diff options
-rw-r--r-- | lang/php55/Makefile | 3 | ||||
-rw-r--r-- | lang/php55/distinfo | 4 | ||||
-rw-r--r-- | lang/php55/patches/patch-ext_spl_spl__array.c | 27 | ||||
-rw-r--r-- | lang/php55/patches/patch-ext_spl_spl__dllist.c | 18 |
4 files changed, 50 insertions, 2 deletions
diff --git a/lang/php55/Makefile b/lang/php55/Makefile index c9d6c385cdb..77718501b91 100644 --- a/lang/php55/Makefile +++ b/lang/php55/Makefile @@ -1,9 +1,10 @@ -# $NetBSD: Makefile,v 1.14 2014/06/27 11:34:19 taca Exp $ +# $NetBSD: Makefile,v 1.15 2014/07/13 15:23:42 taca Exp $ # # We can't omit PKGNAME here to handle PKG_OPTIONS. # PKGNAME= php-${PHP_BASE_VERS} +PKGREVISION= 1 CATEGORIES= lang HOMEPAGE= http://www.php.net/ diff --git a/lang/php55/distinfo b/lang/php55/distinfo index 683199454c4..9f83e7e5cd9 100644 --- a/lang/php55/distinfo +++ b/lang/php55/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.25 2014/06/27 11:34:19 taca Exp $ +$NetBSD: distinfo,v 1.26 2014/07/13 15:23:42 taca Exp $ SHA1 (php-5.5.14.tar.bz2) = 062d351da165aa0568e4d8cbc53a18d73b99f49a RMD160 (php-5.5.14.tar.bz2) = d3f87693d3118cfdc64a7b77e9b765ce4eb7ae60 @@ -16,6 +16,8 @@ SHA1 (patch-ext_pdo__mysql_config.m4) = 3526e737da25129710218e7141d5a05ae0a51390 SHA1 (patch-ext_pdo_config.m4) = 26a4ad02e5c6b7a54c3c54a6d026a3ccfed62c59 SHA1 (patch-ext_phar_Makefile.frag) = 1af23d9135557bc7ba2f3627b317d4cbef37aaba SHA1 (patch-ext_phar_phar_phar.php) = 011f2d68048dbc63f5efcab4e23062daa9e8e08c +SHA1 (patch-ext_spl_spl__array.c) = de3ac1ade2201fedb41fb23efb03887307de45bc +SHA1 (patch-ext_spl_spl__dllist.c) = f98d5dc1199eb021e776599761e0823ce8463f2e SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = b384b9daa466f2a8a3e6cfd4ea6cff81f9342941 SHA1 (patch-ext_standard_basic__functions.c) = f2a44998145306c2cb2d2f3822c0e7cc70c778b4 SHA1 (patch-makedist) = 3f6b0621d30264824f2cb4c2903d15ba95be3937 diff --git a/lang/php55/patches/patch-ext_spl_spl__array.c b/lang/php55/patches/patch-ext_spl_spl__array.c new file mode 100644 index 00000000000..592c8c6d699 --- /dev/null +++ b/lang/php55/patches/patch-ext_spl_spl__array.c @@ -0,0 +1,27 @@ +$NetBSD: patch-ext_spl_spl__array.c,v 1.1 2014/07/13 15:23:42 taca Exp $ + +Fix for CVE-2014-4698. + +--- ext/spl/spl_array.c.orig 2014-06-25 13:06:23.000000000 +0000 ++++ ext/spl/spl_array.c +@@ -1733,6 +1733,7 @@ SPL_METHOD(Array, unserialize) + const unsigned char *p, *s; + php_unserialize_data_t var_hash; + zval *pmembers, *pflags = NULL; ++ HashTable *aht; + long flags; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &buf, &buf_len) == FAILURE) { +@@ -1744,6 +1745,12 @@ SPL_METHOD(Array, unserialize) + return; + } + ++ aht = spl_array_get_hash_table(intern, 0 TSRMLS_CC); ++ if (aht->nApplyCount > 0) { ++ zend_error(E_WARNING, "Modification of ArrayObject during sorting is prohibited"); ++ return; ++ } ++ + /* storage */ + s = p = (const unsigned char*)buf; + PHP_VAR_UNSERIALIZE_INIT(var_hash); diff --git a/lang/php55/patches/patch-ext_spl_spl__dllist.c b/lang/php55/patches/patch-ext_spl_spl__dllist.c new file mode 100644 index 00000000000..32d0944c58b --- /dev/null +++ b/lang/php55/patches/patch-ext_spl_spl__dllist.c @@ -0,0 +1,18 @@ +$NetBSD: patch-ext_spl_spl__dllist.c,v 1.1 2014/07/13 15:23:42 taca Exp $ + +Fix for CVE-2014-4670. + +--- ext/spl/spl_dllist.c.orig 2014-06-25 13:06:23.000000000 +0000 ++++ ext/spl/spl_dllist.c +@@ -916,6 +916,11 @@ SPL_METHOD(SplDoublyLinkedList, offsetUn + llist->dtor(element TSRMLS_CC); + } + ++ if (intern->traverse_pointer == element) { ++ SPL_LLIST_DELREF(element); ++ intern->traverse_pointer = NULL; ++ } ++ + zval_ptr_dtor((zval **)&element->data); + element->data = NULL; + |