diff options
author | Ondřej Surý <ondrej@sury.org> | 2014-07-02 13:17:51 +0200 |
---|---|---|
committer | Ondřej Surý <ondrej@sury.org> | 2014-07-02 13:17:51 +0200 |
commit | fb791eaaa4235822dd9f0482df3f6690e06fcbbc (patch) | |
tree | 22e7efaa6ac94f2fc1e696f37d1e929d42b7c10c /debian/patches | |
parent | 2776900201ffc457eb18777f4a0002204d4c6281 (diff) | |
download | php-fb791eaaa4235822dd9f0482df3f6690e06fcbbc.tar.gz |
Update patches for 5.6.0~rc2+dfsg release
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/bug67498.patch | 53 | ||||
-rw-r--r-- | debian/patches/php-fpm-sysconfdir.patch | 2 | ||||
-rw-r--r-- | debian/patches/series | 1 |
3 files changed, 1 insertions, 55 deletions
diff --git a/debian/patches/bug67498.patch b/debian/patches/bug67498.patch deleted file mode 100644 index af4030733..000000000 --- a/debian/patches/bug67498.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 3804c0d00fa6e629173fb1c8c61f8f88d5fe39b9 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Mon, 23 Jun 2014 00:19:37 -0700 -Subject: [PATCH] Fix bug #67498 - phpinfo() Type Confusion Information Leak - Vulnerability - ---- - ext/standard/info.c | 8 ++++---- - ext/standard/tests/general_functions/bug67498.phpt | 15 +++++++++++++++ - 2 files changed, 19 insertions(+), 4 deletions(-) - create mode 100644 ext/standard/tests/general_functions/bug67498.phpt - ---- php5.orig/ext/standard/info.c -+++ php5/ext/standard/info.c -@@ -875,16 +875,16 @@ PHPAPI void php_print_info(int flag TSRM - - php_info_print_table_start(); - php_info_print_table_header(2, "Variable", "Value"); -- if (zend_hash_find(&EG(symbol_table), "PHP_SELF", sizeof("PHP_SELF"), (void **) &data) != FAILURE) { -+ if (zend_hash_find(&EG(symbol_table), "PHP_SELF", sizeof("PHP_SELF"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { - php_info_print_table_row(2, "PHP_SELF", Z_STRVAL_PP(data)); - } -- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_TYPE", sizeof("PHP_AUTH_TYPE"), (void **) &data) != FAILURE) { -+ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_TYPE", sizeof("PHP_AUTH_TYPE"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { - php_info_print_table_row(2, "PHP_AUTH_TYPE", Z_STRVAL_PP(data)); - } -- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_USER", sizeof("PHP_AUTH_USER"), (void **) &data) != FAILURE) { -+ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_USER", sizeof("PHP_AUTH_USER"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { - php_info_print_table_row(2, "PHP_AUTH_USER", Z_STRVAL_PP(data)); - } -- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_PW", sizeof("PHP_AUTH_PW"), (void **) &data) != FAILURE) { -+ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_PW", sizeof("PHP_AUTH_PW"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { - php_info_print_table_row(2, "PHP_AUTH_PW", Z_STRVAL_PP(data)); - } - php_print_gpcse_array(ZEND_STRL("_REQUEST") TSRMLS_CC); ---- /dev/null -+++ php5/ext/standard/tests/general_functions/bug67498.phpt -@@ -0,0 +1,15 @@ -+--TEST-- -+phpinfo() Type Confusion Information Leak Vulnerability -+--FILE-- -+<?php -+$PHP_SELF = 1; -+phpinfo(INFO_VARIABLES); -+ -+?> -+==DONE== -+--EXPECTF-- -+phpinfo() -+ -+PHP Variables -+%A -+==DONE== diff --git a/debian/patches/php-fpm-sysconfdir.patch b/debian/patches/php-fpm-sysconfdir.patch index b97905556..12f6ed4d8 100644 --- a/debian/patches/php-fpm-sysconfdir.patch +++ b/debian/patches/php-fpm-sysconfdir.patch @@ -1,6 +1,6 @@ --- php5.orig/sapi/fpm/fpm/fpm_conf.c +++ php5/sapi/fpm/fpm/fpm_conf.c -@@ -1647,7 +1647,7 @@ int fpm_conf_init_main(int test_conf, in +@@ -1650,7 +1650,7 @@ int fpm_conf_init_main(int test_conf, in char *tmp; if (fpm_globals.prefix == NULL) { diff --git a/debian/patches/series b/debian/patches/series index d5cb9911d..cbc7846ac 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -38,5 +38,4 @@ expose_all_built_and_installed_apis.patch use_system_timezone.patch zlib-largefile-function-renaming.patch php-reg67072.patch -bug67498.patch php5-fpm-do-reload-on-SIGHUP.patch |