diff options
author | Derick Rethans <github@derickrethans.nl> | 2012-11-13 10:10:41 +0000 |
---|---|---|
committer | Derick Rethans <github@derickrethans.nl> | 2012-11-13 10:10:41 +0000 |
commit | 1e081a825e7957286ce8df3cd7d48a9dd2a1787c (patch) | |
tree | 0947696b89521fbc4c2eecc140c7251902c4d46b | |
parent | 1784279be07f1ea18baff67646d9d75896cae36f (diff) | |
parent | bb60122c2fe49985b35026ecc48ff6cf550fbac1 (diff) | |
download | php-git-1e081a825e7957286ce8df3cd7d48a9dd2a1787c.tar.gz |
Merge branch 'PHP-5.3' of git.php.net:/php-src into PHP-5.3
-rw-r--r-- | NEWS | 30 | ||||
-rw-r--r-- | TSRM/tsrm_virtual_cwd.c | 9 | ||||
-rw-r--r-- | TSRM/tsrm_win32.c | 5 | ||||
-rw-r--r-- | config.guess | 2 | ||||
-rw-r--r-- | configure.in | 2 | ||||
-rw-r--r-- | ext/filter/filter_private.h | 6 | ||||
-rw-r--r-- | ext/gd/libgd/gd_png.c | 4 | ||||
-rw-r--r-- | ext/libxml/libxml.c | 2 | ||||
-rw-r--r-- | ext/libxml/tests/004.phpt | 22 | ||||
-rw-r--r-- | ext/libxml/tests/bug63389.phpt | 14 | ||||
-rw-r--r-- | ext/mbstring/mb_gpc.c | 6 | ||||
-rw-r--r-- | ext/mbstring/tests/bug63447_001.phpt | 20 | ||||
-rw-r--r-- | ext/mbstring/tests/bug63447_002.phpt | 20 | ||||
-rw-r--r-- | ext/mbstring/tests/bug63447_003.phpt | 34 | ||||
-rw-r--r-- | ext/mysqlnd/mysqlnd_wireprotocol.c | 2 | ||||
-rw-r--r-- | ext/pdo_pgsql/pgsql_statement.c | 14 | ||||
-rw-r--r-- | ext/pdo_pgsql/tests/bug62593.phpt | 51 | ||||
-rw-r--r-- | main/php_version.h | 6 |
18 files changed, 225 insertions, 24 deletions
@@ -1,7 +1,32 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| +?? ??? 2ß12, PHP 5.3.20 + +- Core: + . Fixed bug #63451 (config.guess file does not have AIX 7 defined, + shared objects are not created). (kemcline at au1 dot ibm dot com) + ?? ??? 2012, PHP 5.3.19 +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +ADD NEWS ONLY ABOVE IN 5.3.20 SECTION +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +RM will merge 5.3.19 entries when merging to release branch + +- Core + . Fixed bug #63241 (PHP fails to open Windows deduplicated files). + (daniel dot stelter-gliese at innogames dot de) + . Fixed bug #62444 (Handle leak in is_readable on windows). + (krazyest at seznam dot cz) + +- Libxml + . Fixed bug #63389 (Missing context check on libxml_set_streams_context() + causes memleak). (Laruence) + +- Mbstring: + . Fixed bug #63447 (max_input_vars doesn't filter variables when + mbstring.encoding_translation = On). (Laruence) + - MySQL: . Fixed compilation failure on mixed 32/64 bit systems. (Andrey) @@ -18,6 +43,10 @@ PHP NEWS . Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec). (Martin Osvald, Remi) +- PDO_pgsql: + . Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL). + (Will Fitch) + - Streams: . Fixed bug #63240 (stream_get_line() return contains delimiter string). (Tjerk, Gustavo) @@ -1381,6 +1410,7 @@ PHP NEWS - GD extension: . Fixed bug #53492 (fix crash if anti-aliasing steps are invalid). (Pierre) + . Fixed potential memory leak on a png error (Rasmus, Paul Saab) - GMP extension: . Fixed bug #52906 (gmp_mod returns negative result when non-negative is diff --git a/TSRM/tsrm_virtual_cwd.c b/TSRM/tsrm_virtual_cwd.c index e734406837..d4ee223288 100644 --- a/TSRM/tsrm_virtual_cwd.c +++ b/TSRM/tsrm_virtual_cwd.c @@ -40,6 +40,10 @@ # define IO_REPARSE_TAG_SYMLINK 0xA000000C # endif +# ifndef IO_REPARSE_TAG_DEDUP +# define IO_REPARSE_TAG_DEDUP 0x80000013 +# endif + # ifndef VOLUME_NAME_NT # define VOLUME_NAME_NT 0x2 # endif @@ -958,6 +962,11 @@ static int tsrm_realpath_r(char *path, int start, int len, int *ll, time_t *t, i return -1; }; substitutename[substitutename_len] = 0; + } + else if (pbuffer->ReparseTag == IO_REPARSE_TAG_DEDUP) { + isabsolute = 1; + memcpy(substitutename, path, len + 1); + substitutename_len = len; } else { tsrm_free_alloca(pbuffer, use_heap_large); return -1; diff --git a/TSRM/tsrm_win32.c b/TSRM/tsrm_win32.c index 9e029f60af..03327683cb 100644 --- a/TSRM/tsrm_win32.c +++ b/TSRM/tsrm_win32.c @@ -193,7 +193,7 @@ Finished: TSRM_API int tsrm_win32_access(const char *pathname, int mode) { time_t t; - HANDLE thread_token; + HANDLE thread_token = NULL; PSID token_sid; SECURITY_INFORMATION sec_info = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION; GENERIC_MAPPING gen_map = { FILE_GENERIC_READ, FILE_GENERIC_WRITE, FILE_GENERIC_EXECUTE, FILE_ALL_ACCESS }; @@ -365,6 +365,9 @@ Finished_Impersonate: } Finished: + if(thread_token != NULL) { + CloseHandle(thread_token); + } if(real_path != NULL) { free(real_path); real_path = NULL; diff --git a/config.guess b/config.guess index f32079abda..d407b8cde6 100644 --- a/config.guess +++ b/config.guess @@ -532,7 +532,7 @@ EOF echo rs6000-ibm-aix3.2 fi exit ;; - *:AIX:*:[456]) + *:AIX:*:[4567]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 diff --git a/configure.in b/configure.in index 050f8d40f1..66900b455c 100644 --- a/configure.in +++ b/configure.in @@ -41,7 +41,7 @@ AC_CONFIG_HEADER(main/php_config.h) PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=3 -PHP_RELEASE_VERSION=19 +PHP_RELEASE_VERSION=20 PHP_EXTRA_VERSION="-dev" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 10000 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` diff --git a/ext/filter/filter_private.h b/ext/filter/filter_private.h index daa688b4ac..6c26d98075 100644 --- a/ext/filter/filter_private.h +++ b/ext/filter/filter_private.h @@ -107,8 +107,10 @@ if (len < 1) { \ RETURN_VALIDATION_FAILED \ } \ - while (p[len-1] == ' ' || p[len-1] == '\t' || p[len-1] == '\r' || p[len-1] == '\v' || p[len-1] == '\n') { \ - len--; \ + if (len > 0) { \ + while (p[len-1] == ' ' || p[len-1] == '\t' || p[len-1] == '\r' || p[len-1] == '\v' || p[len-1] == '\n') { \ + len--; \ + } \ } \ } diff --git a/ext/gd/libgd/gd_png.c b/ext/gd/libgd/gd_png.c index 49f7cb0777..bdbb7ee7d3 100644 --- a/ext/gd/libgd/gd_png.c +++ b/ext/gd/libgd/gd_png.c @@ -127,8 +127,8 @@ gdImagePtr gdImageCreateFromPngCtx (gdIOCtx * infile) png_color_16p trans_gray_rgb; png_color_16p trans_color_rgb; png_bytep trans; - png_bytep image_data = NULL; - png_bytepp row_pointers = NULL; + volatile png_bytep image_data = NULL; + volatile png_bytepp row_pointers = NULL; gdImagePtr im = NULL; int i, j, *open = NULL; volatile int transparent = -1; diff --git a/ext/libxml/libxml.c b/ext/libxml/libxml.c index a17847868a..788736e756 100644 --- a/ext/libxml/libxml.c +++ b/ext/libxml/libxml.c @@ -699,7 +699,7 @@ static PHP_FUNCTION(libxml_set_streams_context) { zval *arg; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z", &arg) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &arg) == FAILURE) { return; } if (LIBXML(stream_context)) { diff --git a/ext/libxml/tests/004.phpt b/ext/libxml/tests/004.phpt index 8bdf593b93..aa87ab7503 100644 --- a/ext/libxml/tests/004.phpt +++ b/ext/libxml/tests/004.phpt @@ -27,26 +27,26 @@ echo "Done\n"; ?> --EXPECTF-- -Warning: stream_context_create(): options should have the form ["wrappername"]["optionname"] = $value in %s004.php on line 10 -NULL +Warning: stream_context_create(): options should have the form ["wrappername"]["optionname"] = $value in %s004.php on line %d -Warning: DOMDocument::load(): supplied argument is not a valid Stream-Context resource in %s004.php on line 18 -bool(true) +Warning: libxml_set_streams_context() expects parameter 1 to be resource, null given in %s004.php on line %d NULL - -Warning: DOMDocument::load(): supplied argument is not a valid Stream-Context resource in %s004.php on line 18 bool(true) -NULL -Warning: DOMDocument::load(): supplied argument is not a valid Stream-Context resource in %s004.php on line 18 -bool(true) +Warning: libxml_set_streams_context() expects parameter 1 to be resource, string given in %s004.php on line %d NULL +bool(true) -Warning: DOMDocument::load(): supplied argument is not a valid Stream-Context resource in %s004.php on line 18 +Warning: libxml_set_streams_context() expects parameter 1 to be resource, integer given in %s004.php on line %d +NULL bool(true) + +Warning: libxml_set_streams_context() expects parameter 1 to be resource, object given in %s004.php on line %d NULL +bool(true) -Warning: DOMDocument::load(): supplied argument is not a valid Stream-Context resource in %s004.php on line 18 +Warning: libxml_set_streams_context() expects parameter 1 to be resource, array given in %s004.php on line %d +NULL bool(true) NULL bool(true) diff --git a/ext/libxml/tests/bug63389.phpt b/ext/libxml/tests/bug63389.phpt new file mode 100644 index 0000000000..e9498aae08 --- /dev/null +++ b/ext/libxml/tests/bug63389.phpt @@ -0,0 +1,14 @@ +--TEST-- +Bug #63389 (Missing context check on libxml_set_streams_context() causes memleak) +--SKIPIF-- +<?php if (!extension_loaded('libxml')) die('skip'); ?> +--FILE-- +<?php +$fp = fopen("php://input", "r"); +libxml_set_streams_context($fp); +libxml_set_streams_context("a"); +echo "okey"; +?> +--EXPECTF-- +Warning: libxml_set_streams_context() expects parameter 1 to be resource, string given in %sbug63389.php on line %d +okey diff --git a/ext/mbstring/mb_gpc.c b/ext/mbstring/mb_gpc.c index dd60302d03..b35ece31de 100644 --- a/ext/mbstring/mb_gpc.c +++ b/ext/mbstring/mb_gpc.c @@ -262,6 +262,12 @@ enum mbfl_no_encoding _php_mb_encoding_handler_ex(const php_mb_encoding_handler_ n++; var = php_strtok_r(NULL, info->separator, &strtok_buf); } + + if (n > (PG(max_input_vars) * 2)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.", PG(max_input_vars)); + goto out; + } + num = n; /* make sure to process initilized vars only */ /* initialize converter */ diff --git a/ext/mbstring/tests/bug63447_001.phpt b/ext/mbstring/tests/bug63447_001.phpt new file mode 100644 index 0000000000..51302994db --- /dev/null +++ b/ext/mbstring/tests/bug63447_001.phpt @@ -0,0 +1,20 @@ +--TEST-- +Bug #63447 (max_input_vars doesn't filter variables when mbstring.encoding_translation = On) +--SKIPIF-- +<?php +extension_loaded('mbstring') or die('skip'); +?> +--INI-- +max_input_nesting_level=10 +max_input_vars=5 +mbstring.encoding_translation=1 +--POST-- +a=1&b=2&c=3&d=4&e=5&f=6 +--FILE-- +<?php +var_dump($_POST); +?> +--EXPECT-- +Warning: Unknown: Input variables exceeded 5. To increase the limit change max_input_vars in php.ini. in Unknown on line 0 +array(0) { +} diff --git a/ext/mbstring/tests/bug63447_002.phpt b/ext/mbstring/tests/bug63447_002.phpt new file mode 100644 index 0000000000..e51089b794 --- /dev/null +++ b/ext/mbstring/tests/bug63447_002.phpt @@ -0,0 +1,20 @@ +--TEST-- +Bug #63447 (max_input_vars doesn't filter variables when mbstring.encoding_translation = On) +--SKIPIF-- +<?php +extension_loaded('mbstring') or die('skip'); +?> +--INI-- +max_input_nesting_level=10 +max_input_vars=4 +mbstring.encoding_translation=1 +--POST-- +a=1&b=2&c=3&d=4&e=5 +--FILE-- +<?php +var_dump($_POST); +?> +--EXPECT-- +Warning: Unknown: Input variables exceeded 4. To increase the limit change max_input_vars in php.ini. in Unknown on line 0 +array(0) { +} diff --git a/ext/mbstring/tests/bug63447_003.phpt b/ext/mbstring/tests/bug63447_003.phpt new file mode 100644 index 0000000000..a4a7e14851 --- /dev/null +++ b/ext/mbstring/tests/bug63447_003.phpt @@ -0,0 +1,34 @@ +--TEST-- +Bug #63447 (max_input_vars doesn't filter variables when mbstring.encoding_translation = On) +--SKIPIF-- +<?php +extension_loaded('mbstring') or die('skip'); +?> +--INI-- +max_input_nesting_level=5 +max_input_vars=100 +mbstring.encoding_translation=1 +--POST-- +a=1&b[][][]=2&c[][][][][][]=7 +--FILE-- +<?php +print_r($_POST); +?> +--EXPECT-- +Array +( + [a] => 1 + [b] => Array + ( + [0] => Array + ( + [0] => Array + ( + [0] => 2 + ) + + ) + + ) + +) diff --git a/ext/mysqlnd/mysqlnd_wireprotocol.c b/ext/mysqlnd/mysqlnd_wireprotocol.c index 1318c37a73..ec0ff496f4 100644 --- a/ext/mysqlnd/mysqlnd_wireprotocol.c +++ b/ext/mysqlnd/mysqlnd_wireprotocol.c @@ -982,7 +982,7 @@ php_mysqlnd_rset_field_read(void *_packet, MYSQLND *conn TSRMLS_DC) p += 2; BAIL_IF_NO_MORE_DATA; - meta->decimals = uint2korr(p); + meta->decimals = uint1korr(p); p += 1; BAIL_IF_NO_MORE_DATA; diff --git a/ext/pdo_pgsql/pgsql_statement.c b/ext/pdo_pgsql/pgsql_statement.c index c35ee33c7f..1dc0d58e97 100644 --- a/ext/pdo_pgsql/pgsql_statement.c +++ b/ext/pdo_pgsql/pgsql_statement.c @@ -362,8 +362,20 @@ static int pgsql_stmt_param_hook(pdo_stmt_t *stmt, struct pdo_bound_param_data * } break; } + } else { +#endif + if (param->is_param) { + /* We need to manually convert to a pg native boolean value */ + if (PDO_PARAM_TYPE(param->param_type) == PDO_PARAM_BOOL && + ((param->param_type & PDO_PARAM_INPUT_OUTPUT) != PDO_PARAM_INPUT_OUTPUT)) { + SEPARATE_ZVAL(¶m->parameter); + param->param_type = PDO_PARAM_STR; + ZVAL_STRINGL(param->parameter, Z_BVAL_P(param->parameter) ? "t" : "f", 1, 1); + } + } +#if HAVE_PQPREPARE } -#endif +#endif return 1; } diff --git a/ext/pdo_pgsql/tests/bug62593.phpt b/ext/pdo_pgsql/tests/bug62593.phpt new file mode 100644 index 0000000000..e3ebf46ed5 --- /dev/null +++ b/ext/pdo_pgsql/tests/bug62593.phpt @@ -0,0 +1,51 @@ +--TEST-- +PDO PgSQL Bug #62593 (Emulate prepares behave strangely with PARAM_BOOL) +--SKIPIF-- +<?php +if (!extension_loaded('pdo') || !extension_loaded('pdo_pgsql')) die('skip not loaded'); +require dirname(__FILE__) . '/config.inc'; +require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; +PDOTest::skip(); +?> +--FILE-- +<?php +require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; +$db = PDOTest::test_factory(dirname(__FILE__) . '/common.phpt'); +$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, true); +$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_SILENT); +$errors = array(); + +$value = true; +$query = $db->prepare('SELECT :foo IS FALSE as val_is_false'); +$query->bindValue(':foo', $value, PDO::PARAM_BOOL); +$query->execute(); +$errors[] = $query->errorInfo(); +var_dump($value); + +$query->bindValue(':foo', 0, PDO::PARAM_BOOL); +$query->execute(); +$errors[] = $query->errorInfo(); + +// Verify bindParam maintains reference and only passes when execute is called +$value = true; +$query->bindParam(':foo', $value, PDO::PARAM_BOOL); +$value = false; +$query->execute(); +$errors[] = $query->errorInfo(); +var_dump($value); + +$expect = 'No errors found'; + +foreach ($errors as $error) +{ + if (strpos('Invalid text representation', $error[2]) !== false) + { + $expect = 'Invalid boolean found'; + } +} +echo $expect; +?> +--EXPECTF-- +bool(true) +bool(false) +No errors found diff --git a/main/php_version.h b/main/php_version.h index e4ba15eba9..331f30a051 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -2,7 +2,7 @@ /* edit configure.in to change version number */ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 3 -#define PHP_RELEASE_VERSION 19 +#define PHP_RELEASE_VERSION 20 #define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "5.3.19-dev" -#define PHP_VERSION_ID 50319 +#define PHP_VERSION "5.3.20-dev" +#define PHP_VERSION_ID 50320 |