diff options
| author | jdolecek <jdolecek@pkgsrc.org> | 2006-05-06 22:42:44 +0000 |
|---|---|---|
| committer | jdolecek <jdolecek@pkgsrc.org> | 2006-05-06 22:42:44 +0000 |
| commit | 37eac0eca5cb4174f96e66d774d3a2a8e87de19d (patch) | |
| tree | 9142189f5bc0b12ec359ddc2c609df90ff4213c5 /lang/php5 | |
| parent | f9355d585c581b1d59ffcbd1bba1439d532e77fd (diff) | |
| download | pkgsrc-37eac0eca5cb4174f96e66d774d3a2a8e87de19d.tar.gz | |
Update lang/php5 to 5.1.4.
Some of the key changes include:
* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the
tempnam() function.
* Enforce safe_mode for the source parameter of the copy() function.
* Fixed cross-site scripting inside the phpinfo() function.
* Fixed offset/length parameter validation inside the substr_compare()
function.
* Fixed a heap corruption inside the session extension.
* Fixed a bug that would allow variable to survive unset().
* Fixed a number of crashes in the DOM, SOAP and PDO extensions.
* Upgraded bundled PCRE library to version 6.6
* The use of the var keyword to declare properties no longer raises
a deprecation E_STRICT.
* FastCGI interface was completely reimplemented.
* Multitude of improvements to the SPL, SimpleXML, GD, CURL and
Reflection extensions.
* Over 120 various bug fixes.
See release annoucement on:
http://www.php.net/release_5_1_3.php
And ChangeLog:
http://www.php.net/ChangeLog-5.php#5.1.3
Diffstat (limited to 'lang/php5')
| -rw-r--r-- | lang/php5/Makefile | 9 | ||||
| -rw-r--r-- | lang/php5/Makefile.common | 4 | ||||
| -rw-r--r-- | lang/php5/PLIST | 3 | ||||
| -rw-r--r-- | lang/php5/distinfo | 13 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ap | 13 | ||||
| -rw-r--r-- | lang/php5/patches/patch-aq | 45 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ar | 61 | ||||
| -rw-r--r-- | lang/php5/patches/patch-at | 20 |
8 files changed, 22 insertions, 146 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile index be2ba45423b..078885a15ed 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.29 2006/04/14 13:47:29 cube Exp $ +# $NetBSD: Makefile,v 1.30 2006/05/06 22:42:44 jdolecek Exp $ PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 1 +#PKGREVISION= # empty CATEGORIES= lang HOMEPAGE= http://www.php.net/ @@ -31,12 +31,7 @@ EGDIR= ${PREFIX}/share/examples/php CONF_FILES= ${EGDIR}/php.ini-recommended ${PKG_SYSCONFDIR}/php.ini OWN_DIRS= ${PREFIX}/${PHP_EXTENSION_DIR} -# pear must be patched using post-install, it's extracted from binary .phar -# file during installation; this replaces former patches/patch-al post-install: - ${SED} -e 's,\(-d output_buffering=1\) \(\$$INCDIR/pearcmd.php\),\1 -n \2,' ${PREFIX}/bin/pear > ${PREFIX}/bin/pear.new && \ - ${MV} ${PREFIX}/bin/pear.new ${PREFIX}/bin/pear && \ - ${CHMOD} 755 ${PREFIX}/bin/pear ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php ${PREFIX}/bin/php ${INSTALL_DATA} ${WRKSRC}/sapi/cli/php.1 ${PREFIX}/${PKGMANDIR}/man1/php.1 ${INSTALL_DATA_DIR} ${CGIDIR} diff --git a/lang/php5/Makefile.common b/lang/php5/Makefile.common index 17d986ee673..2586db4eb90 100644 --- a/lang/php5/Makefile.common +++ b/lang/php5/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.15 2006/02/06 20:12:55 jdolecek Exp $ +# $NetBSD: Makefile.common,v 1.16 2006/05/06 22:42:44 jdolecek Exp $ # DISTNAME?= php-${PHP_BASE_VERS} @@ -14,7 +14,7 @@ EXTRACT_SUFX?= .tar.bz2 MAINTAINER?= jdolecek@NetBSD.org HOMEPAGE?= http://www.php.net/ -PHP_BASE_VERS= 5.1.2 +PHP_BASE_VERS= 5.1.4 PHP_EXTENSION_DIR= lib/php/20040412 PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q} diff --git a/lang/php5/PLIST b/lang/php5/PLIST index 3a55e3d709f..574c7b597ad 100644 --- a/lang/php5/PLIST +++ b/lang/php5/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.10 2006/02/06 06:39:59 martti Exp $ +@comment $NetBSD: PLIST,v 1.11 2006/05/06 22:42:44 jdolecek Exp $ bin/pear bin/peardev bin/pecl @@ -93,6 +93,7 @@ include/php/ext/pcre/pcrelib/pcre_scanner.h include/php/ext/pcre/pcrelib/pcre_stringpiece.h include/php/ext/pcre/pcrelib/pcrecpp.h include/php/ext/pcre/pcrelib/pcreposix.h +include/php/ext/pcre/pcrelib/pcrecpparg.h include/php/ext/pcre/pcrelib/ucp.h include/php/ext/pcre/pcrelib/ucpinternal.h include/php/ext/pcre/php_pcre.h diff --git a/lang/php5/distinfo b/lang/php5/distinfo index 4595f54a859..41c825150bf 100644 --- a/lang/php5/distinfo +++ b/lang/php5/distinfo @@ -1,15 +1,12 @@ -$NetBSD: distinfo,v 1.18 2006/04/22 10:54:53 jdolecek Exp $ +$NetBSD: distinfo,v 1.19 2006/05/06 22:42:44 jdolecek Exp $ -SHA1 (php-5.1.2.tar.bz2) = f6acc67c293345ad22065768f3049834cb8a912e -RMD160 (php-5.1.2.tar.bz2) = 1e21b5ba280b7efc8197802c673bb5d4e9dc9f8e -Size (php-5.1.2.tar.bz2) = 6319905 bytes +SHA1 (php-5.1.4.tar.bz2) = 65c9cf8ddbcf023503c8bb618a95438f605b5098 +RMD160 (php-5.1.4.tar.bz2) = 5468a7d544285438c78a8f68f1169dc22e4e8a2b +Size (php-5.1.4.tar.bz2) = 5992825 bytes SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc SHA1 (patch-ak) = 2d5264d33ebef631d4a2d0cdf8a2ed365bdbeb7e SHA1 (patch-ao) = 60fec83647ca5924a38bf4d5e8abb51feba1620e -SHA1 (patch-ap) = 79bb4da2c98cc5dc43e66d1a7a940b34401b3811 -SHA1 (patch-aq) = 3dede277476e99d927a5333d82ae9096b96e58f7 -SHA1 (patch-ar) = 819b84c4dbb9973159d2c2fe11f77044f6b4d0b9 SHA1 (patch-as) = 217c06efe5912570fab64f205d0b4faa07cda063 -SHA1 (patch-at) = 1f700e2d91dd64538b1223b0ddad875c57b8f8af +SHA1 (patch-at) = d1dd8decd0e5528e9166bd313bc382e3e138a82f diff --git a/lang/php5/patches/patch-ap b/lang/php5/patches/patch-ap deleted file mode 100644 index f348b58d60f..00000000000 --- a/lang/php5/patches/patch-ap +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ap,v 1.1 2006/04/14 13:48:33 cube Exp $ - ---- ext/standard/html.c.orig 2006-01-01 13:50:14.000000000 +0100 -+++ ext/standard/html.c -@@ -884,7 +884,7 @@ PHPAPI char *php_unescape_html_entities( - unsigned char replacement[15]; - int replacement_len; - -- ret = estrdup(old); -+ ret = estrndup(old, oldlen); - retlen = oldlen; - if (!retlen) { - goto empty_source; diff --git a/lang/php5/patches/patch-aq b/lang/php5/patches/patch-aq deleted file mode 100644 index 42b7ac1712a..00000000000 --- a/lang/php5/patches/patch-aq +++ /dev/null @@ -1,45 +0,0 @@ -$NetBSD: patch-aq,v 1.1 2006/04/14 13:48:33 cube Exp $ - ---- ext/standard/file.c.orig 2006-01-01 13:50:14.000000000 +0100 -+++ ext/standard/file.c -@@ -773,8 +773,9 @@ PHP_FUNCTION(tempnam) - zval **arg1, **arg2; - char *d; - char *opened_path; -- char p[64]; -+ char *p; - int fd; -+ size_t p_len; - - if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &arg1, &arg2) == FAILURE) { - WRONG_PARAM_COUNT; -@@ -787,7 +788,11 @@ PHP_FUNCTION(tempnam) - } - - d = estrndup(Z_STRVAL_PP(arg1), Z_STRLEN_PP(arg1)); -- strlcpy(p, Z_STRVAL_PP(arg2), sizeof(p)); -+ -+ php_basename(Z_STRVAL_PP(arg2), Z_STRLEN_PP(arg2), NULL, 0, &p, &p_len TSRMLS_CC); -+ if (p_len > 64) { -+ p[63] = '\0'; -+ } - - if ((fd = php_open_temporary_fd(d, p, &opened_path TSRMLS_CC)) >= 0) { - close(fd); -@@ -795,6 +800,7 @@ PHP_FUNCTION(tempnam) - } else { - RETVAL_FALSE; - } -+ efree(p); - efree(d); - } - /* }}} */ -@@ -1756,7 +1762,7 @@ no_stat: - } - safe_to_copy: - -- srcstream = php_stream_open_wrapper(src, "rb", STREAM_DISABLE_OPEN_BASEDIR | REPORT_ERRORS, NULL); -+ srcstream = php_stream_open_wrapper(src, "rb", ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL); - - if (!srcstream) { - return ret; diff --git a/lang/php5/patches/patch-ar b/lang/php5/patches/patch-ar deleted file mode 100644 index ffced9e3fb6..00000000000 --- a/lang/php5/patches/patch-ar +++ /dev/null @@ -1,61 +0,0 @@ -$NetBSD: patch-ar,v 1.1 2006/04/14 13:48:33 cube Exp $ - ---- ext/standard/info.c.orig 2006-04-14 14:03:22.000000000 +0200 -+++ ext/standard/info.c -@@ -58,6 +58,23 @@ ZEND_EXTERN_MODULE_GLOBALS(iconv) - - PHPAPI extern char *php_ini_opened_path; - PHPAPI extern char *php_ini_scanned_files; -+ -+static int php_info_write_wrapper(const char *str, uint str_length) -+{ -+ int new_len, written; -+ char *elem_esc; -+ -+ TSRMLS_FETCH(); -+ -+ elem_esc = php_escape_html_entities((char *)str, str_length, &new_len, 0, ENT_QUOTES, NULL TSRMLS_CC); -+ -+ written = php_body_write(elem_esc, new_len TSRMLS_CC); -+ -+ efree(elem_esc); -+ -+ return written; -+} -+ - - /* {{{ _display_module_info - */ -@@ -135,30 +152,13 @@ static void php_print_gpcse_array(char * - PUTS(" => "); - } - if (Z_TYPE_PP(tmp) == IS_ARRAY) { -- zval *tmp3; -- -- MAKE_STD_ZVAL(tmp3); -- - if (!sapi_module.phpinfo_as_text) { - PUTS("<pre>"); -- } -- php_start_ob_buffer(NULL, 4096, 1 TSRMLS_CC); -- -- zend_print_zval_r(*tmp, 0 TSRMLS_CC); -- -- php_ob_get_buffer(tmp3 TSRMLS_CC); -- php_end_ob_buffer(0, 0 TSRMLS_CC); -- -- if (!sapi_module.phpinfo_as_text) { -- elem_esc = php_info_html_esc(Z_STRVAL_P(tmp3) TSRMLS_CC); -- PUTS(elem_esc); -- efree(elem_esc); -+ zend_print_zval_ex((zend_write_func_t) php_info_write_wrapper, *tmp, 0); - PUTS("</pre>"); - } else { -- PUTS(Z_STRVAL_P(tmp3)); -+ zend_print_zval_r(*tmp, 0 TSRMLS_CC); - } -- zval_ptr_dtor(&tmp3); -- - } else if (Z_TYPE_PP(tmp) != IS_STRING) { - tmp2 = **tmp; - zval_copy_ctor(&tmp2); diff --git a/lang/php5/patches/patch-at b/lang/php5/patches/patch-at index 7905878fc7f..3b8fc93e7d0 100644 --- a/lang/php5/patches/patch-at +++ b/lang/php5/patches/patch-at @@ -1,11 +1,13 @@ -$NetBSD: patch-at,v 1.1 2006/04/22 10:27:05 jdolecek Exp $ +$NetBSD: patch-at,v 1.2 2006/05/06 22:42:44 jdolecek Exp $ ---- ext/wddx/wddx.c.orig 2006-04-22 11:53:01.000000000 +0200 -+++ ext/wddx/wddx.c -@@ -20,2 +20,6 @@ +--- sapi/cgi/fastcgi.c.orig 2006-04-27 13:39:32.000000000 +0200 ++++ sapi/cgi/fastcgi.c +@@ -69,7 +69,7 @@ + # include <netinet/in.h> + # include <arpa/inet.h> + # include <netdb.h> +-# include <sys/signal.h> ++# include <signal.h> -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ - #include "php.h" + #ifndef INADDR_NONE + #define INADDR_NONE ((unsigned long) -1) |