Tree - rpms/php - CentOS Git server

rpms / php

Blame SOURCES/php-5.4.16-bug69353.patch

Blob History Raw

		af9dc8	`Adapted for 5.4.16 from`
		af9dc8
		af9dc8	`From 52b93f0cfd3cba7ff98cc5198df6ca4f23865f80 Mon Sep 17 00:00:00 2001`
		af9dc8	`From: Stanislav Malyshev <stas@php.net>`
		af9dc8	`Date: Sun, 5 Apr 2015 16:01:24 -0700`
		af9dc8	`Subject: [PATCH] Fixed bug #69353 (Missing null byte checks for paths in`
		af9dc8	`various PHP extensions)`
		af9dc8
		af9dc8	`---`
		af9dc8	`ext/dom/document.c \| 5 ++++-`
		af9dc8	`ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt \| 5 +++++`
		af9dc8	`ext/fileinfo/fileinfo.c \| 5 +++++`
		af9dc8	`ext/fileinfo/tests/finfo_file_basic.phpt \| 4 ++++`
		af9dc8	`ext/gd/gd.c \| 8 ++++----`
		af9dc8	`ext/hash/hash.c \| 7 ++++++-`
		af9dc8	`ext/hash/tests/hash_hmac_file_error.phpt \| 7 +++++++`
		af9dc8	`ext/pgsql/pgsql.c \| 2 +-`
		af9dc8	`ext/standard/link.c \| 2 +-`
		af9dc8	`ext/standard/streamsfuncs.c \| 2 +-`
		af9dc8	`ext/xmlwriter/php_xmlwriter.c \| 4 ++--`
		af9dc8	`ext/zlib/zlib.c \| 4 ++--`
		af9dc8	`12 files changed, 42 insertions(+), 13 deletions(-)`
		af9dc8
		af9dc8	`diff --git a/ext/dom/document.c b/ext/dom/document.c`
		af9dc8	`index 18c9cc6..7c5817a 100644`
		af9dc8	`--- a/ext/dom/document.c`
		af9dc8	`+++ b/ext/dom/document.c`
		af9dc8	`@@ -1574,6 +1574,9 @@ static xmlDocPtr dom_document_parser(zval id, int mode, char source, int sourc`
		af9dc8	`xmlInitParser();`
		af9dc8
		af9dc8	`if (mode == DOM_LOAD_FILE) {`
		af9dc8	`+ if (CHECK_NULL_PATH(source, source_len)) {`
		af9dc8	`+ return NULL;`
		af9dc8	`+ }`
		af9dc8	`char *file_dest = _dom_get_valid_file_path(source, resolved_path, MAXPATHLEN TSRMLS_CC);`
		af9dc8	`if (file_dest) {`
		af9dc8	`ctxt = xmlCreateFileParserCtxt(file_dest);`
		af9dc8	`@@ -2165,7 +2165,7 @@ static void dom_load_html(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */`
		af9dc8
		af9dc8	`id = getThis();`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s\|l", &source, &source_len, &options) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p\|l", &source, &source_len, &options) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/fileinfo/fileinfo.c b/ext/fileinfo/fileinfo.c`
		af9dc8	`index ead7585..9f651af 100644`
		af9dc8	`--- a/ext/fileinfo/fileinfo.c`
		af9dc8	`+++ b/ext/fileinfo/fileinfo.c`
		af9dc8	`@@ -506,6 +506,11 @@ static void _php_finfo_get_type(INTERNAL_FUNCTION_PARAMETERS, int mode, int mime`
		af9dc8	`RETVAL_FALSE;`
		af9dc8	`goto clean;`
		af9dc8	`}`
		af9dc8	`+ if (CHECK_NULL_PATH(buffer, buffer_len)) {`
		af9dc8	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid path");`
		af9dc8	`+ RETVAL_FALSE;`
		af9dc8	`+ goto clean;`
		af9dc8	`+ }`
		af9dc8
		af9dc8	`wrap = php_stream_locate_url_wrapper(buffer, &tmp2, 0 TSRMLS_CC);`
		af9dc8
		af9dc8	`diff --git a/ext/fileinfo/tests/finfo_file_basic.phpt b/ext/fileinfo/tests/finfo_file_basic.phpt`
		af9dc8	`index 20223fd..ee70e2e 100644`
		af9dc8	`--- a/ext/fileinfo/tests/finfo_file_basic.phpt`
		af9dc8	`+++ b/ext/fileinfo/tests/finfo_file_basic.phpt`
		af9dc8	`@@ -19,6 +19,7 @@ echo "* Testing finfo_file() : basic functionality *\n";`
		af9dc8	`var_dump( finfo_file( $finfo, __FILE__) );`
		af9dc8	`var_dump( finfo_file( $finfo, __FILE__, FILEINFO_CONTINUE ) );`
		af9dc8	`var_dump( finfo_file( $finfo, $magicFile ) );`
		af9dc8	`+var_dump( finfo_file( $finfo, $magicFile.chr(0).$magicFile) );`
		af9dc8
		af9dc8	`?>`
		af9dc8	`===DONE===`
		af9dc8	`@@ -27,4 +28,7 @@ var_dump( finfo_file( $finfo, $magicFile ) );`
		af9dc8	`string(28) "text/x-php; charset=us-ascii"`
		af9dc8	`string(22) "PHP script, ASCII text"`
		af9dc8	`string(25) "text/plain; charset=utf-8"`
		af9dc8	`+`
		af9dc8	`+Warning: finfo_file(): Invalid path in %s/finfo_file_basic.php on line %d`
		af9dc8	`+bool(false)`
		af9dc8	`===DONE===`
		af9dc8	`diff --git a/ext/gd/gd.c b/ext/gd/gd.c`
		af9dc8	`index cbc1d2b..322325e 100644`
		af9dc8	`--- a/ext/gd/gd.c`
		af9dc8	`+++ b/ext/gd/gd.c`
		af9dc8	`@@ -1495,7 +1495,7 @@ PHP_FUNCTION(imageloadfont)`
		af9dc8	`gdFontPtr font;`
		af9dc8	`php_stream *stream;`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &file, &file_name) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p", &file, &file_name) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`@@ -2438,7 +2438,7 @@ static void _php_image_create_from(INTER`
		af9dc8	`long ignore_warning;`
		af9dc8	`#endif`
		af9dc8	`if (image_type == PHP_GDIMG_TYPE_GD2PART) {`
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sllll", &file, &file_len, &srcx, &srcy, &width, &height) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "pllll", &file, &file_len, &srcx, &srcy, &width, &height) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8	`if (width < 1 \|\| height < 1) {`
		af9dc8	`@@ -2446,7 +2446,7 @@ static void _php_image_create_from(INTER`
		af9dc8	`RETURN_FALSE;`
		af9dc8	`}`
		af9dc8	`} else {`
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &file, &file_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p", &file, &file_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8	`}`
		af9dc8	`@@ -4178,7 +4178,7 @@ PHP_FUNCTION(imagepsencodefont)`
		af9dc8	`char enc, *enc_vector;`
		af9dc8	`int enc_len, *f_ind;`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &fnt, &enc, &enc_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rp", &fnt, &enc, &enc_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/hash/hash.c b/ext/hash/hash.c`
		af9dc8	`index abdc62b..9cd6b8e 100644`
		af9dc8	`--- a/ext/hash/hash.c`
		af9dc8	`+++ b/ext/hash/hash.c`
		af9dc8	`@@ -142,6 +142,7 @@ static void php_hash_do_hash(INTERNAL_FU`
		af9dc8	`}`
		af9dc8	`if (isfilename) {`
		af9dc8	`if (CHECK_NULL_PATH(data, data_len)) {`
		af9dc8	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid path");`
		af9dc8	`RETURN_FALSE;`
		af9dc8	`}`
		af9dc8	`stream = php_stream_open_wrapper_ex(data, "rb", REPORT_ERRORS, NULL, DEFAULT_CONTEXT);`
		af9dc8	`@@ -222,6 +223,10 @@ static void php_hash_do_hash_hmac(INTERN`
		af9dc8	`RETURN_FALSE;`
		af9dc8	`}`
		af9dc8	`if (isfilename) {`
		af9dc8	`+ if (CHECK_NULL_PATH(data, data_len)) {`
		af9dc8	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid path");`
		af9dc8	`+ RETURN_FALSE;`
		af9dc8	`+ }`
		af9dc8	`stream = php_stream_open_wrapper_ex(data, "rb", REPORT_ERRORS, NULL, DEFAULT_CONTEXT);`
		af9dc8	`if (!stream) {`
		af9dc8	`/* Stream will report errors opening file */`
		af9dc8	`@@ -449,7 +454,7 @@ PHP_FUNCTION(hash_update_file)`
		af9dc8	`char *filename, buf[1024];`
		af9dc8	`int filename_len, n;`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs\|r", &zhash, &filename, &filename_len, &zcontext) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rp\|r", &zhash, &filename, &filename_len, &zcontext) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/hash/tests/hash_hmac_file_error.phpt b/ext/hash/tests/hash_hmac_file_error.phpt`
		af9dc8	`index 42ab122..26ba8aa 100644`
		af9dc8	`--- a/ext/hash/tests/hash_hmac_file_error.phpt`
		af9dc8	`+++ b/ext/hash/tests/hash_hmac_file_error.phpt`
		af9dc8	`@@ -28,6 +28,9 @@ hash_hmac_file('crc32', $file, $key, TRUE, $extra_arg);`
		af9dc8	`echo "\n-- Testing hash_hmac_file() function with invalid hash algorithm --\n";`
		af9dc8	`hash_hmac_file('foo', $file, $key, TRUE);`
		af9dc8
		af9dc8	`+echo "\n-- Testing hash_hmac_file() function with bad path --\n";`
		af9dc8	`+hash_hmac_file('crc32', $file.chr(0).$file, $key, TRUE);`
		af9dc8	`+`
		af9dc8	`?>`
		af9dc8	`===Done===`
		af9dc8	`--EXPECTF--`
		af9dc8	`@@ -51,4 +54,8 @@ Warning: hash_hmac_file() expects at most 4 parameters, 5 given in %s on line %d`
		af9dc8	`-- Testing hash_hmac_file() function with invalid hash algorithm --`
		af9dc8
		af9dc8	`Warning: hash_hmac_file(): Unknown hashing algorithm: foo in %s on line %d`
		af9dc8	`+`
		af9dc8	`+-- Testing hash_hmac_file() function with bad path --`
		af9dc8	`+`
		af9dc8	`+Warning: hash_hmac_file(): Invalid path in %s on line %d`
		af9dc8	`===Done===`
		af9dc8	`\ No newline at end of file`
		af9dc8	`diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c`
		af9dc8	`index 7af7e8b..23d55cb 100644`
		af9dc8	`--- a/ext/pgsql/pgsql.c`
		af9dc8	`+++ b/ext/pgsql/pgsql.c`
		af9dc8	`@@ -2884,7 +2884,7 @@ PHP_FUNCTION(pg_trace)`
		af9dc8	`php_stream *stream;`
		af9dc8	`id = PGG(default_link);`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(argc TSRMLS_CC, "s\|sr", &z_filename, &z_filename_len, &mode, &mode_len, &pgsql_link) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(argc TSRMLS_CC, "p\|sr", &z_filename, &z_filename_len, &mode, &mode_len, &pgsql_link) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/standard/link.c b/ext/standard/link.c`
		af9dc8	`index 0e40a0b..4ed2c5e 100644`
		af9dc8	`--- a/ext/standard/link.c`
		af9dc8	`+++ b/ext/standard/link.c`
		af9dc8	`@@ -59,7 +59,7 @@ PHP_FUNCTION(readlink)`
		af9dc8	`char buff[MAXPATHLEN];`
		af9dc8	`int ret;`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &link, &link_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p", &link, &link_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/standard/streamsfuncs.c b/ext/standard/streamsfuncs.c`
		af9dc8	`index 7ddfc66..4c2837e 100644`
		af9dc8	`--- a/ext/standard/streamsfuncs.c`
		af9dc8	`+++ b/ext/standard/streamsfuncs.c`
		af9dc8	`@@ -1545,7 +1545,7 @@ PHP_FUNCTION(stream_resolve_include_path)`
		af9dc8	`char filename, resolved_path;`
		af9dc8	`int filename_len;`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &filename, &filename_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p", &filename, &filename_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/xmlwriter/php_xmlwriter.c b/ext/xmlwriter/php_xmlwriter.c`
		af9dc8	`index 206d82a..7a650e2 100644`
		af9dc8	`--- a/ext/xmlwriter/php_xmlwriter.c`
		af9dc8	`+++ b/ext/xmlwriter/php_xmlwriter.c`
		af9dc8	`@@ -1738,7 +1738,7 @@ static PHP_FUNCTION(xmlwriter_write_dtd_entity)`
		af9dc8	`/* }}} */`
		af9dc8	`#endif`
		af9dc8
		af9dc8	`-/* {{{ proto resource xmlwriter_open_uri(resource xmlwriter, string source)`
		af9dc8	`+/* {{{ proto resource xmlwriter_open_uri(string source)`
		af9dc8	`Create new xmlwriter using source uri for output */`
		af9dc8	`static PHP_FUNCTION(xmlwriter_open_uri)`
		af9dc8	`{`
		af9dc8	`@@ -1759,7 +1759,7 @@ static PHP_FUNCTION(xmlwriter_open_uri)`
		af9dc8	`void *ioctx;`
		af9dc8	`#endif`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &source, &source_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p", &source, &source_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/zlib/zlib.c b/ext/zlib/zlib.c`
		af9dc8	`index d70198c..ec958e1 100644`
		af9dc8	`--- a/ext/zlib/zlib.c`
		af9dc8	`+++ b/ext/zlib/zlib.c`
		af9dc8	`@@ -581,7 +581,7 @@ static PHP_FUNCTION(gzopen)`
		af9dc8	`php_stream *stream;`
		af9dc8	`long use_include_path = 0;`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss\|l", &filename, &filename_len, &mode, &mode_len, &use_include_path) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ps\|l", &filename, &filename_len, &mode, &mode_len, &use_include_path) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`@@ -609,7 +609,7 @@ static PHP_FUNCTION(readgzfile)`
		af9dc8	`int size;`
		af9dc8	`long use_include_path = 0;`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s\|l", &filename, &filename_len, &use_include_path) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p\|l", &filename, &filename_len, &use_include_path) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`--`
		af9dc8	`2.1.4`
		af9dc8
		af9dc8	`From 1defbb25ed69e7a1a90e2bcb2ee3b9190ea06577 Mon Sep 17 00:00:00 2001`
		af9dc8	`From: Stanislav Malyshev <stas@php.net>`
		af9dc8	`Date: Sun, 12 Apr 2015 00:56:02 -0700`
		af9dc8	`Subject: [PATCH] Fix test`
		af9dc8
		af9dc8	`---`
		af9dc8	`ext/standard/tests/file/readlink_variation1.phpt \| 2 +-`
		af9dc8	`1 file changed, 1 insertion(+), 1 deletion(-)`
		af9dc8
		af9dc8	`diff --git a/ext/standard/tests/file/readlink_variation1.phpt b/ext/standard/tests/file/readlink_variation1.phpt`
		af9dc8	`index 1dae17c..d4f1a5f 100644`
		af9dc8	`--- a/ext/standard/tests/file/readlink_variation1.phpt`
		af9dc8	`+++ b/ext/standard/tests/file/readlink_variation1.phpt`
		af9dc8	`@@ -65,7 +65,7 @@ bool(false)`
		af9dc8	`Warning: readlink(): %s in %s on line %d`
		af9dc8	`bool(false)`
		af9dc8
		af9dc8	`-Warning: readlink() expects parameter 1 to be string, resource given in %s on line %d`
		af9dc8	`+Warning: readlink() expects parameter 1 to be a valid path, resource given in %s on line %d`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`Warning: readlink(): %s in %s on line %d`
		af9dc8	`--`
		af9dc8	`2.1.4`
		af9dc8
		af9dc8	`From a643ccfb90750e0d830106588d2a46af87706b5b Mon Sep 17 00:00:00 2001`
		af9dc8	`From: Stanislav Malyshev <stas@php.net>`
		af9dc8	`Date: Sun, 12 Apr 2015 20:53:09 -0700`
		af9dc8	`Subject: [PATCH] Fix tests`
		af9dc8
		af9dc8	`---`
		af9dc8	`ext/gd/tests/imageloadfont_error1.phpt \| 6 +++---`
		af9dc8	`ext/zlib/tests/gzopen_variation1.phpt \| 28 ++++++++++++++--------------`
		af9dc8	`ext/zlib/tests/readgzfile_variation1.phpt \| 10 +++++-----`
		af9dc8	`ext/zlib/tests/readgzfile_variation6.phpt \| 4 ++--`
		af9dc8	`4 files changed, 24 insertions(+), 24 deletions(-)`
		af9dc8
		af9dc8	`diff --git a/ext/gd/tests/imageloadfont_error1.phpt b/ext/gd/tests/imageloadfont_error1.phpt`
		af9dc8	`index 16d1a3c..418bbf3 100644`
		af9dc8	`--- a/ext/gd/tests/imageloadfont_error1.phpt`
		af9dc8	`+++ b/ext/gd/tests/imageloadfont_error1.phpt`
		af9dc8	`@@ -3,7 +3,7 @@ Testing that imageloadfont() breaks on non-string first parameter`
		af9dc8	`--CREDITS--`
		af9dc8	`Neveo Harrison <neveoo [at] gmail [dot] com> #testfest #tek11`
		af9dc8	`--SKIPIF--`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`if (!extension_loaded("gd")) die("skip GD not present");`
		af9dc8	`?>`
		af9dc8	`--FILE--`
		af9dc8	`@@ -11,5 +11,5 @@ Neveo Harrison <neveoo [at] gmail [dot] com> #testfest #tek11`
		af9dc8	`var_dump( imageloadfont(array()) );`
		af9dc8	`?>`
		af9dc8	`--EXPECTF--`
		af9dc8	`-Warning: imageloadfont() expects parameter 1 to be string, array given in %s on line %d`
		af9dc8	`-NULL`
		af9dc8	`\ No newline at end of file`
		af9dc8	`+Warning: imageloadfont() expects parameter 1 to be a valid path, array given in %s on line %d`
		af9dc8	`+NULL`
		af9dc8	`diff --git a/ext/zlib/tests/gzopen_variation1.phpt b/ext/zlib/tests/gzopen_variation1.phpt`
		af9dc8	`index c5a47f4..bca48f3 100644`
		af9dc8	`--- a/ext/zlib/tests/gzopen_variation1.phpt`
		af9dc8	`+++ b/ext/zlib/tests/gzopen_variation1.phpt`
		af9dc8	`@@ -1,17 +1,17 @@`
		af9dc8	`--TEST--`
		af9dc8	`-Test gzopen() function : usage variation`
		af9dc8	`+Test gzopen() function : usage variation`
		af9dc8	`--SKIPIF--`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`if (!extension_loaded("zlib")) {`
		af9dc8	`- print "skip - zlib extension not loaded";`
		af9dc8	`-}`
		af9dc8	`+ print "skip - zlib extension not loaded";`
		af9dc8	`+}`
		af9dc8	`?>`
		af9dc8	`--FILE--`
		af9dc8
		af9dc8	`/* Prototype : resource gzopen(string filename, string mode [, int use_include_path])`
		af9dc8	`- * Description: Open a .gz-file and return a .gz-file pointer`
		af9dc8	`+ * Description: Open a .gz-file and return a .gz-file pointer`
		af9dc8	`* Source code: ext/zlib/zlib.c`
		af9dc8	`- * Alias to functions:`
		af9dc8	`+ * Alias to functions:`
		af9dc8	`*/`
		af9dc8
		af9dc8	`echo "* Testing gzopen() : usage variation *\n";`
		af9dc8	`@@ -102,9 +102,9 @@ $inputs = array(`
		af9dc8
		af9dc8	`// unset data`
		af9dc8	`'unset var' => @$unset_var,`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`// resource variable`
		af9dc8	`- 'resource' => $fp`
		af9dc8	`+ 'resource' => $fp`
		af9dc8	`);`
		af9dc8
		af9dc8	`// loop through each element of the array for filename`
		af9dc8	`@@ -158,19 +158,19 @@ Error: 2 - gzopen(0.5): failed to open stream: No such file or directory, %s(%d)`
		af9dc8	`bool(false)`
		af9dc8
		af9dc8	`--empty array--`
		af9dc8	`-Error: 2 - gzopen() expects parameter 1 to be string, array given, %s(%d)`
		af9dc8	`+Error: 2 - gzopen() expects parameter 1 to be a valid path, array given, %s(%d)`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`--int indexed array--`
		af9dc8	`-Error: 2 - gzopen() expects parameter 1 to be string, array given, %s(%d)`
		af9dc8	`+Error: 2 - gzopen() expects parameter 1 to be a valid path, array given, %s(%d)`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`--associative array--`
		af9dc8	`-Error: 2 - gzopen() expects parameter 1 to be string, array given, %s(%d)`
		af9dc8	`+Error: 2 - gzopen() expects parameter 1 to be a valid path, array given, %s(%d)`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`--nested arrays--`
		af9dc8	`-Error: 2 - gzopen() expects parameter 1 to be string, array given, %s(%d)`
		af9dc8	`+Error: 2 - gzopen() expects parameter 1 to be a valid path, array given, %s(%d)`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`--uppercase NULL--`
		af9dc8	`@@ -210,7 +210,7 @@ Error: 2 - gzopen(Class A object): failed to open stream: No such file or direct`
		af9dc8	`bool(false)`
		af9dc8
		af9dc8	`--instance of classWithoutToString--`
		af9dc8	`-Error: 2 - gzopen() expects parameter 1 to be string, object given, %s(%d)`
		af9dc8	`+Error: 2 - gzopen() expects parameter 1 to be a valid path, object given, %s(%d)`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`--undefined var--`
		af9dc8	`@@ -222,7 +222,7 @@ Error: 2 - gzopen(): Filename cannot be empty, %s(%d)`
		af9dc8	`bool(false)`
		af9dc8
		af9dc8	`--resource--`
		af9dc8	`-Error: 2 - gzopen() expects parameter 1 to be string, resource given, %s(%d)`
		af9dc8	`+Error: 2 - gzopen() expects parameter 1 to be a valid path, resource given, %s(%d)`
		af9dc8	`NULL`
		af9dc8	`===DONE===`
		af9dc8
		af9dc8	`diff --git a/ext/zlib/tests/readgzfile_variation1.phpt b/ext/zlib/tests/readgzfile_variation1.phpt`
		af9dc8	`index 5a5ec4f..5d9b639 100644`
		af9dc8	`--- a/ext/zlib/tests/readgzfile_variation1.phpt`
		af9dc8	`+++ b/ext/zlib/tests/readgzfile_variation1.phpt`
		af9dc8	`@@ -29,15 +29,15 @@ foreach ( $variation as $var ) {`
		af9dc8	`===DONE===`
		af9dc8	`--EXPECTF--`
		af9dc8
		af9dc8	`-Warning: readgzfile() expects parameter 1 to be string, array given in %s on line %d`
		af9dc8	`+Warning: readgzfile() expects parameter 1 to be a valid path, array given in %s on line %d`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`-Warning: readgzfile() expects parameter 1 to be string, array given in %s on line %d`
		af9dc8	`+Warning: readgzfile() expects parameter 1 to be a valid path, array given in %s on line %d`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`-Warning: readgzfile() expects parameter 1 to be string, array given in %s on line %d`
		af9dc8	`+Warning: readgzfile() expects parameter 1 to be a valid path, array given in %s on line %d`
		af9dc8	`NULL`
		af9dc8
		af9dc8	`-Warning: readgzfile() expects parameter 1 to be string, array given in %s on line %d`
		af9dc8	`+Warning: readgzfile() expects parameter 1 to be a valid path, array given in %s on line %d`
		af9dc8	`NULL`
		af9dc8	`-===DONE===`
		af9dc8	`\ No newline at end of file`
		af9dc8	`+===DONE===`
		af9dc8	`diff --git a/ext/zlib/tests/readgzfile_variation6.phpt b/ext/zlib/tests/readgzfile_variation6.phpt`
		af9dc8	`index 702f918..9fcea02 100644`
		af9dc8	`--- a/ext/zlib/tests/readgzfile_variation6.phpt`
		af9dc8	`+++ b/ext/zlib/tests/readgzfile_variation6.phpt`
		af9dc8	`@@ -45,5 +45,5 @@ foreach ( $variation as $var ) {`
		af9dc8	`--EXPECTF--`
		af9dc8	`Error: 2 - readgzfile(Class A object): failed to open stream: No such file or directory, %s(%d)`
		af9dc8	`bool(false)`
		af9dc8	`-Error: 2 - readgzfile() expects parameter 1 to be string, object given, %s(%d)`
		af9dc8	`-NULL`
		af9dc8	`\ No newline at end of file`
		af9dc8	`+Error: 2 - readgzfile() expects parameter 1 to be a valid path, object given, %s(%d)`
		af9dc8	`+NULL`
		af9dc8	`--`
		af9dc8	`2.1.4`
		af9dc8
		af9dc8	`From f7d7befae8bcc2db0093f8adaa9f72eeb7ad891e Mon Sep 17 00:00:00 2001`
		af9dc8	`From: Stanislav Malyshev <stas@php.net>`
		af9dc8	`Date: Sun, 31 May 2015 22:47:52 -0700`
		af9dc8	`Subject: [PATCH] Fix #69719 - more checks for nulls in paths`
		af9dc8
		af9dc8	`---`
		af9dc8	`ext/dom/document.c \| 22 +++++++++++++++++-----`
		af9dc8	`ext/gd/gd.c \| 16 ++++++++--------`
		af9dc8	`2 files changed, 25 insertions(+), 13 deletions(-)`
		af9dc8
		af9dc8	`diff --git a/ext/dom/document.c b/ext/dom/document.c`
		af9dc8	`index 48a19dd..097fcba 100644`
		af9dc8	`--- a/ext/dom/document.c`
		af9dc8	`+++ b/ext/dom/document.c`
		af9dc8	`@@ -1754,7 +1754,7 @@ PHP_FUNCTION(dom_document_save)`
		af9dc8	`char *file;`
		af9dc8	`long options = 0;`
		af9dc8
		af9dc8	`- if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os\|l", &id, dom_document_class_entry, &file, &file_len, &options) == FAILURE) {`
		af9dc8	`+ if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op\|l", &id, dom_document_class_entry, &file, &file_len, &options) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`@@ -1983,7 +1983,7 @@ static void _dom_document_schema_validat`
		af9dc8	`int is_valid;`
		af9dc8	`char resolved_path[MAXPATHLEN + 1];`
		af9dc8
		af9dc8	`- if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`@@ -1996,6 +1996,10 @@ static void _dom_document_schema_validat`
		af9dc8
		af9dc8	`switch (type) {`
		af9dc8	`case DOM_LOAD_FILE:`
		af9dc8	`+ if (CHECK_NULL_PATH(source, source_len)) {`
		af9dc8	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Schema file source");`
		af9dc8	`+ RETURN_FALSE;`
		af9dc8	`+ }`
		af9dc8	`valid_file = _dom_get_valid_file_path(source, resolved_path, MAXPATHLEN TSRMLS_CC);`
		af9dc8	`if (!valid_file) {`
		af9dc8	`php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Schema file source");`
		af9dc8	`@@ -2072,7 +2076,7 @@ static void _dom_document_relaxNG_valida`
		af9dc8	`int is_valid;`
		af9dc8	`char resolved_path[MAXPATHLEN + 1];`
		af9dc8
		af9dc8	`- if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`@@ -2085,6 +2089,10 @@ static void _dom_document_relaxNG_valida`
		af9dc8
		af9dc8	`switch (type) {`
		af9dc8	`case DOM_LOAD_FILE:`
		af9dc8	`+ if (CHECK_NULL_PATH(source, source_len)) {`
		af9dc8	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid RelaxNG file source");`
		af9dc8	`+ RETURN_FALSE;`
		af9dc8	`+ }`
		af9dc8	`valid_file = _dom_get_valid_file_path(source, resolved_path, MAXPATHLEN TSRMLS_CC);`
		af9dc8	`if (!valid_file) {`
		af9dc8	`php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid RelaxNG file source");`
		af9dc8	`@@ -2165,7 +2173,7 @@ static void dom_load_html(INTERNAL_FUNCT`
		af9dc8
		af9dc8	`id = getThis();`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p\|l", &source, &source_len, &options) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s\|l", &source, &source_len, &options) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`@@ -2175,6 +2183,10 @@ static void dom_load_html(INTERNAL_FUNCT`
		af9dc8	`}`
		af9dc8
		af9dc8	`if (mode == DOM_LOAD_FILE) {`
		af9dc8	`+ if (CHECK_NULL_PATH(source, source_len)) {`
		af9dc8	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid file source");`
		af9dc8	`+ RETURN_FALSE;`
		af9dc8	`+ }`
		af9dc8	`ctxt = htmlCreateFileParserCtxt(source, NULL);`
		af9dc8	`} else {`
		af9dc8	`source_len = xmlStrlen(source);`
		af9dc8	`@@ -2263,7 +2275,7 @@ PHP_FUNCTION(dom_document_save_html_file`
		af9dc8	`char *file;`
		af9dc8	`const char *encoding;`
		af9dc8
		af9dc8	`- if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &id, dom_document_class_entry, &file, &file_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op", &id, dom_document_class_entry, &file, &file_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`diff --git a/ext/gd/gd.c b/ext/gd/gd.c`
		af9dc8	`index d258c3d..e527575 100644`
		af9dc8	`--- a/ext/gd/gd.c`
		af9dc8	`+++ b/ext/gd/gd.c`
		af9dc8	`@@ -1790,7 +1790,7 @@ PHP_FUNCTION(imagefilledarc)`
		af9dc8	`long cx, cy, w, h, ST, E, col, style;`
		af9dc8	`gdImagePtr im;`
		af9dc8	`int e, st;`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rllllllll", &IM, &cx, &cy, &w, &h, &ST, &E, &col, &style) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8	`@@ -2033,7 +2033,7 @@ PHP_FUNCTION(imagegrabwindow)`
		af9dc8	`if ( handle == 0 ) {`
		af9dc8	`goto clean;`
		af9dc8	`}`
		af9dc8	`- pPrintWindow = (tPrintWindow) GetProcAddress(handle, "PrintWindow");`
		af9dc8	`+ pPrintWindow = (tPrintWindow) GetProcAddress(handle, "PrintWindow");`
		af9dc8
		af9dc8	`if ( pPrintWindow ) {`
		af9dc8	`pPrintWindow(window, memDC, (UINT) client_area);`
		af9dc8	`@@ -3984,7 +3984,7 @@ static void php_imagettftext_common(INTERNAL_FUNCTION_PARAMETERS, int mode, int`
		af9dc8	`if (zend_hash_get_current_data_ex(HASH_OF(EXT), (void **) &item, &pos) == FAILURE) {`
		af9dc8	`continue;`
		af9dc8	`}`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`if (strcmp("linespacing", key) == 0) {`
		af9dc8	`convert_to_double_ex(item);`
		af9dc8	`strex.flags \|= gdFTEX_LINESPACE;`
		af9dc8	`@@ -4006,7 +4006,7 @@ static void php_imagettftext_common(INTERNAL_FUNCTION_PARAMETERS, int mode, int`
		af9dc8	`#endif`
		af9dc8
		af9dc8	`PHP_GD_CHECK_OPEN_BASEDIR(fontname, "Invalid font filename");`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`#ifdef USE_GD_IMGSTRTTF`
		af9dc8	`# if HAVE_GD_STRINGFTEX`
		af9dc8	`if (extended) {`
		af9dc8	`@@ -4071,7 +4071,7 @@ PHP_FUNCTION(imagepsloadfont)`
		af9dc8	`struct stat st;`
		af9dc8	`#endif`
		af9dc8
		af9dc8	`- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &file, &file_len) == FAILURE) {`
		af9dc8	`+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "p", &file, &file_len) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8
		af9dc8	`@@ -4411,11 +4411,11 @@ PHP_FUNCTION(imagepsbbox)`
		af9dc8	`if (argc != 3 && argc != 6) {`
		af9dc8	`ZEND_WRONG_PARAM_COUNT();`
		af9dc8	`}`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "srl\|lld", &str, &str_len, &fnt, &sz, &sp, &wd, &angle) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`if (argc == 6) {`
		af9dc8	`space = sp;`
		af9dc8	`add_width = wd;`
		af9dc8	`@@ -4600,7 +4600,7 @@ static void _php_image_convert(INTERNAL_FUNCTION_PARAMETERS, int image_type )`
		af9dc8	`#ifdef HAVE_GD_JPG`
		af9dc8	`long ignore_warning;`
		af9dc8	`#endif`
		af9dc8	`-`
		af9dc8	`+`
		af9dc8	`if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "pplll", &f_org, &f_org_len, &f_dest, &f_dest_len, &height, &width, &threshold) == FAILURE) {`
		af9dc8	`return;`
		af9dc8	`}`
		af9dc8	`--`
		af9dc8	`2.1.4`

rpms / php

Source Code

Blame SOURCES/php-5.4.16-bug69353.patch