From 7c0e4ddc4f525db1709ebf51f3c5376468e86013 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 12 2016 07:35:54 +0000 Subject: import php-5.4.16-36.1.el7_2.1 --- diff --git a/SOURCES/php-5.4.16-bug62129.patch b/SOURCES/php-5.4.16-bug62129.patch new file mode 100644 index 0000000..ff1bef1 --- /dev/null +++ b/SOURCES/php-5.4.16-bug62129.patch @@ -0,0 +1,54 @@ +Backported from 5.4.20 + +From 336a8e1943af85bb49cb5986d897d967ba73dcc0 Mon Sep 17 00:00:00 2001 +From: Dmitry Stogov +Date: Mon, 10 Jun 2013 12:32:53 +0400 +Subject: [PATCH] Callback has to be restored in MSHUTDOWN + +--- + ext/session/session.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/ext/session/session.c b/ext/session/session.c +index a3be9a7..d9989ba 100644 +--- a/ext/session/session.c ++++ b/ext/session/session.c +@@ -2221,6 +2221,9 @@ static PHP_MSHUTDOWN_FUNCTION(session) /* {{{ */ + PHP_MSHUTDOWN(ps_mm) (SHUTDOWN_FUNC_ARGS_PASSTHRU); + #endif + ++ /* restore the orig callback */ ++ php_rfc1867_callback = php_session_rfc1867_orig_callback; ++ + ps_serializers[PREDEFINED_SERIALIZERS].name = NULL; + memset(&ps_modules[PREDEFINED_MODULES], 0, (MAX_MODULES-PREDEFINED_MODULES)*sizeof(ps_module *)); + +From ba3234888dfbe14dadac7ac6c403a58bc1fdd220 Mon Sep 17 00:00:00 2001 +From: Arpad Ray +Date: Wed, 17 Jul 2013 11:02:48 +0100 +Subject: [PATCH] Fix bug #62129 - rfc1867 crashes php even though turned off + +Patch by gxd305 at gmail dot com +--- + NEWS | 2 ++ + ext/session/session.c | 7 +++++-- + 2 files changed, 7 insertions(+), 2 deletions(-) + +diff --git a/ext/session/session.c b/ext/session/session.c +index 5af3ef2..bbfe90e 100644 +--- a/ext/session/session.c ++++ b/ext/session/session.c +@@ -2221,8 +2221,11 @@ static PHP_MSHUTDOWN_FUNCTION(session) /* {{{ */ + PHP_MSHUTDOWN(ps_mm) (SHUTDOWN_FUNC_ARGS_PASSTHRU); + #endif + +- /* restore the orig callback */ +- php_rfc1867_callback = php_session_rfc1867_orig_callback; ++ /* reset rfc1867 callbacks */ ++ php_session_rfc1867_orig_callback = NULL; ++ if (php_rfc1867_callback == php_session_rfc1867_callback) { ++ php_rfc1867_callback = NULL; ++ } + + ps_serializers[PREDEFINED_SERIALIZERS].name = NULL; + memset(&ps_modules[PREDEFINED_MODULES], 0, (MAX_MODULES-PREDEFINED_MODULES)*sizeof(ps_module *)); diff --git a/SPECS/php.spec b/SPECS/php.spec index bc9767a..b886eb2 100644 --- a/SPECS/php.spec +++ b/SPECS/php.spec @@ -69,7 +69,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: 5.4.16 -Release: 36%{?dist} +Release: 36.1%{?dist}.1 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -113,6 +113,8 @@ Patch26: php-5.4.16-bug66987.patch Patch27: php-5.4.16-bug50444.patch # https://bugs.php.net/63595 gmp memory allocator Patch28: php-5.4.16-bug63595.patch +# https://bugs.php.net/62129 session rfc1867 +Patch29: php-5.4.16-bug62129.patch # Functional changes Patch40: php-5.4.0-dlopen.patch @@ -678,6 +680,7 @@ support for using the enchant library to PHP. %patch26 -p1 -b .bug66987 %patch27 -p1 -b .bug50444 %patch28 -p1 -b .bug63595 +%patch29 -p1 -b .bug62129 %patch40 -p1 -b .dlopen %patch41 -p1 -b .easter @@ -1515,6 +1518,9 @@ fi %changelog +* Mon Apr 4 2016 Remi Collet - 5.4.16-36.1 +- session: fix segfault in session with rfc1867 #1323643 + * Wed Jun 10 2015 Remi Collet - 5.4.16-36 - fix more functions accept paths with NUL character #1213407