diff options
35 files changed, 618 insertions, 97 deletions
diff --git a/.travis.yml b/.travis.yml index b104b9a3f6..248ab861f8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,6 +25,9 @@ env: - ENABLE_MAINTAINER_ZTS=0 ENABLE_DEBUG=0 - ENABLE_MAINTAINER_ZTS=1 ENABLE_DEBUG=1 +before_install: + - sudo apt-get update -qq + - sudo apt-get install -y libenchant-dev libaspell-dev libpspell-dev librecode-dev before_script: # Compile PHP - ./travis/compile.sh @@ -12,6 +12,7 @@ PHP NEWS - Standard: . Removed call_user_method() and call_user_method_array() functions. (Kalle) + . Fix user session handlers (See rfc:session.user.return-value). (Sara) - XSL: . Fixed bug #64776 (The XSLT extension is not thread safe). (Mike) diff --git a/Zend/tests/constant_expressions_arrays.phpt b/Zend/tests/constant_expressions_arrays.phpt new file mode 100644 index 0000000000..061fcc6a92 --- /dev/null +++ b/Zend/tests/constant_expressions_arrays.phpt @@ -0,0 +1,35 @@ +--TEST-- +Constant expressions with arrays +--FILE-- +<?php +const a = [1,2,[3,[4]]]; +const b = a[0]; +const c = a[2][0]; +const d = a[2]; +const e = ["string" => [1]]["string"][0]; + +var_dump(b, c, e); + +function test ($a = d[1][0]) { + var_dump($a); +} + +test(); + +class foo { + const bar = [1][0]; +} + +var_dump(foo::bar); + +var_dump(a); // Eventually allow that later with array dereferencing of constants + +?> +--EXPECTF-- +int(1) +int(3) +int(1) +int(4) +int(1) + +Fatal error: Arrays are not allowed in constants at run-time in %s on line %d diff --git a/Zend/tests/constant_expressions_self_referencing_array.phpt b/Zend/tests/constant_expressions_self_referencing_array.phpt new file mode 100644 index 0000000000..09f862e048 --- /dev/null +++ b/Zend/tests/constant_expressions_self_referencing_array.phpt @@ -0,0 +1,15 @@ +--TEST-- +Self-referencing constant expression (part of a constant AST) +--XFAIL-- +Not yet fixed, to be fixed for PHP 5.6 +--FILE-- +<?php +class A { + const FOO = [self::BAR]; + const BAR = [self::FOO]; +} +var_dump(A::FOO); +?> +--EXPECTF-- +Fatal error: Cannot declare self-referencing constant 'self::FOO' in %s on line %d + diff --git a/Zend/tests/generators/bug67497.phpt b/Zend/tests/generators/bug67497.phpt new file mode 100644 index 0000000000..483857b96c --- /dev/null +++ b/Zend/tests/generators/bug67497.phpt @@ -0,0 +1,19 @@ +--TEST-- +Bug #67467: eval with parse error causes segmentation fault in generator +--FILE-- +<?php + +function gen() { + $a = 1; + yield $a; +} + +@eval('abc'); + +$values = gen(); +$values->next(); + +?> +===DONE=== +--EXPECT-- +===DONE=== diff --git a/Zend/zend_generators.c b/Zend/zend_generators.c index 698b2d8cf3..922c6a3f2b 100644 --- a/Zend/zend_generators.c +++ b/Zend/zend_generators.c @@ -115,6 +115,7 @@ ZEND_API void zend_generator_close(zend_generator *generator, zend_bool finished /* A fatal error / die occurred during the generator execution. Trying to clean * up the stack may not be safe in this case. */ if (CG(unclean_shutdown)) { + generator->execute_data = NULL; return; } diff --git a/ext/fileinfo/libmagic.patch b/ext/fileinfo/libmagic.patch index bb9a0dafae..8b0b9a8911 100644 --- a/ext/fileinfo/libmagic.patch +++ b/ext/fileinfo/libmagic.patch @@ -822,7 +822,16 @@ diff -u libmagic.orig/ascmagic.c libmagic/ascmagic.c } diff -u libmagic.orig/cdf.c libmagic/cdf.c --- libmagic.orig/cdf.c Tue Feb 26 17:20:42 2013 -+++ libmagic/cdf.c Tue May 27 22:28:51 2014 ++++ libmagic/cdf.c Tue Jul 1 08:57:25 2014 +@@ -35,7 +35,7 @@ + #include "file.h" + + #ifndef lint +-FILE_RCSID("@(#)$File: cdf.c,v 1.53 2013/02/26 16:20:42 christos Exp $") ++FILE_RCSID("@(#)$File: cdf.c,v 1.55 2014/02/27 23:26:17 christos Exp $") + #endif + + #include <assert.h> @@ -43,7 +43,17 @@ #include <err.h> #endif @@ -841,7 +850,25 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c #include <string.h> #include <time.h> #include <ctype.h> -@@ -296,7 +306,10 @@ +@@ -267,13 +277,15 @@ + { + const char *b = (const char *)sst->sst_tab; + const char *e = ((const char *)p) + tail; ++ size_t ss = sst->sst_dirlen < h->h_min_size_standard_stream ? ++ CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); + (void)&line; +- if (e >= b && (size_t)(e - b) <= CDF_SEC_SIZE(h) * sst->sst_len) ++ if (e >= b && (size_t)(e - b) <= ss * sst->sst_len) + return 0; + DPRINTF(("%d: offset begin %p < end %p || %" SIZE_T_FORMAT "u" + " > %" SIZE_T_FORMAT "u [%" SIZE_T_FORMAT "u %" + SIZE_T_FORMAT "u]\n", line, b, e, (size_t)(e - b), +- CDF_SEC_SIZE(h) * sst->sst_len, CDF_SEC_SIZE(h), sst->sst_len)); ++ ss * sst->sst_len, ss, sst->sst_len)); + errno = EFTYPE; + return -1; + } +@@ -296,7 +308,10 @@ if (info->i_fd == -1) return -1; @@ -853,7 +880,77 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c return -1; return (ssize_t)len; -@@ -810,6 +823,10 @@ +@@ -352,10 +367,10 @@ + size_t ss = CDF_SHORT_SEC_SIZE(h); + size_t pos = CDF_SHORT_SEC_POS(h, id); + assert(ss == len); +- if (pos > CDF_SEC_SIZE(h) * sst->sst_len) { ++ if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) { + DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %" + SIZE_T_FORMAT "u\n", +- pos, CDF_SEC_SIZE(h) * sst->sst_len)); ++ pos + len, CDF_SEC_SIZE(h) * sst->sst_len)); + return -1; + } + (void)memcpy(((char *)buf) + offs, +@@ -455,7 +470,8 @@ + cdf_count_chain(const cdf_sat_t *sat, cdf_secid_t sid, size_t size) + { + size_t i, j; +- cdf_secid_t maxsector = (cdf_secid_t)(sat->sat_len * size); ++ cdf_secid_t maxsector = (cdf_secid_t)((sat->sat_len * size) ++ / sizeof(maxsector)); + + DPRINTF(("Chain:")); + for (j = i = 0; sid >= 0; i++, j++) { +@@ -465,8 +481,8 @@ + errno = EFTYPE; + return (size_t)-1; + } +- if (sid > maxsector) { +- DPRINTF(("Sector %d > %d\n", sid, maxsector)); ++ if (sid >= maxsector) { ++ DPRINTF(("Sector %d >= %d\n", sid, maxsector)); + errno = EFTYPE; + return (size_t)-1; + } +@@ -675,11 +691,13 @@ + + int + cdf_read_short_stream(const cdf_info_t *info, const cdf_header_t *h, +- const cdf_sat_t *sat, const cdf_dir_t *dir, cdf_stream_t *scn) ++ const cdf_sat_t *sat, const cdf_dir_t *dir, cdf_stream_t *scn, ++ const cdf_directory_t **root) + { + size_t i; + const cdf_directory_t *d; + ++ *root = NULL; + for (i = 0; i < dir->dir_len; i++) + if (dir->dir_tab[i].d_type == CDF_DIR_TYPE_ROOT_STORAGE) + break; +@@ -688,6 +706,7 @@ + if (i == dir->dir_len) + goto out; + d = &dir->dir_tab[i]; ++ *root = d; + + /* If the it is not there, just fake it; some docs don't have it */ + if (d->d_stream_first_sector < 0) +@@ -796,7 +815,11 @@ + if (cdf_check_stream_offset(sst, h, e, 0, __LINE__) == -1) + goto out; + for (i = 0; i < sh.sh_properties; i++) { +- size_t ofs = CDF_GETUINT32(p, (i << 1) + 1); ++ size_t ofs, tail = (i << 1) + 1; ++ if (cdf_check_stream_offset(sst, h, p, tail * sizeof(uint32_t), ++ __LINE__) == -1) ++ goto out; ++ ofs = CDF_GETUINT32(p, tail); + q = (const uint8_t *)(const void *) + ((const char *)(const void *)p + ofs + - 2 * sizeof(uint32_t)); +@@ -810,6 +833,10 @@ i, inp[i].pi_id, inp[i].pi_type, q - p, offs)); if (inp[i].pi_type & CDF_VECTOR) { nelements = CDF_GETUINT32(q, 1); @@ -864,7 +961,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c o = 2; } else { nelements = 1; -@@ -884,7 +901,9 @@ +@@ -884,7 +911,9 @@ } DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", nelements)); @@ -875,7 +972,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c uint32_t l = CDF_GETUINT32(q, o); inp[i].pi_str.s_len = l; inp[i].pi_str.s_buf = (const char *) -@@ -929,7 +948,7 @@ +@@ -929,7 +958,7 @@ cdf_unpack_summary_info(const cdf_stream_t *sst, const cdf_header_t *h, cdf_summary_info_header_t *ssi, cdf_property_info_t **info, size_t *count) { @@ -884,7 +981,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c const cdf_summary_info_header_t *si = CAST(const cdf_summary_info_header_t *, sst->sst_tab); const cdf_section_declaration_t *sd = -@@ -944,21 +963,13 @@ +@@ -944,21 +973,13 @@ ssi->si_os = CDF_TOLE2(si->si_os); ssi->si_class = si->si_class; cdf_swap_class(&ssi->si_class); @@ -909,7 +1006,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c return 0; } -@@ -1132,7 +1143,7 @@ +@@ -1132,7 +1153,7 @@ cdf_directory_t *d; char name[__arraycount(d->d_name)]; cdf_stream_t scn; @@ -918,7 +1015,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c static const char *types[] = { "empty", "user storage", "user stream", "lockbytes", "property", "root storage" }; -@@ -1185,7 +1196,7 @@ +@@ -1185,7 +1206,7 @@ cdf_dump_property_info(const cdf_property_info_t *info, size_t count) { cdf_timestamp_t tp; @@ -927,7 +1024,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c char buf[64]; size_t i, j; -@@ -1229,7 +1240,11 @@ +@@ -1229,7 +1250,11 @@ break; case CDF_FILETIME: tp = info[i].pi_tp; @@ -941,7 +1038,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c } else { diff -u libmagic.orig/cdf.h libmagic/cdf.h --- libmagic.orig/cdf.h Thu Jun 21 00:19:55 2012 -+++ libmagic/cdf.h Tue May 27 22:28:51 2014 ++++ libmagic/cdf.h Thu Jun 5 18:05:33 2014 @@ -35,10 +35,12 @@ #ifndef _H_CDF_ #define _H_CDF_ @@ -982,6 +1079,16 @@ diff -u libmagic.orig/cdf.h libmagic/cdf.h int cdf_read_header(const cdf_info_t *, cdf_header_t *); void cdf_swap_header(cdf_header_t *); void cdf_unpack_header(cdf_header_t *, char *); +@@ -294,7 +300,8 @@ + int cdf_read_ssat(const cdf_info_t *, const cdf_header_t *, const cdf_sat_t *, + cdf_sat_t *); + int cdf_read_short_stream(const cdf_info_t *, const cdf_header_t *, +- const cdf_sat_t *, const cdf_dir_t *, cdf_stream_t *); ++ const cdf_sat_t *, const cdf_dir_t *, cdf_stream_t *, ++ const cdf_directory_t **); + int cdf_read_property_info(const cdf_stream_t *, const cdf_header_t *, uint32_t, + cdf_property_info_t **, size_t *, size_t *); + int cdf_read_summary_info(const cdf_info_t *, const cdf_header_t *, diff -u libmagic.orig/cdf_time.c libmagic/cdf_time.c --- libmagic.orig/cdf_time.c Thu Jun 21 00:18:33 2012 +++ libmagic/cdf_time.c Fri Feb 21 00:21:27 2014 @@ -2599,8 +2706,13 @@ diff -u libmagic.orig/print.c libmagic/print.c } diff -u libmagic.orig/readcdf.c libmagic/readcdf.c --- libmagic.orig/readcdf.c Tue Jan 7 04:13:42 2014 -+++ libmagic/readcdf.c Tue May 27 22:28:51 2014 -@@ -30,7 +30,11 @@ ++++ libmagic/readcdf.c Thu Jun 5 18:05:33 2014 +@@ -26,11 +26,15 @@ + #include "file.h" + + #ifndef lint +-FILE_RCSID("@(#)$File: readcdf.c,v 1.37 2014/01/06 13:41:18 rrt Exp $") ++FILE_RCSID("@(#)$File: readcdf.c,v 1.40 2014/03/06 15:23:33 christos Exp $") #endif #include <stdlib.h> @@ -2612,7 +2724,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c #include <string.h> #include <time.h> #include <ctype.h> -@@ -69,6 +73,10 @@ +@@ -69,6 +73,44 @@ { NULL, NULL, }, }; @@ -2620,10 +2732,49 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c +# define strcasestr strstr +#endif + ++static const struct cv { ++ uint64_t clsid[2]; ++ const char *mime; ++} clsid2mime[] = { ++ { ++#ifdef PHP_WIN32 ++ { 0x00000000000c1084ui64, 0x46000000000000c0ui64 }, ++#else ++ { 0x00000000000c1084LLU, 0x46000000000000c0LLU }, ++#endif ++ "x-msi", ++ } ++}, clsid2desc[] = { ++ { ++#ifdef PHP_WIN32 ++ { 0x00000000000c1084ui64, 0x46000000000000c0ui64 }, ++#else ++ { 0x00000000000c1084LLU, 0x46000000000000c0LLU }, ++#endif ++ "MSI Installer", ++ }, ++}; ++ ++private const char * ++cdf_clsid_to_mime(const uint64_t clsid[2], const struct cv *cv) ++{ ++ size_t i; ++ for (i = 0; cv[i].mime != NULL; i++) { ++ if (clsid[0] == cv[i].clsid[0] && clsid[1] == cv[i].clsid[1]) ++ return cv[i].mime; ++ } ++ return NULL; ++} ++ private const char * cdf_app_to_mime(const char *vbuf, const struct nv *nv) { -@@ -91,12 +99,14 @@ +@@ -87,16 +129,21 @@ + + private int + cdf_file_property_info(struct magic_set *ms, const cdf_property_info_t *info, +- size_t count) ++ size_t count, const cdf_directory_t *root_storage) { size_t i; cdf_timestamp_t tp; @@ -2636,10 +2787,22 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c + memset(&ts, 0, sizeof(ts)); + ++ if (!NOTMIME(ms) && root_storage) ++ str = cdf_clsid_to_mime(root_storage->d_storage_uuid, clsid2mime); ++ for (i = 0; i < count; i++) { cdf_print_property_name(buf, sizeof(buf), info[i].pi_id); switch (info[i].pi_type) { -@@ -162,8 +172,12 @@ +@@ -153,7 +200,7 @@ + buf, vbuf) == -1) + return -1; + } +- } else if (info[i].pi_id == ++ } else if (str == NULL && info[i].pi_id == + CDF_PROPERTY_NAME_OF_APPLICATION) { + str = cdf_app_to_mime(vbuf, app2mime); + } +@@ -162,8 +209,12 @@ case CDF_FILETIME: tp = info[i].pi_tp; if (tp != 0) { @@ -2654,7 +2817,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c cdf_print_elapsed_time(tbuf, sizeof(tbuf), tp); if (NOTMIME(ms) && file_printf(ms, -@@ -171,8 +185,11 @@ +@@ -171,8 +222,11 @@ return -1; } else { char *c, *ec; @@ -2668,6 +2831,91 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c if (c != NULL && (ec = strchr(c, '\n')) != NULL) *ec = '\0'; +@@ -200,7 +254,7 @@ + + private int + cdf_file_summary_info(struct magic_set *ms, const cdf_header_t *h, +- const cdf_stream_t *sst) ++ const cdf_stream_t *sst, const cdf_directory_t *root_storage) + { + cdf_summary_info_header_t si; + cdf_property_info_t *info; +@@ -211,6 +265,8 @@ + return -1; + + if (NOTMIME(ms)) { ++ const char *str; ++ + if (file_printf(ms, "Composite Document File V2 Document") + == -1) + return -1; +@@ -238,9 +294,15 @@ + return -2; + break; + } +- } ++ if (root_storage) { ++ str = cdf_clsid_to_mime(root_storage->d_storage_uuid, clsid2desc); ++ if (str) ++ if (file_printf(ms, ", %s", str) == -1) ++ return -2; ++ } ++ } + +- m = cdf_file_property_info(ms, info, count); ++ m = cdf_file_property_info(ms, info, count, root_storage); + free(info); + + return m == -1 ? -2 : m; +@@ -258,6 +320,7 @@ + int i; + const char *expn = ""; + const char *corrupt = "corrupt: "; ++ const cdf_directory_t *root_storage; + + info.i_fd = fd; + info.i_buf = buf; +@@ -291,7 +354,8 @@ + goto out2; + } + +- if ((i = cdf_read_short_stream(&info, &h, &sat, &dir, &sst)) == -1) { ++ if ((i = cdf_read_short_stream(&info, &h, &sat, &dir, &sst, ++ &root_storage)) == -1) { + expn = "Cannot read short stream"; + goto out3; + } +@@ -312,23 +376,21 @@ + #ifdef CDF_DEBUG + cdf_dump_summary_info(&h, &scn); + #endif +- if ((i = cdf_file_summary_info(ms, &h, &scn)) < 0) +- expn = "Can't expand summary_info"; ++ if ((i = cdf_file_summary_info(ms, &h, &scn, root_storage)) < 0) ++ expn = "Can't expand summary_info"; ++ + if (i == 0) { + const char *str = NULL; + cdf_directory_t *d; + char name[__arraycount(d->d_name)]; + size_t j, k; +- for (j = 0; j < dir.dir_len; j++) { ++ ++ for (j = 0; str == NULL && j < dir.dir_len; j++) { + d = &dir.dir_tab[j]; + for (k = 0; k < sizeof(name); k++) + name[k] = (char)cdf_tole2(d->d_name[k]); +- if (NOTMIME(ms)) +- str = cdf_app_to_mime(name, name2desc); +- else +- str = cdf_app_to_mime(name, name2mime); +- if (str != NULL) +- break; ++ str = cdf_app_to_mime(name, ++ NOTMIME(ms) ? name2desc : name2mime); + } + if (NOTMIME(ms)) { + if (str != NULL) { diff -u libmagic.orig/readelf.c libmagic/readelf.c --- libmagic.orig/readelf.c Tue Nov 5 16:44:01 2013 +++ libmagic/readelf.c Fri Feb 21 00:21:27 2014 @@ -2915,7 +3163,7 @@ diff -u libmagic.orig/readelf.h libmagic/readelf.h typedef uint8_t Elf64_Char; diff -u libmagic.orig/softmagic.c libmagic/softmagic.c --- libmagic.orig/softmagic.c Thu Feb 13 00:20:53 2014 -+++ libmagic/softmagic.c Sun Mar 9 13:14:07 2014 ++++ libmagic/softmagic.c Tue Jul 1 08:57:25 2014 @@ -50,6 +50,11 @@ #include <locale.h> #endif @@ -3050,7 +3298,29 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c break; \ } \ -@@ -1178,9 +1162,6 @@ +@@ -931,10 +915,18 @@ + return 1; + } + case FILE_PSTRING: { +- char *ptr1 = p->s, *ptr2 = ptr1 + file_pstring_length_size(m); ++ size_t sz = file_pstring_length_size(m); ++ char *ptr1 = p->s, *ptr2 = ptr1 + sz; + size_t len = file_pstring_get_length(m, ptr1); +- if (len >= sizeof(p->s)) +- len = sizeof(p->s) - 1; ++ if (len >= sizeof(p->s)) { ++ /* ++ * The size of the pascal string length (sz) ++ * is 1, 2, or 4. We need at least 1 byte for NUL ++ * termination, but we've already truncated the ++ * string by p->s, so we need to deduct sz. ++ */ ++ len = sizeof(p->s) - sz; ++ } + while (len--) + *ptr1++ = *ptr2++; + *ptr1 = '\0'; +@@ -1178,9 +1170,6 @@ "nbytes=%zu, count=%u)\n", m->type, m->flag, offset, o, nbytes, count); mdebug(offset, (char *)(void *)p, sizeof(union VALUETYPE)); @@ -3060,7 +3330,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c } if (m->flag & INDIR) { -@@ -1679,9 +1660,6 @@ +@@ -1679,9 +1668,6 @@ if ((ms->flags & MAGIC_DEBUG) != 0) { mdebug(offset, (char *)(void *)p, sizeof(union VALUETYPE)); @@ -3070,7 +3340,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c } } -@@ -1755,11 +1733,21 @@ +@@ -1755,11 +1741,21 @@ ms->offset = soffset; if (rv == 1) { if ((ms->flags & (MAGIC_MIME|MAGIC_APPLE)) == 0 && @@ -3095,7 +3365,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c } return rv; -@@ -1875,6 +1863,42 @@ +@@ -1875,6 +1871,42 @@ return file_strncmp(a, b, len, flags); } @@ -3138,13 +3408,16 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c private int magiccheck(struct magic_set *ms, struct magic *m) { -@@ -2035,63 +2059,151 @@ +@@ -2035,63 +2067,151 @@ break; } case FILE_REGEX: { - int rc; - regex_t rx; - char errmsg[512]; +- +- if (ms->search.s == NULL) +- return 0; + zval *pattern; + int options = 0; + pcre_cache_entry *pce; @@ -3281,9 +3554,6 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c + } + } -- if (ms->search.s == NULL) -- return 0; - - l = 0; - rc = regcomp(&rx, m->value.s, - REG_EXTENDED|REG_NEWLINE| @@ -3318,7 +3588,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c - (size_t)(pmatch[0].rm_eo - pmatch[0].rm_so); - v = 0; - break; -- + - case REG_NOMATCH: + } else { v = 1; @@ -3354,4 +3624,3 @@ diff -u libmagic.orig/strcasestr.c libmagic/strcasestr.c #include <assert.h> #include <ctype.h> #include <string.h> - diff --git a/ext/filter/tests/bug49184.phpt b/ext/filter/tests/bug49184.phpt new file mode 100644 index 0000000000..86d35db0d5 --- /dev/null +++ b/ext/filter/tests/bug49184.phpt @@ -0,0 +1,22 @@ +--TEST-- +Bug #67296 (filter_input doesn't validate variables) +--XFAIL-- +See Bug #49184 +--SKIPIF-- +<?php if (!extension_loaded("filter")) die("skip needs filter ext"); ?> +--ENV-- +return <<<END +HTTP_X_FORWARDED_FOR=example.com +END; +--FILE-- +<?php + var_dump(filter_input(INPUT_SERVER, "HTTP_X_FORWARDED_FOR", FILTER_UNSAFE_RAW)); + var_dump($_SERVER["HTTP_X_FORWARDED_FOR"]); + var_dump(getenv("HTTP_X_FORWARDED_FOR")); + var_dump("done"); +?> +--EXPECT-- +string(11) "example.com" +string(11) "example.com" +string(11) "example.com" +string(4) "done" diff --git a/ext/intl/formatter/formatter_parse.c b/ext/intl/formatter/formatter_parse.c index d5b7cdd745..62fc2b10f5 100644 --- a/ext/intl/formatter/formatter_parse.c +++ b/ext/intl/formatter/formatter_parse.c @@ -74,7 +74,9 @@ PHP_FUNCTION( numfmt_parse ) } #if ICU_LOCALE_BUG && defined(LC_NUMERIC) - oldlocale = setlocale(LC_NUMERIC, "C"); + /* need to copy here since setlocale may change it later */ + oldlocale = estrdup(setlocale(LC_NUMERIC, NULL)); + setlocale(LC_NUMERIC, "C"); #endif switch(type) { @@ -101,6 +103,7 @@ PHP_FUNCTION( numfmt_parse ) } #if ICU_LOCALE_BUG && defined(LC_NUMERIC) setlocale(LC_NUMERIC, oldlocale); + efree(oldlocale); #endif if(zposition) { zval_dtor(zposition); diff --git a/ext/intl/php_intl.c b/ext/intl/php_intl.c index c1171add4b..9ca225ab88 100644 --- a/ext/intl/php_intl.c +++ b/ext/intl/php_intl.c @@ -445,7 +445,7 @@ ZEND_BEGIN_ARG_INFO_EX( arginfo_tz_idarg_static, 0, 0, 1 ) ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_INFO_EX( arginfo_tz_from_date_time_zone, 0, 0, 1 ) - ZEND_ARG_OBJ_INFO( 0, dateTimeZone, IntlDateTimeZone, 0 ) + ZEND_ARG_OBJ_INFO( 0, dateTimeZone, DateTimeZone, 0 ) ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_INFO_EX( arginfo_tz_create_enumeration, 0, 0, 0 ) diff --git a/ext/intl/tests/bug14562.phpt b/ext/intl/tests/bug14562.phpt index 3256268405..7cf927f7e7 100644 --- a/ext/intl/tests/bug14562.phpt +++ b/ext/intl/tests/bug14562.phpt @@ -15,6 +15,7 @@ function ut_main() setlocale(LC_ALL, $de_locale); $fmt = new NumberFormatter("de", NumberFormatter::DECIMAL ); $numeric = $fmt->parse("1234,56"); + setlocale(LC_ALL, "C"); // reset for printing $res_str .= "$numeric\n"; return $res_str; } diff --git a/ext/intl/tests/bug66921.phpt b/ext/intl/tests/bug66921.phpt new file mode 100644 index 0000000000..58ae9c0f82 --- /dev/null +++ b/ext/intl/tests/bug66921.phpt @@ -0,0 +1,15 @@ +--TEST-- +Bug #66921 - Wrong argument type hint for function intltz_from_date_time_zone +--SKIPIF-- +<?php if( !extension_loaded( 'intl' ) ) print 'skip'; ?> +--FILE-- +<?php +$f = new ReflectionFunction('intltz_from_date_time_zone'); +var_dump($f->getParameters()[0]->getClass()); + +?> +--EXPECTF-- +object(ReflectionClass)#%d (1) { + ["name"]=> + string(12) "DateTimeZone" +} diff --git a/ext/intl/tests/bug67052.phpt b/ext/intl/tests/bug67052.phpt new file mode 100644 index 0000000000..f3245f8398 --- /dev/null +++ b/ext/intl/tests/bug67052.phpt @@ -0,0 +1,25 @@ +--TEST-- +Bug #67052 - NumberFormatter::parse() resets LC_NUMERIC setting +--SKIPIF-- +<?php if( !extension_loaded( 'intl' ) ) print 'skip'; ?> +--FILE-- +<?php + +function ut_main() +{ + setlocale(LC_ALL, 'de_DE'); + + $fmt = new NumberFormatter( 'sl_SI.UTF-8', NumberFormatter::DECIMAL); + $num = "1.234.567,891"; + $res_str = $fmt->parse($num)."\n"; + $res_str .= setlocale(LC_NUMERIC, 0); + return $res_str; +} + +include_once( 'ut_common.inc' ); +ut_run(); + +?> +--EXPECT-- +1234567,891 +de_DE diff --git a/ext/opcache/tests/bug67215.phpt b/ext/opcache/tests/bug67215.phpt new file mode 100644 index 0000000000..e9919d1001 --- /dev/null +++ b/ext/opcache/tests/bug67215.phpt @@ -0,0 +1,28 @@ +--TEST-- +Bug #67215 (php-cgi work with opcache, may be segmentation fault happen) +--INI-- +opcache.enable=1 +opcache.enable_cli=1 +opcache.file_update_protection=0 +--SKIPIF-- +<?php require_once('skipif.inc'); ?> +--FILE-- +<?php + +$file_c = __DIR__ . "/bug67215.c.php"; +$file_p = __DIR__ . "/bug67215.p.php"; +file_put_contents($file_c, "<?php require \"$file_p\"; class c extends p {} ?>"); +file_put_contents($file_p, '<?php class p { protected $var = ""; } ?>'); +require $file_c; +$a = new c(); +require $file_c; +?> +--CLEAN-- +<?php +$file_c = __DIR__ . "/bug67215.c.php"; +$file_p = __DIR__ . "/bug67215.p.php"; +unlink($file_c); +unlink($file_p); +?> +--EXPECTF-- +Fatal error: Cannot redeclare class c in %sbug67215.c.php on line %d diff --git a/ext/opcache/zend_accelerator_util_funcs.c b/ext/opcache/zend_accelerator_util_funcs.c index 93999af11f..ad5f44baa0 100644 --- a/ext/opcache/zend_accelerator_util_funcs.c +++ b/ext/opcache/zend_accelerator_util_funcs.c @@ -810,18 +810,7 @@ static void zend_accel_function_hash_copy(HashTable *target, HashTable *source, if (UNEXPECTED(t == NULL)) { if (p->key->len > 0 && p->key->val[0] == 0) { /* Mangled key */ -#if ZEND_EXTENSION_API_NO >= PHP_5_3_X_API_NO - if (((zend_function*)Z_PTR(p->val))->common.fn_flags & ZEND_ACC_CLOSURE) { - /* update closure */ - t = zend_hash_update(target, p->key, &p->val); - } else { - /* ignore and wait for runtime */ - continue; - } -#else - /* ignore and wait for runtime */ - continue; -#endif + t = zend_hash_update(target, p->key, &p->val); } else { t = zend_hash_find(target, p->key); goto failure; diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c index 4381440e8d..40f24ff940 100644 --- a/ext/pgsql/pgsql.c +++ b/ext/pgsql/pgsql.c @@ -783,7 +783,7 @@ static int le_link, le_plink, le_result, le_lofp, le_string; #endif #if !HAVE_PQESCAPE_CONN -#define PQescapeStringConn(conn, to, form, len, error) PQescapeString(to, from, len) +#define PQescapeStringConn(conn, to, from, len, error) PQescapeString(to, from, len) #endif #if HAVE_PQESCAPELITERAL @@ -1126,7 +1126,9 @@ PHP_MINIT_FUNCTION(pgsql) REGISTER_LONG_CONSTANT("PGSQL_CONNECTION_MADE", CONNECTION_MADE, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("PGSQL_CONNECTION_AWAITING_RESPONSE", CONNECTION_AWAITING_RESPONSE, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("PGSQL_CONNECTION_AUTH_OK", CONNECTION_AUTH_OK, CONST_CS | CONST_PERSISTENT); +#ifdef CONNECTION_SSL_STARTUP REGISTER_LONG_CONSTANT("PGSQL_CONNECTION_SSL_STARTUP", CONNECTION_SSL_STARTUP, CONST_CS | CONST_PERSISTENT); +#endif REGISTER_LONG_CONSTANT("PGSQL_CONNECTION_SETENV", CONNECTION_SETENV, CONST_CS | CONST_PERSISTENT); /* For pg_connect_poll() */ REGISTER_LONG_CONSTANT("PGSQL_POLLING_FAILED", PGRES_POLLING_FAILED, CONST_CS | CONST_PERSISTENT); diff --git a/ext/session/mod_user.c b/ext/session/mod_user.c index 21f52a1db0..7996575cd4 100644 --- a/ext/session/mod_user.c +++ b/ext/session/mod_user.c @@ -67,12 +67,24 @@ static void ps_call_handler(zval *func, int argc, zval *argv, zval *retval TSRML #define PSF(a) PS(mod_user_names).name.ps_##a -#define FINISH \ - if (!Z_ISUNDEF(retval)) { \ - convert_to_long(&retval); \ - ret = Z_LVAL(retval); \ - zval_ptr_dtor(&retval); \ - } \ +#define FINISH \ + if (Z_TYPE(retval) != IS_UNDEF) { \ + if (Z_TYPE(retval) == IS_TRUE) { \ + ret = SUCCESS; \ + } else if (Z_TYPE(retval) == IS_FALSE) { \ + ret = FAILURE; \ + } else if ((Z_TYPE(retval) == IS_LONG) && (Z_LVAL(retval) == -1)) { \ + /* BC for clever users - Deprecate me */ \ + ret = FAILURE; \ + } else if ((Z_TYPE(retval) == IS_LONG) && (Z_LVAL(retval) == 0)) { \ + /* BC for clever users - Deprecate me */ \ + ret = SUCCESS; \ + } else { \ + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session callback expects true/false return value"); \ + ret = FAILURE; \ + zval_ptr_dtor(&retval); \ + } \ + } \ return ret PS_OPEN_FUNC(user) diff --git a/ext/spl/spl_array.c b/ext/spl/spl_array.c index 24556b532c..385c029794 100644 --- a/ext/spl/spl_array.c +++ b/ext/spl/spl_array.c @@ -1774,6 +1774,7 @@ SPL_METHOD(Array, unserialize) const unsigned char *p, *s; php_unserialize_data_t var_hash; zval members, zflags; + HashTable *aht; long flags; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &buf, &buf_len) == FAILURE) { @@ -1784,6 +1785,12 @@ SPL_METHOD(Array, unserialize) return; } + aht = spl_array_get_hash_table(intern, 0 TSRMLS_CC); + if (aht->u.v.nApplyCount > 0) { + zend_error(E_WARNING, "Modification of ArrayObject during sorting is prohibited"); + return; + } + /* storage */ s = p = (const unsigned char*)buf; PHP_VAR_UNSERIALIZE_INIT(var_hash); diff --git a/ext/spl/spl_dllist.c b/ext/spl/spl_dllist.c index 929fdd8798..09d874645d 100644 --- a/ext/spl/spl_dllist.c +++ b/ext/spl/spl_dllist.c @@ -43,12 +43,10 @@ PHPAPI zend_class_entry *spl_ce_SplStack; #define SPL_LLIST_DELREF(elem) if(!--(elem)->rc) { \ efree(elem); \ - elem = NULL; \ } #define SPL_LLIST_CHECK_DELREF(elem) if((elem) && !--(elem)->rc) { \ efree(elem); \ - elem = NULL; \ } #define SPL_LLIST_ADDREF(elem) (elem)->rc++ @@ -897,6 +895,10 @@ SPL_METHOD(SplDoublyLinkedList, offsetUnset) llist->dtor(element TSRMLS_CC); } + if (intern->traverse_pointer == element) { + SPL_LLIST_DELREF(element); + intern->traverse_pointer = NULL; + } zval_ptr_dtor(&element->data); ZVAL_UNDEF(&element->data); diff --git a/ext/spl/tests/bug67538.phpt b/ext/spl/tests/bug67538.phpt new file mode 100644 index 0000000000..b6f3848c36 --- /dev/null +++ b/ext/spl/tests/bug67538.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #67538 (SPL Iterators use-after-free) +--FILE-- +<?php +$list = new SplDoublyLinkedList(); +$list->push('a'); +$list->push('b'); + +$list->rewind(); +$list->offsetUnset(0); +$list->push('b'); +$list->offsetUnset(0); +$list->next(); +echo "okey"; +?> +--EXPECTF-- +okey diff --git a/ext/spl/tests/bug67539.phpt b/ext/spl/tests/bug67539.phpt new file mode 100644 index 0000000000..8bab2a8c21 --- /dev/null +++ b/ext/spl/tests/bug67539.phpt @@ -0,0 +1,15 @@ +--TEST-- +Bug #67539 (ArrayIterator use-after-free due to object change during sorting) +--FILE-- +<?php + +$it = new ArrayIterator(array_fill(0,2,'X'), 1 ); + +function badsort($a, $b) { + $GLOBALS['it']->unserialize($GLOBALS['it']->serialize()); + return TRUE; +} + +$it->uksort('badsort'); +--EXPECTF-- +Warning: Modification of ArrayObject during sorting is prohibited in %sbug67539.php on line %d diff --git a/ext/standard/credits.c b/ext/standard/credits.c index 006c2d4c1a..3cb6eef724 100644 --- a/ext/standard/credits.c +++ b/ext/standard/credits.c @@ -61,10 +61,10 @@ PHPAPI void php_print_credits(int flag TSRMLS_DC) /* {{{ */ php_info_print_table_start(); php_info_print_table_colspan_header(2, "PHP Authors"); php_info_print_table_header(2, "Contribution", "Authors"); - CREDIT_LINE("Zend Scripting Language Engine", "Andi Gutmans, Zeev Suraski, Stanislav Malyshev, Marcus Boerger, Dmitry Stogov"); + CREDIT_LINE("Zend Scripting Language Engine", "Andi Gutmans, Zeev Suraski, Stanislav Malyshev, Marcus Boerger, Dmitry Stogov, Xinchen Hui, Nikita Popov"); CREDIT_LINE("Extension Module API", "Andi Gutmans, Zeev Suraski, Andrei Zmievski"); CREDIT_LINE("UNIX Build and Modularization", "Stig Bakken, Sascha Schumann, Jani Taskinen"); - CREDIT_LINE("Windows Port", "Shane Caraveo, Zeev Suraski, Wez Furlong, Pierre-Alain Joye"); + CREDIT_LINE("Windows Port", "Shane Caraveo, Zeev Suraski, Wez Furlong, Pierre-Alain Joye, Anatol Belski"); CREDIT_LINE("Server API (SAPI) Abstraction Layer", "Andi Gutmans, Shane Caraveo, Zeev Suraski"); CREDIT_LINE("Streams Abstraction Layer", "Wez Furlong, Sara Golemon"); CREDIT_LINE("PHP Data Objects Layer", "Wez Furlong, Marcus Boerger, Sterling Hughes, George Schlossnagle, Ilia Alshanetsky"); @@ -95,7 +95,7 @@ PHPAPI void php_print_credits(int flag TSRMLS_DC) /* {{{ */ if (flag & PHP_CREDITS_DOCS) { php_info_print_table_start(); php_info_print_table_colspan_header(2, "PHP Documentation"); - CREDIT_LINE("Authors", "Mehdi Achour, Friedhelm Betz, Antony Dovgal, Nuno Lopes, Hannes Magnusson, Georg Richter, Damien Seguy, Jakub Vrana"); + CREDIT_LINE("Authors", "Mehdi Achour, Friedhelm Betz, Antony Dovgal, Nuno Lopes, Hannes Magnusson, Georg Richter, Damien Seguy, Jakub Vrana, Adam Harvey, Peter Cowburn"); CREDIT_LINE("Editor", "Philip Olson"); CREDIT_LINE("User Note Maintainers", "Daniel P. Brown, Thiago Henrique Pojda"); CREDIT_LINE("Other Contributors", "Previously active authors, editors and other contributors are listed in the manual."); @@ -105,7 +105,7 @@ PHPAPI void php_print_credits(int flag TSRMLS_DC) /* {{{ */ if (flag & PHP_CREDITS_QA) { php_info_print_table_start(); php_info_print_table_header(1, "PHP Quality Assurance Team"); - php_info_print_table_row(1, "Ilia Alshanetsky, Joerg Behrens, Antony Dovgal, Stefan Esser, Moriyoshi Koizumi, Magnus Maatta, Sebastian Nohn, Derick Rethans, Melvyn Sopacua, Jani Taskinen, Pierre-Alain Joye, Dmitry Stogov, Felipe Pena, David Soria Parra"); + php_info_print_table_row(1, "Ilia Alshanetsky, Joerg Behrens, Antony Dovgal, Stefan Esser, Moriyoshi Koizumi, Magnus Maatta, Sebastian Nohn, Derick Rethans, Melvyn Sopacua, Jani Taskinen, Pierre-Alain Joye, Dmitry Stogov, Felipe Pena, David Soria Parra, Stanislav Malyshev, Julien Pauli, Stephen Zarkos, Anatol Belski, Remi Collet, Ferenc Kovacs"); php_info_print_table_end(); } @@ -115,7 +115,7 @@ PHPAPI void php_print_credits(int flag TSRMLS_DC) /* {{{ */ php_info_print_table_start(); php_info_print_table_colspan_header(2, "Websites and Infrastructure team"); /* www., wiki., windows., master., and others, I guess pecl. too? */ - CREDIT_LINE("PHP Websites Team", "Rasmus Lerdorf, Hannes Magnusson, Philip Olson, Lukas Kahwe Smith, Pierre-Alain Joye, Kalle Sommer Nielsen"); + CREDIT_LINE("PHP Websites Team", "Rasmus Lerdorf, Hannes Magnusson, Philip Olson, Lukas Kahwe Smith, Pierre-Alain Joye, Kalle Sommer Nielsen, Peter Cowburn, Adam Harvey, Ferenc Kovacs, Levi Morrison"); CREDIT_LINE("Event Maintainers", "Damien Seguy, Daniel P. Brown"); /* Mirroring */ CREDIT_LINE("Network Infrastructure", "Daniel P. Brown"); diff --git a/ext/standard/file.c b/ext/standard/file.c index 897eaa7be8..1b14849954 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -557,6 +557,10 @@ PHP_FUNCTION(file_get_contents) RETURN_FALSE; } + if (maxlen > INT_MAX) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "maxlen truncated from %ld to %d bytes", maxlen, INT_MAX); + maxlen = INT_MAX; + } if ((contents = php_stream_copy_to_mem(stream, maxlen, 0)) != NULL) { RETVAL_STR(contents); } else { @@ -575,7 +579,7 @@ PHP_FUNCTION(file_put_contents) char *filename; int filename_len; zval *data; - int numbytes = 0; + long numbytes = 0; long flags = 0; zval *zcontext = NULL; php_stream_context *context = NULL; @@ -627,6 +631,10 @@ PHP_FUNCTION(file_put_contents) if (php_stream_copy_to_stream_ex(srcstream, stream, PHP_STREAM_COPY_ALL, &len) != SUCCESS) { numbytes = -1; } else { + if (len > LONG_MAX) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "content truncated from %lu to %ld bytes", (unsigned long) len, LONG_MAX); + len = LONG_MAX; + } numbytes = len; } break; @@ -642,7 +650,7 @@ PHP_FUNCTION(file_put_contents) if (Z_STRLEN_P(data)) { numbytes = php_stream_write(stream, Z_STRVAL_P(data), Z_STRLEN_P(data)); if (numbytes != Z_STRLEN_P(data)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Only %d of %d bytes written, possibly out of free disk space", numbytes, Z_STRLEN_P(data)); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Only %ld of %d bytes written, possibly out of free disk space", numbytes, Z_STRLEN_P(data)); numbytes = -1; } } @@ -681,7 +689,7 @@ PHP_FUNCTION(file_put_contents) if (zend_std_cast_object_tostring(data, &out, IS_STRING TSRMLS_CC) == SUCCESS) { numbytes = php_stream_write(stream, Z_STRVAL(out), Z_STRLEN(out)); if (numbytes != Z_STRLEN(out)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Only %d of %d bytes written, possibly out of free disk space", numbytes, Z_STRLEN(out)); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Only %ld of %d bytes written, possibly out of free disk space", numbytes, Z_STRLEN(out)); numbytes = -1; } zval_dtor(&out); diff --git a/ext/standard/php_fopen_wrapper.c b/ext/standard/php_fopen_wrapper.c index 7e21e95d18..9628c0d69d 100644 --- a/ext/standard/php_fopen_wrapper.c +++ b/ext/standard/php_fopen_wrapper.c @@ -231,7 +231,7 @@ php_stream * php_stream_url_wrap_php(php_stream_wrapper *wrapper, const char *pa if ((input->body = SG(request_info).request_body)) { php_stream_rewind(input->body); } else { - input->body = php_stream_temp_create(TEMP_STREAM_DEFAULT, SAPI_POST_BLOCK_SIZE); + input->body = php_stream_temp_create_ex(TEMP_STREAM_DEFAULT, SAPI_POST_BLOCK_SIZE, PG(upload_tmp_dir)); SG(request_info).request_body = input->body; } diff --git a/ext/standard/streamsfuncs.c b/ext/standard/streamsfuncs.c index bd0c0de31b..fe51f48d52 100644 --- a/ext/standard/streamsfuncs.c +++ b/ext/standard/streamsfuncs.c @@ -447,6 +447,10 @@ PHP_FUNCTION(stream_get_contents) } } + if (maxlen > INT_MAX) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "maxlen truncated from %ld to %d bytes", maxlen, INT_MAX); + maxlen = INT_MAX; + } if ((contents = php_stream_copy_to_mem(stream, maxlen, 0))) { RETURN_STR(contents); } else { diff --git a/ext/standard/tests/strings/bug67151.phpt b/ext/standard/tests/strings/bug67151.phpt new file mode 100644 index 0000000000..1d0c02a52d --- /dev/null +++ b/ext/standard/tests/strings/bug67151.phpt @@ -0,0 +1,8 @@ +--TEST-- +Buf #67151: strtr with empty array crashes +--FILE-- +<?php +var_dump(strtr("foo", [])); +?> +--EXPECT-- +string(3) "foo" diff --git a/main/SAPI.c b/main/SAPI.c index 229396dd79..f2a0b26779 100644 --- a/main/SAPI.c +++ b/main/SAPI.c @@ -275,7 +275,7 @@ SAPI_API SAPI_POST_READER_FUNC(sapi_read_standard_form_data) } - SG(request_info).request_body = php_stream_temp_create(TEMP_STREAM_DEFAULT, SAPI_POST_BLOCK_SIZE); + SG(request_info).request_body = php_stream_temp_create_ex(TEMP_STREAM_DEFAULT, SAPI_POST_BLOCK_SIZE, PG(upload_tmp_dir)); if (sapi_module.read_post) { int read_bytes; diff --git a/main/php_memory_streams.h b/main/php_memory_streams.h index 3c4c3280eb..229ed1902e 100644 --- a/main/php_memory_streams.h +++ b/main/php_memory_streams.h @@ -36,6 +36,7 @@ #define php_stream_temp_new() php_stream_temp_create(TEMP_STREAM_DEFAULT, PHP_STREAM_MAX_MEM) #define php_stream_temp_create(mode, max_memory_usage) _php_stream_temp_create((mode), (max_memory_usage) STREAMS_CC TSRMLS_CC) +#define php_stream_temp_create_ex(mode, max_memory_usage, tmpdir) _php_stream_temp_create_ex((mode), (max_memory_usage), (tmpdir) STREAMS_CC TSRMLS_CC) #define php_stream_temp_create_rel(mode, max_memory_usage) _php_stream_temp_create((mode), (max_memory_usage) STREAMS_REL_CC TSRMLS_CC) #define php_stream_temp_open(mode, max_memory_usage, buf, length) _php_stream_temp_open((mode), (max_memory_usage), (buf), (length) STREAMS_CC TSRMLS_CC) @@ -45,6 +46,7 @@ PHPAPI php_stream *_php_stream_memory_open(int mode, char *buf, size_t length ST PHPAPI char *_php_stream_memory_get_buffer(php_stream *stream, size_t *length STREAMS_DC TSRMLS_DC); PHPAPI php_stream *_php_stream_temp_create(int mode, size_t max_memory_usage STREAMS_DC TSRMLS_DC); +PHPAPI php_stream *_php_stream_temp_create_ex(int mode, size_t max_memory_usage, const char *tmpdir STREAMS_DC TSRMLS_DC); PHPAPI php_stream *_php_stream_temp_open(int mode, size_t max_memory_usage, char *buf, size_t length STREAMS_DC TSRMLS_DC); END_EXTERN_C() diff --git a/main/streams/memory.c b/main/streams/memory.c index 89bd59e215..5da0c8decd 100644 --- a/main/streams/memory.c +++ b/main/streams/memory.c @@ -352,6 +352,7 @@ typedef struct { size_t smax; int mode; zval meta; + char* tmpdir; } php_stream_temp_data; @@ -369,7 +370,7 @@ static size_t php_stream_temp_write(php_stream *stream, const char *buf, size_t char *membuf = php_stream_memory_get_buffer(ts->innerstream, &memsize); if (memsize + count >= ts->smax) { - php_stream *file = php_stream_fopen_tmpfile(); + php_stream *file = php_stream_fopen_temporary_file(ts->tmpdir, "php", NULL); php_stream_write(file, membuf, memsize); php_stream_free_enclosed(ts->innerstream, PHP_STREAM_FREE_CLOSE); ts->innerstream = file; @@ -418,6 +419,10 @@ static int php_stream_temp_close(php_stream *stream, int close_handle TSRMLS_DC) zval_ptr_dtor(&ts->meta); + if (ts->tmpdir) { + efree(ts->tmpdir); + } + efree(ts); return ret; @@ -545,8 +550,8 @@ PHPAPI php_stream_ops php_stream_temp_ops = { /* }}} */ -/* {{{ _php_stream_temp_create */ -PHPAPI php_stream *_php_stream_temp_create(int mode, size_t max_memory_usage STREAMS_DC TSRMLS_DC) +/* {{{ _php_stream_temp_create_ex */ +PHPAPI php_stream *_php_stream_temp_create_ex(int mode, size_t max_memory_usage, const char *tmpdir STREAMS_DC TSRMLS_DC) { php_stream_temp_data *self; php_stream *stream; @@ -555,6 +560,9 @@ PHPAPI php_stream *_php_stream_temp_create(int mode, size_t max_memory_usage STR self->smax = max_memory_usage; self->mode = mode; ZVAL_UNDEF(&self->meta); + if (tmpdir) { + self->tmpdir = estrdup(tmpdir); + } stream = php_stream_alloc_rel(&php_stream_temp_ops, self, 0, mode & TEMP_STREAM_READONLY ? "rb" : "w+b"); stream->flags |= PHP_STREAM_FLAG_NO_BUFFER; self->innerstream = php_stream_memory_create_rel(mode); @@ -564,6 +572,12 @@ PHPAPI php_stream *_php_stream_temp_create(int mode, size_t max_memory_usage STR } /* }}} */ +/* {{{ _php_stream_temp_create */ +PHPAPI php_stream *_php_stream_temp_create(int mode, size_t max_memory_usage STREAMS_DC TSRMLS_DC) +{ + return php_stream_temp_create_ex(mode, max_memory_usage, NULL); +} +/* }}} */ /* {{{ _php_stream_temp_open */ PHPAPI php_stream *_php_stream_temp_open(int mode, size_t max_memory_usage, char *buf, size_t length STREAMS_DC TSRMLS_DC) diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 5e9e5c7ace..87312b9ef8 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -183,31 +183,20 @@ static php_stream *_php_stream_fopen_from_file_int(FILE *file, const char *mode return php_stream_alloc_rel(&php_stream_stdio_ops, self, 0, mode); } -PHPAPI php_stream *_php_stream_fopen_temporary_file(const char *dir, const char *pfx, char **opened_path STREAMS_DC TSRMLS_DC) +PHPAPI php_stream *_php_stream_fopen_temporary_file(const char *dir, const char *pfx, char **opened_path_ptr STREAMS_DC TSRMLS_DC) { - int fd = php_open_temporary_fd(dir, pfx, opened_path TSRMLS_CC); + char *opened_path = NULL; + int fd; + fd = php_open_temporary_fd(dir, pfx, &opened_path TSRMLS_CC); if (fd != -1) { - php_stream *stream = php_stream_fopen_from_fd_int_rel(fd, "r+b", NULL); - if (stream) { - return stream; - } - close(fd); - - php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to allocate stream"); - - return NULL; - } - return NULL; -} + php_stream *stream; -PHPAPI php_stream *_php_stream_fopen_tmpfile(int dummy STREAMS_DC TSRMLS_DC) -{ - char *opened_path = NULL; - int fd = php_open_temporary_fd(NULL, "php", &opened_path TSRMLS_CC); + if (opened_path_ptr) { + *opened_path_ptr = opened_path; + } - if (fd != -1) { - php_stream *stream = php_stream_fopen_from_fd_int_rel(fd, "r+b", NULL); + stream = php_stream_fopen_from_fd_int_rel(fd, "r+b", NULL); if (stream) { php_stdio_stream_data *self = (php_stdio_stream_data*)stream->abstract; stream->wrapper = &php_plain_files_wrapper; @@ -227,6 +216,11 @@ PHPAPI php_stream *_php_stream_fopen_tmpfile(int dummy STREAMS_DC TSRMLS_DC) return NULL; } +PHPAPI php_stream *_php_stream_fopen_tmpfile(int dummy STREAMS_DC TSRMLS_DC) +{ + return php_stream_fopen_temporary_file(NULL, "php", NULL); +} + PHPAPI php_stream *_php_stream_fopen_from_fd(int fd, const char *mode, const char *persistent_id STREAMS_DC TSRMLS_DC) { php_stream *stream = php_stream_fopen_from_fd_int_rel(fd, mode, persistent_id); diff --git a/sapi/phpdbg/Makefile.frag b/sapi/phpdbg/Makefile.frag index b276aaaa53..36c7512d69 100644 --- a/sapi/phpdbg/Makefile.frag +++ b/sapi/phpdbg/Makefile.frag @@ -28,7 +28,7 @@ install-phpdbg: $(BUILD_BINARY) @$(INSTALL) -m 0755 $(BUILD_BINARY) $(INSTALL_ROOT)$(bindir)/$(program_prefix)phpdbg$(program_suffix)$(EXEEXT) @echo "Installing phpdbg man page: $(INSTALL_ROOT)$(mandir)/man1/" @$(mkinstalldirs) $(INSTALL_ROOT)$(mandir)/man1 - @$(INSTALL_DATA) sapi/phpdbg/phpdbg.1 $(INSTALL_ROOT)$(mandir)/man1/$(program_prefix)phpdbg$(program_suffix).1 + @$(INSTALL_DATA) $(srcdir)/phpdbg.1 $(INSTALL_ROOT)$(mandir)/man1/$(program_prefix)phpdbg$(program_suffix).1 clean-phpdbg: @echo "Cleaning phpdbg object files ..." diff --git a/sapi/phpdbg/phpdbg.c b/sapi/phpdbg/phpdbg.c index 93fdbd7424..1fbd18a423 100644 --- a/sapi/phpdbg/phpdbg.c +++ b/sapi/phpdbg/phpdbg.c @@ -856,7 +856,8 @@ int phpdbg_open_sockets(char *address, int port[2], int (*listen)[2], int (*sock return SUCCESS; } /* }}} */ -void phpdbg_signal_handler(int sig, siginfo_t *info, void *context) { +void phpdbg_signal_handler(int sig, siginfo_t *info, void *context) /* {{{ */ +{ int is_handled = FAILURE; TSRMLS_FETCH(); @@ -874,10 +875,11 @@ void phpdbg_signal_handler(int sig, siginfo_t *info, void *context) { break; } -} +} /* }}} */ #endif -static inline zend_mm_heap *phpdbg_mm_get_heap() { +static inline zend_mm_heap *phpdbg_mm_get_heap() /* {{{ */ +{ zend_mm_heap *mm_heap; TSRMLS_FETCH(); @@ -886,22 +888,22 @@ static inline zend_mm_heap *phpdbg_mm_get_heap() { zend_mm_set_heap(mm_heap TSRMLS_CC); return mm_heap; -} +} /* }}} */ -void *phpdbg_malloc_wrapper(size_t size) +void *phpdbg_malloc_wrapper(size_t size) /* {{{ */ { return zend_mm_alloc(phpdbg_mm_get_heap(), size); -} +} /* }}} */ -void phpdbg_free_wrapper(void *p) +void phpdbg_free_wrapper(void *p) /* {{{ */ { zend_mm_free(phpdbg_mm_get_heap(), p); -} +} /* }}} */ -void *phpdbg_realloc_wrapper(void *ptr, size_t size) +void *phpdbg_realloc_wrapper(void *ptr, size_t size) /* {{{ */ { return zend_mm_realloc(phpdbg_mm_get_heap(), ptr, size); -} +} /* }}} */ int main(int argc, char **argv) /* {{{ */ { diff --git a/travis/compile.sh b/travis/compile.sh index babb945a04..52748c6db5 100755 --- a/travis/compile.sh +++ b/travis/compile.sh @@ -49,5 +49,12 @@ $TS \ --with-openssl \ --with-gmp \ --enable-bcmath \ ---enable-phpdbg +--enable-phpdbg \ +--enable-calendar \ +--enable-ftp \ +--with-pspell=/usr \ +--with-recode=/usr \ +--with-enchant=/usr \ +--enable-wddx \ +--enable-sysvmsg make --quiet diff --git a/win32/build/libs_version.txt b/win32/build/libs_version.txt index a22823d0a9..0ea0067a62 100644 --- a/win32/build/libs_version.txt +++ b/win32/build/libs_version.txt @@ -13,4 +13,4 @@ libssh2-1.4.3 libtidy-20090406 libxslt-1.1.27 libxml-2.9.1 -openssl-1.0.1g +openssl-1.0.1h diff --git a/win32/build/mkdist.php b/win32/build/mkdist.php index 23d26c9c53..640e9b3bd7 100644 --- a/win32/build/mkdist.php +++ b/win32/build/mkdist.php @@ -246,7 +246,8 @@ foreach ($text_files as $src => $dest) { /* general other files */ $general_files = array( - "php.gif" => "php.gif", + "php.gif" => "php.gif", + "$GLOBALS[build_dir]\\deplister.exe" => "deplister.exe", ); foreach ($general_files as $src => $dest) { |