diff options
| -rw-r--r-- | Zend/zend.c | 9 | ||||
| -rw-r--r-- | ext/curl/interface.c | 2 | ||||
| -rw-r--r-- | ext/curl/tests/bug61948.phpt | 20 | ||||
| -rw-r--r-- | ext/phar/tests/tar/phar_setsignaturealgo2.phpt | 4 | ||||
| -rw-r--r-- | ext/phar/tests/zip/phar_setsignaturealgo2.phpt | 6 | ||||
| -rw-r--r-- | ext/standard/array.c | 12 | ||||
| -rw-r--r-- | ext/standard/tests/array/bug61730.phpt | 37 | ||||
| -rw-r--r-- | ext/standard/tests/file/bug61961.phpt | 14 | ||||
| -rwxr-xr-x | main/streams/streams.c | 7 | ||||
| -rw-r--r-- | sapi/cgi/cgi_main.c | 15 | ||||
| -rw-r--r-- | sapi/cli/php_cli_server.c | 28 | ||||
| -rw-r--r-- | sapi/cli/tests/php_cli_server.inc | 23 | ||||
| -rw-r--r-- | sapi/cli/tests/php_cli_server_014.phpt | 4 |
13 files changed, 151 insertions, 30 deletions
diff --git a/Zend/zend.c b/Zend/zend.c index dd299f1d87..37a1a27c7d 100644 --- a/Zend/zend.c +++ b/Zend/zend.c @@ -781,6 +781,8 @@ void zend_register_standard_ini_entries(TSRMLS_D) /* {{{ */ void zend_post_startup(TSRMLS_D) /* {{{ */ { #ifdef ZTS + zend_encoding **script_encoding_list; + zend_compiler_globals *compiler_globals = ts_resource(compiler_globals_id); zend_executor_globals *executor_globals = ts_resource(executor_globals_id); @@ -795,7 +797,12 @@ void zend_post_startup(TSRMLS_D) /* {{{ */ zend_destroy_rsrc_list(&EG(persistent_list) TSRMLS_CC); free(compiler_globals->function_table); free(compiler_globals->class_table); - compiler_globals_ctor(compiler_globals, tsrm_ls); + if ((script_encoding_list = (zend_encoding **)compiler_globals->script_encoding_list)) { + compiler_globals_ctor(compiler_globals, tsrm_ls); + compiler_globals->script_encoding_list = (const zend_encoding **)script_encoding_list; + } else { + compiler_globals_ctor(compiler_globals, tsrm_ls); + } free(EG(zend_constants)); executor_globals_ctor(executor_globals, tsrm_ls); global_persistent_list = &EG(persistent_list); diff --git a/ext/curl/interface.c b/ext/curl/interface.c index 7f38e04efc..35339911ba 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -2640,7 +2640,7 @@ string_copy: convert_to_string_ex(zvalue); - if (php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC)) { + if (!Z_STRLEN_PP(zvalue) || php_check_open_basedir(Z_STRVAL_PP(zvalue) TSRMLS_CC)) { RETVAL_FALSE; return 1; } diff --git a/ext/curl/tests/bug61948.phpt b/ext/curl/tests/bug61948.phpt new file mode 100644 index 0000000000..a03fc3b600 --- /dev/null +++ b/ext/curl/tests/bug61948.phpt @@ -0,0 +1,20 @@ +--TEST-- +Bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction) +--SKIPIF-- +<?php if (!extension_loaded("curl")) print "skip"; ?> +--INI-- +open_basedir="/tmp" +--FILE-- +<?php + $ch = curl_init(); + var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, "")); + var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/foo")); + var_dump(curl_setopt($ch, CURLOPT_COOKIEFILE, "/xxx/bar")); + curl_close($ch); +?> +--EXPECTF-- +bool(false) +bool(true) + +Warning: curl_setopt(): open_basedir restriction in effect. File(/xxx/bar) is not within the allowed path(s): (/tmp) in %sbug61948.php on line %d +bool(false) diff --git a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt index 422ca90e8a..c16e7523f8 100644 --- a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt +++ b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt @@ -32,9 +32,11 @@ var_dump($p->getSignature()); echo $e->getMessage(); } try { +$config = dirname(__FILE__) . '/../files/openssl.cnf'; +$config_arg = array('config' => $config); $private = openssl_get_privatekey(file_get_contents(dirname(dirname(__FILE__)) . '/files/private.pem')); $pkey = ''; -openssl_pkey_export($private, $pkey); +openssl_pkey_export($private, $pkey, NULL, $config_arg); $p->setSignatureAlgorithm(Phar::OPENSSL, $pkey); var_dump($p->getSignature()); } catch (Exception $e) { diff --git a/ext/phar/tests/zip/phar_setsignaturealgo2.phpt b/ext/phar/tests/zip/phar_setsignaturealgo2.phpt index 372f7ddc8e..7d3730c416 100644 --- a/ext/phar/tests/zip/phar_setsignaturealgo2.phpt +++ b/ext/phar/tests/zip/phar_setsignaturealgo2.phpt @@ -49,8 +49,10 @@ var_dump($p->getSignature()); echo $e->getMessage(); } try { -$keys=openssl_pkey_new(); -openssl_pkey_export($keys, $privkey); +$config = dirname(__FILE__) . '/../files/openssl.cnf'; +$config_arg = array('config' => $config); +$keys=openssl_pkey_new($config_arg); +openssl_pkey_export($keys, $privkey, NULL, $config_arg); $pubkey=openssl_pkey_get_details($keys); $p->setSignatureAlgorithm(Phar::OPENSSL, $privkey); diff --git a/ext/standard/array.c b/ext/standard/array.c index d1f302994f..94c5e7e6ee 100644 --- a/ext/standard/array.c +++ b/ext/standard/array.c @@ -1058,7 +1058,6 @@ static int php_array_walk(HashTable *target_hash, zval *userdata, int recursive char *string_key; uint string_key_len; ulong num_key; - HashPosition pos; /* Set up known arguments */ args[1] = &key; @@ -1067,15 +1066,14 @@ static int php_array_walk(HashTable *target_hash, zval *userdata, int recursive Z_ADDREF_P(userdata); } - zend_hash_internal_pointer_reset_ex(target_hash, &pos); - BG(array_walk_fci).retval_ptr_ptr = &retval_ptr; BG(array_walk_fci).param_count = userdata ? 3 : 2; BG(array_walk_fci).params = args; BG(array_walk_fci).no_separation = 0; - + /* Iterate through hash */ - while (!EG(exception) && zend_hash_get_current_data_ex(target_hash, (void **)&args[0], &pos) == SUCCESS) { + zend_hash_internal_pointer_reset(target_hash); + while (!EG(exception) && zend_hash_get_current_data(target_hash, (void **)&args[0]) == SUCCESS) { if (recursive && Z_TYPE_PP(args[0]) == IS_ARRAY) { HashTable *thash; zend_fcall_info orig_array_walk_fci; @@ -1107,7 +1105,7 @@ static int php_array_walk(HashTable *target_hash, zval *userdata, int recursive MAKE_STD_ZVAL(key); /* Set up the key */ - switch (zend_hash_get_current_key_ex(target_hash, &string_key, &string_key_len, &num_key, 0, &pos)) { + switch (zend_hash_get_current_key_ex(target_hash, &string_key, &string_key_len, &num_key, 0, NULL)) { case HASH_KEY_IS_LONG: Z_TYPE_P(key) = IS_LONG; Z_LVAL_P(key) = num_key; @@ -1135,7 +1133,7 @@ static int php_array_walk(HashTable *target_hash, zval *userdata, int recursive zval_ptr_dtor(&key); key = NULL; } - zend_hash_move_forward_ex(target_hash, &pos); + zend_hash_move_forward(target_hash); } if (userdata) { diff --git a/ext/standard/tests/array/bug61730.phpt b/ext/standard/tests/array/bug61730.phpt new file mode 100644 index 0000000000..0fe9f22212 --- /dev/null +++ b/ext/standard/tests/array/bug61730.phpt @@ -0,0 +1,37 @@ +--TEST-- +Bug #61730 (Segfault from array_walk modifying an array passed by reference) +--FILE-- +<?php +$myArray = array_fill(0, 10, 1); + +array_walk( + $myArray, + function($value, $key) use ($myArray) + { + reset($myArray); + } +); + +array_walk( + $myArray, + function($value, $key) use (&$myArray) + { + var_dump($key); + unset($myArray[$key]); + unset($myArray[$key+1]); + unset($myArray[$key+2]); + } +); + + + +print_r($myArray); +--EXPECT-- +int(0) +int(4) +int(8) +Array +( + [3] => 1 + [7] => 1 +) diff --git a/ext/standard/tests/file/bug61961.phpt b/ext/standard/tests/file/bug61961.phpt new file mode 100644 index 0000000000..ff0279a367 --- /dev/null +++ b/ext/standard/tests/file/bug61961.phpt @@ -0,0 +1,14 @@ +--TEST-- +Bug #61961 (file_get_content leaks when access empty file with max length) +--FILE-- +<?php +$tmp_empty_file = __FILE__ . ".tmp"; +file_put_contents($tmp_empty_file, ""); + +var_dump(file_get_contents($tmp_empty_file, NULL, NULL, NULL, 10)); +unlink($tmp_empty_file); +?> +==DONE== +--EXPECT-- +string(0) "" +==DONE==
\ No newline at end of file diff --git a/main/streams/streams.c b/main/streams/streams.c index 35580739cb..3f868b2bd7 100755 --- a/main/streams/streams.c +++ b/main/streams/streams.c @@ -1432,7 +1432,12 @@ PHPAPI size_t _php_stream_copy_to_mem(php_stream *src, char **buf, size_t maxlen len += ret; ptr += ret; } - *ptr = '\0'; + if (len) { + *ptr = '\0'; + } else { + pefree(*buf, persistent); + *buf = NULL; + } return len; } diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c index 6b4550dc9b..e6d011bc1d 100644 --- a/sapi/cgi/cgi_main.c +++ b/sapi/cgi/cgi_main.c @@ -70,6 +70,7 @@ #include "php_main.h" #include "fopen_wrappers.h" #include "ext/standard/php_standard.h" +#include "ext/standard/url.h" #ifdef PHP_WIN32 # include <io.h> @@ -1752,6 +1753,9 @@ int main(int argc, char *argv[]) #ifndef PHP_WIN32 int status = 0; #endif + char *query_string; + char *decoded_query_string; + int skip_getopt = 0; #if 0 && defined(PHP_DEBUG) /* IIS is always making things more difficult. This allows @@ -1802,7 +1806,16 @@ int main(int argc, char *argv[]) } } - while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) { + if(query_string = getenv("QUERY_STRING")) { + decoded_query_string = strdup(query_string); + php_url_decode(decoded_query_string, strlen(decoded_query_string)); + if(*decoded_query_string == '-' && strchr(decoded_query_string, '=') == NULL) { + skip_getopt = 1; + } + free(decoded_query_string); + } + + while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) { switch (c) { case 'c': if (cgi_sapi_module.php_ini_path_override) { diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c index a3ed390508..0850425d07 100644 --- a/sapi/cli/php_cli_server.c +++ b/sapi/cli/php_cli_server.c @@ -1285,8 +1285,8 @@ static void php_cli_server_request_translate_vpath(php_cli_server_request *reque struct stat sb; static const char *index_files[] = { "index.php", "index.html", NULL }; char *buf = safe_pemalloc(1, request->vpath_len, 1 + document_root_len + 1 + sizeof("index.html"), 1); - char *p = buf, *prev_patch = 0, *q, *vpath; - size_t prev_patch_len; + char *p = buf, *prev_path = NULL, *q, *vpath; + size_t prev_path_len; int is_static_file = 0; if (!buf) { @@ -1335,8 +1335,8 @@ static void php_cli_server_request_translate_vpath(php_cli_server_request *reque file++; } if (!*file || is_static_file) { - if (prev_patch) { - pefree(prev_patch, 1); + if (prev_path) { + pefree(prev_path, 1); } pefree(buf, 1); return; @@ -1344,25 +1344,25 @@ static void php_cli_server_request_translate_vpath(php_cli_server_request *reque } break; /* regular file */ } - if (prev_patch) { - pefree(prev_patch, 1); + if (prev_path) { + pefree(prev_path, 1); *q = DEFAULT_SLASH; } while (q > buf && *(--q) != DEFAULT_SLASH); - prev_patch_len = p - q; - prev_patch = pestrndup(q, prev_patch_len, 1); + prev_path_len = p - q; + prev_path = pestrndup(q, prev_path_len, 1); *q = '\0'; } - if (prev_patch) { - request->path_info_len = prev_patch_len; + if (prev_path) { + request->path_info_len = prev_path_len; #ifdef PHP_WIN32 - while (prev_patch_len--) { - if (prev_patch[prev_patch_len] == '\\') { - prev_patch[prev_patch_len] = '/'; + while (prev_pach_len--) { + if (prev_path[prev_path_len] == '\\') { + prev_path[prev_path_len] = '/'; } } #endif - request->path_info = prev_patch; + request->path_info = prev_path; pefree(request->vpath, 1); request->vpath = pestrndup(vpath, q - vpath, 1); request->vpath_len = q - vpath; diff --git a/sapi/cli/tests/php_cli_server.inc b/sapi/cli/tests/php_cli_server.inc index 44ee76ea7f..d24a679e77 100644 --- a/sapi/cli/tests/php_cli_server.inc +++ b/sapi/cli/tests/php_cli_server.inc @@ -1,5 +1,7 @@ <?php -define ("PHP_CLI_SERVER_ADDRESS", "localhost:8964"); +define ("PHP_CLI_SERVER_HOSTNAME", "localhost"); +define ("PHP_CLI_SERVER_PORT", 8964); +define ("PHP_CLI_SERVER_ADDRESS", PHP_CLI_SERVER_HOSTNAME.":".PHP_CLI_SERVER_PORT); function php_cli_server_start($code = 'echo "Hello world";', $no_router = FALSE) { $php_executable = getenv('TEST_PHP_EXECUTABLE'); @@ -32,6 +34,19 @@ function php_cli_server_start($code = 'echo "Hello world";', $no_router = FALSE) $handle = proc_open($cmd, $descriptorspec, $pipes, $doc_root); } + + // note: even when server prints 'Listening on localhost:8964...Press Ctrl-C to quit.' + // it might not be listening yet...need to wait until fsockopen() call returns + $fp = fsockopen(PHP_CLI_SERVER_HOSTNAME, PHP_CLI_SERVER_PORT); + if ($fp) { + // server will report Unexpected EOF error (socket opened, closed without writing + // anything) but that can be ignored + fclose($fp); + } else { + // test will fail to connect if server doesn't start listening/accepting + // in the next few microseconds + } + register_shutdown_function( function($handle) use($router) { @@ -40,7 +55,11 @@ function php_cli_server_start($code = 'echo "Hello world";', $no_router = FALSE) }, $handle ); - usleep(50000); + // don't bother sleeping, server is already up + //usleep(50000); + // server can take a variable amount of time to be up, so just sleeping a guessed amount of time + // does not work. this is why tests sometimes pass and sometimes fail. to get a reliable pass + // sleeping doesn't work. } ?> diff --git a/sapi/cli/tests/php_cli_server_014.phpt b/sapi/cli/tests/php_cli_server_014.phpt index 4b56caa70f..2eca8706bb 100644 --- a/sapi/cli/tests/php_cli_server_014.phpt +++ b/sapi/cli/tests/php_cli_server_014.phpt @@ -13,6 +13,10 @@ list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS); $port = intval($port)?:80; $output = ''; +// note: select() on Windows (& some other platforms) has historical issues with +// timeouts less than 1000 millis(0.5). it may be better to increase these +// timeouts to 1000 millis(1.0) (fsockopen eventually calls select()). +// see articles like: http://support.microsoft.com/kb/257821 $fp = fsockopen($host, $port, $errno, $errstr, 0.5); if (!$fp) { die("connect failed"); |