/unicode.c | 1 +
ext/mbstring/oniguruma/src/utf32_be.c | 3 ++-
4 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/ext/mbstring/oniguruma/src/regcomp.c b/ext/mbstring/oniguruma/src/regcomp.c
index 0e9a9ab..cf914cc 100644
--- a/ext/mbstring/oniguruma/src/regcomp.c
+++ b/ext/mbstring/oniguruma/src/regcomp.c
@@ -476,6 +476,7 @@ compile_length_string_node(Node* node, regex_t* reg)
for (; p < sn->end; ) {
len = enclen(enc, p);
+ if (p + len > sn->end) len = sn->end - p;
if (len == prev_len) {
slen++;
}
@@ -524,6 +525,7 @@ compile_string_node(Node* node, regex_t* reg)
for (; p < end; ) {
len = enclen(enc, p);
+ if (p + len > end) len = end - p;
if (len == prev_len) {
slen++;
}
@@ -3436,6 +3438,7 @@ expand_case_fold_string(Node* node, regex_t* reg)
}
len = enclen(reg->enc, p);
+ if (p + len > end) len = end - p;
if (n == 0) {
if (IS_NULL(snode)) {
diff --git a/ext/mbstring/oniguruma/src/regparse.c b/ext/mbstring/oniguruma/src/regparse.c
index 8153513..9393b9d 100644
--- a/ext/mbstring/oniguruma/src/regparse.c
+++ b/ext/mbstring/oniguruma/src/regparse.c
@@ -3594,6 +3594,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
}
else { /* string */
p = tok->backp + enclen(enc, tok->backp);
+ if (p > end) p = end;
}
}
break;
@@ -3763,6 +3764,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
out:
#endif
*src = p;
+ if (*src > end) *src = end;
return tok->type;
}
diff --git a/ext/mbstring/oniguruma/src/unicode.c b/ext/mbstring/oniguruma/src/unicode.c
index 8812ca2..cbdc42f 100644
--- a/ext/mbstring/oniguruma/src/unicode.c
+++ b/ext/mbstring/oniguruma/src/unicode.c
@@ -255,6 +255,7 @@ onigenc_unicode_mbc_case_fold(OnigEncoding enc,
code = ONIGENC_MBC_TO_CODE(enc, p, end);
len = enclen(enc, p);
+ if (*pp + len > end) len = end - *pp;
*pp += len;
#ifdef USE_UNICODE_CASE_FOLD_TURKISH_AZERI
diff --git a/ext/mbstring/oniguruma/src/utf32_be.c b/ext/mbstring/oniguruma/src/utf32_be.c
index d0c7f39..4cf6fed 100644
--- a/ext/mbstring/oniguruma/src/utf32_be.c
+++ b/ext/mbstring/oniguruma/src/utf32_be.c
@@ -65,8 +65,9 @@ utf32be_is_mbc_newline(const UChar* p, const UChar* end)
}
static OnigCodePoint
-utf32be_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED)
+utf32be_mbc_to_code(const UChar* p, const UChar* end)
{
+ if (p + 4 > end) return (OnigCodePoint ) NULL;
return (OnigCodePoint )(((p[0] * 256 + p[1]) * 256 + p[2]) * 256 + p[3]);
}
--
1.8.3.1

23
CVE-2019-9024.patch
View File

@ -1,23 +0,0 @@
From 1cc2182bcc81e185c14837e659d12b268cb99d63 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Tue, 1 Jan 2019 17:15:20 -0800
Subject: [PATCH] Fix bug #77380 (Global out of bounds read in xmlrpc base64
code)
---
diff --git a/ext/xmlrpc/libxmlrpc/base64.c b/ext/xmlrpc/libxmlrpc/base64.c
index 5ebdf31..a4fa193 100644
--- a/ext/xmlrpc/libxmlrpc/base64.c
+++ b/ext/xmlrpc/libxmlrpc/base64.c
@@ -169,7 +169,7 @@ void base64_decode_xmlrpc(struct buffer_st *bfr, const char *source, int length)
return;
}
- if (dtable[c] & 0x80) {
+ if (dtable[(unsigned char)c] & 0x80) {
/*
fprintf(stderr, "Offset %i length %i\n", offset, length);
fprintf(stderr, "character '%c:%x:%c' in input file.\n", c, c, dtable[c]);
--
2.1.4

85
CVE-2019-9637.patch
View File

@ -1,85 +0,0 @@
From 40f6425978917209cb0c2c3be05a25c65c9a900e Mon Sep 17 00:00:00 2001
From: gwx620998 <gulining1@huawei.com>
Date: Sat, 23 Mar 2019 07:14:35 -0400
Subject: [PATCH] CVE-2019-9637
Signed-off-by: gwx620998 <gulining1@huawei.com>
---
main/streams/plain_wrapper.c | 50 +++++++++++++++++++++++++++++---------------
1 file changed, 33 insertions(+), 17 deletions(-)
diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c
index 9b36d00..cb9e642 100644
--- a/main/streams/plain_wrapper.c
+++ b/main/streams/plain_wrapper.c
@@ -1168,34 +1168,50 @@ static int php_plain_files_rename(php_stream_wrapper *wrapper, const char *url_f
# ifdef EXDEV
if (errno == EXDEV) {
zend_stat_t sb;
+# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE)
+ /* not sure what to do in ZTS case, umask is not thread-safe */
+ int oldmask = umask(077);
+# endif
+ int success = 0;
if (php_copy_file(url_from, url_to) == SUCCESS) {
if (VCWD_STAT(url_from, &sb) == 0) {
+ success = 1;
# ifndef TSRM_WIN32
- if (VCWD_CHMOD(url_to, sb.st_mode)) {
- if (errno == EPERM) {
- php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno));
- VCWD_UNLINK(url_from);
- return 1;
- }
+ /*
+ * Try to set user and permission info on the target.
+ * If we're not root, then some of these may fail.
+ * We try chown first, to set proper group info, relying
+ * on the system environment to have proper umask to not allow
+ * access to the file in the meantime.
+ */
+ if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) {
php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno));
- return 0;
+ if (errno != EPERM) {
+ success = 0;
+ }
}
- if (VCWD_CHOWN(url_to, sb.st_uid, sb.st_gid)) {
- if (errno == EPERM) {
+ if (success) {
+ if (VCWD_CHMOD(url_to, sb.st_mode)) {
php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno));
- VCWD_UNLINK(url_from);
- return 1;
+ if (errno != EPERM) {
+ success = 0;
+ }
}
- php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno));
- return 0;
}
# endif
- VCWD_UNLINK(url_from);
- return 1;
+ if (success) {
+ VCWD_UNLINK(url_from);
+ }
+ } else {
+ php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno));
}
+ } else {
+ php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno));
}
- php_error_docref2(NULL, url_from, url_to, E_WARNING, "%s", strerror(errno));
- return 0;
+# if !defined(ZTS) && !defined(TSRM_WIN32) && !defined(NETWARE)
+ umask(oldmask);
+# endif
+ return success;
}
# endif
#endif
--
1.8.3.1

60
CVE-2019-9638-CVE-2019-9639.patch
View File

@ -1,60 +0,0 @@
From 7168d3dc576344f7e55fac81d86304d2421ffe93 Mon Sep 17 00:00:00 2001
From: gwx620998 <gulining1@huawei.com>
Date: Sat, 23 Mar 2019 07:42:34 -0400
Subject: [PATCH] CVE-2019-9638
Signed-off-by: gwx620998 <gulining1@huawei.com>
---
ext/exif/exif.c | 5 +++--
ext/exif/tests/bug77563.phpt | 16 ++++++++++++++++
2 files changed, 19 insertions(+), 2 deletions(-)
create mode 100644 ext/exif/tests/bug77563.phpt
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 3a76d8f..d82b5ae 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3151,8 +3151,8 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu
continue;
break;
}
-
- if (maker_note->offset >= value_len) {
+
+ if (value_len < 2 || maker_note->offset >= value_len - 1) {
/* Do not go past the value end */
exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "IFD data too short: 0x%04X offset 0x%04X", value_len, maker_note->offset);
return FALSE;
@@ -3207,6 +3207,7 @@ static int exif_process_IFD_in_MAKERNOTE(image_info_type *ImageInfo, char * valu
#endif
default:
case MN_OFFSET_NORMAL:
+ data_len = value_len;
break;
}
diff --git a/ext/exif/tests/bug77563.phpt b/ext/exif/tests/bug77563.phpt
new file mode 100644
index 0000000..d1c5b9f
--- /dev/null
+++ b/ext/exif/tests/bug77563.phpt
@@ -0,0 +1,16 @@
++--TEST--
++Bug 77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE)
++--SKIPIF--
++<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
++--FILE--
++<?php
++$s = exif_thumbnail(__DIR__."/bug77563.jpg");
++?>
++DONE
++--EXPECTF--
++Warning: exif_thumbnail(bug77563.jpg): Illegal IFD offset in %s/bug77563.php on line %d
++
++Warning: exif_thumbnail(bug77563.jpg): File structure corrupted in %s/bug77563.php on line %d
++
++Warning: exif_thumbnail(bug77563.jpg): Invalid JPEG file in %s/bug77563.php on line %d
++DONE
--
1.8.3.1

74
CVE-2019-9640.patch
View File

@ -1,74 +0,0 @@
From 30d2b94a2e88021b77b07149e1f4438662ca8e5e Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sat, 2 Mar 2019 13:38:00 -0800
Subject: [PATCH] Fix bug #77540 - Invalid Read on exif_process_SOFn
---
ext/exif/exif.c | 10 ++++++++--
ext/exif/tests/bug77540.jpg | Bin 0 -> 91 bytes
ext/exif/tests/bug77540.phpt | 16 ++++++++++++++++
3 files changed, 24 insertions(+), 2 deletions(-)
create mode 100644 ext/exif/tests/bug77540.jpg
create mode 100644 ext/exif/tests/bug77540.phpt
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 4f2f660..8ed9c85 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3902,7 +3902,7 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo)
return FALSE;
marker = c;
length = php_jpg_get16(data+pos);
- if (pos+length>=ImageInfo->Thumbnail.size) {
+ if (length > ImageInfo->Thumbnail.size || pos >= ImageInfo->Thumbnail.size - length) {
return FALSE;
}
#ifdef EXIF_DEBUG
@@ -3923,6 +3923,10 @@ static int exif_scan_thumbnail(image_info_type *ImageInfo)
case M_SOF14:
case M_SOF15:
/* handle SOFn block */
+ if (length < 8 || ImageInfo->Thumbnail.size - 8 < pos) {
+ /* exif_process_SOFn needs 8 bytes */
+ return FALSE;
+ }
exif_process_SOFn(data+pos, marker, &sof_info);
ImageInfo->Thumbnail.height = sof_info.height;
ImageInfo->Thumbnail.width = sof_info.width;
@@ -4654,7 +4658,9 @@ PHP_FUNCTION(exif_thumbnail)
ZVAL_STRINGL(return_value, ImageInfo.Thumbnail.data, ImageInfo.Thumbnail.size);
if (arg_c >= 3) {
if (!ImageInfo.Thumbnail.width || !ImageInfo.Thumbnail.height) {
- exif_scan_thumbnail(&ImageInfo);
+ if (!exif_scan_thumbnail(&ImageInfo)) {
+ ImageInfo.Thumbnail.width = ImageInfo.Thumbnail.height = 0;
+ }
}
zval_dtor(z_width);
zval_dtor(z_height);
--
diff --git a/ext/exif/tests/bug77540.phpt b/ext/exif/tests/bug77540.phpt
new file mode 100644
index 0000000..8702e0c
--- /dev/null
+++ b/ext/exif/tests/bug77540.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Bug 77540 (Invalid Read on exif_process_SOFn)
+--SKIPIF--
+<?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
+--FILE--
+<?php
+$width = $height = 42;
+$s = exif_thumbnail(__DIR__."/bug77540.jpg", $width, $height);
+echo "Width ".$width."\n";
+echo "Height ".$height."\n";
+?>
+DONE
+--EXPECTF--
+Width 0
+Height 0
+DONE
--
2.1.4

60
CVE-2020-7064.patch
View File

@ -1,60 +0,0 @@
From 0c77b4307df73217283a4aaf9313e1a33a0967ff Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 15 Mar 2020 17:26:00 -0700
Subject: [PATCH] Fixed bug #79282
---
ext/exif/exif.c | 7 ++++++-
ext/exif/tests/bug79282.phpt | 15 +++++++++++++++
2 files changed, 21 insertions(+), 1 deletion(-)
create mode 100644 ext/exif/tests/bug79282.phpt
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index a63e0c1..b85ac19 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3660,6 +3660,11 @@ static void exif_process_TIFF_in_JPEG(image_info_type *ImageInfo, char *CharBuf,
{
unsigned exif_value_2a, offset_of_ifd;
+ if (length < 2) {
+ exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Missing TIFF alignment marker");
+ return;
+ }
+
/* set the thumbnail stuff to nothing so we can test to see if they get set up */
if (memcmp(CharBuf, "II", 2) == 0) {
ImageInfo->motorola_intel = 0;
@@ -3812,7 +3817,7 @@ static int exif_scan_JPEG_header(image_info_type *ImageInfo)
return FALSE;
}
- sn = exif_file_sections_add(ImageInfo, marker, itemlen+1, NULL);
+ sn = exif_file_sections_add(ImageInfo, marker, itemlen, NULL);
Data = ImageInfo->file.list[sn].data;
/* Store first two pre-read bytes. */
diff --git a/ext/exif/tests/bug79282.phpt b/ext/exif/tests/bug79282.phpt
new file mode 100644
index 0000000..7b7e365
--- /dev/null
+++ b/ext/exif/tests/bug79282.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #79282: Use-of-uninitialized-value in exif
+--FILE--
+<?php
+
+var_dump(exif_read_data('data://image/jpeg;base64,/9jhAAlFeGlmAAAg'));
+
+?>
+--EXPECTF--
+Warning: exif_read_data(): Invalid TIFF alignment marker in %s on line %d
+
+Warning: exif_read_data(): File structure corrupted in %s on line %d
+
+Warning: exif_read_data(): Invalid JPEG file in %s on line %d
+bool(false)
--
1.8.3.1

25
CVE-2020-7066.patch
View File

@ -1,25 +0,0 @@
From 0181cb204b54ee08710147338b76dc0845aba4f9 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 15 Mar 2020 17:30:44 -0700
Subject: [PATCH] Fix bug #79329 - get_headers should not accept \0
---
ext/standard/url.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ext/standard/url.c b/ext/standard/url.c
index 57fd80c..fe6d7f9 100644
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -680,7 +680,7 @@ PHP_FUNCTION(get_headers)
php_stream_context *context;
ZEND_PARSE_PARAMETERS_START(1, 3)
- Z_PARAM_STRING(url, url_len)
+ Z_PARAM_PATH(url, url_len)
Z_PARAM_OPTIONAL
Z_PARAM_LONG(format)
Z_PARAM_RESOURCE_EX(zcontext, 1, 0)
--
1.8.3.1

26
CVE-2020-7068.patch
View File

@ -1,26 +0,0 @@
From 7355ab81763a3d6a04ac11660e6a16d58838d187 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker"<cmbecker69@gmx.de>
Date: Tue, 14 Jul 2020 17:04:24 +0200
Subject: [PATCH] Fix #79797: Use of freed hash key in the
phar_parse_zipfile funtion
---
ext/phar/zip.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ext/phar/zip.c b/ext/phar/zip.c
index d615e8ad..50c5d69e 100644
--- a/ext/phar/zip.c
+++ b/ext/phar/zip.c
@@ -703,7 +703,7 @@ foundit:
efree(actual_alias);
}
- zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), actual_alias, mydata->alias_len, mydata);
+ zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), mydata->alias, mydata->alias_len, mydata);
} else {
phar_archive_data *fd_ptr;
--
2.23.0

37
be50a72715c141befe6f34ece660745da894aaf3.patch
View File

@ -1,37 +0,0 @@
From be50a72715c141befe6f34ece660745da894aaf3 Mon Sep 17 00:00:00 2001
From: Jakub Zelenka <bukka@php.net>
Date: Sun, 9 Sep 2018 18:53:37 +0100
Subject: [PATCH] Fix ssl stream reneg limit test to print only after first
renegotiation
It has been reported that in some setup the test does multiple
renegotiations which is allowed.
---
ext/openssl/tests/stream_server_reneg_limit.phpt | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/ext/openssl/tests/stream_server_reneg_limit.phpt b/ext/openssl/tests/stream_server_reneg_limit.phpt
index f0353351a23a..f033cbabe343 100644
--- a/ext/openssl/tests/stream_server_reneg_limit.phpt
+++ b/ext/openssl/tests/stream_server_reneg_limit.phpt
@@ -22,14 +22,18 @@ if(substr(PHP_OS, 0, 3) == 'WIN') {
*/
$serverCode = <<<'CODE'
+ $printed = false;
$serverUri = "ssl://127.0.0.1:64321";
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => __DIR__ . '/bug54992.pem',
'reneg_limit' => 0,
'reneg_window' => 30,
- 'reneg_limit_callback' => function($stream) {
- var_dump($stream);
+ 'reneg_limit_callback' => function($stream) use (&$printed) {
+ if (!$printed) {
+ $printed = true;
+ var_dump($stream);
+ }
}
]]);

22
c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch
View File

@ -1,22 +0,0 @@
From c1729272b17a1fe893d1a54e423d3b71470f3ee8 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 29 Aug 2018 09:10:59 +0200
Subject: [PATCH] fix double cast to int on 32-bit
---
Zend/zend_operators.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Zend/zend_operators.c b/Zend/zend_operators.c
index cafb14d4cc25..9a8a40142433 100644
--- a/Zend/zend_operators.c
+++ b/Zend/zend_operators.c
@@ -3101,7 +3101,7 @@ ZEND_API zend_long ZEND_FASTCALL zend_dval_to_lval_slow(double d)
if (dmod < 0) {
/* we're going to make this number positive; call ceil()
* to simulate rounding towards 0 of the negative number */
- dmod = ceil(dmod);// + two_pow_32;
+ dmod = ceil(dmod) + two_pow_32;
}
return (zend_long)(zend_ulong)dmod;
}

38
cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch
View File

@ -1,38 +0,0 @@
From cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a Mon Sep 17 00:00:00 2001
From: Jakub Zelenka <bukka@php.net>
Date: Sun, 2 Sep 2018 20:00:08 +0100
Subject: [PATCH] Fix stream_security_level.phpt with OpenSSL 1.1.1
---
ext/openssl/tests/stream_security_level.phpt | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ext/openssl/tests/stream_security_level.phpt b/ext/openssl/tests/stream_security_level.phpt
index fb1d36a58624..26fedcf670e9 100644
--- a/ext/openssl/tests/stream_security_level.phpt
+++ b/ext/openssl/tests/stream_security_level.phpt
@@ -5,6 +5,7 @@ security_level setting to prohibit cert
if (!extension_loaded("openssl")) die("skip openssl not loaded");
if (OPENSSL_VERSION_NUMBER < 0x10100000) die("skip OpenSSL >= v1.1.0 required");
if (!function_exists("proc_open")) die("skip no proc_open");
+?>
--FILE--
<?php
$serverCode = <<<'CODE'
@@ -24,7 +25,7 @@ $clientCode = <<<'CODE'
$serverUri = "ssl://127.0.0.1:64322";
$clientFlags = STREAM_CLIENT_CONNECT;
$clientCtx = stream_context_create(['ssl' => [
- 'security_level' => 3,
+ 'security_level' => 2,
'verify_peer' => true,
'cafile' => __DIR__ . '/bug54992-ca.pem',
'verify_peer_name' => false
@@ -38,6 +39,7 @@ CODE;
include 'ServerClientTestCase.inc';
ServerClientTestCase::getInstance()->run($clientCode, $serverCode);
+?>
--EXPECTF--
Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in %s : eval()'d code on line %d

17
php-5.3.0-recode.patch
View File

@ -1,17 +0,0 @@
diff -up php-5.3.0beta1/ext/recode/config9.m4.recode php-5.3.0beta1/ext/recode/config9.m4
--- php-5.3.0beta1/ext/recode/config9.m4.recode 2008-12-02 00:30:21.000000000 +0100
+++ php-5.3.0beta1/ext/recode/config9.m4 2009-02-28 09:46:50.000000000 +0100
@@ -4,13 +4,6 @@ dnl
dnl Check for extensions with which Recode can not work
if test "$PHP_RECODE" != "no"; then
- test "$PHP_IMAP" != "no" && recode_conflict="$recode_conflict imap"
-
- if test -n "$MYSQL_LIBNAME"; then
- PHP_CHECK_LIBRARY($MYSQL_LIBNAME, hash_insert, [
- recode_conflict="$recode_conflict mysql"
- ])
- fi
if test -n "$recode_conflict"; then
AC_MSG_ERROR([recode extension can not be configured together with:$recode_conflict])

23
php-5.6.3-datetests.patch
View File

@ -1,23 +0,0 @@
--- a/ext/date/tests/bug66985.phpt 2014-10-30 07:32:03.297693403 +0100
+++ b/ext/date/tests/bug66985.phpt 2014-10-30 07:32:45.138877977 +0100
@@ -3,7 +3,7 @@
--FILE--
<?php
$zones = array(
- "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "Factory", "GB-Eire",
+ "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "GB-Eire",
"GMT0", "Greenwich", "Hongkong", "Iceland", "Iran", "Israel", "Jamaica",
"Japan", "Kwajalein", "Libya", "MST7MDT", "Navajo", "NZ-CHAT", "Poland",
"Portugal", "PST8PDT", "Singapore", "Turkey", "Universal", "W-SU",
@@ -45,11 +45,6 @@
)
DateTimeZone Object
(
- [timezone_type] => 3
- [timezone] => Factory
-)
-DateTimeZone Object
-(
[timezone_type] => 3
[timezone] => GB-Eire
)

27
php-5.6.3-phpinfo.patch
View File

@ -1,27 +0,0 @@
Drop "Configure Command" from phpinfo as it doesn't
provide any useful information.
The available extensions are not related to this command.
--- php-5.4.9/ext/standard/info.c.orig 2012-12-11 10:43:02.450578276 +0100
+++ php-5.4.9/ext/standard/info.c 2012-12-11 10:44:12.530820821 +0100
@@ -743,9 +743,6 @@
#ifdef ARCHITECTURE
php_info_print_table_row(2, "Architecture", ARCHITECTURE);
#endif
-#ifdef CONFIGURE_COMMAND
- php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
-#endif
if (sapi_module.pretty_name) {
php_info_print_table_row(2, "Server API", sapi_module.pretty_name );
--- php-5.4.9/ext/standard/tests/general_functions/phpinfo.phpt.orig 2012-12-11 11:07:26.959156091 +0100
+++ php-5.4.9/ext/standard/tests/general_functions/phpinfo.phpt 2012-12-11 11:07:30.899170970 +0100
@@ -20,7 +20,6 @@
System => %s
Build Date => %s%a
-Configure Command => %s
Server API => Command Line Interface
Virtual Directory Support => %s
Configuration File (php.ini) Path => %s

2
php-7.2.0-includedir.patch
View File

@ -5,7 +5,7 @@
EXPANDED_PHP_CONFIG_FILE_PATH=`eval echo "$PHP_CONFIG_FILE_PATH"` EXPANDED_PHP_CONFIG_FILE_PATH=`eval echo "$PHP_CONFIG_FILE_PATH"`
EXPANDED_PHP_CONFIG_FILE_SCAN_DIR=`eval echo "$PHP_CONFIG_FILE_SCAN_DIR"` EXPANDED_PHP_CONFIG_FILE_SCAN_DIR=`eval echo "$PHP_CONFIG_FILE_SCAN_DIR"`
-INCLUDE_PATH=.:$EXPANDED_PEAR_INSTALLDIR -INCLUDE_PATH=.:$EXPANDED_PEAR_INSTALLDIR
+INCLUDE_PATH=.:$EXPANDED_PEAR_INSTALLDIR:${EXPANDED_DATADIR}/php +INCLUDE_PATH=.:$EXPANDED_PEAR_INSTALLDIR:${EXPANDED_DATADIR}/php:/usr/share/pear:/usr/share/php
exec_prefix=$old_exec_prefix exec_prefix=$old_exec_prefix
libdir=$old_libdir libdir=$old_libdir

30
php-7.2.4-dlopen.patch
View File

@ -1,30 +0,0 @@
diff -up php-7.2.4RC1/sapi/litespeed/lsapilib.c.dlopen php-7.2.4RC1/sapi/litespeed/lsapilib.c
--- php-7.2.4RC1/sapi/litespeed/lsapilib.c.dlopen 2018-03-13 12:40:25.330885880 +0100
+++ php-7.2.4RC1/sapi/litespeed/lsapilib.c 2018-03-13 12:41:35.797251042 +0100
@@ -755,7 +755,7 @@ static int (*fp_lve_leave)(struct liblve
static int (*fp_lve_jail)( struct passwd *, char *) = NULL;
static int lsapi_load_lve_lib(void)
{
- s_liblve = dlopen("liblve.so.0", RTLD_LAZY);
+ s_liblve = dlopen("liblve.so.0", RTLD_NOW);
if (s_liblve)
{
fp_lve_is_available = dlsym(s_liblve, "lve_is_available");
diff -up php-7.2.4RC1/Zend/zend_portability.h.dlopen php-7.2.4RC1/Zend/zend_portability.h
--- php-7.2.4RC1/Zend/zend_portability.h.dlopen 2018-03-13 12:33:38.000000000 +0100
+++ php-7.2.4RC1/Zend/zend_portability.h 2018-03-13 12:40:25.330885880 +0100
@@ -144,11 +144,11 @@
# endif
# if defined(RTLD_GROUP) && defined(RTLD_WORLD) && defined(RTLD_PARENT)
-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT)
+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_GROUP | RTLD_WORLD | RTLD_PARENT)
# elif defined(RTLD_DEEPBIND) && !defined(__SANITIZE_ADDRESS__)
-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL | RTLD_DEEPBIND)
+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL | RTLD_DEEPBIND)
# else
-# define DL_LOAD(libname) dlopen(libname, RTLD_LAZY | RTLD_GLOBAL)
+# define DL_LOAD(libname) dlopen(libname, RTLD_NOW | RTLD_GLOBAL)
# endif
# define DL_UNLOAD dlclose
# if defined(DLSYM_NEEDS_UNDERSCORE)

12
php-7.2.4-fixheader.patch
View File

@ -1,12 +0,0 @@
diff -up php-7.2.4RC1/configure.ac.fixheader php-7.2.4RC1/configure.ac
--- php-7.2.4RC1/configure.ac.fixheader 2018-03-13 12:42:47.594623100 +0100
+++ php-7.2.4RC1/configure.ac 2018-03-13 12:43:35.591871825 +0100
@@ -1275,7 +1275,7 @@ PHP_BUILD_DATE=`date -u +%Y-%m-%d`
fi
AC_DEFINE_UNQUOTED(PHP_BUILD_DATE,"$PHP_BUILD_DATE",[PHP build date])
-PHP_UNAME=`uname -a | xargs`
+PHP_UNAME=`uname | xargs`
AC_DEFINE_UNQUOTED(PHP_UNAME,"$PHP_UNAME",[uname -a output])
PHP_OS=`uname | xargs`
AC_DEFINE_UNQUOTED(PHP_OS,"$PHP_OS",[uname output])

280
php-7.2.8-getallheaders.patch
View File

@ -1,280 +0,0 @@
Adapted for 7.2 from 7.3 by remi
From 0ea4013f101d64fbeb9221260b36e98f10ed1ddd Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 4 Jul 2018 08:48:38 +0200
Subject: [PATCH] Fixed bug #62596 add getallheaders (apache_request_headers)
missing function in FPM add sapi_add_request_header in public API (was
add_request_header) fix arginfo for fastcgi_finish_request fucntion
---
main/SAPI.c | 50 +++++++++++++++++++++++++++++
main/SAPI.h | 1 +
sapi/cgi/cgi_main.c | 51 +----------------------------
sapi/fpm/fpm/fpm_main.c | 25 ++++++++++++++-
sapi/fpm/tests/getallheaders.phpt | 67 +++++++++++++++++++++++++++++++++++++++
5 files changed, 143 insertions(+), 51 deletions(-)
create mode 100644 sapi/fpm/tests/getallheaders.phpt
diff --git a/main/SAPI.c b/main/SAPI.c
index b6c3329..7e0c7c8 100644
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -1104,6 +1104,56 @@ SAPI_API void sapi_terminate_process(void) {
}
}
+SAPI_API void sapi_add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg) /* {{{ */
+{
+ zval *return_value = (zval*)arg;
+ char *str = NULL;
+
+ ALLOCA_FLAG(use_heap)
+
+ if (var_len > 5 &&
+ var[0] == 'H' &&
+ var[1] == 'T' &&
+ var[2] == 'T' &&
+ var[3] == 'P' &&
+ var[4] == '_') {
+
+ char *p;
+
+ var_len -= 5;
+ p = var + 5;
+ var = str = do_alloca(var_len + 1, use_heap);
+ *str++ = *p++;
+ while (*p) {
+ if (*p == '_') {
+ *str++ = '-';
+ p++;
+ if (*p) {
+ *str++ = *p++;
+ }
+ } else if (*p >= 'A' && *p <= 'Z') {
+ *str++ = (*p++ - 'A' + 'a');
+ } else {
+ *str++ = *p++;
+ }
+ }
+ *str = 0;
+ } else if (var_len == sizeof("CONTENT_TYPE")-1 &&
+ memcmp(var, "CONTENT_TYPE", sizeof("CONTENT_TYPE")-1) == 0) {
+ var = "Content-Type";
+ } else if (var_len == sizeof("CONTENT_LENGTH")-1 &&
+ memcmp(var, "CONTENT_LENGTH", sizeof("CONTENT_LENGTH")-1) == 0) {
+ var = "Content-Length";
+ } else {
+ return;
+ }
+ add_assoc_stringl_ex(return_value, var, var_len, val, val_len);
+ if (str) {
+ free_alloca(var, use_heap);
+ }
+}
+/* }}} */
+
/*
* Local variables:
* tab-width: 4
diff --git a/main/SAPI.h b/main/SAPI.h
index f829fd7..4b8e223 100644
--- a/main/SAPI.h
+++ b/main/SAPI.h
@@ -151,6 +151,7 @@ SAPI_API void sapi_shutdown(void);
SAPI_API void sapi_activate(void);
SAPI_API void sapi_deactivate(void);
SAPI_API void sapi_initialize_empty_request(void);
+SAPI_API void sapi_add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg);
END_EXTERN_C()
/*
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index 2e9cefe..350846d 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1591,54 +1591,6 @@ PHP_FUNCTION(apache_child_terminate) /*
}
/* }}} */
-static void add_request_header(char *var, unsigned int var_len, char *val, unsigned int val_len, void *arg) /* {{{ */
-{
- zval *return_value = (zval*)arg;
- char *str = NULL;
- char *p;
- ALLOCA_FLAG(use_heap)
-
- if (var_len > 5 &&
- var[0] == 'H' &&
- var[1] == 'T' &&
- var[2] == 'T' &&
- var[3] == 'P' &&
- var[4] == '_') {
-
- var_len -= 5;
- p = var + 5;
- var = str = do_alloca(var_len + 1, use_heap);
- *str++ = *p++;
- while (*p) {
- if (*p == '_') {
- *str++ = '-';
- p++;
- if (*p) {
- *str++ = *p++;
- }
- } else if (*p >= 'A' && *p <= 'Z') {
- *str++ = (*p++ - 'A' + 'a');
- } else {
- *str++ = *p++;
- }
- }
- *str = 0;
- } else if (var_len == sizeof("CONTENT_TYPE")-1 &&
- memcmp(var, "CONTENT_TYPE", sizeof("CONTENT_TYPE")-1) == 0) {
- var = "Content-Type";
- } else if (var_len == sizeof("CONTENT_LENGTH")-1 &&
- memcmp(var, "CONTENT_LENGTH", sizeof("CONTENT_LENGTH")-1) == 0) {
- var = "Content-Length";
- } else {
- return;
- }
- add_assoc_stringl_ex(return_value, var, var_len, val, val_len);
- if (str) {
- free_alloca(var, use_heap);
- }
-}
-/* }}} */
-
PHP_FUNCTION(apache_request_headers) /* {{{ */
{
if (zend_parse_parameters_none()) {
@@ -1648,7 +1600,7 @@ PHP_FUNCTION(apache_request_headers) /*
if (fcgi_is_fastcgi()) {
fcgi_request *request = (fcgi_request*) SG(server_context);
- fcgi_loadenv(request, add_request_header, return_value);
+ fcgi_loadenv(request, sapi_add_request_header, return_value);
} else {
char buf[128];
char **env, *p, *q, *var, *val, *t = buf;
diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
index 3256660..e815be4 100644
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@@ -1533,6 +1533,10 @@ PHP_FUNCTION(fastcgi_finish_request) /* {{{ */
{
fcgi_request *request = (fcgi_request*) SG(server_context);
+ if (zend_parse_parameters_none() == FAILURE) {
+ return;
+ }
+
if (!fcgi_is_closed(request)) {
php_output_end_all();
php_header();
@@ -1547,8 +1551,27 @@ PHP_FUNCTION(fastcgi_finish_request) /* {{{ */
}
/* }}} */
+ZEND_BEGIN_ARG_INFO(cgi_fcgi_sapi_no_arginfo, 0)
+ZEND_END_ARG_INFO()
+
+PHP_FUNCTION(apache_request_headers) /* {{{ */
+{
+ fcgi_request *request;
+
+ if (zend_parse_parameters_none() == FAILURE) {
+ return;
+ }
+
+ array_init(return_value);
+ if ((request = (fcgi_request*) SG(server_context))) {
+ fcgi_loadenv(request, sapi_add_request_header, return_value);
+ }
+} /* }}} */
+
static const zend_function_entry cgi_fcgi_sapi_functions[] = {
- PHP_FE(fastcgi_finish_request, NULL)
+ PHP_FE(fastcgi_finish_request, cgi_fcgi_sapi_no_arginfo)
+ PHP_FE(apache_request_headers, cgi_fcgi_sapi_no_arginfo)
+ PHP_FALIAS(getallheaders, apache_request_headers, cgi_fcgi_sapi_no_arginfo)
PHP_FE_END
};
diff --git a/sapi/fpm/tests/getallheaders.phpt b/sapi/fpm/tests/getallheaders.phpt
new file mode 100644
index 0000000..b41f1c6
--- /dev/null
+++ b/sapi/fpm/tests/getallheaders.phpt
@@ -0,0 +1,67 @@
+--TEST--
+FPM: Function getallheaders basic test
+--SKIPIF--
+<?php include "skipif.inc"; ?>
+--FILE--
+<?php
+
+require_once "tester.inc";
+
+$cfg = <<<EOT
+[global]
+error_log = {{FILE:LOG}}
+[unconfined]
+listen = {{ADDR}}
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 1
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+EOT;
+
+$code = <<<EOT
+<?php
+echo "Test Start\n";
+var_dump(getallheaders());
+echo "Test End\n";
+EOT;
+
+$headers = [];
+$tester = new FPM\Tester($cfg, $code);
+$tester->start();
+$tester->expectLogStartNotices();
+$tester->request(
+ '',
+ [
+ 'HTTP_X_FOO' => 'BAR',
+ 'HTTP_FOO' => 'foo'
+ ]
+ )->expectBody(
+ [
+ 'Test Start',
+ 'array(4) {',
+ ' ["Foo"]=>',
+ ' string(3) "foo"',
+ ' ["X-Foo"]=>',
+ ' string(3) "BAR"',
+ ' ["Content-Length"]=>',
+ ' string(1) "0"',
+ ' ["Content-Type"]=>',
+ ' string(0) ""',
+ '}',
+ 'Test End',
+ ]
+ );
+$tester->terminate();
+$tester->expectLogTerminatingNotices();
+$tester->close();
+
+?>
+Done
+--EXPECT--
+Done
+--CLEAN--
+<?php
+require_once "tester.inc";
+FPM\Tester::clean();
+?>
--
2.1.4

98
php-7.4.0-datetests.patch Normal file
View File

@ -0,0 +1,98 @@
diff -up ./ext/date/tests/bug33414-2.phpt.datetests ./ext/date/tests/bug33414-2.phpt
--- ./ext/date/tests/bug33414-2.phpt.datetests 2020-04-09 14:06:11.000000000 +0200
+++ ./ext/date/tests/bug33414-2.phpt 2020-04-09 14:40:00.809433489 +0200
@@ -74,10 +74,10 @@ $strtotime_tstamp = strtotime("next Frid
print "result=".date("l Y-m-d H:i:s T I", $strtotime_tstamp)."\n";
print "wanted=Friday 00:00:00\n\n";
?>
---EXPECT--
+--EXPECTF--
TZ=Pacific/Rarotonga - wrong day.
-tStamp=Thursday 1970-01-01 17:17:17 -1030 0
-result=Tuesday 1970-01-06 00:00:00 -1030 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Tuesday 1970-01-06 00:00:00 %s
wanted=Tuesday 00:00:00
TZ=Atlantic/South_Georgia - wrong day.
@@ -91,13 +91,13 @@ result=Monday 2005-04-04 00:00:00 EDT 1
wanted=Monday 00:00:00
TZ=Pacific/Enderbury - wrong day, off by 2 days.
-tStamp=Thursday 1970-01-01 17:17:17 -12 0
-result=Monday 1970-01-05 00:00:00 -12 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Monday 1970-01-05 00:00:00 %s
wanted=Monday 00:00:00
TZ=Pacific/Kiritimati - wrong day, off by 2 days.
-tStamp=Thursday 1970-01-01 17:17:17 -1040 0
-result=Monday 1970-01-05 00:00:00 -1040 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Monday 1970-01-05 00:00:00 %s
wanted=Monday 00:00:00
TZ=America/Managua - wrong day.
@@ -106,13 +106,13 @@ result=Tuesday 2005-04-12 00:00:00 CDT 1
wanted=Tuesday 00:00:00
TZ=Pacific/Pitcairn - wrong day.
-tStamp=Thursday 1970-01-01 17:17:17 -0830 0
-result=Wednesday 1970-01-07 00:00:00 -0830 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Wednesday 1970-01-07 00:00:00 %s
wanted=Wednesday 00:00:00
TZ=Pacific/Fakaofo - wrong day.
-tStamp=Thursday 1970-01-01 17:17:17 -11 0
-result=Saturday 1970-01-03 00:00:00 -11 0
+tStamp=Thursday 1970-01-01 17:17:17 %s
+result=Saturday 1970-01-03 00:00:00 %s
wanted=Saturday 00:00:00
TZ=Pacific/Johnston - wrong day.
diff -up ./ext/date/tests/bug66985.phpt.datetests ./ext/date/tests/bug66985.phpt
--- ./ext/date/tests/bug66985.phpt.datetests 2020-04-09 14:06:11.000000000 +0200
+++ ./ext/date/tests/bug66985.phpt 2020-04-09 14:40:37.099288185 +0200
@@ -3,7 +3,7 @@ Bug #66985 (Some timezones are no longer
--FILE--
<?php
$zones = array(
- "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "Factory", "GB-Eire",
+ "CST6CDT", "Cuba", "Egypt", "Eire", "EST5EDT", "GB-Eire",
"GMT0", "Greenwich", "Hongkong", "Iceland", "Iran", "Israel", "Jamaica",
"Japan", "Kwajalein", "Libya", "MST7MDT", "Navajo", "NZ-CHAT", "Poland",
"Portugal", "PST8PDT", "Singapore", "Turkey", "Universal", "W-SU",
@@ -45,11 +45,6 @@ DateTimeZone Object
)
DateTimeZone Object
(
- [timezone_type] => 3
- [timezone] => Factory
-)
-DateTimeZone Object
-(
[timezone_type] => 3
[timezone] => GB-Eire
)
diff -up ./ext/date/tests/strtotime3-64bit.phpt.datetests ./ext/date/tests/strtotime3-64bit.phpt
--- ./ext/date/tests/strtotime3-64bit.phpt.datetests 2020-04-09 14:06:11.000000000 +0200
+++ ./ext/date/tests/strtotime3-64bit.phpt 2020-04-09 14:40:00.809433489 +0200
@@ -44,7 +44,7 @@ foreach ($strs as $str) {
}
?>
---EXPECT--
+--EXPECTF--
bool(false)
bool(false)
string(31) "Thu, 15 Jun 2006 00:00:00 +0100"
@@ -53,7 +53,7 @@ bool(false)
string(31) "Fri, 16 Jun 2006 23:49:12 +0100"
bool(false)
string(31) "Fri, 16 Jun 2006 02:22:00 +0100"
-string(31) "Sun, 16 Jun 0222 02:22:00 -0036"
+string(31) "Sun, 16 Jun 0222 02:22:00 %s"
string(31) "Fri, 16 Jun 2006 02:22:33 +0100"
bool(false)
string(31) "Tue, 02 Mar 2004 00:00:00 +0000"

5
php-7.1.7-httpd.patch → php-7.4.0-httpd.patch
View File

@ -5,10 +5,9 @@ mod_php is build twice
- as ZTS using --enable-maintainer-zts - as ZTS using --enable-maintainer-zts
diff --git a/sapi/apache2handler/config.m4 b/sapi/apache2handler/config.m4 diff --git a/sapi/apache2handler/config.m4 b/sapi/apache2handler/config.m4
index 2e64b21..ec4799f 100644
--- a/sapi/apache2handler/config.m4 --- a/sapi/apache2handler/config.m4
+++ b/sapi/apache2handler/config.m4 +++ b/sapi/apache2handler/config.m4
@@ -116,17 +116,6 @@ if test "$PHP_APXS2" != "no"; then @@ -105,17 +105,6 @@ if test "$PHP_APXS2" != "no"; then
;; ;;
esac esac
@ -18,7 +17,7 @@ index 2e64b21..ec4799f 100644
- PHP_BUILD_THREAD_SAFE - PHP_BUILD_THREAD_SAFE
- fi - fi
- else - else
- APACHE_THREADED_MPM=`$APXS_HTTPD -V | grep 'threaded:.*yes'` - APACHE_THREADED_MPM=`$APXS_HTTPD -V 2>/dev/null | grep 'threaded:.*yes'`
- if test -n "$APACHE_THREADED_MPM"; then - if test -n "$APACHE_THREADED_MPM"; then
- PHP_BUILD_THREAD_SAFE - PHP_BUILD_THREAD_SAFE
- fi - fi

12
php-7.2.3-ldap_r.patch → php-7.4.0-ldap_r.patch
View File

@ -1,12 +1,12 @@
Use -lldap_r by default. Use -lldap_r by default.
diff -up php-7.2.3RC1/ext/ldap/config.m4.ldap_r php-7.2.3RC1/ext/ldap/config.m4 diff -up php-7.4.0RC2/ext/ldap/config.m4.ldap_r php-7.4.0RC2/ext/ldap/config.m4
--- php-7.2.3RC1/ext/ldap/config.m4.ldap_r 2018-02-14 06:05:11.553142812 +0100 --- php-7.4.0RC2/ext/ldap/config.m4.ldap_r 2019-09-17 10:21:24.769200812 +0200
+++ php-7.2.3RC1/ext/ldap/config.m4 2018-02-14 06:07:31.179816122 +0100 +++ php-7.4.0RC2/ext/ldap/config.m4 2019-09-17 10:21:30.658181771 +0200
@@ -119,7 +119,11 @@ if test "$PHP_LDAP" != "no"; then @@ -68,7 +68,11 @@ if test "$PHP_LDAP" != "no"; then
dnl -pc removal is a hack for clang
MACHINE_INCLUDES=$($CC -dumpmachine) MACHINE_INCLUDES=$($CC -dumpmachine | $SED 's/-pc//')
- if test -f $LDAP_LIBDIR/liblber.a || test -f $LDAP_LIBDIR/liblber.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.a || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.$SHLIB_SUFFIX_NAME; then - if test -f $LDAP_LIBDIR/liblber.a || test -f $LDAP_LIBDIR/liblber.$SHLIB_SUFFIX_NAME || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.a || test -f $LDAP_LIBDIR/$MACHINE_INCLUDES/liblber.$SHLIB_SUFFIX_NAME; then
+ if test -f $LDAP_LIBDIR/libldap_r.$SHLIB_SUFFIX_NAME; then + if test -f $LDAP_LIBDIR/libldap_r.$SHLIB_SUFFIX_NAME; then

26
php-7.2.0-libdb.patch → php-7.4.0-libdb.patch
View File

@ -1,7 +1,7 @@
diff -up php-7.2.0alpha0/ext/dba/config.m4.libdb php-7.2.0alpha0/ext/dba/config.m4 diff -up ./ext/dba/config.m4.libdb ./ext/dba/config.m4
--- php-7.2.0alpha0/ext/dba/config.m4.libdb 2017-05-29 08:56:06.000000000 +0200 --- ./ext/dba/config.m4.libdb 2020-04-09 14:06:11.000000000 +0200
+++ php-7.2.0alpha0/ext/dba/config.m4 2017-05-29 09:13:52.014823282 +0200 +++ ./ext/dba/config.m4 2020-04-09 14:35:08.208605065 +0200
@@ -346,61 +346,13 @@ if test "$PHP_DB4" != "no"; then @@ -375,61 +375,13 @@ if test "$PHP_DB4" != "no"; then
dbdp4="/usr/local/BerkeleyDB.4." dbdp4="/usr/local/BerkeleyDB.4."
dbdp5="/usr/local/BerkeleyDB.5." dbdp5="/usr/local/BerkeleyDB.5."
for i in $PHP_DB4 ${dbdp5}1 ${dbdp5}0 ${dbdp4}8 ${dbdp4}7 ${dbdp4}6 ${dbdp4}5 ${dbdp4}4 ${dbdp4}3 ${dbdp4}2 ${dbdp4}1 ${dbdp}0 /usr/local /usr; do for i in $PHP_DB4 ${dbdp5}1 ${dbdp5}0 ${dbdp4}8 ${dbdp4}7 ${dbdp4}6 ${dbdp4}5 ${dbdp4}4 ${dbdp4}3 ${dbdp4}2 ${dbdp4}1 ${dbdp}0 /usr/local /usr; do
@ -65,21 +65,21 @@ diff -up php-7.2.0alpha0/ext/dba/config.m4.libdb php-7.2.0alpha0/ext/dba/config.
fi fi
PHP_DBA_STD_RESULT(db4,Berkeley DB4) PHP_DBA_STD_RESULT(db4,Berkeley DB4)
diff -up php-7.2.0alpha0/ext/dba/dba.c.libdb php-7.2.0alpha0/ext/dba/dba.c diff -up ./ext/dba/dba.c.libdb ./ext/dba/dba.c
--- php-7.2.0alpha0/ext/dba/dba.c.libdb 2017-05-29 09:16:15.736628202 +0200 --- ./ext/dba/dba.c.libdb 2020-04-09 14:06:11.000000000 +0200
+++ php-7.2.0alpha0/ext/dba/dba.c 2017-05-29 09:16:20.494654746 +0200 +++ ./ext/dba/dba.c 2020-04-09 14:36:30.593275190 +0200
@@ -53,6 +53,10 @@ @@ -50,6 +50,10 @@
#include "php_tcadb.h"
#include "php_lmdb.h" #include "php_lmdb.h"
#include "dba_arginfo.h"
+#ifdef DB4_INCLUDE_FILE +#ifdef DB4_INCLUDE_FILE
+#include DB4_INCLUDE_FILE +#include DB4_INCLUDE_FILE
+#endif +#endif
+ +
/* {{{ arginfo */ PHP_MINIT_FUNCTION(dba);
ZEND_BEGIN_ARG_INFO_EX(arginfo_dba_popen, 0, 0, 2) PHP_MSHUTDOWN_FUNCTION(dba);
ZEND_ARG_INFO(0, path) PHP_MINFO_FUNCTION(dba);
@@ -558,6 +562,10 @@ PHP_MINFO_FUNCTION(dba) @@ -459,6 +463,10 @@ PHP_MINFO_FUNCTION(dba)
php_info_print_table_start(); php_info_print_table_start();
php_info_print_table_row(2, "DBA support", "enabled"); php_info_print_table_row(2, "DBA support", "enabled");

9
php-5.4.0-phpize.patch → php-7.4.0-phpize.patch
View File

@ -1,6 +1,7 @@
--- php-5.4.0RC5/scripts/phpize.in.orig 2012-01-18 17:13:54.018022983 +0100 diff -up ./scripts/phpize.in.headers ./scripts/phpize.in
+++ php-5.4.0RC5/scripts/phpize.in 2012-01-18 17:14:40.614024941 +0100 --- ./scripts/phpize.in.headers 2019-07-23 10:05:11.000000000 +0200
@@ -162,6 +162,15 @@ +++ ./scripts/phpize.in 2019-07-23 10:18:13.648098089 +0200
@@ -165,6 +165,15 @@ phpize_autotools()
$PHP_AUTOHEADER || exit 1 $PHP_AUTOHEADER || exit 1
} }
@ -16,7 +17,7 @@
# Main script # Main script
case "$1" in case "$1" in
@@ -180,12 +189,15 @@ @@ -183,12 +192,15 @@ case "$1" in
# Version # Version
--version|-v) --version|-v)

21
php-5.6.3-embed.patch → php-8.0.0-embed.patch
View File

@ -1,24 +1,25 @@
--- php-5.6.3/sapi/embed/config.m4.embed diff -up ./sapi/embed/config.m4.embed ./sapi/embed/config.m4
+++ php-5.6.3/sapi/embed/config.m4 --- ./sapi/embed/config.m4.embed 2020-07-07 13:51:05.879764972 +0200
+++ ./sapi/embed/config.m4 2020-07-07 13:52:50.128412148 +0200
@@ -12,7 +12,8 @@ if test "$PHP_EMBED" != "no"; then @@ -12,7 +12,8 @@ if test "$PHP_EMBED" != "no"; then
case "$PHP_EMBED" in
yes|shared) yes|shared)
LIBPHP_CFLAGS="-shared"
PHP_EMBED_TYPE=shared PHP_EMBED_TYPE=shared
- INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(prefix)/lib; \$(INSTALL) -m 0755 $SAPI_SHARED \$(INSTALL_ROOT)\$(prefix)/lib" - INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(prefix)/lib; \$(INSTALL) -m 0755 $SAPI_SHARED \$(INSTALL_ROOT)\$(prefix)/lib"
+ EXTRA_LDFLAGS="$EXTRA_LDFLAGS -release \$(PHP_MAJOR_VERSION).\$(PHP_MINOR_VERSION)" + EXTRA_LDFLAGS="$EXTRA_LDFLAGS -release \$(PHP_MAJOR_VERSION).\$(PHP_MINOR_VERSION)"
+ INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(libdir); \$(LIBTOOL) --mode=install \$(INSTALL) -m 0755 \$(OVERALL_TARGET) \$(INSTALL_ROOT)\$(libdir)" + INSTALL_IT="\$(mkinstalldirs) \$(INSTALL_ROOT)\$(libdir); \$(LIBTOOL) --mode=install \$(INSTALL) -m 0755 \$(OVERALL_TARGET) \$(INSTALL_ROOT)\$(libdir)"
;; ;;
static) static)
PHP_EMBED_TYPE=static LIBPHP_CFLAGS="-static"
diff -up php-5.5.30/scripts/php-config.in.old php-5.5.30/scripts/php-config.in diff -up ./scripts/php-config.in.embed ./scripts/php-config.in
--- php-5.5.30/scripts/php-config.in.old 2015-10-19 15:17:31.944747715 +0200 --- ./scripts/php-config.in.embed 2020-07-07 12:54:42.000000000 +0200
+++ php-5.5.30/scripts/php-config.in 2015-10-19 15:17:58.278858083 +0200 +++ ./scripts/php-config.in 2020-07-07 13:51:05.880764968 +0200
@@ -18,7 +18,7 @@ exe_extension="@EXEEXT@" @@ -18,7 +18,7 @@ exe_extension="@EXEEXT@"
php_cli_binary=NONE php_cli_binary=NONE
php_cgi_binary=NONE php_cgi_binary=NONE
configure_options="@CONFIGURE_OPTIONS@" configure_options="@CONFIGURE_OPTIONS@"
-php_sapis="@PHP_INSTALLED_SAPIS@" -php_sapis="@PHP_INSTALLED_SAPIS@"
+php_sapis="apache2handler embed fpm @PHP_INSTALLED_SAPIS@" +php_sapis="apache2handler litespeed fpm phpdbg @PHP_INSTALLED_SAPIS@"
ini_dir="@EXPANDED_PHP_CONFIG_FILE_SCAN_DIR@"
ini_path="@EXPANDED_PHP_CONFIG_FILE_PATH@"
# Set php_cli_binary and php_cgi_binary if available
for sapi in $php_sapis; do

44
php-8.0.0-phpinfo.patch Normal file
View File

@ -0,0 +1,44 @@
Drop "Configure Command" from phpinfo as it doesn't
provide any useful information.
The available extensions are not related to this command.
Replace full GCC name by gcc in php -v output
diff -up ./ext/standard/info.c.phpinfo ./ext/standard/info.c
--- ./ext/standard/info.c.phpinfo 2020-07-21 10:49:31.000000000 +0200
+++ ./ext/standard/info.c 2020-07-21 11:41:56.295633523 +0200
@@ -804,9 +804,6 @@ PHPAPI ZEND_COLD void php_print_info(int
#ifdef ARCHITECTURE
php_info_print_table_row(2, "Architecture", ARCHITECTURE);
#endif
-#ifdef CONFIGURE_COMMAND
- php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
-#endif
if (sapi_module.pretty_name) {
php_info_print_table_row(2, "Server API", sapi_module.pretty_name );
diff -up ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo ./ext/standard/tests/general_functions/phpinfo.phpt
--- ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo 2020-07-21 10:49:31.000000000 +0200
+++ ./ext/standard/tests/general_functions/phpinfo.phpt 2020-07-21 11:41:56.296633522 +0200
@@ -17,7 +17,6 @@ PHP Version => %s
System => %s
Build Date => %s%a
-Configure Command => %s
Server API => Command Line Interface
Virtual Directory Support => %s
Configuration File (php.ini) Path => %s
diff -up ./sapi/cli/php_cli.c.phpinfo ./sapi/cli/php_cli.c
--- ./sapi/cli/php_cli.c.phpinfo 2020-07-21 11:43:38.812475300 +0200
+++ ./sapi/cli/php_cli.c 2020-07-21 11:43:45.783464540 +0200
@@ -643,8 +643,7 @@ static int do_cli(int argc, char **argv)
"NTS "
#endif
#ifdef COMPILER
- COMPILER
- " "
+ "gcc "
#endif
#ifdef ARCHITECTURE
ARCHITECTURE

87
php-7.2.3-systzdata-v16.patch → php-8.0.0-systzdata-v19.patch
View File

@ -5,6 +5,9 @@ Add support for use of the system timezone database, rather
than embedding a copy. Discussed upstream but was not desired. than embedding a copy. Discussed upstream but was not desired.
History: History:
r19: adapt for timelib 2020.02 (in 8.0.0beta2)
r18: adapt for autotool change in 7.3.3RC1
r17: adapt for timelib 2018.01 (in 7.3.2RC1)
r16: adapt for timelib 2017.06 (in 7.2.3RC1) r16: adapt for timelib 2017.06 (in 7.2.3RC1)
r15: adapt for timelib 2017.05beta7 (in 7.2.0RC1) r15: adapt for timelib 2017.05beta7 (in 7.2.0RC1)
r14: improve check for valid tz file r14: improve check for valid tz file
@ -27,10 +30,33 @@ r3: fix a crash if /usr/share/zoneinfo doesn't exist (Raphael Geissert)
r2: add filesystem trawl to set up name alias index r2: add filesystem trawl to set up name alias index
r1: initial revision r1: initial revision
diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/lib/parse_tz.c diff -up php-8.0.0beta3/ext/date/config0.m4.systzdata php-8.0.0beta3/ext/date/config0.m4
--- php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata 2018-02-13 20:18:34.000000000 +0100 --- php-8.0.0beta3/ext/date/config0.m4.systzdata 2020-09-01 19:13:26.000000000 +0200
+++ php-7.2.3RC1/ext/date/lib/parse_tz.c 2018-02-14 06:14:23.484804852 +0100 +++ php-8.0.0beta3/ext/date/config0.m4 2020-09-02 08:07:51.039979873 +0200
@@ -25,8 +25,21 @@ @@ -4,6 +4,19 @@ AC_CHECK_HEADERS([io.h])
dnl Check for strtoll, atoll
AC_CHECK_FUNCS(strtoll atoll)
+PHP_ARG_WITH(system-tzdata, for use of system timezone data,
+[ --with-system-tzdata[=DIR] to specify use of system timezone data],
+no, no)
+
+if test "$PHP_SYSTEM_TZDATA" != "no"; then
+ AC_DEFINE(HAVE_SYSTEM_TZDATA, 1, [Define if system timezone data is used])
+
+ if test "$PHP_SYSTEM_TZDATA" != "yes"; then
+ AC_DEFINE_UNQUOTED(HAVE_SYSTEM_TZDATA_PREFIX, "$PHP_SYSTEM_TZDATA",
+ [Define for location of system timezone data])
+ fi
+fi
+
PHP_DATE_CFLAGS="-I@ext_builddir@/lib -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1 -DHAVE_TIMELIB_CONFIG_H=1"
timelib_sources="lib/astro.c lib/dow.c lib/parse_date.c lib/parse_tz.c
lib/timelib.c lib/tm2unixtime.c lib/unixtime2tm.c lib/parse_iso_intervals.c lib/interval.c"
diff -up php-8.0.0beta3/ext/date/lib/parse_tz.c.systzdata php-8.0.0beta3/ext/date/lib/parse_tz.c
--- php-8.0.0beta3/ext/date/lib/parse_tz.c.systzdata 2020-09-01 19:13:26.000000000 +0200
+++ php-8.0.0beta3/ext/date/lib/parse_tz.c 2020-09-02 08:07:51.039979873 +0200
@@ -26,8 +26,21 @@
#include "timelib.h" #include "timelib.h"
#include "timelib_private.h" #include "timelib_private.h"
@ -52,7 +78,7 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
#if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__)) #if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
# if defined(__LITTLE_ENDIAN__) # if defined(__LITTLE_ENDIAN__)
@@ -67,6 +80,11 @@ static int read_php_preamble(const unsig @@ -94,6 +107,11 @@ static int read_php_preamble(const unsig
{ {
uint32_t version; uint32_t version;
@ -64,11 +90,11 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
/* read ID */ /* read ID */
version = (*tzf)[3] - '0'; version = (*tzf)[3] - '0';
*tzf += 4; *tzf += 4;
@@ -374,7 +392,429 @@ void timelib_dump_tzinfo(timelib_tzinfo @@ -418,7 +436,429 @@ void timelib_dump_tzinfo(timelib_tzinfo
} }
} }
-static int seek_to_tz_position(const unsigned char **tzf, char *timezone, const timelib_tzdb *tzdb) -static int seek_to_tz_position(const unsigned char **tzf, const char *timezone, const timelib_tzdb *tzdb)
+#ifdef HAVE_SYSTEM_TZDATA +#ifdef HAVE_SYSTEM_TZDATA
+ +
+#ifdef HAVE_SYSTEM_TZDATA_PREFIX +#ifdef HAVE_SYSTEM_TZDATA_PREFIX
@ -491,15 +517,15 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
+ +
+#endif +#endif
+ +
+static int inmem_seek_to_tz_position(const unsigned char **tzf, char *timezone, const timelib_tzdb *tzdb) +static int inmem_seek_to_tz_position(const unsigned char **tzf, const char *timezone, const timelib_tzdb *tzdb)
{ {
int left = 0, right = tzdb->index_size - 1; int left = 0, right = tzdb->index_size - 1;
@@ -400,9 +840,48 @@ static int seek_to_tz_position(const uns @@ -444,9 +884,48 @@ static int seek_to_tz_position(const uns
return 0; return 0;
} }
+static int seek_to_tz_position(const unsigned char **tzf, char *timezone, +static int seek_to_tz_position(const unsigned char **tzf, const char *timezone,
+ char **map, size_t *maplen, + char **map, size_t *maplen,
+ const timelib_tzdb *tzdb) + const timelib_tzdb *tzdb)
+{ +{
@ -544,8 +570,8 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
} }
const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_tzdb *tzdb, int *count) const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_tzdb *tzdb, int *count)
@@ -414,7 +893,30 @@ const timelib_tzdb_index_entry *timelib_ @@ -458,7 +937,30 @@ const timelib_tzdb_index_entry *timelib_
int timelib_timezone_id_is_valid(char *timezone, const timelib_tzdb *tzdb) int timelib_timezone_id_is_valid(const char *timezone, const timelib_tzdb *tzdb)
{ {
const unsigned char *tzf; const unsigned char *tzf;
- return (seek_to_tz_position(&tzf, timezone, tzdb)); - return (seek_to_tz_position(&tzf, timezone, tzdb));
@ -576,8 +602,8 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
} }
static int skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz) static int skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
@@ -456,12 +958,14 @@ static timelib_tzinfo* timelib_tzinfo_ct @@ -500,12 +1002,14 @@ static timelib_tzinfo* timelib_tzinfo_ct
timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb, int *error_code) timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *tzdb, int *error_code)
{ {
const unsigned char *tzf; const unsigned char *tzf;
+ char *memmap = NULL; + char *memmap = NULL;
@ -592,11 +618,10 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
tmp = timelib_tzinfo_ctor(timezone); tmp = timelib_tzinfo_ctor(timezone);
version = read_preamble(&tzf, tmp, &type); version = read_preamble(&tzf, tmp, &type);
@@ -484,6 +988,29 @@ timelib_tzinfo *timelib_parse_tzfile(cha @@ -540,11 +1044,36 @@ timelib_tzinfo *timelib_parse_tzfile(con
timelib_tzinfo_dtor(tmp);
return NULL;
} }
+ skip_posix_string(&tzf, tmp);
+#ifdef HAVE_SYSTEM_TZDATA +#ifdef HAVE_SYSTEM_TZDATA
+ if (memmap) { + if (memmap) {
+ const struct location_info *li; + const struct location_info *li;
@ -619,10 +644,8 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
+ munmap(memmap, maplen); + munmap(memmap, maplen);
+ } else { + } else {
+#endif +#endif
if (version == 2 || version == 3) { if (type == TIMELIB_TZINFO_PHP) {
if (!skip_64bit_preamble(&tzf, tmp)) { read_location(&tzf, tmp);
/* 64 bit preamble is not in place */
@@ -501,6 +1028,9 @@ timelib_tzinfo *timelib_parse_tzfile(cha
} else { } else {
set_default_location_and_comments(&tzf, tmp); set_default_location_and_comments(&tzf, tmp);
} }
@ -632,23 +655,3 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
} else { } else {
*error_code = TIMELIB_ERROR_NO_SUCH_TIMEZONE; *error_code = TIMELIB_ERROR_NO_SUCH_TIMEZONE;
tmp = NULL; tmp = NULL;
diff -up php-7.2.3RC1/ext/date/lib/timelib.m4.systzdata php-7.2.3RC1/ext/date/lib/timelib.m4
--- php-7.2.3RC1/ext/date/lib/timelib.m4.systzdata 2018-02-13 20:18:34.000000000 +0100
+++ php-7.2.3RC1/ext/date/lib/timelib.m4 2018-02-14 06:11:54.273089963 +0100
@@ -81,3 +81,16 @@ io.h
dnl Check for strtoll, atoll
AC_CHECK_FUNCS(strtoll atoll strftime gettimeofday)
+
+PHP_ARG_WITH(system-tzdata, for use of system timezone data,
+[ --with-system-tzdata[=DIR] to specify use of system timezone data],
+no, no)
+
+if test "$PHP_SYSTEM_TZDATA" != "no"; then
+ AC_DEFINE(HAVE_SYSTEM_TZDATA, 1, [Define if system timezone data is used])
+
+ if test "$PHP_SYSTEM_TZDATA" != "yes"; then
+ AC_DEFINE_UNQUOTED(HAVE_SYSTEM_TZDATA_PREFIX, "$PHP_SYSTEM_TZDATA",
+ [Define for location of system timezone data])
+ fi
+fi

BIN
php-7.2.10.tar.xz → php-8.0.0.tar.xz
View File

Binary file not shown.

146
php-CVE-2018-20783.patch
View File

@ -1,146 +0,0 @@
From e7c8e6cde021afd637ea535b0641a1851e57fb2a Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Mon, 12 Nov 2018 14:02:26 -0800
Subject: [PATCH] Fix bug #77143 - add more checks to buffer reads
---
NEWS | 4 ++++
ext/phar/phar.c | 30 +++++++++++++++++++++---------
ext/phar/tests/bug73768.phpt | 2 +-
ext/phar/tests/bug77143.phar | Bin 0 -> 50 bytes
ext/phar/tests/bug77143.phpt | 18 ++++++++++++++++++
5 files changed, 44 insertions(+), 10 deletions(-)
create mode 100644 ext/phar/tests/bug77143.phar
create mode 100644 ext/phar/tests/bug77143.phpt
diff -Nur php-7.2.10/NEWS php-7.2.10_bak/NEWS
--- php-7.2.10/NEWS 2018-09-11 15:06:00.000000000 +0800
+++ php-7.2.10_bak/NEWS 2019-04-04 17:41:54.869000000 +0800
@@ -136,6 +136,10 @@
. Fixed bug #76477 (Opcache causes empty return value).
(Nikita, Laruence)
+- Phar:
+ . Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile).
+ (Stas)
+
- PGSQL:
. Fixed bug #76548 (pg_fetch_result did not fetch the next row). (Anatol)
diff -Nur php-7.2.10/ext/phar/phar.c php-7.2.10_bak/ext/phar/phar.c
--- php-7.2.10/ext/phar/phar.c 2019-04-04 17:39:04.158000000 +0800
+++ php-7.2.10_bak/ext/phar/phar.c 2019-04-04 17:49:51.807000000 +0800
@@ -643,6 +643,18 @@
/* }}}*/
/**
+ * Size of fixed fields in the manifest.
+ * See: http://php.net/manual/en/phar.fileformat.phar.php
+ */
+#define MANIFEST_FIXED_LEN 18
+
+#define SAFE_PHAR_GET_32(buffer, endbuffer, var) \
+ if (UNEXPECTED(buffer + 4 > endbuffer)) { \
+ MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)"); \
+ } \
+ PHAR_GET_32(buffer, var);
+
+/**
* Does not check for a previously opened phar in the cache.
*
* Parse a new one and add it to the cache, returning either SUCCESS or
@@ -725,7 +737,7 @@
savebuf = buffer;
endbuffer = buffer + manifest_len;
- if (manifest_len < 10 || manifest_len != php_stream_read(fp, buffer, manifest_len)) {
+ if (manifest_len < MANIFEST_FIXED_LEN || manifest_len != php_stream_read(fp, buffer, manifest_len)) {
MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)")
}
@@ -750,7 +762,7 @@
return FAILURE;
}
- PHAR_GET_32(buffer, manifest_flags);
+ SAFE_PHAR_GET_32(buffer, endbuffer, manifest_flags);
manifest_flags &= ~PHAR_HDR_COMPRESSION_MASK;
manifest_flags &= ~PHAR_FILE_COMPRESSION_MASK;
@@ -970,13 +982,13 @@
}
/* extract alias */
- PHAR_GET_32(buffer, tmp_len);
+ SAFE_PHAR_GET_32(buffer, endbuffer, tmp_len);
if (buffer + tmp_len > endbuffer) {
MAPPHAR_FAIL("internal corruption of phar \"%s\" (buffer overrun)");
}
- if (manifest_len < 10 + tmp_len) {
+ if (manifest_len < MANIFEST_FIXED_LEN + tmp_len) {
MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest header)")
}
@@ -1014,7 +1026,7 @@
}
/* we have 5 32-bit items plus 1 byte at least */
- if (manifest_count > ((manifest_len - 10 - tmp_len) / (5 * 4 + 1))) {
+ if (manifest_count > ((manifest_len - MANIFEST_FIXED_LEN - tmp_len) / (5 * 4 + 1))) {
/* prevent serious memory issues */
MAPPHAR_FAIL("internal corruption of phar \"%s\" (too many manifest entries for size of manifest)")
}
@@ -1023,12 +1035,12 @@
mydata->is_persistent = PHAR_G(persist);
/* check whether we have meta data, zero check works regardless of byte order */
- PHAR_GET_32(buffer, len);
+ SAFE_PHAR_GET_32(buffer, endbuffer, len);
if (mydata->is_persistent) {
mydata->metadata_len = len;
- if(!len) {
+ if (!len) {
/* FIXME: not sure why this is needed but removing it breaks tests */
- PHAR_GET_32(buffer, len);
+ SAFE_PHAR_GET_32(buffer, endbuffer, len);
}
}
if(len > (size_t)(endbuffer - buffer)) {
diff -Nur php-7.2.10/ext/phar/tests/bug73768.phpt php-7.2.10_bak/ext/phar/tests/bug73768.phpt
--- php-7.2.10/ext/phar/tests/bug73768.phpt 2018-09-11 15:06:03.000000000 +0800
+++ php-7.2.10_bak/ext/phar/tests/bug73768.phpt 2019-04-04 17:50:51.796000000 +0800
@@ -13,4 +13,4 @@
}
?>
--EXPECTF--
-cannot load phar "%sbug73768.phar" with implicit alias "" under different alias "alias.phar"
+internal corruption of phar "%sbug73768.phar" (truncated manifest header)
diff --git a/ext/phar/tests/bug77143.phpt b/ext/phar/tests/bug77143.phpt
new file mode 100644
index 0000000..f9f80fc
--- /dev/null
+++ b/ext/phar/tests/bug77143.phpt
@@ -0,0 +1,18 @@
+--TEST--
+PHP bug #77143: Heap Buffer Overflow (READ: 4) in phar_parse_pharfile
+--INI--
+phar.readonly=0
+--SKIPIF--
+<?php if (!extension_loaded("phar")) die("skip"); ?>
+--FILE--
+<?php
+chdir(__DIR__);
+try {
+var_dump(new Phar('bug77143.phar',0,'project.phar'));
+echo "OK\n";
+} catch(UnexpectedValueException $e) {
+ echo $e->getMessage();
+}
+?>
+--EXPECTF--
+internal corruption of phar "%sbug77143.phar" (truncated manifest header)
--
2.1.4

47
php-CVE-2019-9641.patch
View File

@ -1,47 +0,0 @@
commit 25aa5f434dfb3337a6617b46224f1b505053d8e9
Author: Stanislav Malyshev <stas@php.net>
Date: Fri Mar 1 23:25:45 2019 -0800
Fix integer overflows on 32-bits
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index cbde3effed..b4563927a5 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3567,10 +3567,10 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse
tag_table_type tag_table = exif_get_tag_table(section_index);
if (ImageInfo->ifd_nesting_level > MAX_IFD_NESTING_LEVEL) {
- return FALSE;
- }
+ return FALSE;
+ }
- if (ImageInfo->FileSize >= dir_offset+2) {
+ if (ImageInfo->FileSize >= 2 && ImageInfo->FileSize - 2 >= dir_offset) {
sn = exif_file_sections_add(ImageInfo, M_PSEUDO, 2, NULL);
#ifdef EXIF_DEBUG
exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, 2);
@@ -3578,8 +3578,8 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse
php_stream_seek(ImageInfo->infile, dir_offset, SEEK_SET); /* we do not know the order of sections */
php_stream_read(ImageInfo->infile, (char*)ImageInfo->file.list[sn].data, 2);
num_entries = php_ifd_get16u(ImageInfo->file.list[sn].data, ImageInfo->motorola_intel);
- dir_size = 2/*num dir entries*/ +12/*length of entry*/*num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/;
- if (ImageInfo->FileSize >= dir_offset+dir_size) {
+ dir_size = 2/*num dir entries*/ +12/*length of entry*/*(size_t)num_entries +4/* offset to next ifd (points to thumbnail or NULL)*/;
+ if (ImageInfo->FileSize >= dir_size && ImageInfo->FileSize - dir_size >= dir_offset) {
#ifdef EXIF_DEBUG
exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read from TIFF: filesize(x%04X), IFD dir(x%04X + x%04X), IFD entries(%d)", ImageInfo->FileSize, dir_offset+2, dir_size-2, num_entries);
#endif
@@ -3662,9 +3662,9 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse
}
}
}
- if (ImageInfo->FileSize >= dir_offset + ImageInfo->file.list[sn].size) {
+ if (ImageInfo->FileSize >= ImageInfo->file.list[sn].size && ImageInfo->FileSize - ImageInfo->file.list[sn].size >= dir_offset) {
if (ifd_size > dir_size) {
- if (dir_offset + ifd_size > ImageInfo->FileSize) {
+ if (ImageInfo->FileSize < ifd_size || dir_offset > ImageInfo->FileSize - ifd_size) {
exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Error in TIFF: filesize(x%04X) less than size of IFD(x%04X + x%04X)", ImageInfo->FileSize, dir_offset, ifd_size);
return FALSE;
}

243
php.spec
View File

@ -1,9 +1,8 @@
%global apiver 20170718 %global apiver 20200930
%global zendver 20170718 %global zendver 20200930
%global pdover 20170320 %global pdover 20170320
%global jsonver 1.6.0
%global _hardened_build 1 %global _hardened_build 1
%global embed_version 7.2 %global embed_version 8.0
%global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock) %global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock)
%global mysql_config %{_libdir}/mysql/mysql_config %global mysql_config %{_libdir}/mysql/mysql_config
@ -24,11 +23,11 @@
%global with_sodium 0 %global with_sodium 0
%global with_pspell 0 %global with_pspell 0
%global with_lmdb 0 %global with_lmdb 0
%global upver 7.2.10 %global upver 8.0.0
Name: php Name: php
Version: %{upver}%{?rcver:~%{rcver}} Version: %{upver}%{?rcver:~%{rcver}}
Release: 6 Release: 1
Summary: PHP scripting language for creating dynamic web sites Summary: PHP scripting language for creating dynamic web sites
License: PHP and Zend and BSD and MIT and ASL 1.0 and NCSA License: PHP and Zend and BSD and MIT and ASL 1.0 and NCSA
URL: http://www.php.net/ URL: http://www.php.net/
@ -47,52 +46,17 @@ Source13: nginx-fpm.conf
Source14: nginx-php.conf Source14: nginx-php.conf
Source50: 10-opcache.ini Source50: 10-opcache.ini
Source51: opcache-default.blacklist Source51: opcache-default.blacklist
Source52: 20-ffi.ini
Patch0001: php-7.1.7-httpd.patch Patch0001: php-7.4.0-httpd.patch
Patch0002: php-7.2.0-includedir.patch Patch0002: php-7.2.0-includedir.patch
Patch0003: php-5.6.3-embed.patch Patch0003: php-8.0.0-embed.patch
Patch0004: php-5.3.0-recode.patch Patch0004: php-7.4.0-libdb.patch
Patch0005: php-7.2.0-libdb.patch Patch0005: php-8.0.0-systzdata-v19.patch
Patch0006: php-7.2.4-dlopen.patch Patch0006: php-7.4.0-phpize.patch
Patch0007: php-7.2.3-systzdata-v16.patch Patch0007: php-7.4.0-ldap_r.patch
Patch0008: php-5.4.0-phpize.patch Patch0008: php-8.0.0-phpinfo.patch
Patch0009: php-7.2.3-ldap_r.patch Patch0009: php-7.4.0-datetests.patch
Patch0010: php-7.2.4-fixheader.patch
Patch0011: php-5.6.3-phpinfo.patch
Patch0012: php-7.2.8-getallheaders.patch
Patch0013: https://github.com/php/php-src/commit/cd0a37994e3cbf1f0aa1174155d3d662cefe2e7a.patch
Patch0014: https://github.com/php/php-src/commit/be50a72715c141befe6f34ece660745da894aaf3.patch
Patch0015: https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8.patch
Patch0016: php-5.6.3-datetests.patch
Patch6000: CVE-2019-9021.patch
Patch6001: CVE-2019-9022.patch
Patch6002: CVE-2019-9023.patch
Patch6003: CVE-2019-9024.patch
Patch6004: CVE-2019-9637.patch
Patch6005: CVE-2019-9638-CVE-2019-9639.patch
Patch6006: CVE-2019-9640.patch
Patch6007: php-CVE-2018-20783.patch
Patch6008: php-CVE-2019-9641.patch
Patch6009: CVE-2019-11034.patch
Patch6010: CVE-2019-11035.patch
Patch6011: CVE-2019-11036.patch
Patch6012: CVE-2019-11041.patch
Patch6013: CVE-2019-11042.patch
Patch6014: CVE-2019-11043.patch
Patch6015: CVE-2018-19935.patch
Patch6016: CVE-2019-11045.patch
Patch6017: CVE-2019-11046.patch
Patch6018: CVE-2019-11050.patch
Patch6019: CVE-2019-11047.patch
#git.php.net/?p=php-src.git;a=patch;h=336d2086a9189006909ae06c7e95902d7d5ff77e
Patch6020: CVE-2018-19518.patch
#git.php.net/?p=php-src.git;a=patch;h=a15af81b5f0058e020eda0f109f51a3c863f5212
Patch6021: CVE-2019-6977.patch
Patch6022: CVE-2020-7064.patch
Patch6023: CVE-2020-7066.patch
Patch6024: CVE-2019-11048.patch
Patch6025: CVE-2020-7068.patch
BuildRequires: bzip2-devel, curl-devel >= 7.9, httpd-devel >= 2.0.46-1, pam-devel, httpd-filesystem, nginx-filesystem BuildRequires: bzip2-devel, curl-devel >= 7.9, httpd-devel >= 2.0.46-1, pam-devel, httpd-filesystem, nginx-filesystem
BuildRequires: libstdc++-devel, openssl-devel, sqlite-devel >= 3.6.0, zlib-devel, smtpdaemon, libedit-devel BuildRequires: libstdc++-devel, openssl-devel, sqlite-devel >= 3.6.0, zlib-devel, smtpdaemon, libedit-devel
@ -112,7 +76,7 @@ Provides: php-zts = %{version}-%{release}, php-zts%{?_isa} = %{version}-%{releas
Requires: httpd-mmn = %{_httpd_mmn}, php-common%{?_isa} = %{version}-%{release}, php-cli%{?_isa} = %{version}-%{release} Requires: httpd-mmn = %{_httpd_mmn}, php-common%{?_isa} = %{version}-%{release}, php-cli%{?_isa} = %{version}-%{release}
Provides: mod_php = %{version}-%{release}, php(httpd) Provides: mod_php = %{version}-%{release}, php(httpd)
#Recommends: php-fpm%{?_isa} = %{version}-%{release} Recommends: php-fpm%{?_isa} = %{version}-%{release}
Requires(pre): httpd-filesystem Requires(pre): httpd-filesystem
%description %description
@ -173,6 +137,7 @@ Provides: php-iconv, php-iconv%{?_isa}, php-libxml, php-libxml%{?_isa}, php-ope
Provides: php-phar, php-phar%{?_isa}, php-pcre, php-pcre%{?_isa}, php-reflection, php-reflection%{?_isa} Provides: php-phar, php-phar%{?_isa}, php-pcre, php-pcre%{?_isa}, php-reflection, php-reflection%{?_isa}
Provides: php-session, php-session%{?_isa}, php-sockets, php-sockets%{?_isa}, php-spl, php-spl%{?_isa} Provides: php-session, php-session%{?_isa}, php-sockets, php-sockets%{?_isa}, php-spl, php-spl%{?_isa}
Provides: php-standard = %{version}, php-standard%{?_isa} = %{version}, php-tokenizer, php-tokenizer%{?_isa} Provides: php-standard = %{version}, php-standard%{?_isa} = %{version}, php-tokenizer, php-tokenizer%{?_isa}
Obsoletes: php-json < %{version}-%{release}, php-recode < %{version}-%{release}, php-xmlrpc < %{version}-%{release}
%if %{with_zip} %if %{with_zip}
Provides: php-zip, php-zip%{?_isa} Provides: php-zip, php-zip%{?_isa}
Obsoletes: php-pecl-zip < 1.11 Obsoletes: php-pecl-zip < 1.11
@ -185,7 +150,7 @@ package and the php-cli package.
%package devel %package devel
Summary: Files needed for building PHP extensions Summary: Files needed for building PHP extensions
Requires: php-cli%{?_isa} = %{version}-%{release}, autoconf, automake, gcc, gcc-c++, libtool, pcre-devel%{?_isa} Requires: php-cli%{?_isa} = %{version}-%{release}, autoconf, automake, gcc, gcc-c++, libtool, pcre-devel%{?_isa}
Obsoletes: php-pecl-json-devel < %{jsonver}, php-pecl-jsonc-devel < %{jsonver} Obsoletes: php-pecl-json-devel < %{version}-%{release}, php-pecl-jsonc-devel < %{version}-%{release}
%if %{with_zts} %if %{with_zts}
Provides: php-zts-devel = %{version}-%{release}, php-zts-devel%{?_isa} = %{version}-%{release} Provides: php-zts-devel = %{version}-%{release}, php-zts-devel%{?_isa} = %{version}-%{release}
%endif %endif
@ -352,8 +317,9 @@ Summary: A module for PHP applications which use XML
License: PHP License: PHP
Requires: php-common%{?_isa} = %{version}-%{release} Requires: php-common%{?_isa} = %{version}-%{release}
Provides: php-dom, php-dom%{?_isa}, php-domxml, php-domxml%{?_isa}, php-simplexml, php-simplexml%{?_isa} Provides: php-dom, php-dom%{?_isa}, php-domxml, php-domxml%{?_isa}, php-simplexml, php-simplexml%{?_isa}
Provides: php-wddx, php-wddx%{?_isa}, php-xmlreader, php-xmlreader%{?_isa}, php-xmlwriter, php-xmlwriter%{?_isa} Provides: php-xmlreader, php-xmlreader%{?_isa}, php-xmlwriter, php-xmlwriter%{?_isa}
Provides: php-xsl, php-xsl%{?_isa} Provides: php-xsl, php-xsl%{?_isa}
Obsoletes: php-wddx < %{version}-%{release}
BuildRequires: libxslt-devel >= 1.0.18-1, libxml2-devel >= 2.4.14-1 BuildRequires: libxslt-devel >= 1.0.18-1, libxml2-devel >= 2.4.14-1
%description xml %description xml
@ -361,15 +327,6 @@ The php-xml package contains dynamic shared objects which add support
to PHP for manipulating XML documents using the DOM tree, to PHP for manipulating XML documents using the DOM tree,
and performing XSL transformations on XML documents. and performing XSL transformations on XML documents.
%package xmlrpc
Summary: A module for PHP applications which use the XML-RPC protocol
License: PHP and BSD
Requires: php-xml%{?_isa} = %{version}-%{release}
%description xmlrpc
The php-xmlrpc package contains a dynamic shared object that will add
support for the XML-RPC protocol to PHP.
%package mbstring %package mbstring
Summary: A module for PHP applications which need multi-byte string handling Summary: A module for PHP applications which need multi-byte string handling
License: PHP and LGPLv2 and OpenLDAP License: PHP and LGPLv2 and OpenLDAP
@ -477,16 +434,6 @@ The php-pspell package contains a dynamic shared object that will add
support for using the pspell library to PHP. support for using the pspell library to PHP.
%endif %endif
%package recode
Summary: A module for PHP applications for using the recode library
License: PHP
Requires: php-common%{?_isa} = %{version}-%{release}
BuildRequires: recode-devel
%description recode
The php-recode package contains a dynamic shared object that will add
support for using the recode library to PHP.
%package intl %package intl
Summary: Internationalization extension for PHP applications Summary: Internationalization extension for PHP applications
License: PHP License: PHP
@ -501,25 +448,12 @@ support for using the ICU library to PHP.
Summary: Enchant spelling extension for PHP applications Summary: Enchant spelling extension for PHP applications
License: PHP License: PHP
Requires: php-common%{?_isa} = %{version}-%{release} Requires: php-common%{?_isa} = %{version}-%{release}
BuildRequires: enchant-devel >= 1.2.4 BuildRequires: enchant2-devel
%description enchant %description enchant
The php-enchant package contains a dynamic shared object that will add The php-enchant package contains a dynamic shared object that will add
support for using the enchant library to PHP. support for using the enchant library to PHP.
%package json
Summary: JavaScript Object Notation extension for PHP
License: PHP
Requires: php-common%{?_isa} = %{version}-%{release}
Obsoletes: php-pecl-json < %{jsonver}
Obsoletes: php-pecl-jsonc < %{jsonver}
Provides: php-pecl(json) = %{jsonver}, php-pecl(json)%{?_isa} = %{jsonver}, php-pecl-json = %{jsonver}
Provides: php-pecl-json%{?_isa} = %{jsonver}
%description json
The php-json package provides an extension that will add
support for JavaScript Object Notation (JSON) to PHP.
%if %{with_sodium} %if %{with_sodium}
%package sodium %package sodium
Summary: Wrapper for the Sodium cryptographic library Summary: Wrapper for the Sodium cryptographic library
@ -535,6 +469,21 @@ The php-sodium package provides a simple,
low-level PHP extension for the libsodium cryptographic library. low-level PHP extension for the libsodium cryptographic library.
%endif %endif
%package ffi
Summary: Foreign Function Interface
# All files licensed under PHP version 3.0.1
License: PHP
Group: System Environment/Libraries
BuildRequires: pkgconfig(libffi)
Requires: php-common%{?_isa} = %{version}-%{release}
%description ffi
FFI is one of the features that made Python and LuaJIT very useful for fast
prototyping. It allows calling C functions and using C data types from pure
scripting language and therefore develop “system code” more productively.
For PHP, FFI opens a way to write PHP extensions and bindings to C libraries
in pure PHP.
%package help %package help
Summary: help Summary: help
@ -552,10 +501,8 @@ cp ext/gd/libgd/COPYING libgd_COPYING
%endif %endif
cp sapi/fpm/LICENSE fpm_LICENSE cp sapi/fpm/LICENSE fpm_LICENSE
cp ext/mbstring/libmbfl/LICENSE libmbfl_LICENSE cp ext/mbstring/libmbfl/LICENSE libmbfl_LICENSE
cp ext/mbstring/ucgendat/OPENLDAP_LICENSE ucgendat_LICENSE
cp ext/fileinfo/libmagic/LICENSE libmagic_LICENSE cp ext/fileinfo/libmagic/LICENSE libmagic_LICENSE
cp ext/phar/LICENSE phar_LICENSE cp ext/bcmath/libbcmath/LICENSE libbcmath_LICENSE
cp ext/bcmath/libbcmath/COPYING.LIB libbcmath_COPYING
cp ext/date/lib/LICENSE.rst timelib_LICENSE cp ext/date/lib/LICENSE.rst timelib_LICENSE
mkdir build-cgi build-apache build-embedded \ mkdir build-cgi build-apache build-embedded \
@ -570,6 +517,7 @@ rm ext/date/tests/timezone_version_get_basic1.phpt
rm ext/sockets/tests/mcast_ipv?_recv.phpt rm ext/sockets/tests/mcast_ipv?_recv.phpt
rm Zend/tests/bug54268.phpt rm Zend/tests/bug54268.phpt
rm Zend/tests/bug68412.phpt rm Zend/tests/bug68412.phpt
rm ext/zlib/tests/004-mb.phpt
pver=$(sed -n '/#define PHP_VERSION /{s/.* "//;s/".*$//;p}' main/php_version.h) pver=$(sed -n '/#define PHP_VERSION /{s/.* "//;s/".*$//;p}' main/php_version.h)
if test "x${pver}" != "x%{upver}%{?rcver}"; then if test "x${pver}" != "x%{upver}%{?rcver}"; then
@ -599,20 +547,13 @@ if test "x${vpdo}" != "x%{pdover}"; then
exit 1 exit 1
fi fi
ver=$(sed -n '/#define PHP_JSON_VERSION /{s/.* "//;s/".*$//;p}' ext/json/php_json.h)
if test "$ver" != "%{jsonver}"; then
: Error: Upstream JSON version is now ${ver}, expecting %{jsonver}.
: Update the %{jsonver} macro and rebuild.
exit 1
fi
rm -f TSRM/tsrm_win32.h TSRM/tsrm_config.w32.h Zend/zend_config.w32.h ext/mysqlnd/config-win.h \ rm -f TSRM/tsrm_win32.h TSRM/tsrm_config.w32.h Zend/zend_config.w32.h ext/mysqlnd/config-win.h \
ext/standard/winver.h main/win32_internal_function_disabled.h main/win95nt.h ext/standard/winver.h main/win32_internal_function_disabled.h main/win95nt.h
find . -name \*.[ch] -exec chmod 644 {} \; find . -name \*.[ch] -exec chmod 644 {} \;
chmod 644 README.* chmod 644 README.*
cp %{SOURCE50} 10-opcache.ini cp %{SOURCE50} %{SOURCE51} %{SOURCE52} .
%ifarch x86_64 %ifarch x86_64
sed -e '/opcache.huge_code_pages/s/0/1/' -i 10-opcache.ini sed -e '/opcache.huge_code_pages/s/0/1/' -i 10-opcache.ini
@ -641,12 +582,12 @@ mkdir Zend && cp ../Zend/zend_{language,ini}_{parser,scanner}.[ch] Zend
ln -sf ../configure ln -sf ../configure
%configure \ %configure \
--enable-rtld-now \
--cache-file=../config.cache --with-libdir=%{_lib} --with-config-file-path=%{_sysconfdir} \ --cache-file=../config.cache --with-libdir=%{_lib} --with-config-file-path=%{_sysconfdir} \
--with-config-file-scan-dir=%{_sysconfdir}/php.d --disable-debug --with-pic --disable-rpath \ --with-config-file-scan-dir=%{_sysconfdir}/php.d --disable-debug --with-pic --disable-rpath \
--without-pear --with-exec-dir=%{_bindir} --with-freetype-dir=%{_prefix} --with-png-dir=%{_prefix} \ --without-pear --with-exec-dir=%{_bindir} --without-gdbm --with-openssl \
--with-xpm-dir=%{_prefix} --without-gdbm --with-jpeg-dir=%{_prefix} --with-openssl --with-system-ciphers \ --with-system-ciphers --with-pcre-regex=%{_prefix} --with-zlib --with-layout=GNU --with-kerberos \
--with-pcre-regex=%{_prefix} --with-zlib --with-layout=GNU --with-kerberos --with-libxml-dir=%{_prefix} \ --with-libxml-dir=%{_prefix} --with-system-tzdata --with-mhash \
--with-system-tzdata --with-mhash \
%if %{with_argon2} %if %{with_argon2}
--with-password-argon2 \ --with-password-argon2 \
%endif %endif
@ -665,28 +606,29 @@ make %{?_smp_mflags}
pushd build-cgi pushd build-cgi
build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-opcache-file --enable-phpdbg \ build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-phpdbg \
%if %{with_imap} %if %{with_imap}
--with-imap=shared --with-imap-ssl \ --with-imap=shared --with-imap-ssl \
%endif %endif
--enable-mbstring=shared --with-onig=%{_prefix} --enable-mbregex \ --enable-mbstring=shared --enable-mbregex \
%if %{with_libgd} %if %{with_libgd}
--with-gd=shared,%{_prefix} \ --enable-gd=shared,%{_prefix} \
%else %else
--with-gd=shared \ --enable-gd=shared \
%endif %endif
--with-external-gd \
--with-gmp=shared --enable-calendar=shared --enable-bcmath=shared --with-bz2=shared --enable-ctype=shared \ --with-gmp=shared --enable-calendar=shared --enable-bcmath=shared --with-bz2=shared --enable-ctype=shared \
--enable-dba=shared --with-db4=%{_prefix} --with-tcadb=%{_prefix} \ --enable-dba=shared --with-db4=%{_prefix} --with-tcadb=%{_prefix} \
%if %{with_lmdb} %if %{with_lmdb}
--with-lmdb=%{_prefix} \ --with-lmdb=%{_prefix} \
%endif %endif
--enable-exif=shared --enable-ftp=shared --with-gettext=shared --with-iconv=shared --enable-sockets=shared \ --enable-exif=shared --enable-ftp=shared --with-gettext=shared --with-iconv=shared --enable-sockets=shared \
--enable-tokenizer=shared --with-xmlrpc=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \ --enable-tokenizer=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \
--with-mysqli=shared,mysqlnd --with-mysql-sock=%{mysql_sock} \ --with-mysqli=shared,mysqlnd --with-mysql-sock=%{mysql_sock} \
%if %{with_firebird} %if %{with_firebird}
--with-interbase=shared --with-pdo-firebird=shared \ --with-pdo-firebird=shared \
%endif %endif
--enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared --enable-wddx=shared \ --enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared \
--with-snmp=shared,%{_prefix} --enable-soap=shared --with-xsl=shared,%{_prefix} --enable-xmlreader=shared \ --with-snmp=shared,%{_prefix} --enable-soap=shared --with-xsl=shared,%{_prefix} --enable-xmlreader=shared \
--enable-xmlwriter=shared --with-curl=shared,%{_prefix} --enable-pdo=shared \ --enable-xmlwriter=shared --with-curl=shared,%{_prefix} --enable-pdo=shared \
--with-pdo-odbc=shared,unixODBC,%{_prefix} --with-pdo-mysql=shared,mysqlnd --with-pdo-pgsql=shared,%{_prefix} \ --with-pdo-odbc=shared,unixODBC,%{_prefix} --with-pdo-mysql=shared,mysqlnd --with-pdo-pgsql=shared,%{_prefix} \
@ -694,7 +636,7 @@ build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-opcache-f
%if %{with_freetds} %if %{with_freetds}
--with-pdo-dblib=shared,%{_prefix} \ --with-pdo-dblib=shared,%{_prefix} \
%endif %endif
--with-sqlite3=shared,%{_prefix} --enable-json=shared \ --with-sqlite3=shared \
%if %{with_zip} %if %{with_zip}
--enable-zip=shared \ --enable-zip=shared \
%if %{with_libzip} %if %{with_libzip}
@ -708,17 +650,19 @@ build --libdir=%{_libdir}/php --enable-pcntl --enable-opcache --enable-opcache-f
--enable-phar=shared --with-tidy=shared,%{_prefix} --enable-sysvmsg=shared --enable-sysvshm=shared \ --enable-phar=shared --with-tidy=shared,%{_prefix} --enable-sysvmsg=shared --enable-sysvshm=shared \
--enable-sysvsem=shared --enable-shmop=shared --enable-posix=shared --with-unixODBC=shared,%{_prefix} \ --enable-sysvsem=shared --enable-shmop=shared --enable-posix=shared --with-unixODBC=shared,%{_prefix} \
--enable-fileinfo=shared \ --enable-fileinfo=shared \
--with-ffi=shared \
%if %{with_sodium} %if %{with_sodium}
--with-sodium=shared \ --with-sodium=shared \
%else %else
--without-sodium \ --without-sodium \
%endif %endif
--enable-intl=shared --with-icu-dir=%{_prefix} --with-enchant=shared,%{_prefix} --with-recode=shared,%{_prefix} --enable-intl=shared --with-enchant=shared,%{_prefix}
popd popd
without_shared="--without-gd --disable-dom --disable-dba --without-unixODBC --disable-opcache --disable-json \ without_shared="--without-gd --disable-dom --disable-dba --without-unixODBC --disable-opcache \
--disable-opcache --disable-phpdbg --without-ffi \
--disable-xmlreader --disable-xmlwriter --without-sodium --without-sqlite3 --disable-phar --disable-fileinfo \ --disable-xmlreader --disable-xmlwriter --without-sodium --without-sqlite3 --disable-phar --disable-fileinfo \
--without-pspell --disable-wddx --without-curl --disable-posix --disable-xml --disable-simplexml --disable-exif \ --without-pspell --without-curl --disable-posix --disable-xml --disable-simplexml --disable-exif \
--without-gettext --without-iconv --disable-ftp --without-bz2 --disable-ctype --disable-shmop --disable-sockets \ --without-gettext --without-iconv --disable-ftp --without-bz2 --disable-ctype --disable-shmop --disable-sockets \
--disable-tokenizer --disable-sysvmsg --disable-sysvshm --disable-sysvsem" --disable-tokenizer --disable-sysvmsg --disable-sysvshm --disable-sysvsem"
@ -747,24 +691,25 @@ build --includedir=%{_includedir}/php-zts --libdir=%{_libdir}/php-zts --enable-m
%if %{with_imap} %if %{with_imap}
--with-imap=shared --with-imap-ssl \ --with-imap=shared --with-imap-ssl \
%endif %endif
--enable-mbstring=shared --with-onig=%{_prefix} --enable-mbregex \ --enable-mbstring=shared --enable-mbregex \
%if %{with_libgd} %if %{with_libgd}
--with-gd=shared,%{_prefix} \ --enable-gd=shared,%{_prefix} \
%else %else
--with-gd=shared \ --enable-gd=shared \
%endif %endif
--with-external-gc \
--with-gmp=shared --enable-calendar=shared --enable-bcmath=shared --with-bz2=shared --enable-ctype=shared \ --with-gmp=shared --enable-calendar=shared --enable-bcmath=shared --with-bz2=shared --enable-ctype=shared \
--enable-dba=shared --with-db4=%{_prefix} --with-tcadb=%{_prefix} \ --enable-dba=shared --with-db4=%{_prefix} --with-tcadb=%{_prefix} \
%if %{with_lmdb} %if %{with_lmdb}
--with-lmdb=%{_prefix} \ --with-lmdb=%{_prefix} \
%endif %endif
--with-gettext=shared --with-iconv=shared --enable-sockets=shared --enable-tokenizer=shared --enable-exif=shared \ --with-gettext=shared --with-iconv=shared --enable-sockets=shared --enable-tokenizer=shared --enable-exif=shared \
--enable-ftp=shared --with-xmlrpc=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \ --enable-ftp=shared --with-ldap=shared --with-ldap-sasl --enable-mysqlnd=shared \
--with-mysqli=shared,mysqlnd --with-mysql-sock=%{mysql_sock} --enable-mysqlnd-threading \ --with-mysqli=shared,mysqlnd --with-mysql-sock=%{mysql_sock} --enable-mysqlnd-threading \
%if %{with_firebird} %if %{with_firebird}
--with-interbase=shared --with-pdo-firebird=shared \ --with-pdo-firebird=shared \
%endif %endif
--enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared --enable-wddx=shared \ --enable-dom=shared --with-pgsql=shared --enable-simplexml=shared --enable-xml=shared \
--with-snmp=shared,%{_prefix} --enable-soap=shared --with-xsl=shared,%{_prefix} --enable-xmlreader=shared \ --with-snmp=shared,%{_prefix} --enable-soap=shared --with-xsl=shared,%{_prefix} --enable-xmlreader=shared \
--enable-xmlwriter=shared --with-curl=shared,%{_prefix} --enable-pdo=shared \ --enable-xmlwriter=shared --with-curl=shared,%{_prefix} --enable-pdo=shared \
--with-pdo-odbc=shared,unixODBC,%{_prefix} --with-pdo-mysql=shared,mysqlnd --with-pdo-pgsql=shared,%{_prefix} \ --with-pdo-odbc=shared,unixODBC,%{_prefix} --with-pdo-mysql=shared,mysqlnd --with-pdo-pgsql=shared,%{_prefix} \
@ -772,7 +717,7 @@ build --includedir=%{_includedir}/php-zts --libdir=%{_libdir}/php-zts --enable-m
%if %{with_freetds} %if %{with_freetds}
--with-pdo-dblib=shared,%{_prefix} \ --with-pdo-dblib=shared,%{_prefix} \
%endif %endif
--with-sqlite3=shared,%{_prefix} --enable-json=shared \ --with-sqlite3=shared \
%if %{with_zip} %if %{with_zip}
--enable-zip=shared \ --enable-zip=shared \
%if %{with_libzip} %if %{with_libzip}
@ -786,12 +731,13 @@ build --includedir=%{_includedir}/php-zts --libdir=%{_libdir}/php-zts --enable-m
--enable-phar=shared --with-tidy=shared,%{_prefix} --enable-sysvmsg=shared --enable-sysvshm=shared \ --enable-phar=shared --with-tidy=shared,%{_prefix} --enable-sysvmsg=shared --enable-sysvshm=shared \
--enable-sysvsem=shared --enable-shmop=shared --enable-posix=shared --with-unixODBC=shared,%{_prefix} \ --enable-sysvsem=shared --enable-shmop=shared --enable-posix=shared --with-unixODBC=shared,%{_prefix} \
--enable-fileinfo=shared \ --enable-fileinfo=shared \
--with-ffi=shared \
%if %{with_sodium} %if %{with_sodium}
--with-sodium=shared \ --with-sodium=shared \
%else %else
--without-sodium \ --without-sodium \
%endif %endif
--enable-intl=shared --with-icu-dir=%{_prefix} --with-enchant=shared,%{_prefix} --with-recode=shared,%{_prefix} --enable-intl=shared --with-enchant=shared,%{_prefix}
popd popd
pushd build-zts pushd build-zts
@ -840,16 +786,16 @@ make -C build-fpm install-fpm \
make -C build-cgi install \ make -C build-cgi install \
INSTALL_ROOT=$RPM_BUILD_ROOT INSTALL_ROOT=$RPM_BUILD_ROOT
install -m 755 build-embedded/scripts/php-config $RPM_BUILD_ROOT%{_bindir}/php-config
install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/ install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/
install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/php.ini install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/php.ini
install -m 755 -d $RPM_BUILD_ROOT%{_httpd_contentdir}/icons install -m 755 -d $RPM_BUILD_ROOT%{_datadir}/php/preload
install -m 644 php.gif $RPM_BUILD_ROOT%{_httpd_contentdir}/icons/php.gif
install -m 755 -d $RPM_BUILD_ROOT%{_datadir}/php
install -m 755 -d $RPM_BUILD_ROOT%{_httpd_moddir} install -m 755 -d $RPM_BUILD_ROOT%{_httpd_moddir}
install -m 755 build-apache/libs/libphp7.so $RPM_BUILD_ROOT%{_httpd_moddir} install -m 755 build-apache/libs/libphp.so $RPM_BUILD_ROOT%{_httpd_moddir}
%if %{with_zts} %if %{with_zts}
install -m 755 build-zts/libs/libphp7.so $RPM_BUILD_ROOT%{_httpd_moddir}/libphp7-zts.so install -m 755 build-zts/libs/libphp.so $RPM_BUILD_ROOT%{_httpd_moddir}/libphp-zts.so
%endif %endif
install -D -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_httpd_modconfdir}/15-php.conf install -D -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_httpd_modconfdir}/15-php.conf
@ -885,11 +831,10 @@ install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/php-fpm
install -D -m 644 %{SOURCE13} $RPM_BUILD_ROOT%{_sysconfdir}/nginx/conf.d/php-fpm.conf install -D -m 644 %{SOURCE13} $RPM_BUILD_ROOT%{_sysconfdir}/nginx/conf.d/php-fpm.conf
install -D -m 644 %{SOURCE14} $RPM_BUILD_ROOT%{_sysconfdir}/nginx/default.d/php.conf install -D -m 644 %{SOURCE14} $RPM_BUILD_ROOT%{_sysconfdir}/nginx/default.d/php.conf
for mod in pgsql odbc ldap snmp xmlrpc \ for mod in pgsql odbc ldap snmp \
%if %{with_imap} %if %{with_imap}
imap \ imap \
%endif %endif
json \
mysqlnd mysqli pdo_mysql \ mysqlnd mysqli pdo_mysql \
mbstring gd dom xsl soap bcmath dba xmlreader xmlwriter \ mbstring gd dom xsl soap bcmath dba xmlreader xmlwriter \
simplexml bz2 calendar ctype exif ftp gettext gmp iconv \ simplexml bz2 calendar ctype exif ftp gettext gmp iconv \
@ -903,23 +848,23 @@ for mod in pgsql odbc ldap snmp xmlrpc \
%endif %endif
sqlite3 \ sqlite3 \
enchant phar fileinfo intl \ enchant phar fileinfo intl \
tidy \ tidy ffi \
%if %{with_freetds} %if %{with_freetds}
pdo_dblib \ pdo_dblib \
%endif %endif
%if %{with_pspell} %if %{with_pspell}
pspell \ pspell \
%endif %endif
curl wddx \ curl \
%if %{with_sodium} %if %{with_sodium}
sodium \ sodium \
%endif %endif
posix shmop sysvshm sysvsem sysvmsg recode xml \ posix shmop sysvshm sysvsem sysvmsg xml \
; do ; do
case $mod in case $mod in
opcache) opcache)
ini=10-${mod}.ini;; ini=10-${mod}.ini;;
pdo_*|mysqli|wddx|xmlreader|xmlrpc) pdo_*|mysqli|xmlreader)
ini=30-${mod}.ini;; ini=30-${mod}.ini;;
*) *)
ini=20-${mod}.ini;; ini=20-${mod}.ini;;
@ -951,7 +896,7 @@ EOF
EOF EOF
done done
cat files.dom files.xsl files.xml{reader,writer} files.wddx \ cat files.dom files.xsl files.xml{reader,writer} \
files.simplexml >> files.xml files.simplexml >> files.xml
cat files.mysqli \ cat files.mysqli \
@ -997,7 +942,8 @@ rm -rf $RPM_BUILD_ROOT%{_libdir}/php/modules/*.a \
$RPM_BUILD_ROOT%{_libdir}/php-zts/modules/*.a \ $RPM_BUILD_ROOT%{_libdir}/php-zts/modules/*.a \
$RPM_BUILD_ROOT%{_bindir}/{phptar} \ $RPM_BUILD_ROOT%{_bindir}/{phptar} \
$RPM_BUILD_ROOT%{_datadir}/pear \ $RPM_BUILD_ROOT%{_datadir}/pear \
$RPM_BUILD_ROOT%{_libdir}/libphp7.la $RPM_BUILD_ROOT%{_libdir}/libphp.a \
$RPM_BUILD_ROOT%{_libdir}/libphp.la
rm -f README.{Zeus,QNX,CVS-RULES} rm -f README.{Zeus,QNX,CVS-RULES}
@ -1011,21 +957,19 @@ rm -f README.{Zeus,QNX,CVS-RULES}
systemctl try-restart php-fpm.service >/dev/null 2>&1 || : systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%files %files
%{_httpd_moddir}/libphp7.so %{_httpd_moddir}/libphp.so
%if %{with_zts} %if %{with_zts}
%{_httpd_moddir}/libphp7-zts.so %{_httpd_moddir}/libphp-zts.so
%endif %endif
%attr(0770,root,apache) %dir %{_sharedstatedir}/php/session %attr(0770,root,apache) %dir %{_sharedstatedir}/php/session
%attr(0770,root,apache) %dir %{_sharedstatedir}/php/wsdlcache %attr(0770,root,apache) %dir %{_sharedstatedir}/php/wsdlcache
%attr(0770,root,apache) %dir %{_sharedstatedir}/php/opcache %attr(0770,root,apache) %dir %{_sharedstatedir}/php/opcache
%config(noreplace) %{_httpd_confdir}/php.conf %config(noreplace) %{_httpd_confdir}/php.conf
%config(noreplace) %{_httpd_modconfdir}/15-php.conf %config(noreplace) %{_httpd_modconfdir}/15-php.conf
%{_httpd_contentdir}/icons/php.gif
%files common -f files.common %files common -f files.common
%license LICENSE TSRM_LICENSE %license LICENSE TSRM_LICENSE
%license libmagic_LICENSE %license libmagic_LICENSE
%license phar_LICENSE
%license timelib_LICENSE %license timelib_LICENSE
%config(noreplace) %{_sysconfdir}/php.ini %config(noreplace) %{_sysconfdir}/php.ini
%dir %{_sysconfdir}/php.d %dir %{_sysconfdir}/php.d
@ -1094,8 +1038,8 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%{_rpmconfigdir}/macros.d/macros.php %{_rpmconfigdir}/macros.d/macros.php
%files embedded %files embedded
%{_libdir}/libphp7.so %{_libdir}/libphp.so
%{_libdir}/libphp7-%{embed_version}.so %{_libdir}/libphp-%{embed_version}.so
%files pgsql -f files.pgsql %files pgsql -f files.pgsql
%files odbc -f files.odbc %files odbc -f files.odbc
@ -1105,10 +1049,8 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%files ldap -f files.ldap %files ldap -f files.ldap
%files snmp -f files.snmp %files snmp -f files.snmp
%files xml -f files.xml %files xml -f files.xml
%files xmlrpc -f files.xmlrpc
%files mbstring -f files.mbstring %files mbstring -f files.mbstring
%license libmbfl_LICENSE %license libmbfl_LICENSE
%license ucgendat_LICENSE
%files gd -f files.gd %files gd -f files.gd
%if ! %{with_libgd} %if ! %{with_libgd}
%license libgd_README %license libgd_README
@ -1116,7 +1058,7 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%endif %endif
%files soap -f files.soap %files soap -f files.soap
%files bcmath -f files.bcmath %files bcmath -f files.bcmath
%license libbcmath_COPYING %license libbcmath_LICENSE
%files gmp -f files.gmp %files gmp -f files.gmp
%files dba -f files.dba %files dba -f files.dba
%files pdo -f files.pdo %files pdo -f files.pdo
@ -1129,9 +1071,8 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%endif %endif
%files intl -f files.intl %files intl -f files.intl
%files process -f files.process %files process -f files.process
%files recode -f files.recode
%if %{with_firebird} %if %{with_firebird}
%files interbase -f files.interbase %files pdo-firebird -f files.pdo_firebird
%endif %endif
%files enchant -f files.enchant %files enchant -f files.enchant
%files mysqlnd -f files.mysqlnd %files mysqlnd -f files.mysqlnd
@ -1140,19 +1081,23 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%if %{with_zts} %if %{with_zts}
%config(noreplace) %{_sysconfdir}/php-zts.d/opcache-default.blacklist %config(noreplace) %{_sysconfdir}/php-zts.d/opcache-default.blacklist
%endif %endif
%files json -f files.json
%if %{with_sodium} %if %{with_sodium}
%files sodium -f files.sodium %files sodium -f files.sodium
%endif %endif
%files ffi -f files.ffi
%dir %{_datadir}/php/preload
%files help %files help
%defattr(-,root,root) %defattr(-,root,root)
%doc CODING_STANDARDS CREDITS EXTENSIONS NEWS README* sapi/cgi/README* sapi/cli/README sapi/phpdbg/{README.md,CREDITS} %doc EXTENSIONS NEWS README* UPGRADING* *md docs
%doc php-fpm.conf.default www.conf.default php.ini-* %doc php-fpm.conf.default www.conf.default php.ini-*
%{_mandir}/* %{_mandir}/*
%changelog %changelog
* Thu Dec 31 2020 panxiaohe <panxiaohe@huawei.com> - 8.0.0-1
- Update to 8.0.0
* Mon Sep 21 2020 shaoqiang kang <kangshaoqiang1@huawei.com> - 7.2.10-6 * Mon Sep 21 2020 shaoqiang kang <kangshaoqiang1@huawei.com> - 7.2.10-6
- Fix CVE-2020-7068 - Fix CVE-2020-7068
@ -1176,6 +1121,12 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
* Thu Mar 12 2020 openEuler Buildteam <buildteam@openeuler.org> - 7.2.10-2 * Thu Mar 12 2020 openEuler Buildteam <buildteam@openeuler.org> - 7.2.10-2
- Add CVE patches - Add CVE patches
- Fix CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024
CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640
CVE-2018-20783 CVE-2019-9641 CVE-2019-11034 CVE-2019-11035
CVE-2019-11036 CVE-2019-11041 CVE-2019-11042 CVE-2019-11043
CVE-2018-19935 CVE-2019-11045 CVE-2019-11046 CVE-2019-11050
CVE-2019-11047
* Fri Feb 14 2020 openEuler Buildteam <buildteam@openeuler.org> - 7.2.10-1 * Fri Feb 14 2020 openEuler Buildteam <buildteam@openeuler.org> - 7.2.10-1
- Package init - Package init