Version in base suite: 7.4.21-1+deb11u1 Base version: php7.4_7.4.21-1+deb11u1 Target version: php7.4_7.4.25-1+deb11u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/p/php7.4/php7.4_7.4.21-1+deb11u1.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/p/php7.4/php7.4_7.4.25-1+deb11u1.dsc /srv/release.debian.org/tmp/Qn_X03_Z3B/php7.4-7.4.25/ext/gd/tests/bug51498_exp.png |binary /srv/release.debian.org/tmp/Qn_X03_Z3B/php7.4-7.4.25/ext/standard/tests/image/32x256.ico |binary /srv/release.debian.org/tmp/Qn_X03_Z3B/php7.4-7.4.25/ext/zip/tests/bug81420.zip |binary php7.4-7.4.25/NEWS | 160 + php7.4-7.4.25/TSRM/tsrm_win32.c | 10 php7.4-7.4.25/Zend/tests/assign_by_val_function_by_ref_return_value.phpt | 11 php7.4-7.4.25/Zend/tests/bug66719.phpt | 43 php7.4-7.4.25/Zend/tests/closure_call_internal.phpt | 10 php7.4-7.4.25/Zend/tests/foreach_by_ref_to_property.phpt | 11 php7.4-7.4.25/Zend/tests/type_declarations/typed_properties_cache_slot_opt.phpt | 30 php7.4-7.4.25/Zend/tests/unset_prop_recursion.phpt | 65 php7.4-7.4.25/Zend/tests/write_property_ref_overwrite_return.phpt | 12 php7.4-7.4.25/Zend/zend_API.c | 6 php7.4-7.4.25/Zend/zend_closures.c | 3 php7.4-7.4.25/Zend/zend_compile.c | 12 php7.4-7.4.25/Zend/zend_execute.c | 14 php7.4-7.4.25/Zend/zend_list.c | 2 php7.4-7.4.25/Zend/zend_object_handlers.c | 7 php7.4-7.4.25/Zend/zend_operators.c | 2 php7.4-7.4.25/Zend/zend_smart_str.c | 2 php7.4-7.4.25/Zend/zend_string.h | 2 php7.4-7.4.25/Zend/zend_vm_def.h | 19 php7.4-7.4.25/Zend/zend_vm_execute.h | 440 --- php7.4-7.4.25/azure/community_job.yml | 7 php7.4-7.4.25/build/pkg.m4 | 2 php7.4-7.4.25/configure | 20 php7.4-7.4.25/configure.ac | 2 php7.4-7.4.25/debian/changelog | 9 php7.4-7.4.25/debian/patches/0001-libtool_fixes.patch | 2 php7.4-7.4.25/debian/patches/0002-debian_quirks.patch | 2 php7.4-7.4.25/debian/patches/0004-extension_api.patch | 2 php7.4-7.4.25/debian/patches/0015-lp564920-fix-big-files.patch | 2 php7.4-7.4.25/debian/patches/0018-php-5.3.9-mysqlnd.patch | 2 php7.4-7.4.25/debian/patches/0019-php-5.3.9-gnusrc.patch | 6 php7.4-7.4.25/debian/patches/0024-Use-system-timezone.patch | 4 php7.4-7.4.25/debian/patches/0028-php-5.4.9-fixheader.patch | 2 php7.4-7.4.25/debian/patches/0037-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch | 2 php7.4-7.4.25/ext/bcmath/libbcmath/src/bcmath.h | 2 php7.4-7.4.25/ext/bcmath/libbcmath/src/num2str.c | 2 php7.4-7.4.25/ext/bcmath/libbcmath/src/zero.c | 10 php7.4-7.4.25/ext/bcmath/tests/bug78238.phpt | 18 php7.4-7.4.25/ext/curl/interface.c | 5 php7.4-7.4.25/ext/curl/tests/curl_copy_handle_basic_009.phpt | 29 php7.4-7.4.25/ext/date/lib/parse_date.c | 3 php7.4-7.4.25/ext/date/lib/parse_date.re | 3 php7.4-7.4.25/ext/date/php_date.c | 13 php7.4-7.4.25/ext/date/php_date.h | 1 php7.4-7.4.25/ext/date/tests/bug78984.phpt | 15 php7.4-7.4.25/ext/dom/element.c | 8 php7.4-7.4.25/ext/dom/tests/bug81433.phpt | 26 php7.4-7.4.25/ext/ffi/ffi.g | 2 php7.4-7.4.25/ext/ffi/ffi_parser.c | 2 php7.4-7.4.25/ext/ffi/tests/bug79576.phpt | 35 php7.4-7.4.25/ext/fileinfo/libmagic.patch | 49 php7.4-7.4.25/ext/fileinfo/libmagic/encoding.c | 2 php7.4-7.4.25/ext/fileinfo/tests/bug78987.phpt | 40 php7.4-7.4.25/ext/fileinfo/tests/finfo_file_basic.phpt | 2 php7.4-7.4.25/ext/filter/logical_filters.c | 110 php7.4-7.4.25/ext/filter/tests/bug47435.phpt | 6 php7.4-7.4.25/ext/filter/tests/bug61700.phpt | 16 php7.4-7.4.25/ext/gd/libgd/gd.c | 25 php7.4-7.4.25/ext/gd/libgd/gd_png.c | 7 php7.4-7.4.25/ext/gd/tests/bug51498.phpt | 20 php7.4-7.4.25/ext/gd/tests/bug53580.phpt | 32 php7.4-7.4.25/ext/imap/php_imap.c | 8 php7.4-7.4.25/ext/intl/grapheme/grapheme_util.c | 23 php7.4-7.4.25/ext/intl/locale/locale_methods.c | 2 php7.4-7.4.25/ext/intl/tests/bug68471.phpt | 19 php7.4-7.4.25/ext/intl/tests/bug74264.phpt | 26 php7.4-7.4.25/ext/intl/tests/locale/bug72809.phpt | 18 php7.4-7.4.25/ext/intl/timezone/timezone_class.cpp | 5 php7.4-7.4.25/ext/mysqli/mysqli_api.c | 2 php7.4-7.4.25/ext/mysqli/tests/mysqli_next_result_no_repeat_error.phpt | 28 php7.4-7.4.25/ext/mysqli/tests/mysqli_report.phpt | 4 php7.4-7.4.25/ext/mysqlnd/mysqlnd_connection.c | 3 php7.4-7.4.25/ext/opcache/ZendAccelerator.c | 14 php7.4-7.4.25/ext/opcache/shared_alloc_win32.c | 15 php7.4-7.4.25/ext/opcache/tests/preload_error_handler.inc | 8 php7.4-7.4.25/ext/opcache/tests/preload_error_handler.phpt | 17 php7.4-7.4.25/ext/opcache/tests/preload_error_handler_ind.inc | 4 php7.4-7.4.25/ext/openssl/openssl.c | 7 php7.4-7.4.25/ext/openssl/tests/bug52093.phpt | 24 php7.4-7.4.25/ext/pcre/php_pcre.c | 36 php7.4-7.4.25/ext/pcre/tests/bug75539.phpt | 6 php7.4-7.4.25/ext/pcre/tests/bug81101.phpt | 30 php7.4-7.4.25/ext/pcre/tests/bug81243.phpt | 21 php7.4-7.4.25/ext/pdo_odbc/odbc_stmt.c | 35 php7.4-7.4.25/ext/phar/phar_object.c | 3 php7.4-7.4.25/ext/phar/tests/bug81211.phpt | 45 php7.4-7.4.25/ext/shmop/shmop.c | 2 php7.4-7.4.25/ext/shmop/tests/bug81407.phpt | 19 php7.4-7.4.25/ext/sockets/tests/socket_set_block-retval.phpt | 4 php7.4-7.4.25/ext/sockets/tests/socket_set_nonblock-retval.phpt | 4 php7.4-7.4.25/ext/spl/spl_fixedarray.c | 29 php7.4-7.4.25/ext/spl/tests/SplFixedArray_setSize_destruct.phpt | 55 php7.4-7.4.25/ext/spl/tests/bug80663.phpt | 15 php7.4-7.4.25/ext/standard/dns_win32.c | 8 php7.4-7.4.25/ext/standard/filestat.c | 20 php7.4-7.4.25/ext/standard/flock_compat.c | 2 php7.4-7.4.25/ext/standard/image.c | 6 php7.4-7.4.25/ext/standard/string.c | 4 php7.4-7.4.25/ext/standard/tests/dir/bug71542.phpt | 14 php7.4-7.4.25/ext/standard/tests/file/bug81145.phpt | 51 php7.4-7.4.25/ext/standard/tests/file/bug81223.phpt | 24 php7.4-7.4.25/ext/standard/tests/filters/bug81294.phpt | 24 php7.4-7.4.25/ext/standard/tests/filters/bug81302.phpt | 20 php7.4-7.4.25/ext/standard/tests/filters/bug81475.phpt | 10 php7.4-7.4.25/ext/standard/tests/image/getimagesize_256_ico.phpt | 26 php7.4-7.4.25/ext/standard/tests/serialize/bug81163.phpt | 22 php7.4-7.4.25/ext/standard/tests/streams/bug81346.phpt | 21 php7.4-7.4.25/ext/standard/tests/strings/bug72146.phpt | 11 php7.4-7.4.25/ext/standard/var.c | 2 php7.4-7.4.25/ext/sysvmsg/sysvmsg.c | 2 php7.4-7.4.25/ext/xml/compat.c | 10 php7.4-7.4.25/ext/xml/tests/bug70962.phpt | 37 php7.4-7.4.25/ext/xml/tests/bug73135.phpt | 4 php7.4-7.4.25/ext/xml/tests/bug81351.phpt | 28 php7.4-7.4.25/ext/xml/xml.c | 117 php7.4-7.4.25/ext/zip/php_zip.c | 12 php7.4-7.4.25/ext/zip/tests/bug77978.phpt | 37 php7.4-7.4.25/ext/zip/tests/bug81420.phpt | 24 php7.4-7.4.25/ext/zip/tests/bug81490.phpt | 21 php7.4-7.4.25/main/main.c | 10 php7.4-7.4.25/main/output.c | 2 php7.4-7.4.25/main/php_version.h | 6 php7.4-7.4.25/main/streams/cast.c | 4 php7.4-7.4.25/main/streams/filter.c | 7 php7.4-7.4.25/main/streams/plain_wrapper.c | 11 php7.4-7.4.25/main/streams/streams.c | 7 php7.4-7.4.25/pear/install-pear-nozlib.phar | 1454 +++++----- php7.4-7.4.25/sapi/cgi/cgi_main.c | 9 php7.4-7.4.25/sapi/cgi/tests/bug80849-cgi.phpt | 10 php7.4-7.4.25/sapi/cli/php_cli.c | 1 php7.4-7.4.25/sapi/cli/php_cli_server.c | 30 php7.4-7.4.25/sapi/cli/php_http_parser.c | 5 php7.4-7.4.25/sapi/cli/tests/bug73630.phpt | 45 php7.4-7.4.25/sapi/cli/tests/bug73630a.phpt | 25 php7.4-7.4.25/sapi/cli/tests/bug81305.phpt | 36 php7.4-7.4.25/sapi/fpm/fpm/fpm_children.c | 14 php7.4-7.4.25/sapi/fpm/fpm/fpm_main.c | 9 php7.4-7.4.25/sapi/fpm/fpm/fpm_request.c | 4 php7.4-7.4.25/sapi/fpm/fpm/fpm_scoreboard.c | 106 php7.4-7.4.25/sapi/fpm/fpm/fpm_scoreboard.h | 11 php7.4-7.4.25/sapi/fpm/fpm/fpm_status.c | 4 php7.4-7.4.25/sapi/fpm/fpm/fpm_worker_pool.c | 2 php7.4-7.4.25/sapi/fpm/tests/bug80849-fpm.phpt | 40 php7.4-7.4.25/sapi/fpm/tests/proc-idle-timeout.phpt | 54 php7.4-7.4.25/sapi/fpm/tests/status.inc | 4 php7.4-7.4.25/sapi/fpm/tests/tester.inc | 106 php7.4-7.4.25/tests/security/open_basedir_disk_free_space.phpt | 16 150 files changed, 3068 insertions(+), 1460 deletions(-) diff -Nru php7.4-7.4.21/NEWS php7.4-7.4.25/NEWS --- php7.4-7.4.21/NEWS 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/NEWS 2021-10-19 15:18:10.000000000 +0000 @@ -1,16 +1,156 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| +21 Oct 2021, PHP 7.4.25 + +- DOM: + . Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID). + (Viktor Volkov) + +- FFI: + . Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not + defined). (Dmitry) + +- Fileinfo: + . Fixed bug #78987 (High memory usage during encoding detection). (Anatol) + +- Filter: + . Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing). + (cmb, Nikita) + +- FPM: + . Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege + escalation) (CVE-2021-21703). (Jakub Zelenka) + +- SPL: + . Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free). + (cmb, Nikita, Tyson Andre) + +- Streams: + . Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper). + (cmb) + +- XML: + . Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace). + (Aliaksandr Bystry, cmb) + +- Zip: + . Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi) + . Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb) + +23 Sep 2021, PHP 7.4.24 + +- Core: + . Fixed bug #81302 (Stream position after stream filter removed). (cmb) + . Fixed bug #81346 (Non-seekable streams don't update position after write). + (cmb) + . Fixed bug #73122 (Integer Overflow when concatenating strings). (cmb) + +- GD: + . Fixed bug #53580 (During resize gdImageCopyResampled cause colors change). + (cmb) + +- Opcache: + . Fixed bug #81353 (segfault with preloading and statically bound closure). + (Nikita) + +- Shmop: + . Fixed bug #81407 (shmop_open won't attach and causes php to crash). (cmb) + +- Standard: + . Fixed bug #71542 (disk_total_space does not work with relative paths). (cmb) + . Fixed bug #81400 (Unterminated string in dns_get_record() results). (cmb) + +- SysVMsg: + . Fixed bug #78819 (Heap Overflow in msg_send). (cmb) + +- XML: + . Fixed bug #81351 (xml_parse may fail, but has no error code). (cmb, Nikita) + +- Zip: + . Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination). + (CVE-2021-21706) (cmb) + +26 Aug 2021, PHP 7.4.23 + +- Core: + . Fixed bug #72595 (php_output_handler_append illegal write access). (cmb) + . Fixed bug #66719 (Weird behaviour when using get_called_class() with + call_user_func()). (Nikita) + . Fixed bug #81305 (Built-in Webserver Drops Requests With "Upgrade" Header). + (cmb) + +- BCMath: + . Fixed bug #78238 (BCMath returns "-0"). (cmb) + +- CGI: + . Fixed bug #80849 (HTTP Status header truncation). (cmb) + +- GD: + . Fixed bug #51498 (imagefilledellipse does not work for large circles). (cmb) + +- MySQLi: + . Fixed bug #74544 (Integer overflow in mysqli_real_escape_string()). (cmb, + johannes) + +- OpenSSL: + . Fixed bug #81327 (Error build openssl extension on php 7.4.22). (cmb) + +- PDO_ODBC: + . Fixed bug #81252 (PDO_ODBC doesn't account for SQL_NO_TOTAL). (cmb) + +- Shmop: + . Fixed bug #81283 (shmop can't read beyond 2147483647 bytes). (cmb, Nikita) + +- Standard: + . Fixed bug #72146 (Integer overflow on substr_replace). (cmb) + . Fixed bug #81265 (getimagesize returns 0 for 256px ICO images). + (George Dietrich) + . Fixed bug #74960 (Heap buffer overflow via str_repeat). (cmb, Dmitry) + +- Streams: + . Fixed bug #81294 (Segfault when removing a filter). (cmb) + +29 Jul 2021, PHP 7.4.22 + +- Core: + . Fixed bug #81145 (copy() and stream_copy_to_stream() fail for +4GB files). + (cmb, Nikita) + . Fixed bug #81163 (incorrect handling of indirect vars in __sleep). + (krakjoe) + . Fixed bug #80728 (PHP built-in web server resets timeout when it can kill + the process). (Calvin Buckley) + . Fixed bug #73630 (Built-in Weberver - overwrite $_SERVER['request_uri']). + (cmb) + . Fixed bug #80173 (Using return value of zend_assign_to_variable() is not + safe). (Nikita) + . Fixed bug #73226 (--r[fcez] always return zero exit code). (cmb) + +- Intl: + . Fixed bug #72809 (Locale::lookup() wrong result with canonicalize option). + (cmb) + . Fixed bug #68471 (IntlDateFormatter fails for "GMT+00:00" timezone). (cmb) + . Fixed bug #74264 (grapheme_strrpos() broken for negative offsets). (cmb) + +- OpenSSL: + . Fixed bug #52093 (openssl_csr_sign truncates $serial). (cmb) + +- PCRE: + . Fixed bug #81101 (PCRE2 10.37 shows unexpected result). (Anatol) + . Fixed bug #81243 (Too much memory is allocated for preg_replace()). (cmb) + +- Standard: + . Fixed bug #81223 (flock() only locks first byte of file). (cmb) + 01 Jul 2021, PHP 7.4.21 - Core: - . Fixed bug #81068 (Double free in realpath_cache_clean()). (Dimitry Andric) . Fixed bug #76359 (open_basedir bypass through adding ".."). (cmb) - . Fixed bug #81090 (Typed property performance degradation with .= operator). - (Nikita) + . Fixed bug #81068 (Double free in realpath_cache_clean()). (Dimitry Andric) . Fixed bug #81070 (Integer underflow in memory limit comparison). (Peter van Dommelen) - . Fixed bug #81122 (SSRF bypass in FILTER_VALIDATE_URL). - (CVE-2021-21705) (cmb) + . Fixed bug #81090 (Typed property performance degradation with .= operator). + (Nikita) + . Fixed bug #81122: SSRF bypass in FILTER_VALIDATE_URL. (CVE-2021-21705) (cmb) - Bzip2: . Fixed bug #81092 (fflush before stream_filter_remove corrupts stream). @@ -21,13 +161,11 @@ (cmb) - PDO_Firebird: - . Fixed bug #76448 (Stack buffer overflow in firebird_info_cb). - (CVE-2021-21704) (cmb) - . Fixed bug #76449 (SIGSEGV in firebird_handle_doer). - (CVE-2021-21704) (cmb) - . Fixed bug #76450 (SIGSEGV in firebird_stmt_execute). + . Fixed bug #76448: Stack buffer overflow in firebird_info_cb. (CVE-2021-21704) (cmb) - . Fixed bug #76452 (Crash while parsing blob data in firebird_fetch_blob). + . Fixed bug #76449: SIGSEGV in firebird_handle_doer. (CVE-2021-21704) (cmb) + . Fixed bug #76450: SIGSEGV in firebird_stmt_execute. (CVE-2021-21704) (cmb) + . Fixed bug #76452: Crash while parsing blob data in firebird_fetch_blob. (CVE-2021-21704) (cmb) - Standard: diff -Nru php7.4-7.4.21/TSRM/tsrm_win32.c php7.4-7.4.25/TSRM/tsrm_win32.c --- php7.4-7.4.21/TSRM/tsrm_win32.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/TSRM/tsrm_win32.c 2021-10-19 15:18:10.000000000 +0000 @@ -611,16 +611,20 @@ return termstat; }/*}}}*/ +#define SEGMENT_PREFIX "TSRM_SHM_SEGMENT:" +#define DESCRIPTOR_PREFIX "TSRM_SHM_DESCRIPTOR:" +#define INT_MIN_AS_STRING "-2147483648" + TSRM_API int shmget(key_t key, size_t size, int flags) {/*{{{*/ shm_pair *shm; - char shm_segment[26], shm_info[29]; + char shm_segment[sizeof(SEGMENT_PREFIX INT_MIN_AS_STRING)], shm_info[sizeof(DESCRIPTOR_PREFIX INT_MIN_AS_STRING)]; HANDLE shm_handle = NULL, info_handle = NULL; BOOL created = FALSE; if (key != IPC_PRIVATE) { - snprintf(shm_segment, sizeof(shm_segment), "TSRM_SHM_SEGMENT:%d", key); - snprintf(shm_info, sizeof(shm_info), "TSRM_SHM_DESCRIPTOR:%d", key); + snprintf(shm_segment, sizeof(shm_segment), SEGMENT_PREFIX "%d", key); + snprintf(shm_info, sizeof(shm_info), DESCRIPTOR_PREFIX "%d", key); shm_handle = OpenFileMapping(FILE_MAP_ALL_ACCESS, FALSE, shm_segment); info_handle = OpenFileMapping(FILE_MAP_ALL_ACCESS, FALSE, shm_info); diff -Nru php7.4-7.4.21/Zend/tests/assign_by_val_function_by_ref_return_value.phpt php7.4-7.4.25/Zend/tests/assign_by_val_function_by_ref_return_value.phpt --- php7.4-7.4.21/Zend/tests/assign_by_val_function_by_ref_return_value.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/Zend/tests/assign_by_val_function_by_ref_return_value.phpt 2021-10-19 15:18:22.000000000 +0000 @@ -0,0 +1,11 @@ +--TEST-- +Return value of assigning by-val function result by-reference +--FILE-- + +--EXPECTF-- +Notice: Only variables should be assigned by reference in %s on line %d +NULL diff -Nru php7.4-7.4.21/Zend/tests/bug66719.phpt php7.4-7.4.25/Zend/tests/bug66719.phpt --- php7.4-7.4.21/Zend/tests/bug66719.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/Zend/tests/bug66719.phpt 2021-10-19 15:18:20.000000000 +0000 @@ -0,0 +1,43 @@ +--TEST-- +Bug #66719: Weird behaviour when using get_called_class() with call_user_func() +--FILE-- + +--EXPECT-- +string(1) "B" +string(1) "A" +string(1) "A" +string(1) "B" +string(1) "A" +string(1) "A" diff -Nru php7.4-7.4.21/Zend/tests/closure_call_internal.phpt php7.4-7.4.25/Zend/tests/closure_call_internal.phpt --- php7.4-7.4.21/Zend/tests/closure_call_internal.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/Zend/tests/closure_call_internal.phpt 2021-10-19 15:18:20.000000000 +0000 @@ -0,0 +1,10 @@ +--TEST-- +Closure::call() on internal method +--FILE-- +call(new DateTime('@123'))); + +?> +--EXPECT-- +int(123) diff -Nru php7.4-7.4.21/Zend/tests/foreach_by_ref_to_property.phpt php7.4-7.4.25/Zend/tests/foreach_by_ref_to_property.phpt --- php7.4-7.4.21/Zend/tests/foreach_by_ref_to_property.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/Zend/tests/foreach_by_ref_to_property.phpt 2021-10-19 15:18:20.000000000 +0000 @@ -0,0 +1,11 @@ +--TEST-- +Foreach by ref assignment to property +--FILE-- +prop) { + var_dump($obj->prop); +} +?> +--EXPECT-- +int(0) diff -Nru php7.4-7.4.21/Zend/tests/type_declarations/typed_properties_cache_slot_opt.phpt php7.4-7.4.25/Zend/tests/type_declarations/typed_properties_cache_slot_opt.phpt --- php7.4-7.4.21/Zend/tests/type_declarations/typed_properties_cache_slot_opt.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/Zend/tests/type_declarations/typed_properties_cache_slot_opt.phpt 2021-10-19 15:18:20.000000000 +0000 @@ -0,0 +1,30 @@ +--TEST-- +Demonstrate that cache_slot optimization is illegal due to cache_slot merging +--FILE-- +prop = 1; + try { + $this->prop = "foobar"; + } catch (TypeError $e) { + echo $e->getMessage(), "\n"; + } + var_dump($this->prop); + } +} + +$test = new Test; +$test->method(); +$test->method(); + +?> +--EXPECT-- +Typed property Test::$prop must be int, string used +int(1) +Typed property Test::$prop must be int, string used +int(1) diff -Nru php7.4-7.4.21/Zend/tests/unset_prop_recursion.phpt php7.4-7.4.25/Zend/tests/unset_prop_recursion.phpt --- php7.4-7.4.21/Zend/tests/unset_prop_recursion.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/Zend/tests/unset_prop_recursion.phpt 2021-10-19 15:18:20.000000000 +0000 @@ -0,0 +1,65 @@ +--TEST-- +Unset property where unset will recursively access property again +--FILE-- +parent = $this; + $this->children[] = $node; + } + function __destruct() { + var_dump($this); + unset($this->children); + } +} + +$a = new Node; +$a->insert(new Node); +$a->insert(new Node); +?> +--EXPECT-- +object(Node)#1 (2) { + ["parent"]=> + NULL + ["children"]=> + array(2) { + [0]=> + object(Node)#2 (2) { + ["parent"]=> + *RECURSION* + ["children"]=> + array(0) { + } + } + [1]=> + object(Node)#3 (2) { + ["parent"]=> + *RECURSION* + ["children"]=> + array(0) { + } + } + } +} +object(Node)#2 (2) { + ["parent"]=> + object(Node)#1 (2) { + ["parent"]=> + NULL + } + ["children"]=> + array(0) { + } +} +object(Node)#3 (2) { + ["parent"]=> + object(Node)#1 (2) { + ["parent"]=> + NULL + } + ["children"]=> + array(0) { + } +} diff -Nru php7.4-7.4.21/Zend/tests/write_property_ref_overwrite_return.phpt php7.4-7.4.25/Zend/tests/write_property_ref_overwrite_return.phpt --- php7.4-7.4.21/Zend/tests/write_property_ref_overwrite_return.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/Zend/tests/write_property_ref_overwrite_return.phpt 2021-10-19 15:18:21.000000000 +0000 @@ -0,0 +1,12 @@ +--TEST-- +Using return of property assignment to reference that destroys object +--FILE-- +a =& $a; +var_dump($a->a = 0); + +?> +--EXPECT-- +int(0) diff -Nru php7.4-7.4.21/Zend/zend_API.c php7.4-7.4.25/Zend/zend_API.c --- php7.4-7.4.21/Zend/zend_API.c 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_API.c 2021-10-19 15:18:22.000000000 +0000 @@ -2922,6 +2922,9 @@ if (error) *error = estrdup("cannot access self:: when no class scope is active"); } else { fcc->called_scope = zend_get_called_scope(EG(current_execute_data)); + if (!fcc->called_scope || !instanceof_function(fcc->called_scope, scope)) { + fcc->called_scope = scope; + } fcc->calling_scope = scope; if (!fcc->object) { fcc->object = zend_get_this_object(EG(current_execute_data)); @@ -2935,6 +2938,9 @@ if (error) *error = estrdup("cannot access parent:: when current class scope has no parent"); } else { fcc->called_scope = zend_get_called_scope(EG(current_execute_data)); + if (!fcc->called_scope || !instanceof_function(fcc->called_scope, scope->parent)) { + fcc->called_scope = scope->parent; + } fcc->calling_scope = scope->parent; if (!fcc->object) { fcc->object = zend_get_this_object(EG(current_execute_data)); diff -Nru php7.4-7.4.21/Zend/zend_closures.c php7.4-7.4.25/Zend/zend_closures.c --- php7.4-7.4.21/Zend/zend_closures.c 2021-06-29 15:17:25.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_closures.c 2021-10-19 15:18:20.000000000 +0000 @@ -152,6 +152,9 @@ my_function.common.fn_flags &= ~ZEND_ACC_CLOSURE; /* use scope of passed object */ my_function.common.scope = Z_OBJCE_P(newthis); + if (closure->func.type == ZEND_INTERNAL_FUNCTION) { + my_function.internal_function.handler = closure->orig_internal_handler; + } fci_cache.function_handler = &my_function; /* Runtime cache relies on bound scope to be immutable, hence we need a separate rt cache in case scope changed */ diff -Nru php7.4-7.4.21/Zend/zend_compile.c php7.4-7.4.25/Zend/zend_compile.c --- php7.4-7.4.21/Zend/zend_compile.c 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_compile.c 2021-10-19 15:18:22.000000000 +0000 @@ -2888,17 +2888,13 @@ opline->extended_value &= ~ZEND_FETCH_REF; opline->extended_value |= flags; zend_emit_op_data(&source_node); - if (result != NULL) { - *result = target_node; - } + *result = target_node; } else if (opline && opline->opcode == ZEND_FETCH_STATIC_PROP_W) { opline->opcode = ZEND_ASSIGN_STATIC_PROP_REF; opline->extended_value &= ~ZEND_FETCH_REF; opline->extended_value |= flags; zend_emit_op_data(&source_node); - if (result != NULL) { - *result = target_node; - } + *result = target_node; } else { opline = zend_emit_op(result, ZEND_ASSIGN_REF, &target_node, &source_node); opline->extended_value = flags; @@ -2908,9 +2904,11 @@ static inline void zend_emit_assign_ref_znode(zend_ast *var_ast, znode *value_node) /* {{{ */ { + znode dummy_node; zend_ast *assign_ast = zend_ast_create(ZEND_AST_ASSIGN_REF, var_ast, zend_ast_create_znode(value_node)); - zend_compile_assign_ref(NULL, assign_ast); + zend_compile_assign_ref(&dummy_node, assign_ast); + zend_do_free(&dummy_node); } /* }}} */ diff -Nru php7.4-7.4.21/Zend/zend_execute.c php7.4-7.4.25/Zend/zend_execute.c --- php7.4-7.4.21/Zend/zend_execute.c 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_execute.c 2021-10-19 15:18:22.000000000 +0000 @@ -585,18 +585,16 @@ return prop; } -static zend_never_inline ZEND_COLD int zend_wrong_assign_to_variable_reference(zval *variable_ptr, zval *value_ptr OPLINE_DC EXECUTE_DATA_DC) +static zend_never_inline ZEND_COLD zval *zend_wrong_assign_to_variable_reference(zval *variable_ptr, zval *value_ptr OPLINE_DC EXECUTE_DATA_DC) { zend_error(E_NOTICE, "Only variables should be assigned by reference"); if (UNEXPECTED(EG(exception) != NULL)) { - return 0; + return &EG(uninitialized_zval); } /* Use IS_TMP_VAR instead of IS_VAR to avoid ISREF check */ Z_TRY_ADDREF_P(value_ptr); - value_ptr = zend_assign_to_variable(variable_ptr, value_ptr, IS_TMP_VAR, EX_USES_STRICT_TYPES()); - - return 1; + return zend_assign_to_variable(variable_ptr, value_ptr, IS_TMP_VAR, EX_USES_STRICT_TYPES()); } static void zend_format_type(zend_type type, const char **part1, const char **part2) { @@ -2948,10 +2946,8 @@ (opline->extended_value & ZEND_RETURNS_FUNCTION) && UNEXPECTED(!Z_ISREF_P(value_ptr))) { - if (UNEXPECTED(!zend_wrong_assign_to_variable_reference( - variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC))) { - variable_ptr = &EG(uninitialized_zval); - } + variable_ptr = zend_wrong_assign_to_variable_reference( + variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC); } else { zend_property_info *prop_info = NULL; diff -Nru php7.4-7.4.21/Zend/zend_list.c php7.4-7.4.25/Zend/zend_list.c --- php7.4-7.4.21/Zend/zend_list.c 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_list.c 2021-10-19 15:18:22.000000000 +0000 @@ -37,6 +37,8 @@ index = zend_hash_next_free_element(&EG(regular_list)); if (index == 0) { index = 1; + } else if (index == INT_MAX) { + zend_error_noreturn(E_ERROR, "Resource ID space overflow"); } ZVAL_NEW_RES(&zv, index, ptr, type); return zend_hash_index_add_new(&EG(regular_list), index, &zv); diff -Nru php7.4-7.4.21/Zend/zend_object_handlers.c php7.4-7.4.25/Zend/zend_object_handlers.c --- php7.4-7.4.21/Zend/zend_object_handlers.c 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_object_handlers.c 2021-10-19 15:18:22.000000000 +0000 @@ -849,7 +849,8 @@ } found: - zend_assign_to_variable(variable_ptr, value, IS_TMP_VAR, property_uses_strict_types()); + variable_ptr = zend_assign_to_variable( + variable_ptr, value, IS_TMP_VAR, property_uses_strict_types()); goto exit; } if (Z_PROP_FLAG_P(variable_ptr) == IS_PROP_UNINIT) { @@ -1136,8 +1137,10 @@ ZEND_REF_DEL_TYPE_SOURCE(Z_REF_P(slot), prop_info); } } - zval_ptr_dtor(slot); + zval tmp; + ZVAL_COPY_VALUE(&tmp, slot); ZVAL_UNDEF(slot); + zval_ptr_dtor(&tmp); if (zobj->properties) { HT_FLAGS(zobj->properties) |= HASH_FLAG_HAS_EMPTY_IND; } diff -Nru php7.4-7.4.21/Zend/zend_operators.c php7.4-7.4.25/Zend/zend_operators.c --- php7.4-7.4.21/Zend/zend_operators.c 2021-06-29 15:17:25.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_operators.c 2021-10-19 15:18:20.000000000 +0000 @@ -1882,7 +1882,7 @@ size_t result_len = op1_len + op2_len; zend_string *result_str; - if (UNEXPECTED(op1_len > SIZE_MAX - op2_len)) { + if (UNEXPECTED(op1_len > ZSTR_MAX_LEN - op2_len)) { zend_throw_error(NULL, "String size overflow"); zval_ptr_dtor_str(&op1_copy); zval_ptr_dtor_str(&op2_copy); diff -Nru php7.4-7.4.21/Zend/zend_smart_str.c php7.4-7.4.25/Zend/zend_smart_str.c --- php7.4-7.4.21/Zend/zend_smart_str.c 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_smart_str.c 2021-10-19 15:18:22.000000000 +0000 @@ -45,7 +45,7 @@ ZEND_API void ZEND_FASTCALL smart_str_realloc(smart_str *str, size_t len) { if (UNEXPECTED(!str->s)) { - str->a = len <= SMART_STR_START_SIZE + str->a = len <= SMART_STR_START_LEN ? SMART_STR_START_LEN : SMART_STR_NEW_LEN(len); str->s = zend_string_alloc(str->a, 1); diff -Nru php7.4-7.4.21/Zend/zend_string.h php7.4-7.4.25/Zend/zend_string.h --- php7.4-7.4.21/Zend/zend_string.h 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_string.h 2021-10-19 15:18:22.000000000 +0000 @@ -75,6 +75,8 @@ #define _ZSTR_STRUCT_SIZE(len) (_ZSTR_HEADER_SIZE + len + 1) +#define ZSTR_MAX_LEN (SIZE_MAX - ZEND_MM_ALIGNED_SIZE(_ZSTR_HEADER_SIZE + 1)) + #define ZSTR_ALLOCA_ALLOC(str, _len, use_heap) do { \ (str) = (zend_string *)do_alloca(ZEND_MM_ALIGNED_SIZE_EX(_ZSTR_STRUCT_SIZE(_len), 8), (use_heap)); \ GC_SET_REFCOUNT(str, 1); \ diff -Nru php7.4-7.4.21/Zend/zend_vm_def.h php7.4-7.4.25/Zend/zend_vm_def.h --- php7.4-7.4.21/Zend/zend_vm_def.h 2021-06-29 15:17:25.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_vm_def.h 2021-10-19 15:18:20.000000000 +0000 @@ -416,6 +416,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -2480,18 +2483,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (OP_DATA_TYPE == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (OP_DATA_TYPE == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } ZEND_VM_C_GOTO(free_and_exit_assign_obj); } else { ZEND_VM_C_LABEL(fast_assign_obj): @@ -2772,9 +2764,8 @@ opline->extended_value == ZEND_RETURNS_FUNCTION && UNEXPECTED(!Z_ISREF_P(value_ptr))) { - if (UNEXPECTED(!zend_wrong_assign_to_variable_reference(variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC))) { - variable_ptr = &EG(uninitialized_zval); - } + variable_ptr = zend_wrong_assign_to_variable_reference( + variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC); } else { zend_assign_to_variable_reference(variable_ptr, value_ptr); } diff -Nru php7.4-7.4.21/Zend/zend_vm_execute.h php7.4-7.4.25/Zend/zend_vm_execute.h --- php7.4-7.4.21/Zend/zend_vm_execute.h 2021-06-29 15:17:27.000000000 +0000 +++ php7.4-7.4.25/Zend/zend_vm_execute.h 2021-10-19 15:18:22.000000000 +0000 @@ -7899,6 +7899,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -10357,6 +10360,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -14674,6 +14680,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -15343,6 +15352,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -17027,6 +17039,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -22692,18 +22707,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -22827,18 +22831,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -22962,18 +22955,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -23097,18 +23079,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -24987,18 +24958,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -25122,18 +25082,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -25257,18 +25206,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -25392,18 +25330,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -26766,9 +26693,8 @@ opline->extended_value == ZEND_RETURNS_FUNCTION && UNEXPECTED(!Z_ISREF_P(value_ptr))) { - if (UNEXPECTED(!zend_wrong_assign_to_variable_reference(variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC))) { - variable_ptr = &EG(uninitialized_zval); - } + variable_ptr = zend_wrong_assign_to_variable_reference( + variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC); } else { zend_assign_to_variable_reference(variable_ptr, value_ptr); } @@ -28662,18 +28588,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -28797,18 +28712,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -28932,18 +28836,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -29067,18 +28960,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -29698,9 +29580,8 @@ opline->extended_value == ZEND_RETURNS_FUNCTION && UNEXPECTED(!Z_ISREF_P(value_ptr))) { - if (UNEXPECTED(!zend_wrong_assign_to_variable_reference(variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC))) { - variable_ptr = &EG(uninitialized_zval); - } + variable_ptr = zend_wrong_assign_to_variable_reference( + variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC); } else { zend_assign_to_variable_reference(variable_ptr, value_ptr); } @@ -31144,18 +31025,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -31279,18 +31149,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -31414,18 +31273,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -31549,18 +31397,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -32980,18 +32817,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -33115,18 +32941,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -33250,18 +33065,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -33385,18 +33189,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -35502,18 +35295,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -35637,18 +35419,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -35772,18 +35543,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -35907,18 +35667,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -38598,6 +38347,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -39884,18 +39636,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -40019,18 +39760,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -40154,18 +39884,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -40289,18 +40008,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -41018,6 +40726,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -43387,18 +43098,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -43522,18 +43222,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -43657,18 +43346,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -43792,18 +43470,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -45451,9 +45118,8 @@ opline->extended_value == ZEND_RETURNS_FUNCTION && UNEXPECTED(!Z_ISREF_P(value_ptr))) { - if (UNEXPECTED(!zend_wrong_assign_to_variable_reference(variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC))) { - variable_ptr = &EG(uninitialized_zval); - } + variable_ptr = zend_wrong_assign_to_variable_reference( + variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC); } else { zend_assign_to_variable_reference(variable_ptr, value_ptr); } @@ -47190,6 +46856,9 @@ !ZSTR_IS_INTERNED(op1_str) && GC_REFCOUNT(op1_str) == 1) { size_t len = ZSTR_LEN(op1_str); + if (UNEXPECTED(len > ZSTR_MAX_LEN - ZSTR_LEN(op2_str))) { + zend_error_noreturn(E_ERROR, "Integer overflow in memory allocation"); + } str = zend_string_extend(op1_str, len + ZSTR_LEN(op2_str), 0); memcpy(ZSTR_VAL(str) + len, ZSTR_VAL(op2_str), ZSTR_LEN(op2_str)+1); ZVAL_NEW_STR(EX_VAR(opline->result.var), str); @@ -48471,18 +48140,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CONST == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CONST == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -48606,18 +48264,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_TMP_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_TMP_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -48741,18 +48388,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_VAR == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_VAR == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -48876,18 +48512,7 @@ zend_property_info *prop_info = (zend_property_info*) CACHED_PTR_EX(cache_slot + 2); if (UNEXPECTED(prop_info != NULL)) { - zend_uchar orig_type = IS_UNDEF; - - if (IS_CV == IS_CONST) { - orig_type = Z_TYPE_P(value); - } - value = zend_assign_to_typed_prop(prop_info, property_val, value EXECUTE_DATA_CC); - - /* will remain valid, thus no need to check prop_info in future here */ - if (IS_CV == IS_CONST && Z_TYPE_P(value) == orig_type) { - CACHE_PTR_EX(cache_slot + 2, NULL); - } goto free_and_exit_assign_obj; } else { fast_assign_obj: @@ -49507,9 +49132,8 @@ opline->extended_value == ZEND_RETURNS_FUNCTION && UNEXPECTED(!Z_ISREF_P(value_ptr))) { - if (UNEXPECTED(!zend_wrong_assign_to_variable_reference(variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC))) { - variable_ptr = &EG(uninitialized_zval); - } + variable_ptr = zend_wrong_assign_to_variable_reference( + variable_ptr, value_ptr OPLINE_CC EXECUTE_DATA_CC); } else { zend_assign_to_variable_reference(variable_ptr, value_ptr); } diff -Nru php7.4-7.4.21/azure/community_job.yml php7.4-7.4.25/azure/community_job.yml --- php7.4-7.4.21/azure/community_job.yml 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/azure/community_job.yml 2021-10-19 15:18:10.000000000 +0000 @@ -48,14 +48,15 @@ echo opcache.protect_memory=1 >> /etc/php.d/opcache.ini displayName: 'Install Build' - script: | - git clone https://github.com/laravel/framework.git --branch=master --depth=1 + git clone https://github.com/laravel/framework.git --branch=8.x --depth=1 cd framework php7.4 /usr/bin/composer install --no-progress export USE_ZEND_ALLOC=0 - sed -i 's/$exit = true/$exit = false/g' vendor/phpunit/phpunit/src/TextUI/Command.php # Avoid test using exit(), which thus leaks. # We can use USE_TRACKED_ALLOC=1 if more of these show up. - sed -i "s/function_exists('pcntl_fork')/false/" tests/Filesystem/FilesystemTest.php + sed -i 's/$exit = true/$exit = false/g' vendor/phpunit/phpunit/src/TextUI/Command.php + # Hack to disable a test that hangs on azure + sed -i 's/PHP_OS/"Darwin"/' tests/Filesystem/FilesystemTest.php php vendor/bin/phpunit displayName: 'Test Laravel' - script: | diff -Nru php7.4-7.4.21/build/pkg.m4 php7.4-7.4.25/build/pkg.m4 --- php7.4-7.4.21/build/pkg.m4 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/build/pkg.m4 2021-10-19 15:18:10.000000000 +0000 @@ -86,7 +86,7 @@ dnl PKG_CHECK_MODULES(), but does not set variables or print errors. dnl dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) -dnl only at the first occurence in configure.ac, so if the first place +dnl only at the first occurrence in configure.ac, so if the first place dnl it's called might be skipped (such as if it is within an "if", you dnl have to call PKG_CHECK_EXISTS manually AC_DEFUN([PKG_CHECK_EXISTS], diff -Nru php7.4-7.4.21/configure php7.4-7.4.25/configure --- php7.4-7.4.21/configure 2021-06-29 15:17:14.000000000 +0000 +++ php7.4-7.4.25/configure 2021-10-19 15:18:09.000000000 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for PHP 7.4.21. +# Generated by GNU Autoconf 2.69 for PHP 7.4.25. # # Report bugs to . # @@ -732,8 +732,8 @@ # Identity of this package. PACKAGE_NAME='PHP' PACKAGE_TARNAME='php' -PACKAGE_VERSION='7.4.21' -PACKAGE_STRING='PHP 7.4.21' +PACKAGE_VERSION='7.4.25' +PACKAGE_STRING='PHP 7.4.25' PACKAGE_BUGREPORT='https://bugs.php.net' PACKAGE_URL='https://www.php.net' @@ -1744,7 +1744,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures PHP 7.4.21 to adapt to many kinds of systems. +\`configure' configures PHP 7.4.25 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1815,7 +1815,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of PHP 7.4.21:";; + short | recursive ) echo "Configuration of PHP 7.4.25:";; esac cat <<\_ACEOF @@ -2260,7 +2260,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -PHP configure 7.4.21 +PHP configure 7.4.25 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -3044,7 +3044,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by PHP $as_me 7.4.21, which was +It was created by PHP $as_me 7.4.25, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3825,7 +3825,7 @@ ac_IFS=$IFS; IFS="." -set $(echo 7.4.21 | "${SED}" 's/\([0-9\.]*\)\(.*\)/\1\.\2/') +set $(echo 7.4.25 | "${SED}" 's/\([0-9\.]*\)\(.*\)/\1\.\2/') IFS=$ac_IFS PHP_MAJOR_VERSION=$1 PHP_MINOR_VERSION=$2 @@ -93367,7 +93367,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by PHP $as_me 7.4.21, which was +This file was extended by PHP $as_me 7.4.25, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -93434,7 +93434,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -PHP config.status 7.4.21 +PHP config.status 7.4.25 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nru php7.4-7.4.21/configure.ac php7.4-7.4.25/configure.ac --- php7.4-7.4.21/configure.ac 2021-06-29 15:17:14.000000000 +0000 +++ php7.4-7.4.25/configure.ac 2021-10-19 15:18:09.000000000 +0000 @@ -17,7 +17,7 @@ dnl ---------------------------------------------------------------------------- AC_PREREQ([2.68]) -AC_INIT([PHP],[7.4.21],[https://bugs.php.net],[php],[https://www.php.net]) +AC_INIT([PHP],[7.4.25],[https://bugs.php.net],[php],[https://www.php.net]) AC_CONFIG_SRCDIR([main/php_version.h]) AC_CONFIG_AUX_DIR([build]) AC_PRESERVE_HELP_ORDER diff -Nru php7.4-7.4.21/debian/changelog php7.4-7.4.25/debian/changelog --- php7.4-7.4.21/debian/changelog 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/changelog 2021-10-23 21:53:50.000000000 +0000 @@ -1,3 +1,12 @@ +php7.4 (7.4.25-1+deb11u1) bullseye-security; urgency=high + + * New upstream version 7.4.25 + + CVE-2021-21706: ZipArchive::extractTo extracts outside of destination + + CVE-2021-21703: PHP-FPM oob R/W in root process leading to privilege + escalation + + -- Ondřej Surý Sat, 23 Oct 2021 23:53:50 +0200 + php7.4 (7.4.21-1+deb11u1) unstable; urgency=medium * New upstream version 7.4.21 diff -Nru php7.4-7.4.21/debian/patches/0001-libtool_fixes.patch php7.4-7.4.25/debian/patches/0001-libtool_fixes.patch --- php7.4-7.4.21/debian/patches/0001-libtool_fixes.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0001-libtool_fixes.patch 2021-10-23 21:53:50.000000000 +0000 @@ -7,7 +7,7 @@ 1 file changed, 2 deletions(-) diff --git a/configure.ac b/configure.ac -index f03e8ba..2995fb1 100644 +index 2cf361c..86ac9d2 100644 --- a/configure.ac +++ b/configure.ac @@ -1435,8 +1435,6 @@ AC_PROVIDE_IFELSE([PHP_REQUIRE_CXX], [], [ diff -Nru php7.4-7.4.21/debian/patches/0002-debian_quirks.patch php7.4-7.4.25/debian/patches/0002-debian_quirks.patch --- php7.4-7.4.21/debian/patches/0002-debian_quirks.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0002-debian_quirks.patch 2021-10-23 21:53:50.000000000 +0000 @@ -13,7 +13,7 @@ 7 files changed, 21 insertions(+), 16 deletions(-) diff --git a/configure.ac b/configure.ac -index 2995fb1..3ba7ba1 100644 +index 86ac9d2..15cf97a 100644 --- a/configure.ac +++ b/configure.ac @@ -1133,7 +1133,7 @@ fi diff -Nru php7.4-7.4.21/debian/patches/0004-extension_api.patch php7.4-7.4.25/debian/patches/0004-extension_api.patch --- php7.4-7.4.21/debian/patches/0004-extension_api.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0004-extension_api.patch 2021-10-23 21:53:50.000000000 +0000 @@ -8,7 +8,7 @@ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 3ba7ba1..3e47a91 100644 +index 15cf97a..90205f0 100644 --- a/configure.ac +++ b/configure.ac @@ -1239,8 +1239,10 @@ ZEND_MODULE_API_NO=`$EGREP '#define ZEND_MODULE_API_NO ' $srcdir/Zend/zend_modul diff -Nru php7.4-7.4.21/debian/patches/0015-lp564920-fix-big-files.patch php7.4-7.4.25/debian/patches/0015-lp564920-fix-big-files.patch --- php7.4-7.4.21/debian/patches/0015-lp564920-fix-big-files.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0015-lp564920-fix-big-files.patch 2021-10-23 21:53:50.000000000 +0000 @@ -7,7 +7,7 @@ 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c -index d187c23..b8a35d8 100644 +index 4d10e68..f74a936 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -713,7 +713,13 @@ static int php_stdiop_set_option(php_stream *stream, int option, int value, void diff -Nru php7.4-7.4.21/debian/patches/0018-php-5.3.9-mysqlnd.patch php7.4-7.4.25/debian/patches/0018-php-5.3.9-mysqlnd.patch --- php7.4-7.4.21/debian/patches/0018-php-5.3.9-mysqlnd.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0018-php-5.3.9-mysqlnd.patch 2021-10-23 21:53:50.000000000 +0000 @@ -8,7 +8,7 @@ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/mysqlnd/mysqlnd_connection.c b/ext/mysqlnd/mysqlnd_connection.c -index 5057746..4f0277c 100644 +index 8897038..6121317 100644 --- a/ext/mysqlnd/mysqlnd_connection.c +++ b/ext/mysqlnd/mysqlnd_connection.c @@ -554,7 +554,7 @@ MYSQLND_METHOD(mysqlnd_conn_data, get_scheme)(MYSQLND_CONN_DATA * conn, MYSQLND_ diff -Nru php7.4-7.4.21/debian/patches/0019-php-5.3.9-gnusrc.patch php7.4-7.4.25/debian/patches/0019-php-5.3.9-gnusrc.patch --- php7.4-7.4.21/debian/patches/0019-php-5.3.9-gnusrc.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0019-php-5.3.9-gnusrc.patch 2021-10-23 21:53:50.000000000 +0000 @@ -28,7 +28,7 @@ /* +----------------------------------------------------------------------+ diff --git a/configure.ac b/configure.ac -index 3e47a91..08c99ba 100644 +index 90205f0..16afd9c 100644 --- a/configure.ac +++ b/configure.ac @@ -130,6 +130,8 @@ AC_DEFUN([PHP_EXT_DIR],[$config_m4_dir])dnl @@ -92,7 +92,7 @@ #include "zend.h" #include "zend_sort.h" diff --git a/main/streams/cast.c b/main/streams/cast.c -index 73421a7..d608802 100644 +index 2109239..ef19761 100644 --- a/main/streams/cast.c +++ b/main/streams/cast.c @@ -16,7 +16,6 @@ @@ -116,7 +116,7 @@ #include "ext/standard/base64.h" diff --git a/main/streams/streams.c b/main/streams/streams.c -index c1ecf34..4b3335f 100644 +index d2ee337..4ced0e8 100644 --- a/main/streams/streams.c +++ b/main/streams/streams.c @@ -19,7 +19,6 @@ diff -Nru php7.4-7.4.21/debian/patches/0024-Use-system-timezone.patch php7.4-7.4.25/debian/patches/0024-Use-system-timezone.patch --- php7.4-7.4.21/debian/patches/0024-Use-system-timezone.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0024-Use-system-timezone.patch 2021-10-23 21:53:50.000000000 +0000 @@ -14,10 +14,10 @@ 1 file changed, 17 insertions(+) diff --git a/ext/date/php_date.c b/ext/date/php_date.c -index 66812cb..8366778 100644 +index 189e435..7c9081c 100644 --- a/ext/date/php_date.c +++ b/ext/date/php_date.c -@@ -1032,6 +1032,23 @@ static char* guess_timezone(const timelib_tzdb *tzdb) +@@ -1039,6 +1039,23 @@ static char* guess_timezone(const timelib_tzdb *tzdb) DATEG(timezone_valid) = 1; return DATEG(default_timezone); } diff -Nru php7.4-7.4.21/debian/patches/0028-php-5.4.9-fixheader.patch php7.4-7.4.25/debian/patches/0028-php-5.4.9-fixheader.patch --- php7.4-7.4.21/debian/patches/0028-php-5.4.9-fixheader.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0028-php-5.4.9-fixheader.patch 2021-10-23 21:53:50.000000000 +0000 @@ -8,7 +8,7 @@ 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 08c99ba..9ba8c4f 100644 +index 16afd9c..7688703 100644 --- a/configure.ac +++ b/configure.ac @@ -1332,7 +1332,7 @@ PHP_BUILD_DATE=`date -u +%Y-%m-%d` diff -Nru php7.4-7.4.21/debian/patches/0037-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch php7.4-7.4.25/debian/patches/0037-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch --- php7.4-7.4.21/debian/patches/0037-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch 2021-07-02 03:59:48.000000000 +0000 +++ php7.4-7.4.25/debian/patches/0037-Really-expand-libdir-datadir-into-EXPANDED_LIBDIR-DA.patch 2021-10-23 21:53:50.000000000 +0000 @@ -7,7 +7,7 @@ 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac -index 9ba8c4f..1ca0e7f 100644 +index 7688703..4a5fd01 100644 --- a/configure.ac +++ b/configure.ac @@ -1286,9 +1286,9 @@ EXPANDED_LOCALSTATEDIR=`eval echo $localstatedir` diff -Nru php7.4-7.4.21/ext/bcmath/libbcmath/src/bcmath.h php7.4-7.4.25/ext/bcmath/libbcmath/src/bcmath.h --- php7.4-7.4.21/ext/bcmath/libbcmath/src/bcmath.h 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/bcmath/libbcmath/src/bcmath.h 2021-10-19 15:18:13.000000000 +0000 @@ -120,6 +120,8 @@ _PROTOTYPE(char bc_is_zero, (bc_num num)); +_PROTOTYPE(char bc_is_zero_for_scale, (bc_num num, int scale)); + _PROTOTYPE(char bc_is_near_zero, (bc_num num, int scale)); _PROTOTYPE(char bc_is_neg, (bc_num num)); diff -Nru php7.4-7.4.21/ext/bcmath/libbcmath/src/num2str.c php7.4-7.4.25/ext/bcmath/libbcmath/src/num2str.c --- php7.4-7.4.21/ext/bcmath/libbcmath/src/num2str.c 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/bcmath/libbcmath/src/num2str.c 2021-10-19 15:18:13.000000000 +0000 @@ -50,7 +50,7 @@ int index, signch; /* Allocate the string memory. */ - signch = num->n_sign != PLUS; /* Number of sign chars. */ + signch = num->n_sign != PLUS && !bc_is_zero_for_scale(num, MIN(num->n_scale, scale)); /* Number of sign chars. */ if (scale > 0) str = zend_string_alloc(num->n_len + scale + signch + 1, 0); else diff -Nru php7.4-7.4.21/ext/bcmath/libbcmath/src/zero.c php7.4-7.4.25/ext/bcmath/libbcmath/src/zero.c --- php7.4-7.4.21/ext/bcmath/libbcmath/src/zero.c 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/bcmath/libbcmath/src/zero.c 2021-10-19 15:18:12.000000000 +0000 @@ -40,7 +40,7 @@ /* In some places we need to check if the number NUM is zero. */ char -bc_is_zero (bc_num num) +bc_is_zero_for_scale (bc_num num, int scale) { int count; char *nptr; @@ -49,7 +49,7 @@ if (num == BCG(_zero_)) return TRUE; /* Initialize */ - count = num->n_len + num->n_scale; + count = num->n_len + scale; nptr = num->n_value; /* The check */ @@ -60,3 +60,9 @@ else return TRUE; } + +char +bc_is_zero (bc_num num) +{ + return bc_is_zero_for_scale(num, num->n_scale); +} diff -Nru php7.4-7.4.21/ext/bcmath/tests/bug78238.phpt php7.4-7.4.25/ext/bcmath/tests/bug78238.phpt --- php7.4-7.4.21/ext/bcmath/tests/bug78238.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/bcmath/tests/bug78238.phpt 2021-10-19 15:18:12.000000000 +0000 @@ -0,0 +1,18 @@ +--TEST-- +Bug #78238 (BCMath returns "-0") +--SKIPIF-- + +--FILE-- + +--EXPECT-- +string(1) "0" +string(3) "0.0" +string(3) "0.0" diff -Nru php7.4-7.4.21/ext/curl/interface.c php7.4-7.4.25/ext/curl/interface.c --- php7.4-7.4.21/ext/curl/interface.c 2021-06-29 15:17:21.000000000 +0000 +++ php7.4-7.4.25/ext/curl/interface.c 2021-10-19 15:18:16.000000000 +0000 @@ -1766,9 +1766,7 @@ if (ch->header.str) { zend_string_release_ex(ch->header.str, 0); } - if (buf_len > 0) { - ch->header.str = zend_string_init(buf, buf_len, 0); - } + ch->header.str = zend_string_init(buf, buf_len, 0); } return 0; @@ -2074,6 +2072,7 @@ curl_easy_setopt(ch->cp, CURLOPT_FILE, (void *) ch); curl_easy_setopt(ch->cp, CURLOPT_INFILE, (void *) ch); curl_easy_setopt(ch->cp, CURLOPT_WRITEHEADER, (void *) ch); + curl_easy_setopt(ch->cp, CURLOPT_DEBUGDATA, (void *) ch); if (source->handlers->progress) { ch->handlers->progress = ecalloc(1, sizeof(php_curl_progress)); diff -Nru php7.4-7.4.21/ext/curl/tests/curl_copy_handle_basic_009.phpt php7.4-7.4.25/ext/curl/tests/curl_copy_handle_basic_009.phpt --- php7.4-7.4.21/ext/curl/tests/curl_copy_handle_basic_009.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/curl/tests/curl_copy_handle_basic_009.phpt 2021-10-19 15:18:16.000000000 +0000 @@ -0,0 +1,29 @@ +--TEST-- +Test curl_copy_handle() with CURLINFO_HEADER_OUT +--SKIPIF-- + +--FILE-- + +--EXPECT-- +Hello World! +Hello World! +string(21) "GET /get.inc HTTP/1.1" +Hello World! +Hello World! +string(21) "GET /get.inc HTTP/1.1" diff -Nru php7.4-7.4.21/ext/date/lib/parse_date.c php7.4-7.4.25/ext/date/lib/parse_date.c --- php7.4-7.4.21/ext/date/lib/parse_date.c 2021-06-29 15:17:16.000000000 +0000 +++ php7.4-7.4.25/ext/date/lib/parse_date.c 2021-10-19 15:18:11.000000000 +0000 @@ -766,6 +766,9 @@ return sHOUR(tmp / 100) + sMIN(tmp % 100); } case 5: /* HH:MM */ + if (begin[2] != ':') { + return 0; + } tmp = sHOUR(strtol(begin, NULL, 10)) + sMIN(strtol(begin + 3, NULL, 10)); return tmp; } diff -Nru php7.4-7.4.21/ext/date/lib/parse_date.re php7.4-7.4.25/ext/date/lib/parse_date.re --- php7.4-7.4.21/ext/date/lib/parse_date.re 2021-06-29 15:17:16.000000000 +0000 +++ php7.4-7.4.25/ext/date/lib/parse_date.re 2021-10-19 15:18:11.000000000 +0000 @@ -764,6 +764,9 @@ return sHOUR(tmp / 100) + sMIN(tmp % 100); } case 5: /* HH:MM */ + if (begin[2] != ':') { + return 0; + } tmp = sHOUR(strtol(begin, NULL, 10)) + sMIN(strtol(begin + 3, NULL, 10)); return tmp; } diff -Nru php7.4-7.4.21/ext/date/php_date.c php7.4-7.4.25/ext/date/php_date.c --- php7.4-7.4.21/ext/date/php_date.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/ext/date/php_date.c 2021-10-19 15:18:11.000000000 +0000 @@ -698,7 +698,7 @@ PHP_MODULE_GLOBALS(date), /* globals descriptor */ PHP_GINIT(date), /* globals ctor */ NULL, /* globals dtor */ - NULL, /* post deactivate */ + ZEND_MODULE_POST_ZEND_DEACTIVATE_N(date), /* post deactivate */ STANDARD_MODULE_PROPERTIES_EX }; /* }}} */ @@ -743,11 +743,19 @@ efree(DATEG(timezone)); } DATEG(timezone) = NULL; - if(DATEG(tzcache)) { + + return SUCCESS; +} +/* }}} */ + +ZEND_MODULE_POST_ZEND_DEACTIVATE_D(date) +{ + if (DATEG(tzcache)) { zend_hash_destroy(DATEG(tzcache)); FREE_HASHTABLE(DATEG(tzcache)); DATEG(tzcache) = NULL; } + if (DATEG(last_errors)) { timelib_error_container_dtor(DATEG(last_errors)); DATEG(last_errors) = NULL; @@ -755,7 +763,6 @@ return SUCCESS; } -/* }}} */ #define DATE_TIMEZONEDB php_date_global_timezone_db ? php_date_global_timezone_db : timelib_builtin_db() diff -Nru php7.4-7.4.21/ext/date/php_date.h php7.4-7.4.25/ext/date/php_date.h --- php7.4-7.4.21/ext/date/php_date.h 2021-06-29 15:17:16.000000000 +0000 +++ php7.4-7.4.25/ext/date/php_date.h 2021-10-19 15:18:11.000000000 +0000 @@ -123,6 +123,7 @@ PHP_MINIT_FUNCTION(date); PHP_MSHUTDOWN_FUNCTION(date); PHP_MINFO_FUNCTION(date); +ZEND_MODULE_POST_ZEND_DEACTIVATE_D(date); typedef struct _php_date_obj php_date_obj; typedef struct _php_timezone_obj php_timezone_obj; diff -Nru php7.4-7.4.21/ext/date/tests/bug78984.phpt php7.4-7.4.25/ext/date/tests/bug78984.phpt --- php7.4-7.4.21/ext/date/tests/bug78984.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/date/tests/bug78984.phpt 2021-10-19 15:18:11.000000000 +0000 @@ -0,0 +1,15 @@ +--TEST-- +Bug #78984 (DateTimeZone accepting invalid UTC timezones) +--FILE-- +getName()); +} else { + // dummy case for proper fix + var_dump("+00:00"); +} +?> +--EXPECT-- +string(6) "+00:00" diff -Nru php7.4-7.4.21/ext/dom/element.c php7.4-7.4.25/ext/dom/element.c --- php7.4-7.4.21/ext/dom/element.c 2021-06-29 15:17:19.000000000 +0000 +++ php7.4-7.4.25/ext/dom/element.c 2021-10-19 15:18:14.000000000 +0000 @@ -1157,11 +1157,9 @@ xmlAddID(NULL, attrp->doc, id_val, attrp); xmlFree(id_val); } - } else { - if (attrp->atype == XML_ATTRIBUTE_ID) { - xmlRemoveID(attrp->doc, attrp); - attrp->atype = 0; - } + } else if (is_id == 0 && attrp->atype == XML_ATTRIBUTE_ID) { + xmlRemoveID(attrp->doc, attrp); + attrp->atype = 0; } } /* }}} */ diff -Nru php7.4-7.4.21/ext/dom/tests/bug81433.phpt php7.4-7.4.25/ext/dom/tests/bug81433.phpt --- php7.4-7.4.21/ext/dom/tests/bug81433.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/dom/tests/bug81433.phpt 2021-10-19 15:18:14.000000000 +0000 @@ -0,0 +1,26 @@ +--TEST-- +Bug #81433 (DOMElement::setIdAttribute(attr, true) called twice removes ID) +--SKIPIF-- + +--FILE-- +createElement('test', 'root'); + +$dom->appendChild($element); + +$element->setAttribute("id", 123); +$element->setIdAttribute("id", true); + +$node = $element->getAttributeNode("id"); +var_dump($node->isId()); + +$element->setIdAttribute("id", true); +var_dump($node->isId()); +?> +--EXPECT-- +bool(true) +bool(true) diff -Nru php7.4-7.4.21/ext/ffi/ffi.g php7.4-7.4.25/ext/ffi/ffi.g --- php7.4-7.4.21/ext/ffi/ffi.g 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/ffi/ffi.g 2021-10-19 15:18:12.000000000 +0000 @@ -147,7 +147,7 @@ specifier_qualifier_list(zend_ffi_dcl *dcl): "__extension__"? - ( ?{sym != YY_ID || zend_ffi_is_typedef_name((const char*)yy_text, yy_pos - yy_text)} + ( ?{sym != YY_ID || zend_ffi_is_typedef_name((const char*)yy_text, yy_pos - yy_text) || (dcl->flags & ZEND_FFI_DCL_TYPE_SPECIFIERS) == 0} ( type_specifier(dcl) | type_qualifier(dcl) | attributes(dcl) diff -Nru php7.4-7.4.21/ext/ffi/ffi_parser.c php7.4-7.4.25/ext/ffi/ffi_parser.c --- php7.4-7.4.21/ext/ffi/ffi_parser.c 2021-06-29 15:17:16.000000000 +0000 +++ php7.4-7.4.25/ext/ffi/ffi_parser.c 2021-10-19 15:18:12.000000000 +0000 @@ -2190,7 +2190,7 @@ } else { yy_error_sym("unexpected", sym); } - } while ((YY_IN_SET(sym, (YY_VOID,YY_CHAR,YY_SHORT,YY_INT,YY_LONG,YY_FLOAT,YY_DOUBLE,YY_SIGNED,YY_UNSIGNED,YY__BOOL,YY__COMPLEX,YY_COMPLEX,YY___COMPLEX,YY___COMPLEX__,YY_STRUCT,YY_UNION,YY_ENUM,YY_ID,YY_CONST,YY___CONST,YY___CONST__,YY_RESTRICT,YY___RESTRICT,YY___RESTRICT__,YY_VOLATILE,YY___VOLATILE,YY___VOLATILE__,YY__ATOMIC,YY___ATTRIBUTE,YY___ATTRIBUTE__,YY___DECLSPEC,YY___CDECL,YY___STDCALL,YY___FASTCALL,YY___THISCALL,YY___VECTORCALL), "\000\000\376\377\377\107\360\017\000\000\000\002\000")) && (sym != YY_ID || zend_ffi_is_typedef_name((const char*)yy_text, yy_pos - yy_text))); + } while ((YY_IN_SET(sym, (YY_VOID,YY_CHAR,YY_SHORT,YY_INT,YY_LONG,YY_FLOAT,YY_DOUBLE,YY_SIGNED,YY_UNSIGNED,YY__BOOL,YY__COMPLEX,YY_COMPLEX,YY___COMPLEX,YY___COMPLEX__,YY_STRUCT,YY_UNION,YY_ENUM,YY_ID,YY_CONST,YY___CONST,YY___CONST__,YY_RESTRICT,YY___RESTRICT,YY___RESTRICT__,YY_VOLATILE,YY___VOLATILE,YY___VOLATILE__,YY__ATOMIC,YY___ATTRIBUTE,YY___ATTRIBUTE__,YY___DECLSPEC,YY___CDECL,YY___STDCALL,YY___FASTCALL,YY___THISCALL,YY___VECTORCALL), "\000\000\376\377\377\107\360\017\000\000\000\002\000")) && (sym != YY_ID || zend_ffi_is_typedef_name((const char*)yy_text, yy_pos - yy_text) || (dcl->flags & ZEND_FFI_DCL_TYPE_SPECIFIERS) == 0)); return sym; } diff -Nru php7.4-7.4.21/ext/ffi/tests/bug79576.phpt php7.4-7.4.25/ext/ffi/tests/bug79576.phpt --- php7.4-7.4.21/ext/ffi/tests/bug79576.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/ffi/tests/bug79576.phpt 2021-10-19 15:18:12.000000000 +0000 @@ -0,0 +1,35 @@ +--TEST-- +Bug #79576 ("TYPE *" shows unhelpful message when type is not defined) +--SKIPIF-- + +--FILE-- +getMessage()."\n"; +} +try { + FFI::cdef('struct tree *get_tree(oid, size_t, struct tree *);'); +} catch (Throwable $e) { + echo get_class($e) . ": " . $e->getMessage()."\n"; +} +try { + FFI::cdef(' +typedef struct _simple_struct { + const some_not_declared_type **property; + } simple_struct; +'); +} catch (Throwable $e) { + echo get_class($e) . ": " . $e->getMessage()."\n"; +} +?> +DONE +--EXPECT-- +FFI\ParserException: undefined C type 'oid' at line 1 +FFI\ParserException: undefined C type 'oid' at line 1 +FFI\ParserException: undefined C type 'some_not_declared_type' at line 3 +DONE diff -Nru php7.4-7.4.21/ext/fileinfo/libmagic/encoding.c php7.4-7.4.25/ext/fileinfo/libmagic/encoding.c --- php7.4-7.4.21/ext/fileinfo/libmagic/encoding.c 2021-06-29 15:17:21.000000000 +0000 +++ php7.4-7.4.25/ext/fileinfo/libmagic/encoding.c 2021-10-19 15:18:16.000000000 +0000 @@ -71,7 +71,7 @@ size_t *ulen, const char **code, const char **code_mime, const char **type) { const unsigned char *buf = CAST(const unsigned char *, b->fbuf); - size_t nbytes = b->flen; + size_t nbytes = b->flen > 64*1024 ? 64*1024 : b->flen; size_t mlen; int rv = 1, ucs_type; unsigned char *nbuf = NULL; diff -Nru php7.4-7.4.21/ext/fileinfo/libmagic.patch php7.4-7.4.25/ext/fileinfo/libmagic.patch --- php7.4-7.4.21/ext/fileinfo/libmagic.patch 2021-06-29 15:17:21.000000000 +0000 +++ php7.4-7.4.25/ext/fileinfo/libmagic.patch 2021-10-19 15:18:16.000000000 +0000 @@ -1,6 +1,6 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c --- libmagic.orig/apprentice.c 2019-02-20 03:35:27.000000000 +0100 -+++ libmagic/apprentice.c 2020-11-19 11:50:32.412674100 +0100 ++++ libmagic/apprentice.c 2021-09-17 21:27:42.796508107 +0200 @@ -29,6 +29,8 @@ * apprentice - make one pass through /etc/magic, learning its secrets. */ @@ -974,7 +974,7 @@ } diff -u libmagic.orig/ascmagic.c libmagic/ascmagic.c --- libmagic.orig/ascmagic.c 2019-05-07 04:27:11.000000000 +0200 -+++ libmagic/ascmagic.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/ascmagic.c 2021-09-17 21:27:42.796508107 +0200 @@ -96,7 +96,7 @@ rv = file_ascmagic_with_encoding(ms, &bb, ubuf, ulen, code, type, text); @@ -1005,7 +1005,7 @@ } diff -u libmagic.orig/buffer.c libmagic/buffer.c --- libmagic.orig/buffer.c 2019-05-07 04:27:11.000000000 +0200 -+++ libmagic/buffer.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/buffer.c 2021-09-17 21:27:42.796508107 +0200 @@ -31,19 +31,23 @@ #endif /* lint */ @@ -1062,7 +1062,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c --- libmagic.orig/cdf.c 2019-02-20 03:35:27.000000000 +0100 -+++ libmagic/cdf.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/cdf.c 2021-09-17 21:27:42.796508107 +0200 @@ -43,7 +43,17 @@ #include #endif @@ -1341,7 +1341,7 @@ #endif diff -u libmagic.orig/cdf.h libmagic/cdf.h --- libmagic.orig/cdf.h 2019-02-20 02:24:19.000000000 +0100 -+++ libmagic/cdf.h 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/cdf.h 2021-09-17 21:22:51.278410517 +0200 @@ -35,10 +35,10 @@ #ifndef _H_CDF_ #define _H_CDF_ @@ -1366,7 +1366,7 @@ #define CDF_SECID_FREE -1 diff -u libmagic.orig/cdf_time.c libmagic/cdf_time.c --- libmagic.orig/cdf_time.c 2019-03-12 21:43:05.000000000 +0100 -+++ libmagic/cdf_time.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/cdf_time.c 2021-09-17 21:22:51.278410517 +0200 @@ -23,6 +23,7 @@ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. @@ -1395,7 +1395,7 @@ (void)snprintf(buf, 26, "*Bad* %#16.16" INT64_T_FORMAT "x\n", diff -u libmagic.orig/compress.c libmagic/compress.c --- libmagic.orig/compress.c 2019-05-07 04:27:11.000000000 +0200 -+++ libmagic/compress.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/compress.c 2021-09-17 21:27:42.796508107 +0200 @@ -45,13 +45,11 @@ #endif #include @@ -1545,7 +1545,7 @@ +#endif diff -u libmagic.orig/der.c libmagic/der.c --- libmagic.orig/der.c 2019-02-20 03:35:27.000000000 +0100 -+++ libmagic/der.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/der.c 2021-09-17 21:27:42.796508107 +0200 @@ -51,7 +51,9 @@ #include "magic.h" #include "der.h" @@ -1575,7 +1575,7 @@ snprintf(buf + z, blen - z, "%.2x", d[i]); diff -u libmagic.orig/elfclass.h libmagic/elfclass.h --- libmagic.orig/elfclass.h 2019-02-20 02:30:19.000000000 +0100 -+++ libmagic/elfclass.h 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/elfclass.h 2021-09-17 21:22:51.278410517 +0200 @@ -41,7 +41,7 @@ return toomany(ms, "program headers", phnum); flags |= FLAGS_IS_CORE; @@ -1605,7 +1605,16 @@ CAST(int, elf_getu16(swap, elfhdr.e_shstrndx)), diff -u libmagic.orig/encoding.c libmagic/encoding.c --- libmagic.orig/encoding.c 2019-04-15 18:48:41.000000000 +0200 -+++ libmagic/encoding.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/encoding.c 2021-09-17 22:21:17.103362836 +0200 +@@ -71,7 +71,7 @@ + size_t *ulen, const char **code, const char **code_mime, const char **type) + { + const unsigned char *buf = CAST(const unsigned char *, b->fbuf); +- size_t nbytes = b->flen; ++ size_t nbytes = b->flen > 64*1024 ? 64*1024 : b->flen; + size_t mlen; + int rv = 1, ucs_type; + unsigned char *nbuf = NULL; @@ -89,13 +89,13 @@ *code_mime = "binary"; @@ -1636,7 +1645,7 @@ } diff -u libmagic.orig/file.h libmagic/file.h --- libmagic.orig/file.h 2019-05-07 04:27:11.000000000 +0200 -+++ libmagic/file.h 2020-11-23 17:11:36.234964700 +0100 ++++ libmagic/file.h 2021-09-17 21:27:42.796508107 +0200 @@ -33,18 +33,9 @@ #ifndef __file_h__ #define __file_h__ @@ -1930,7 +1939,7 @@ #endif diff -u libmagic.orig/fsmagic.c libmagic/fsmagic.c --- libmagic.orig/fsmagic.c 2019-05-07 04:26:48.000000000 +0200 -+++ libmagic/fsmagic.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/fsmagic.c 2021-09-17 21:27:42.796508107 +0200 @@ -66,26 +66,10 @@ # define minor(dev) ((dev) & 0xff) #endif @@ -2223,7 +2232,7 @@ case S_IFSOCK: diff -u libmagic.orig/funcs.c libmagic/funcs.c --- libmagic.orig/funcs.c 2019-05-07 04:27:11.000000000 +0200 -+++ libmagic/funcs.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/funcs.c 2021-09-17 21:27:42.796508107 +0200 @@ -31,7 +31,6 @@ #endif /* lint */ @@ -2579,7 +2588,7 @@ diff -u libmagic.orig/magic.c libmagic/magic.c --- libmagic.orig/magic.c 2019-05-07 04:27:11.000000000 +0200 -+++ libmagic/magic.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/magic.c 2021-09-17 21:27:42.796508107 +0200 @@ -25,11 +25,6 @@ * SUCH DAMAGE. */ @@ -3043,8 +3052,8 @@ public const char * magic_error(struct magic_set *ms) diff -u libmagic.orig/magic.h libmagic/magic.h ---- libmagic.orig/magic.h 2020-11-23 17:12:12.776465800 +0100 -+++ libmagic/magic.h 2020-09-07 00:42:14.447562400 +0200 +--- libmagic.orig/magic.h 2021-09-18 20:39:34.813932433 +0200 ++++ libmagic/magic.h 2021-09-17 21:27:42.796508107 +0200 @@ -124,6 +124,7 @@ const char *magic_getpath(const char *, int); @@ -3055,7 +3064,7 @@ diff -u libmagic.orig/print.c libmagic/print.c --- libmagic.orig/print.c 2019-03-12 21:43:05.000000000 +0100 -+++ libmagic/print.c 2020-09-07 00:42:14.447562400 +0200 ++++ libmagic/print.c 2021-09-17 21:27:42.796508107 +0200 @@ -28,6 +28,7 @@ /* * print.c - debugging printout routines @@ -3129,7 +3138,7 @@ goto out; diff -u libmagic.orig/readcdf.c libmagic/readcdf.c --- libmagic.orig/readcdf.c 2019-03-12 21:43:05.000000000 +0100 -+++ libmagic/readcdf.c 2020-09-07 00:42:14.463191200 +0200 ++++ libmagic/readcdf.c 2021-09-17 21:27:42.796508107 +0200 @@ -31,7 +31,11 @@ #include @@ -3248,7 +3257,7 @@ if (i != -1) diff -u libmagic.orig/softmagic.c libmagic/softmagic.c --- libmagic.orig/softmagic.c 2019-05-17 04:24:59.000000000 +0200 -+++ libmagic/softmagic.c 2020-09-07 00:42:14.463191200 +0200 ++++ libmagic/softmagic.c 2021-09-17 21:27:42.796508107 +0200 @@ -43,6 +43,10 @@ #include #include "der.h" @@ -3615,7 +3624,7 @@ case FILE_INDIRECT: diff -u libmagic.orig/strcasestr.c libmagic/strcasestr.c --- libmagic.orig/strcasestr.c 2014-09-11 17:05:33.000000000 +0200 -+++ libmagic/strcasestr.c 2020-08-05 15:01:55.644887300 +0200 ++++ libmagic/strcasestr.c 2021-09-17 21:22:51.282410490 +0200 @@ -39,6 +39,8 @@ #include "file.h" diff -Nru php7.4-7.4.21/ext/fileinfo/tests/bug78987.phpt php7.4-7.4.25/ext/fileinfo/tests/bug78987.phpt --- php7.4-7.4.21/ext/fileinfo/tests/bug78987.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/fileinfo/tests/bug78987.phpt 2021-10-19 15:18:16.000000000 +0000 @@ -0,0 +1,40 @@ +--TEST-- +Bug #78987 High memory usage during encoding detection +--SKIPIF-- + +--INI-- +memory_limit=512M +--FILE-- + 9113600, + 262144 => 9113600, + 524288 => 10850304, + 1048576 => 11210752, + 2097152 => 13312000, + 4194304 => 17510400, + 8388608 => 23801856, + 16777216 => 36384768, +); +for($size = $minSize; $size <= $maxSize; $size *= 2) { + $content = str_repeat('0', $size); + + $finfo->buffer($content); + + $m = memory_get_peak_usage(true); + printf("%-8d => %s\n", $size, $m <= $map[$size] ? "ok" : "$m"); +} +?> +--EXPECT-- +131072 => ok +262144 => ok +524288 => ok +1048576 => ok +2097152 => ok +4194304 => ok +8388608 => ok +16777216 => ok diff -Nru php7.4-7.4.21/ext/fileinfo/tests/finfo_file_basic.phpt php7.4-7.4.25/ext/fileinfo/tests/finfo_file_basic.phpt --- php7.4-7.4.21/ext/fileinfo/tests/finfo_file_basic.phpt 2021-06-29 15:17:21.000000000 +0000 +++ php7.4-7.4.25/ext/fileinfo/tests/finfo_file_basic.phpt 2021-10-19 15:18:16.000000000 +0000 @@ -27,7 +27,7 @@ *** Testing finfo_file() : basic functionality *** string(28) "text/x-php; charset=us-ascii" string(%d) "PHP script, ASCII text%A" -string(32) "text/plain; charset=unknown-8bit" +string(28) "text/plain; charset=us-ascii" Warning: finfo_file(): Invalid path in %s%efinfo_file_basic.php on line %d bool(false) diff -Nru php7.4-7.4.21/ext/filter/logical_filters.c php7.4-7.4.25/ext/filter/logical_filters.c --- php7.4-7.4.21/ext/filter/logical_filters.c 2021-06-29 15:17:20.000000000 +0000 +++ php7.4-7.4.25/ext/filter/logical_filters.c 2021-10-19 15:18:15.000000000 +0000 @@ -91,7 +91,7 @@ #define FORMAT_IPV4 4 #define FORMAT_IPV6 6 -static int _php_filter_validate_ipv6(char *str, size_t str_len); +static int _php_filter_validate_ipv6(char *str, size_t str_len, int ip[8]); static int php_filter_parse_int(const char *str, size_t str_len, zend_long *ret) { /* {{{ */ zend_long ctx_value; @@ -609,7 +609,7 @@ t = e - 1; /* An IPv6 enclosed by square brackets is a valid hostname */ - if (*s == '[' && *t == ']' && _php_filter_validate_ipv6((s + 1), l - 2)) { + if (*s == '[' && *t == ']' && _php_filter_validate_ipv6((s + 1), l - 2, NULL)) { php_url_free(url); return; } @@ -749,11 +749,11 @@ } /* }}} */ -static int _php_filter_validate_ipv6(char *str, size_t str_len) /* {{{ */ +static int _php_filter_validate_ipv6(char *str, size_t str_len, int ip[8]) /* {{{ */ { - int compressed = 0; + int compressed_pos = -1; int blocks = 0; - int n; + int num, n, i; char *ipv4; char *end; int ip4elm[4]; @@ -796,35 +796,67 @@ return 0; } if (*str == ':') { - if (compressed) { + if (compressed_pos >= 0) { return 0; } - blocks++; /* :: means 1 or more 16-bit 0 blocks */ - compressed = 1; - + if (ip && blocks < 8) { + ip[blocks] = -1; + } + compressed_pos = blocks++; /* :: means 1 or more 16-bit 0 blocks */ if (++str == end) { - return (blocks <= 8); + if (blocks > 8) { + return 0; + } + goto fixup_ip; } } else if ((str - 1) == s) { /* don't allow leading : without another : following */ return 0; } } - n = 0; - while ((str < end) && - ((*str >= '0' && *str <= '9') || - (*str >= 'a' && *str <= 'f') || - (*str >= 'A' && *str <= 'F'))) { + num = n = 0; + while (str < end) { + if (*str >= '0' && *str <= '9') { + num = 16 * num + (*str - '0'); + } else if (*str >= 'a' && *str <= 'f') { + num = 16 * num + (*str - 'a') + 10; + } else if (*str >= 'A' && *str <= 'F') { + num = 16 * num + (*str - 'A') + 10; + } else { + break; + } n++; str++; } + if (ip && blocks < 8) { + ip[blocks] = num; + } if (n < 1 || n > 4) { return 0; } if (++blocks > 8) return 0; } - return ((compressed && blocks <= 8) || blocks == 8); + +fixup_ip: + if (ip && ipv4) { + for (i = 0; i < 5; i++) { + ip[i] = 0; + } + ip[i++] = 0xffff; + ip[i++] = 256 * ip4elm[0] + ip4elm[1]; + ip[i++] = 256 * ip4elm[2] + ip4elm[3]; + } else if (ip && compressed_pos >= 0 && blocks <= 8) { + int offset = 8 - blocks; + for (i = 7; i > compressed_pos + offset; i--) { + ip[i] = ip[i - offset]; + } + for (i = compressed_pos + offset; i >= compressed_pos; i--) { + ip[i] = 0; + } + } + + return (compressed_pos >= 0 && blocks <= 8) || blocks == 8; } /* }}} */ @@ -835,7 +867,7 @@ * allow_ipv4 and allow_ipv6 flags flag are used, then the first dot or * colon determine the format */ - int ip[4]; + int ip[8]; int mode; if (memchr(Z_STRVAL_P(value), ':', Z_STRLEN_P(value))) { @@ -886,49 +918,25 @@ case FORMAT_IPV6: { int res = 0; - res = _php_filter_validate_ipv6(Z_STRVAL_P(value), Z_STRLEN_P(value)); + res = _php_filter_validate_ipv6(Z_STRVAL_P(value), Z_STRLEN_P(value), ip); if (res < 1) { RETURN_VALIDATION_FAILED } /* Check flags */ if (flags & FILTER_FLAG_NO_PRIV_RANGE) { - if (Z_STRLEN_P(value) >=2 && (!strncasecmp("FC", Z_STRVAL_P(value), 2) || !strncasecmp("FD", Z_STRVAL_P(value), 2))) { + if (ip[0] >= 0xfc00 && ip[0] <= 0xfdff) { RETURN_VALIDATION_FAILED } } if (flags & FILTER_FLAG_NO_RES_RANGE) { - switch (Z_STRLEN_P(value)) { - case 1: case 0: - break; - case 2: - if (!strcmp("::", Z_STRVAL_P(value))) { - RETURN_VALIDATION_FAILED - } - break; - case 3: - if (!strcmp("::1", Z_STRVAL_P(value)) || !strcmp("5f:", Z_STRVAL_P(value))) { - RETURN_VALIDATION_FAILED - } - break; - default: - if (Z_STRLEN_P(value) >= 5) { - if ( - !strncasecmp("fe8", Z_STRVAL_P(value), 3) || - !strncasecmp("fe9", Z_STRVAL_P(value), 3) || - !strncasecmp("fea", Z_STRVAL_P(value), 3) || - !strncasecmp("feb", Z_STRVAL_P(value), 3) - ) { - RETURN_VALIDATION_FAILED - } - } - if ( - (Z_STRLEN_P(value) >= 9 && !strncasecmp("2001:0db8", Z_STRVAL_P(value), 9)) || - (Z_STRLEN_P(value) >= 2 && !strncasecmp("5f", Z_STRVAL_P(value), 2)) || - (Z_STRLEN_P(value) >= 4 && !strncasecmp("3ff3", Z_STRVAL_P(value), 4)) || - (Z_STRLEN_P(value) >= 8 && !strncasecmp("2001:001", Z_STRVAL_P(value), 8)) - ) { - RETURN_VALIDATION_FAILED - } + if ((ip[0] == 0 && ip[1] == 0 && ip[2] == 0 && ip[3] == 0 + && ip[4] == 0 && ip[5] == 0 && ip[6] == 0 && (ip[7] == 0 || ip[7] == 1)) + || (ip[0] == 0x5f) + || (ip[0] >= 0xfe80 && ip[0] <= 0xfebf) + || ((ip[0] == 0x2001 && ip[1] == 0x0db8) || (ip[1] >= 0x0010 && ip[1] <= 0x001f)) + || (ip[0] == 0x3ff3) + ) { + RETURN_VALIDATION_FAILED } } } diff -Nru php7.4-7.4.21/ext/filter/tests/bug47435.phpt php7.4-7.4.25/ext/filter/tests/bug47435.phpt --- php7.4-7.4.21/ext/filter/tests/bug47435.phpt 2021-06-29 15:17:20.000000000 +0000 +++ php7.4-7.4.25/ext/filter/tests/bug47435.phpt 2021-10-19 15:18:15.000000000 +0000 @@ -10,8 +10,8 @@ var_dump(filter_var("::", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_RES_RANGE)); var_dump(filter_var("::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)); var_dump(filter_var("::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_RES_RANGE)); -var_dump(filter_var("fe8:5:6::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)); -var_dump(filter_var("fe8:5:6::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_RES_RANGE)); +var_dump(filter_var("fe80:5:6::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)); +var_dump(filter_var("fe80:5:6::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_RES_RANGE)); var_dump(filter_var("2001:0db8::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)); var_dump(filter_var("2001:0db8::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_RES_RANGE)); var_dump(filter_var("5f::1", FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)); @@ -26,7 +26,7 @@ bool(false) string(3) "::1" bool(false) -string(10) "fe8:5:6::1" +string(11) "fe80:5:6::1" bool(false) string(12) "2001:0db8::1" bool(false) diff -Nru php7.4-7.4.21/ext/filter/tests/bug61700.phpt php7.4-7.4.25/ext/filter/tests/bug61700.phpt --- php7.4-7.4.21/ext/filter/tests/bug61700.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/filter/tests/bug61700.phpt 2021-10-19 15:18:15.000000000 +0000 @@ -0,0 +1,16 @@ +--TEST-- +Bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +bool(false) +string(18) "::ffff:192.168.1.1" +bool(false) diff -Nru php7.4-7.4.21/ext/gd/libgd/gd.c php7.4-7.4.25/ext/gd/libgd/gd.c --- php7.4-7.4.21/ext/gd/libgd/gd.c 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/gd/libgd/gd.c 2021-10-19 15:18:12.000000000 +0000 @@ -1715,7 +1715,7 @@ void gdImageEllipse(gdImagePtr im, int mx, int my, int w, int h, int c) { int x=0,mx1=0,mx2=0,my1=0,my2=0; - long aq,bq,dx,dy,r,rx,ry,a,b; + int64_t aq,bq,dx,dy,r,rx,ry,a,b; a=w>>1; b=h>>1; @@ -1754,7 +1754,7 @@ void gdImageFilledEllipse (gdImagePtr im, int mx, int my, int w, int h, int c) { int x=0,mx1=0,mx2=0,my1=0,my2=0; - long aq,bq,dx,dy,r,rx,ry,a,b; + int64_t aq,bq,dx,dy,r,rx,ry,a,b; int i; int old_y2; @@ -2612,7 +2612,6 @@ green /= spixels; blue /= spixels; alpha /= spixels; - alpha += 0.5; } if ( alpha_sum != 0.0f) { if( contrib_sum != 0.0f) { @@ -2622,20 +2621,12 @@ green /= alpha_sum; blue /= alpha_sum; } - /* Clamping to allow for rounding errors above */ - if (red > 255.0f) { - red = 255.0f; - } - if (green > 255.0f) { - green = 255.0f; - } - if (blue > 255.0f) { - blue = 255.0f; - } - if (alpha > gdAlphaMax) { - alpha = gdAlphaMax; - } - gdImageSetPixel(dst, x, y, gdTrueColorAlpha ((int) red, (int) green, (int) blue, (int) alpha)); + /* Round up closest next channel value and clamp to max channel value */ + red = red >= 255.5 ? 255 : red+0.5; + blue = blue >= 255.5 ? 255 : blue+0.5; + green = green >= 255.5 ? 255 : green+0.5; + alpha = alpha >= gdAlphaMax+0.5 ? gdAlphaMax : alpha+0.5; + gdImageSetPixel(dst, x, y, gdTrueColorAlpha ((int)red, (int)green, (int)blue, (int)alpha)); } } } diff -Nru php7.4-7.4.21/ext/gd/libgd/gd_png.c php7.4-7.4.25/ext/gd/libgd/gd_png.c --- php7.4-7.4.21/ext/gd/libgd/gd_png.c 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/gd/libgd/gd_png.c 2021-10-19 15:18:12.000000000 +0000 @@ -728,12 +728,7 @@ */ a = gdTrueColorGetAlpha(thisPixel); /* Andrew Hull: >> 6, not >> 7! (gd 2.0.5) */ - if (a == 127) { - *pOutputRow++ = 0; - } else { - *pOutputRow++ = 255 - ((a << 1) + (a >> 6)); - } - + *pOutputRow++ = 255 - ((a << 1) + (a >> 6)); } } } diff -Nru php7.4-7.4.21/ext/gd/tests/bug51498.phpt php7.4-7.4.25/ext/gd/tests/bug51498.phpt --- php7.4-7.4.21/ext/gd/tests/bug51498.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/gd/tests/bug51498.phpt 2021-10-19 15:18:12.000000000 +0000 @@ -0,0 +1,20 @@ +--TEST-- +Bug #51498 (imagefilledellipse does not work for large circles) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +The images are equal. Binary files /srv/release.debian.org/tmp/1dFtg2tvlP/php7.4-7.4.21/ext/gd/tests/bug51498_exp.png and /srv/release.debian.org/tmp/Qn_X03_Z3B/php7.4-7.4.25/ext/gd/tests/bug51498_exp.png differ diff -Nru php7.4-7.4.21/ext/gd/tests/bug53580.phpt php7.4-7.4.25/ext/gd/tests/bug53580.phpt --- php7.4-7.4.21/ext/gd/tests/bug53580.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/gd/tests/bug53580.phpt 2021-10-19 15:18:12.000000000 +0000 @@ -0,0 +1,32 @@ +--TEST-- +Bug #53580 (During resize gdImageCopyResampled cause colors change) +--SKIPIF-- + 2.3.2"); +} +?> +--FILE-- + +--EXPECT-- diff -Nru php7.4-7.4.21/ext/imap/php_imap.c php7.4-7.4.25/ext/imap/php_imap.c --- php7.4-7.4.21/ext/imap/php_imap.c 2021-06-29 15:17:18.000000000 +0000 +++ php7.4-7.4.25/ext/imap/php_imap.c 2021-10-19 15:18:13.000000000 +0000 @@ -1099,7 +1099,9 @@ if (EG(error_reporting) & E_NOTICE) { ecur = IMAPG(imap_errorstack); while (ecur != NIL) { - php_error_docref(NULL, E_NOTICE, "%s (errflg=%ld)", ecur->LTEXT, ecur->errflg); + zend_try { + php_error_docref(NULL, E_NOTICE, "%s (errflg=%ld)", ecur->LTEXT, ecur->errflg); + } zend_end_try(); ecur = ecur->next; } } @@ -1112,7 +1114,9 @@ if (EG(error_reporting) & E_NOTICE) { acur = IMAPG(imap_alertstack); while (acur != NIL) { - php_error_docref(NULL, E_NOTICE, "%s", acur->LTEXT); + zend_try { + php_error_docref(NULL, E_NOTICE, "%s", acur->LTEXT); + } zend_end_try(); acur = acur->next; } } diff -Nru php7.4-7.4.21/ext/intl/grapheme/grapheme_util.c php7.4-7.4.25/ext/intl/grapheme/grapheme_util.c --- php7.4-7.4.21/ext/intl/grapheme/grapheme_util.c 2021-06-29 15:17:25.000000000 +0000 +++ php7.4-7.4.25/ext/intl/grapheme/grapheme_util.c 2021-10-19 15:18:20.000000000 +0000 @@ -179,16 +179,29 @@ STRPOS_CHECK_STATUS(status, "Invalid search offset"); } status = U_ZERO_ERROR; - usearch_setOffset(src, offset_pos, &status); + usearch_setOffset(src, last ? 0 : offset_pos, &status); STRPOS_CHECK_STATUS(status, "Invalid search offset"); } if(last) { - char_pos = usearch_last(src, &status); - if(char_pos < offset_pos) { - /* last one is beyound our start offset */ - char_pos = USEARCH_DONE; + if (offset >= 0) { + char_pos = usearch_last(src, &status); + if(char_pos < offset_pos) { + /* last one is beyond our start offset */ + char_pos = USEARCH_DONE; + } + } else { + /* searching backwards is broken, so we search forwards, albeit it's less efficient */ + int32_t prev_pos = USEARCH_DONE; + do { + char_pos = usearch_next(src, &status); + if (char_pos == USEARCH_DONE || char_pos > offset_pos) { + char_pos = prev_pos; + break; + } + prev_pos = char_pos; + } while(1); } } else { char_pos = usearch_next(src, &status); diff -Nru php7.4-7.4.21/ext/intl/locale/locale_methods.c php7.4-7.4.25/ext/intl/locale/locale_methods.c --- php7.4-7.4.21/ext/intl/locale/locale_methods.c 2021-06-29 15:17:24.000000000 +0000 +++ php7.4-7.4.25/ext/intl/locale/locale_methods.c 2021-10-19 15:18:19.000000000 +0000 @@ -149,7 +149,7 @@ zend_off_t i; for(i=savedPos-1; i>=0; i--) { - if(isIDSeparator(*(str+i)) ){ + if(isIDSeparator(*(str+i)) || isKeywordSeparator(*(str+i))){ /* delimiter found; check for singleton */ if(i>=2 && isIDSeparator(*(str+i-2)) ){ /* a singleton; so send the position of token before the singleton */ diff -Nru php7.4-7.4.21/ext/intl/tests/bug68471.phpt php7.4-7.4.25/ext/intl/tests/bug68471.phpt --- php7.4-7.4.21/ext/intl/tests/bug68471.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/intl/tests/bug68471.phpt 2021-10-19 15:18:19.000000000 +0000 @@ -0,0 +1,19 @@ +--TEST-- +Bug #68471 (IntlDateFormatter fails for "GMT+00:00" timezone) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +object(IntlDateFormatter)#1 (0) { +} diff -Nru php7.4-7.4.21/ext/intl/tests/bug74264.phpt php7.4-7.4.25/ext/intl/tests/bug74264.phpt --- php7.4-7.4.21/ext/intl/tests/bug74264.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/intl/tests/bug74264.phpt 2021-10-19 15:18:19.000000000 +0000 @@ -0,0 +1,26 @@ +--TEST-- +Bug #74264 (grapheme_sttrpos() broken for negative offsets) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +bool(false) +bool(false) +int(3) +int(3) +int(4) +int(4) +int(5) +int(5) +int(6) +int(6) diff -Nru php7.4-7.4.21/ext/intl/tests/locale/bug72809.phpt php7.4-7.4.25/ext/intl/tests/locale/bug72809.phpt --- php7.4-7.4.21/ext/intl/tests/locale/bug72809.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/intl/tests/locale/bug72809.phpt 2021-10-19 15:18:19.000000000 +0000 @@ -0,0 +1,18 @@ +--TEST-- +Bug #72809 (Locale::lookup() wrong result with canonicalize option) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +string(5) "en_us" +string(5) "en_US" +string(5) "en_us" diff -Nru php7.4-7.4.21/ext/intl/timezone/timezone_class.cpp php7.4-7.4.25/ext/intl/timezone/timezone_class.cpp --- php7.4-7.4.21/ext/intl/timezone/timezone_class.cpp 2021-06-29 15:17:25.000000000 +0000 +++ php7.4-7.4.25/ext/intl/timezone/timezone_class.cpp 2021-10-19 15:18:20.000000000 +0000 @@ -176,8 +176,7 @@ return timezone_convert_datetimezone(tzobj->type, tzobj, 0, outside_error, func); } else { - UnicodeString id, - gottenId; + UnicodeString id; UErrorCode status = U_ZERO_ERROR; /* outside_error may be NULL */ if (!try_convert_to_string(zv_timezone)) { zval_ptr_dtor_str(&local_zv_tz); @@ -204,7 +203,7 @@ zval_ptr_dtor_str(&local_zv_tz); return NULL; } - if (timeZone->getID(gottenId) != id) { + if (*timeZone == TimeZone::getUnknown()) { spprintf(&message, 0, "%s: no such time zone: '%s'", func, Z_STRVAL_P(zv_timezone)); if (message) { diff -Nru php7.4-7.4.21/ext/mysqli/mysqli_api.c php7.4-7.4.25/ext/mysqli/mysqli_api.c --- php7.4-7.4.21/ext/mysqli/mysqli_api.c 2021-06-29 15:17:19.000000000 +0000 +++ php7.4-7.4.25/ext/mysqli/mysqli_api.c 2021-10-19 15:18:14.000000000 +0000 @@ -1971,7 +1971,7 @@ } MYSQLI_FETCH_RESOURCE_CONN(mysql, mysql_link, MYSQLI_STATUS_VALID); - newstr = zend_string_alloc(2 * escapestr_len, 0); + newstr = zend_string_safe_alloc(2, escapestr_len, 0, 0); ZSTR_LEN(newstr) = mysql_real_escape_string_quote(mysql->mysql, ZSTR_VAL(newstr), escapestr, escapestr_len, '\''); newstr = zend_string_truncate(newstr, ZSTR_LEN(newstr), 0); diff -Nru php7.4-7.4.21/ext/mysqli/tests/mysqli_next_result_no_repeat_error.phpt php7.4-7.4.25/ext/mysqli/tests/mysqli_next_result_no_repeat_error.phpt --- php7.4-7.4.21/ext/mysqli/tests/mysqli_next_result_no_repeat_error.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/mysqli/tests/mysqli_next_result_no_repeat_error.phpt 2021-10-19 15:18:13.000000000 +0000 @@ -0,0 +1,28 @@ +--TEST-- +next_result reports errors from previous calls +--EXTENSIONS-- +mysqli +--SKIPIF-- + +--FILE-- +query("Syntax Error"); +} catch (mysqli_sql_exception $e) { +} +$mysqli->next_result(); + +print "done!"; + +?> +--EXPECTF-- +done! diff -Nru php7.4-7.4.21/ext/mysqli/tests/mysqli_report.phpt php7.4-7.4.25/ext/mysqli/tests/mysqli_report.phpt --- php7.4-7.4.21/ext/mysqli/tests/mysqli_report.phpt 2021-06-29 15:17:18.000000000 +0000 +++ php7.4-7.4.25/ext/mysqli/tests/mysqli_report.phpt 2021-10-19 15:18:14.000000000 +0000 @@ -331,14 +331,10 @@ Warning: mysqli_stmt_prepare(): (%s/%d): Commands out of sync; you can't run this command now in %s on line %d -Warning: mysqli_next_result(): (%s/%d): Commands out of sync; you can't run this command now in %s on line %d - Warning: mysqli_next_result(): (%s/%d): You have an error in your SQL syntax; check the manual that corresponds to your %s server version for the right syntax to use near 'FOO' at line 1 in %s on line %d Warning: mysqli_store_result(): (%s/%d): You have an error in your SQL syntax; check the manual that corresponds to your %s server version for the right syntax to use near 'FOO' at line 1 in %s on line %d -Warning: mysqli_next_result(): (%s/%d): You have an error in your SQL syntax; check the manual that corresponds to your %s server version for the right syntax to use near 'FOO' at line 1 in %s on line %d - Warning: mysqli_stmt_attr_set(): (%s/%d): Not implemented in %s on line %d Warning: mysqli_kill(): processid should have positive value in %s on line %d diff -Nru php7.4-7.4.21/ext/mysqlnd/mysqlnd_connection.c php7.4-7.4.25/ext/mysqlnd/mysqlnd_connection.c --- php7.4-7.4.21/ext/mysqlnd/mysqlnd_connection.c 2021-06-29 15:17:18.000000000 +0000 +++ php7.4-7.4.25/ext/mysqlnd/mysqlnd_connection.c 2021-10-19 15:18:13.000000000 +0000 @@ -1481,13 +1481,14 @@ DBG_ENTER("mysqlnd_conn_data::next_result"); DBG_INF_FMT("conn=%llu", conn->thread_id); + SET_EMPTY_ERROR(conn->error_info); + if (PASS == conn->m->local_tx_start(conn, this_func)) { do { if (GET_CONNECTION_STATE(&conn->state) != CONN_NEXT_RESULT_PENDING) { break; } - SET_EMPTY_ERROR(conn->error_info); UPSERT_STATUS_SET_AFFECTED_ROWS_TO_ERROR(conn->upsert_status); /* We are sure that there is a result set, since conn->state is set accordingly diff -Nru php7.4-7.4.21/ext/opcache/ZendAccelerator.c php7.4-7.4.25/ext/opcache/ZendAccelerator.c --- php7.4-7.4.21/ext/opcache/ZendAccelerator.c 2021-06-29 15:17:16.000000000 +0000 +++ php7.4-7.4.25/ext/opcache/ZendAccelerator.c 2021-10-19 15:18:11.000000000 +0000 @@ -4490,6 +4490,20 @@ } } ZEND_HASH_FOREACH_END(); + if (Z_TYPE(EG(user_error_handler)) != IS_UNDEF) { + zval_ptr_dtor(&EG(user_error_handler)); + ZVAL_UNDEF(&EG(user_error_handler)); + } + + if (Z_TYPE(EG(user_exception_handler)) != IS_UNDEF) { + zval_ptr_dtor(&EG(user_exception_handler)); + ZVAL_UNDEF(&EG(user_exception_handler)); + } + + zend_stack_clean(&EG(user_error_handlers_error_reporting), NULL, 1); + zend_stack_clean(&EG(user_error_handlers), (void (*)(void *))ZVAL_PTR_DTOR, 1); + zend_stack_clean(&EG(user_exception_handlers), (void (*)(void *))ZVAL_PTR_DTOR, 1); + CG(map_ptr_last) = orig_map_ptr_last; if (EG(full_tables_cleanup)) { diff -Nru php7.4-7.4.21/ext/opcache/shared_alloc_win32.c php7.4-7.4.25/ext/opcache/shared_alloc_win32.c --- php7.4-7.4.21/ext/opcache/shared_alloc_win32.c 2021-06-29 15:17:16.000000000 +0000 +++ php7.4-7.4.25/ext/opcache/shared_alloc_win32.c 2021-10-19 15:18:11.000000000 +0000 @@ -70,8 +70,19 @@ static char *create_name_with_username(char *name) { - static char newname[MAXPATHLEN + 32 + 4 + 1 + 32 + 21]; - snprintf(newname, sizeof(newname) - 1, "%s@%.32s@%.20s@%.32s", name, accel_uname_id, sapi_module.name, accel_system_id); + static char newname[MAXPATHLEN + 1 + 32 + 1 + 20 + 1 + 32 + 1]; + char *p = newname; + p += strlcpy(newname, name, MAXPATHLEN + 1); + *(p++) = '@'; + memcpy(p, accel_uname_id, 32); + p += 32; + *(p++) = '@'; + p += strlcpy(p, sapi_module.name, 21); + *(p++) = '@'; + memcpy(p, accel_system_id, 32); + p += 32; + *(p++) = '\0'; + ZEND_ASSERT(p - newname <= sizeof(newname)); return newname; } diff -Nru php7.4-7.4.21/ext/opcache/tests/preload_error_handler.inc php7.4-7.4.25/ext/opcache/tests/preload_error_handler.inc --- php7.4-7.4.21/ext/opcache/tests/preload_error_handler.inc 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/opcache/tests/preload_error_handler.inc 2021-10-19 15:18:11.000000000 +0000 @@ -0,0 +1,8 @@ + +--FILE-- +===DONE=== +--EXPECTF-- +Warning: Can't preload unlinked class B: Unknown parent A in %s on line %d +===DONE=== diff -Nru php7.4-7.4.21/ext/opcache/tests/preload_error_handler_ind.inc php7.4-7.4.25/ext/opcache/tests/preload_error_handler_ind.inc --- php7.4-7.4.21/ext/opcache/tests/preload_error_handler_ind.inc 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/opcache/tests/preload_error_handler_ind.inc 2021-10-19 15:18:11.000000000 +0000 @@ -0,0 +1,4 @@ += 0x10100 && !defined (LIBRESSL_VERSION_NUMBER) + ASN1_INTEGER_set_int64(X509_get_serialNumber(new_cert), serial); +#else + ASN1_INTEGER_set(X509_get_serialNumber(new_cert), serial); +#endif X509_set_subject_name(new_cert, X509_REQ_get_subject_name(csr)); diff -Nru php7.4-7.4.21/ext/openssl/tests/bug52093.phpt php7.4-7.4.25/ext/openssl/tests/bug52093.phpt --- php7.4-7.4.21/ext/openssl/tests/bug52093.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/openssl/tests/bug52093.phpt 2021-10-19 15:18:11.000000000 +0000 @@ -0,0 +1,24 @@ +--TEST-- +Bug #52093 (openssl_csr_sign truncates $serial) +--SKIPIF-- + +--FILE-- + "BR", + "stateOrProvinceName" => "Rio Grande do Sul", + "localityName" => "Porto Alegre", + "commonName" => "Henrique do N. Angelo", + "emailAddress" => "hnangelo@php.net" +); + +$privkey = openssl_pkey_new(); +$csr = openssl_csr_new($dn, $privkey); +$cert = openssl_csr_sign($csr, null, $privkey, 365, [], PHP_INT_MAX); +var_dump(openssl_x509_parse($cert)['serialNumber']); +?> +--EXPECT-- +string(19) "9223372036854775807" diff -Nru php7.4-7.4.21/ext/pcre/php_pcre.c php7.4-7.4.25/ext/pcre/php_pcre.c --- php7.4-7.4.21/ext/pcre/php_pcre.c 2021-06-29 15:17:25.000000000 +0000 +++ php7.4-7.4.25/ext/pcre/php_pcre.c 2021-10-19 15:18:20.000000000 +0000 @@ -570,7 +570,11 @@ PHPAPI pcre_cache_entry* pcre_get_compiled_regex_cache_ex(zend_string *regex, int locale_aware) { pcre2_code *re = NULL; +#if 10 == PCRE2_MAJOR && 37 == PCRE2_MINOR + uint32_t coptions = PCRE2_NO_START_OPTIMIZE; +#else uint32_t coptions = 0; +#endif uint32_t extra_coptions = PHP_PCRE_DEFAULT_EXTRA_COPTIONS; PCRE2_UCHAR error[128]; PCRE2_SIZE erroffset; @@ -1715,7 +1719,7 @@ } if (new_len >= alloc_len) { - alloc_len = zend_safe_address_guarded(2, new_len, alloc_len); + alloc_len = zend_safe_address_guarded(2, new_len, 0); if (result == NULL) { result = zend_string_alloc(alloc_len, 0); } else { @@ -1801,14 +1805,12 @@ result = zend_string_copy(subject_str); break; } - new_len = result_len + subject_len - last_end_offset; - if (new_len >= alloc_len) { - alloc_len = new_len; /* now we know exactly how long it is */ - if (NULL != result) { - result = zend_string_realloc(result, alloc_len, 0); - } else { - result = zend_string_alloc(alloc_len, 0); - } + /* now we know exactly how long it is */ + alloc_len = result_len + subject_len - last_end_offset; + if (NULL != result) { + result = zend_string_realloc(result, alloc_len, 0); + } else { + result = zend_string_alloc(alloc_len, 0); } /* stick that last bit of string on our output */ memcpy(ZSTR_VAL(result) + result_len, piece, subject_len - last_end_offset); @@ -1955,7 +1957,7 @@ ZEND_ASSERT(eval_result); new_len = zend_safe_address_guarded(1, ZSTR_LEN(eval_result), new_len); if (new_len >= alloc_len) { - alloc_len = zend_safe_address_guarded(2, new_len, alloc_len); + alloc_len = zend_safe_address_guarded(2, new_len, 0); if (result == NULL) { result = zend_string_alloc(alloc_len, 0); } else { @@ -2012,14 +2014,12 @@ result = zend_string_copy(subject_str); break; } - new_len = result_len + subject_len - last_end_offset; - if (new_len >= alloc_len) { - alloc_len = new_len; /* now we know exactly how long it is */ - if (NULL != result) { - result = zend_string_realloc(result, alloc_len, 0); - } else { - result = zend_string_alloc(alloc_len, 0); - } + /* now we know exactly how long it is */ + alloc_len = result_len + subject_len - last_end_offset; + if (NULL != result) { + result = zend_string_realloc(result, alloc_len, 0); + } else { + result = zend_string_alloc(alloc_len, 0); } /* stick that last bit of string on our output */ memcpy(ZSTR_VAL(result) + result_len, piece, subject_len - last_end_offset); diff -Nru php7.4-7.4.21/ext/pcre/tests/bug75539.phpt php7.4-7.4.25/ext/pcre/tests/bug75539.phpt --- php7.4-7.4.21/ext/pcre/tests/bug75539.phpt 2021-06-29 15:17:25.000000000 +0000 +++ php7.4-7.4.25/ext/pcre/tests/bug75539.phpt 2021-10-19 15:18:20.000000000 +0000 @@ -1,5 +1,11 @@ --TEST-- Bug #75539 - Recursive call errors are not reported by preg_last_error() +--SKIPIF-- + --FILE-- +--EXPECT-- +array(2) { + [0]=> + string(29) "\SomethingRepositoryInterface" + [1]=> + string(28) "SomethingRepositoryInterface" +} +array(2) { + [0]=> + string(18) "\NotFoundException" + [1]=> + string(17) "NotFoundException" +} diff -Nru php7.4-7.4.21/ext/pcre/tests/bug81243.phpt php7.4-7.4.25/ext/pcre/tests/bug81243.phpt --- php7.4-7.4.21/ext/pcre/tests/bug81243.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/pcre/tests/bug81243.phpt 2021-10-19 15:18:20.000000000 +0000 @@ -0,0 +1,21 @@ +--TEST-- +Bug #81243 (Too much memory is allocated for preg_replace()) +--FILE-- + +--EXPECT-- +bool(true) +bool(true) diff -Nru php7.4-7.4.21/ext/pdo_odbc/odbc_stmt.c php7.4-7.4.25/ext/pdo_odbc/odbc_stmt.c --- php7.4-7.4.21/ext/pdo_odbc/odbc_stmt.c 2021-06-29 15:17:16.000000000 +0000 +++ php7.4-7.4.25/ext/pdo_odbc/odbc_stmt.c 2021-10-19 15:18:12.000000000 +0000 @@ -501,26 +501,23 @@ zval_ptr_dtor(parameter); ZVAL_NULL(parameter); - switch (P->len) { - case SQL_NULL_DATA: - break; - default: - switch (pdo_odbc_ucs22utf8(stmt, P->is_unicode, P->outbuf, P->len, &ulen)) { - case PDO_ODBC_CONV_FAIL: - /* something fishy, but allow it to come back as binary */ - case PDO_ODBC_CONV_NOT_REQUIRED: - srcbuf = P->outbuf; - srclen = P->len; - break; - case PDO_ODBC_CONV_OK: - srcbuf = S->convbuf; - srclen = ulen; - break; - } + if (P->len >= 0) { + switch (pdo_odbc_ucs22utf8(stmt, P->is_unicode, P->outbuf, P->len, &ulen)) { + case PDO_ODBC_CONV_FAIL: + /* something fishy, but allow it to come back as binary */ + case PDO_ODBC_CONV_NOT_REQUIRED: + srcbuf = P->outbuf; + srclen = P->len; + break; + case PDO_ODBC_CONV_OK: + srcbuf = S->convbuf; + srclen = ulen; + break; + } - ZVAL_NEW_STR(parameter, zend_string_alloc(srclen, 0)); - memcpy(Z_STRVAL_P(parameter), srcbuf, srclen); - Z_STRVAL_P(parameter)[Z_STRLEN_P(parameter)] = '\0'; + ZVAL_NEW_STR(parameter, zend_string_alloc(srclen, 0)); + memcpy(Z_STRVAL_P(parameter), srcbuf, srclen); + Z_STRVAL_P(parameter)[Z_STRLEN_P(parameter)] = '\0'; } } return 1; diff -Nru php7.4-7.4.21/ext/phar/phar_object.c php7.4-7.4.25/ext/phar/phar_object.c --- php7.4-7.4.21/ext/phar/phar_object.c 2021-06-29 15:17:20.000000000 +0000 +++ php7.4-7.4.25/ext/phar/phar_object.c 2021-10-19 15:18:15.000000000 +0000 @@ -1418,6 +1418,7 @@ zend_class_entry *ce = p_obj->c; phar_archive_object *phar_obj = p_obj->p; php_stream_statbuf ssb; + char ch; value = iter->funcs->get_current_data(iter); @@ -1541,7 +1542,7 @@ base = temp; base_len = strlen(base); - if (strstr(fname, base)) { + if (fname_len >= base_len && strncmp(fname, base, base_len) == 0 && ((ch = fname[base_len - IS_SLASH(base[base_len - 1])]) == '\0' || IS_SLASH(ch))) { str_key_len = fname_len - base_len; if (str_key_len <= 0) { diff -Nru php7.4-7.4.21/ext/phar/tests/bug81211.phpt php7.4-7.4.25/ext/phar/tests/bug81211.phpt --- php7.4-7.4.21/ext/phar/tests/bug81211.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/phar/tests/bug81211.phpt 2021-10-19 15:18:15.000000000 +0000 @@ -0,0 +1,45 @@ +--TEST-- +Bug #81211 (Symlinks are followed when creating PHAR archive) +--SKIPIF-- + +--FILE-- +buildFromDirectory(__DIR__ . '/bug81211/foo'); +} catch (UnexpectedValueException $ex) { + echo $ex->getMessage(), PHP_EOL; +} +try { + $archive->buildFromIterator(new RecursiveDirectoryIterator(__DIR__ . '/bug81211/foo', FilesystemIterator::SKIP_DOTS), __DIR__ . '/bug81211/foo'); +} catch (UnexpectedValueException $ex) { + echo $ex->getMessage(), PHP_EOL; +} +?> +--CLEAN-- + +--EXPECTF-- +Iterator RecursiveIteratorIterator returned a path "%s%ebug81211%efoobar%efile" that is not in the base directory "%s%ebug81211%efoo" +Iterator RecursiveDirectoryIterator returned a path "%s%ebug81211%efoobar%efile" that is not in the base directory "%s%ebug81211%efoo" diff -Nru php7.4-7.4.21/ext/shmop/shmop.c php7.4-7.4.25/ext/shmop/shmop.c --- php7.4-7.4.21/ext/shmop/shmop.c 2021-06-29 15:17:19.000000000 +0000 +++ php7.4-7.4.25/ext/shmop/shmop.c 2021-10-19 15:18:14.000000000 +0000 @@ -251,7 +251,7 @@ RETURN_FALSE; } - if (count < 0 || start > (INT_MAX - count) || start + count > shmop->size) { + if (count < 0 || start > (ZEND_LONG_MAX - count) || start + count > shmop->size) { php_error_docref(NULL, E_WARNING, "count is out of range"); RETURN_FALSE; } diff -Nru php7.4-7.4.21/ext/shmop/tests/bug81407.phpt php7.4-7.4.25/ext/shmop/tests/bug81407.phpt --- php7.4-7.4.21/ext/shmop/tests/bug81407.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/shmop/tests/bug81407.phpt 2021-10-19 15:18:14.000000000 +0000 @@ -0,0 +1,19 @@ +--TEST-- +Bug #81407 (shmop_open won't attach and causes php to crash) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +bool(true) +bool(true) diff -Nru php7.4-7.4.21/ext/sockets/tests/socket_set_block-retval.phpt php7.4-7.4.25/ext/sockets/tests/socket_set_block-retval.phpt --- php7.4-7.4.21/ext/sockets/tests/socket_set_block-retval.phpt 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/ext/sockets/tests/socket_set_block-retval.phpt 2021-10-19 15:18:10.000000000 +0000 @@ -9,11 +9,11 @@ --FILE-- elements != NULL) { + zend_long i; + zval *elements = array->elements; + zend_long old_size = array->size; - for (i = 0; i < array->size; i++) { - zval_ptr_dtor(&(array->elements[i])); - } - - if (array->elements) { - efree(array->elements); array->elements = NULL; + array->size = 0; + + for (i = 0; i < old_size; i++) { + zval_ptr_dtor(&(elements[i])); + } + + efree(elements); + return; } } else if (size > array->size) { array->elements = safe_erealloc(array->elements, size, sizeof(zval), 0); @@ -389,10 +394,12 @@ zend_throw_exception(spl_ce_RuntimeException, "Index invalid or out of range", 0); return; } else { - if (!Z_ISUNDEF(intern->array.elements[index])) { - zval_ptr_dtor(&(intern->array.elements[index])); - } - ZVAL_COPY_DEREF(&intern->array.elements[index], value); + /* Fix #81429 */ + zval *ptr = &(intern->array.elements[index]); + zval tmp; + ZVAL_COPY_VALUE(&tmp, ptr); + ZVAL_COPY_DEREF(ptr, value); + zval_ptr_dtor(&tmp); } } /* }}} */ diff -Nru php7.4-7.4.21/ext/spl/tests/SplFixedArray_setSize_destruct.phpt php7.4-7.4.25/ext/spl/tests/SplFixedArray_setSize_destruct.phpt --- php7.4-7.4.21/ext/spl/tests/SplFixedArray_setSize_destruct.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/spl/tests/SplFixedArray_setSize_destruct.phpt 2021-10-19 15:18:16.000000000 +0000 @@ -0,0 +1,55 @@ +--TEST-- +SplFixedArray::setSize in offsetSet destructor (#81429) +--FILE-- +offsetSet(0, new HasDestructor()); +$values->offsetSet(0, false); +echo "Done\n"; + +class HasDestructor { + public function __destruct() { + global $values; + var_dump($values); + $values->setSize($values->getSize() - 1); + var_dump($values); + } +} + +$values->setSize(5); +$values->offsetSet(4, new HasDestructor()); +echo "Done\n"; +--EXPECT-- +object(SplFixedArray)#1 (1) { + [0]=> + bool(false) +} +object(SplFixedArray)#1 (1) { + [0]=> + bool(false) +} +Done +Done +object(SplFixedArray)#1 (5) { + [0]=> + NULL + [1]=> + NULL + [2]=> + NULL + [3]=> + NULL + [4]=> + object(HasDestructor)#2 (0) { + } +} +object(SplFixedArray)#1 (4) { + [0]=> + NULL + [1]=> + NULL + [2]=> + NULL + [3]=> + NULL +} diff -Nru php7.4-7.4.21/ext/spl/tests/bug80663.phpt php7.4-7.4.25/ext/spl/tests/bug80663.phpt --- php7.4-7.4.21/ext/spl/tests/bug80663.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/spl/tests/bug80663.phpt 2021-10-19 15:18:16.000000000 +0000 @@ -0,0 +1,15 @@ +--TEST-- +Bug #80663 (Recursive SplFixedArray::setSize() may cause double-free) +--FILE-- +setSize(0); + } +} + +$obj = new SplFixedArray(1000); +$obj[0] = new InvalidDestructor(); +$obj->setSize(0); +?> +--EXPECT-- diff -Nru php7.4-7.4.21/ext/standard/dns_win32.c php7.4-7.4.25/ext/standard/dns_win32.c --- php7.4-7.4.21/ext/standard/dns_win32.c 2021-06-29 15:17:24.000000000 +0000 +++ php7.4-7.4.25/ext/standard/dns_win32.c 2021-10-19 15:18:19.000000000 +0000 @@ -223,18 +223,18 @@ array_init(&entries); for (i = 0; i < count; i++) { - txt_len += strlen(data_txt->pStringArray[i]) + 1; + txt_len += strlen(data_txt->pStringArray[i]); } - txt = zend_string_safe_alloc(txt_len, 2, 0, 0); - txt_dst = txt->val; + txt = zend_string_alloc(txt_len, 0); + txt_dst = ZSTR_VAL(txt); for (i = 0; i < count; i++) { size_t len = strlen(data_txt->pStringArray[i]); memcpy(txt_dst, data_txt->pStringArray[i], len); add_next_index_stringl(&entries, data_txt->pStringArray[i], len); txt_dst += len; } - txt->len = txt_dst - txt->val; + *txt_dst = '\0'; add_assoc_str(subarray, "txt", txt); add_assoc_zval(subarray, "entries", &entries); } diff -Nru php7.4-7.4.21/ext/standard/filestat.c php7.4-7.4.25/ext/standard/filestat.c --- php7.4-7.4.21/ext/standard/filestat.c 2021-06-29 15:17:22.000000000 +0000 +++ php7.4-7.4.25/ext/standard/filestat.c 2021-10-19 15:18:17.000000000 +0000 @@ -183,18 +183,22 @@ PHP_FUNCTION(disk_total_space) { double bytestotal; - char *path; + char *path, fullpath[MAXPATHLEN]; size_t path_len; ZEND_PARSE_PARAMETERS_START(1, 1) Z_PARAM_PATH(path, path_len) ZEND_PARSE_PARAMETERS_END(); - if (php_check_open_basedir(path)) { + if (!expand_filepath(path, fullpath)) { RETURN_FALSE; } - if (php_disk_total_space(path, &bytestotal) == SUCCESS) { + if (php_check_open_basedir(fullpath)) { + RETURN_FALSE; + } + + if (php_disk_total_space(fullpath, &bytestotal) == SUCCESS) { RETURN_DOUBLE(bytestotal); } RETURN_FALSE; @@ -278,18 +282,22 @@ PHP_FUNCTION(disk_free_space) { double bytesfree; - char *path; + char *path, fullpath[MAXPATHLEN]; size_t path_len; ZEND_PARSE_PARAMETERS_START(1, 1) Z_PARAM_PATH(path, path_len) ZEND_PARSE_PARAMETERS_END(); - if (php_check_open_basedir(path)) { + if (!expand_filepath(path, fullpath)) { + RETURN_FALSE; + } + + if (php_check_open_basedir(fullpath)) { RETURN_FALSE; } - if (php_disk_free_space(path, &bytesfree) == SUCCESS) { + if (php_disk_free_space(fullpath, &bytesfree) == SUCCESS) { RETURN_DOUBLE(bytesfree); } RETURN_FALSE; diff -Nru php7.4-7.4.21/ext/standard/flock_compat.c php7.4-7.4.25/ext/standard/flock_compat.c --- php7.4-7.4.21/ext/standard/flock_compat.c 2021-06-29 15:17:24.000000000 +0000 +++ php7.4-7.4.25/ext/standard/flock_compat.c 2021-10-19 15:18:19.000000000 +0000 @@ -116,7 +116,7 @@ */ { HANDLE hdl = (HANDLE) _get_osfhandle(fd); - DWORD low = 1, high = 0; + DWORD low = 0xFFFFFFFF, high = 0xFFFFFFFF; OVERLAPPED offset = {0, 0, 0, 0, NULL}; DWORD err; diff -Nru php7.4-7.4.21/ext/standard/image.c php7.4-7.4.25/ext/standard/image.c --- php7.4-7.4.21/ext/standard/image.c 2021-06-29 15:17:24.000000000 +0000 +++ php7.4-7.4.25/ext/standard/image.c 2021-10-19 15:18:19.000000000 +0000 @@ -1116,6 +1116,12 @@ num_icons--; } + if (0 == result->width) + result->width = 256; + + if (0 == result->height) + result->height = 256; + return result; } /* }}} */ diff -Nru php7.4-7.4.21/ext/standard/string.c php7.4-7.4.25/ext/standard/string.c --- php7.4-7.4.21/ext/standard/string.c 2021-06-29 15:17:24.000000000 +0000 +++ php7.4-7.4.25/ext/standard/string.c 2021-10-19 15:18:19.000000000 +0000 @@ -2664,7 +2664,9 @@ } } - if ((f + l) > (zend_long)ZSTR_LEN(orig_str)) { + ZEND_ASSERT(0 <= f && f <= ZEND_LONG_MAX); + ZEND_ASSERT(0 <= l && l <= ZEND_LONG_MAX); + if (((size_t) f + l) > ZSTR_LEN(orig_str)) { l = ZSTR_LEN(orig_str) - f; } diff -Nru php7.4-7.4.21/ext/standard/tests/dir/bug71542.phpt php7.4-7.4.25/ext/standard/tests/dir/bug71542.phpt --- php7.4-7.4.21/ext/standard/tests/dir/bug71542.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/dir/bug71542.phpt 2021-10-19 15:18:17.000000000 +0000 @@ -0,0 +1,14 @@ +--TEST-- +Bug #71542 (disk_total_space does not work with relative paths) +--FILE-- + +--EXPECT-- +bool(true) +bool(true) diff -Nru php7.4-7.4.21/ext/standard/tests/file/bug81145.phpt php7.4-7.4.25/ext/standard/tests/file/bug81145.phpt --- php7.4-7.4.21/ext/standard/tests/file/bug81145.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/file/bug81145.phpt 2021-10-19 15:18:18.000000000 +0000 @@ -0,0 +1,51 @@ +--TEST-- +Bug #81145 (copy() and stream_copy_to_stream() fail for +4GB files) +--SKIPIF-- + +--FILE-- + +--CLEAN-- + +--EXPECT-- +Identical diff -Nru php7.4-7.4.21/ext/standard/tests/file/bug81223.phpt php7.4-7.4.25/ext/standard/tests/file/bug81223.phpt --- php7.4-7.4.21/ext/standard/tests/file/bug81223.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/file/bug81223.phpt 2021-10-19 15:18:18.000000000 +0000 @@ -0,0 +1,24 @@ +--TEST-- +Bug #81223 (flock() only locks first byte of file) +--SKIPIF-- + +--FILE-- + +--EXPECTF-- +bool(true) + +Notice: fread(): read of %d bytes failed with errno=13 Permission denied in %s on line %d +bool(false) + +Notice: fread(): read of %d bytes failed with errno=13 Permission denied in %s on line %d +bool(false) diff -Nru php7.4-7.4.21/ext/standard/tests/filters/bug81294.phpt php7.4-7.4.25/ext/standard/tests/filters/bug81294.phpt --- php7.4-7.4.21/ext/standard/tests/filters/bug81294.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/filters/bug81294.phpt 2021-10-19 15:18:18.000000000 +0000 @@ -0,0 +1,24 @@ +--TEST-- +Bug #81294 (Segfault when removing a filter) +--SKIPIF-- + +--FILE-- + +--CLEAN-- + +--EXPECT-- +string(16) "%2BV-.%01%00grfg" diff -Nru php7.4-7.4.21/ext/standard/tests/filters/bug81302.phpt php7.4-7.4.25/ext/standard/tests/filters/bug81302.phpt --- php7.4-7.4.21/ext/standard/tests/filters/bug81302.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/filters/bug81302.phpt 2021-10-19 15:18:18.000000000 +0000 @@ -0,0 +1,20 @@ +--TEST-- +Bug #81302 (Stream position after stream filter removed) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +bool(true) diff -Nru php7.4-7.4.21/ext/standard/tests/filters/bug81475.phpt php7.4-7.4.25/ext/standard/tests/filters/bug81475.phpt --- php7.4-7.4.21/ext/standard/tests/filters/bug81475.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/filters/bug81475.phpt 2021-10-19 15:18:18.000000000 +0000 @@ -0,0 +1,10 @@ +--TEST-- +Bug #81475 (stream_isatty emits warning with attached stream wrapper) +--FILE-- + +--EXPECT-- +bool(false) Binary files /srv/release.debian.org/tmp/1dFtg2tvlP/php7.4-7.4.21/ext/standard/tests/image/32x256.ico and /srv/release.debian.org/tmp/Qn_X03_Z3B/php7.4-7.4.25/ext/standard/tests/image/32x256.ico differ diff -Nru php7.4-7.4.21/ext/standard/tests/image/getimagesize_256_ico.phpt php7.4-7.4.25/ext/standard/tests/image/getimagesize_256_ico.phpt --- php7.4-7.4.21/ext/standard/tests/image/getimagesize_256_ico.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/image/getimagesize_256_ico.phpt 2021-10-19 15:18:17.000000000 +0000 @@ -0,0 +1,26 @@ +--TEST-- +GetImageSize() for ico format with 256px height +--FILE-- + +===DONE=== +--EXPECT-- +*** Testing getimagesize() : 256px ico *** +array(6) { + [0]=> + int(32) + [1]=> + int(256) + [2]=> + int(17) + [3]=> + string(23) "width="32" height="256"" + ["bits"]=> + int(8) + ["mime"]=> + string(24) "image/vnd.microsoft.icon" +} +===DONE=== diff -Nru php7.4-7.4.21/ext/standard/tests/serialize/bug81163.phpt php7.4-7.4.25/ext/standard/tests/serialize/bug81163.phpt --- php7.4-7.4.21/ext/standard/tests/serialize/bug81163.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/serialize/bug81163.phpt 2021-10-19 15:18:18.000000000 +0000 @@ -0,0 +1,22 @@ +--TEST-- +Test __sleep returns non-array +--FILE-- + +--EXPECTF-- +Notice: serialize(): "private" returned as member variable from __sleep() but does not exist in %s on line %d + diff -Nru php7.4-7.4.21/ext/standard/tests/streams/bug81346.phpt php7.4-7.4.25/ext/standard/tests/streams/bug81346.phpt --- php7.4-7.4.21/ext/standard/tests/streams/bug81346.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/streams/bug81346.phpt 2021-10-19 15:18:17.000000000 +0000 @@ -0,0 +1,21 @@ +--TEST-- +Bug #81346 (Non-seekable streams don't update position after write) +--DESCRIPTION-- +The test expectation is due to bug #81345. +--SKIPIF-- + +--FILE-- + +--CLEAN-- + +--EXPECT-- +int(1100) diff -Nru php7.4-7.4.21/ext/standard/tests/strings/bug72146.phpt php7.4-7.4.25/ext/standard/tests/strings/bug72146.phpt --- php7.4-7.4.21/ext/standard/tests/strings/bug72146.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/standard/tests/strings/bug72146.phpt 2021-10-19 15:18:17.000000000 +0000 @@ -0,0 +1,11 @@ +--TEST-- +Bug #72146 (Integer overflow on substr_replace) +--FILE-- + +--EXPECT-- +array(1) { + [0]=> + string(6) "ABC123" +} diff -Nru php7.4-7.4.21/ext/standard/var.c php7.4-7.4.25/ext/standard/var.c --- php7.4-7.4.21/ext/standard/var.c 2021-06-29 15:17:24.000000000 +0000 +++ php7.4-7.4.25/ext/standard/var.c 2021-10-19 15:18:19.000000000 +0000 @@ -825,7 +825,7 @@ zend_hash_init(ht, zend_hash_num_elements(sleep_retval), NULL, ZVAL_PTR_DTOR, 0); /* TODO: Rewrite this by fetching the property info instead of trying out different * name manglings? */ - ZEND_HASH_FOREACH_VAL(sleep_retval, name_val) { + ZEND_HASH_FOREACH_VAL_IND(sleep_retval, name_val) { zend_string *name, *tmp_name, *priv_name, *prot_name; ZVAL_DEREF(name_val); diff -Nru php7.4-7.4.21/ext/sysvmsg/sysvmsg.c php7.4-7.4.25/ext/sysvmsg/sysvmsg.c --- php7.4-7.4.21/ext/sysvmsg/sysvmsg.c 2021-06-29 15:17:20.000000000 +0000 +++ php7.4-7.4.25/ext/sysvmsg/sysvmsg.c 2021-10-19 15:18:15.000000000 +0000 @@ -414,7 +414,7 @@ sysvmsg_queue_t * mq = NULL; struct php_msgbuf * messagebuffer = NULL; /* buffer to transmit */ int result; - int message_len = 0; + size_t message_len = 0; RETVAL_FALSE; diff -Nru php7.4-7.4.21/ext/xml/compat.c php7.4-7.4.25/ext/xml/compat.c --- php7.4-7.4.21/ext/xml/compat.c 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/xml/compat.c 2021-10-19 15:18:12.000000000 +0000 @@ -565,16 +565,8 @@ { int error; - if (parser->parser->lastError.level >= XML_ERR_WARNING) { - return 0; - } - error = xmlParseChunk(parser->parser, (char *) data, data_len, is_final); - if (error) { - return 0; - } else { - return 1; - } + return !error && parser->parser->lastError.level <= XML_ERR_WARNING; } PHP_XML_API int diff -Nru php7.4-7.4.21/ext/xml/tests/bug70962.phpt php7.4-7.4.25/ext/xml/tests/bug70962.phpt --- php7.4-7.4.21/ext/xml/tests/bug70962.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/xml/tests/bug70962.phpt 2021-10-19 15:18:12.000000000 +0000 @@ -0,0 +1,37 @@ +--TEST-- +Bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace) +--SKIPIF-- + +--FILE-- +<d>\n <e>\n \t"; + +$parsed = parseAndOutput($xml); + +// Check embedded whitespace is not getting skipped. +echo $parsed[1]['value'] . "\n"; + +// Check XML_OPTION_SKIP_WHITE ignores values of tags containing whitespace characters only. +var_dump(isset($parsed[2]['value'])); + +// Check XML_OPTION_SKIP_WHITE ignores empty values. +var_dump(count($parsed)); + +?> +--EXPECT-- + + +bool(false) +int(4) diff -Nru php7.4-7.4.21/ext/xml/tests/bug73135.phpt php7.4-7.4.25/ext/xml/tests/bug73135.phpt --- php7.4-7.4.21/ext/xml/tests/bug73135.phpt 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/xml/tests/bug73135.phpt 2021-10-19 15:18:12.000000000 +0000 @@ -21,6 +21,10 @@ xml_parse($parser, $xml); ?> --EXPECTF-- +Warning: xml_parse(): Parser must not be called recursively in %s%ebug73135.php on line %d + +Warning: xml_parse(): Parser must not be called recursively in %s%ebug73135.php on line %d + Warning: xml_parse(): Unable to call handler ahihi() in %s%ebug73135.php on line %d Warning: xml_parse(): Unable to call handler ahihi() in %s%ebug73135.php on line %d diff -Nru php7.4-7.4.21/ext/xml/tests/bug81351.phpt php7.4-7.4.25/ext/xml/tests/bug81351.phpt --- php7.4-7.4.21/ext/xml/tests/bug81351.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/xml/tests/bug81351.phpt 2021-10-19 15:18:12.000000000 +0000 @@ -0,0 +1,28 @@ +--TEST-- +Bug #81351 (xml_parse may fail, but has no error code) +--SKIPIF-- + +--FILE-- + + + + +XML; + +$parser = xml_parser_create_ns('UTF-8'); +$success = xml_parse($parser, $xml, false); +$code = xml_get_error_code($parser); +$error = xml_error_string($code); +echo "xml_parse returned $success, xml_get_error_code = $code, xml_error_string = $error\r\n"; +$success = xml_parse($parser, 'Y>', true); +$code = xml_get_error_code($parser); +$error = xml_error_string($code); +echo "xml_parse returned $success, xml_get_error_code = $code, xml_error_string = $error\r\n"; +?> +--EXPECT-- +xml_parse returned 1, xml_get_error_code = 0, xml_error_string = No error +xml_parse returned 0, xml_get_error_code = 5, xml_error_string = Invalid document end diff -Nru php7.4-7.4.21/ext/xml/xml.c php7.4-7.4.25/ext/xml/xml.c --- php7.4-7.4.21/ext/xml/xml.c 2021-06-29 15:17:17.000000000 +0000 +++ php7.4-7.4.25/ext/xml/xml.c 2021-10-19 15:18:12.000000000 +0000 @@ -886,72 +886,77 @@ zend_string *decoded_value; decoded_value = xml_utf8_decode(s, len, parser->target_encoding); - for (i = 0; i < ZSTR_LEN(decoded_value); i++) { - switch (ZSTR_VAL(decoded_value)[i]) { - case ' ': - case '\t': - case '\n': - continue; - default: - doprint = 1; + if (parser->skipwhite) { + for (i = 0; i < ZSTR_LEN(decoded_value); i++) { + switch (ZSTR_VAL(decoded_value)[i]) { + case ' ': + case '\t': + case '\n': + continue; + default: + doprint = 1; + break; + } + if (doprint) { break; - } - if (doprint) { - break; + } } } - if (doprint || (! parser->skipwhite)) { - if (parser->lastwasopen) { - zval *myval; - - /* check if the current tag already has a value - if yes append to that! */ - if ((myval = zend_hash_str_find(Z_ARRVAL_P(parser->ctag), "value", sizeof("value") - 1))) { - int newlen = Z_STRLEN_P(myval) + ZSTR_LEN(decoded_value); - Z_STR_P(myval) = zend_string_extend(Z_STR_P(myval), newlen, 0); - strncpy(Z_STRVAL_P(myval) + Z_STRLEN_P(myval) - ZSTR_LEN(decoded_value), - ZSTR_VAL(decoded_value), ZSTR_LEN(decoded_value) + 1); - zend_string_release_ex(decoded_value, 0); - } else { + + if (parser->lastwasopen) { + zval *myval; + + /* check if the current tag already has a value - if yes append to that! */ + if ((myval = zend_hash_str_find(Z_ARRVAL_P(parser->ctag), "value", sizeof("value") - 1))) { + size_t newlen = Z_STRLEN_P(myval) + ZSTR_LEN(decoded_value); + Z_STR_P(myval) = zend_string_extend(Z_STR_P(myval), newlen, 0); + strncpy(Z_STRVAL_P(myval) + Z_STRLEN_P(myval) - ZSTR_LEN(decoded_value), + ZSTR_VAL(decoded_value), ZSTR_LEN(decoded_value) + 1); + zend_string_release_ex(decoded_value, 0); + } else { + if (doprint || (! parser->skipwhite)) { add_assoc_str(parser->ctag, "value", decoded_value); + } else { + zend_string_release_ex(decoded_value, 0); } + } - } else { - zval tag; - zval *curtag, *mytype, *myval; + } else { + zval tag; + zval *curtag, *mytype, *myval; - ZEND_HASH_REVERSE_FOREACH_VAL(Z_ARRVAL(parser->data), curtag) { - if ((mytype = zend_hash_str_find(Z_ARRVAL_P(curtag),"type", sizeof("type") - 1))) { - if (!strcmp(Z_STRVAL_P(mytype), "cdata")) { - if ((myval = zend_hash_str_find(Z_ARRVAL_P(curtag), "value", sizeof("value") - 1))) { - int newlen = Z_STRLEN_P(myval) + ZSTR_LEN(decoded_value); - Z_STR_P(myval) = zend_string_extend(Z_STR_P(myval), newlen, 0); - strncpy(Z_STRVAL_P(myval) + Z_STRLEN_P(myval) - ZSTR_LEN(decoded_value), - ZSTR_VAL(decoded_value), ZSTR_LEN(decoded_value) + 1); - zend_string_release_ex(decoded_value, 0); - return; - } + ZEND_HASH_REVERSE_FOREACH_VAL(Z_ARRVAL(parser->data), curtag) { + if ((mytype = zend_hash_str_find(Z_ARRVAL_P(curtag),"type", sizeof("type") - 1))) { + if (!strcmp(Z_STRVAL_P(mytype), "cdata")) { + if ((myval = zend_hash_str_find(Z_ARRVAL_P(curtag), "value", sizeof("value") - 1))) { + size_t newlen = Z_STRLEN_P(myval) + ZSTR_LEN(decoded_value); + Z_STR_P(myval) = zend_string_extend(Z_STR_P(myval), newlen, 0); + strncpy(Z_STRVAL_P(myval) + Z_STRLEN_P(myval) - ZSTR_LEN(decoded_value), + ZSTR_VAL(decoded_value), ZSTR_LEN(decoded_value) + 1); + zend_string_release_ex(decoded_value, 0); + return; } } - break; - } ZEND_HASH_FOREACH_END(); + } + break; + } ZEND_HASH_FOREACH_END(); - if (parser->level <= XML_MAXLEVEL && parser->level > 0) { - array_init(&tag); + if (parser->level <= XML_MAXLEVEL && parser->level > 0 && (doprint || (! parser->skipwhite))) { + array_init(&tag); - _xml_add_to_info(parser,SKIP_TAGSTART(parser->ltags[parser->level-1])); + _xml_add_to_info(parser,SKIP_TAGSTART(parser->ltags[parser->level-1])); - add_assoc_string(&tag, "tag", SKIP_TAGSTART(parser->ltags[parser->level-1])); - add_assoc_str(&tag, "value", decoded_value); - add_assoc_string(&tag, "type", "cdata"); - add_assoc_long(&tag, "level", parser->level); + add_assoc_string(&tag, "tag", SKIP_TAGSTART(parser->ltags[parser->level-1])); + add_assoc_str(&tag, "value", decoded_value); + add_assoc_string(&tag, "type", "cdata"); + add_assoc_long(&tag, "level", parser->level); - zend_hash_next_index_insert(Z_ARRVAL(parser->data), &tag); - } else if (parser->level == (XML_MAXLEVEL + 1)) { - php_error_docref(NULL, E_WARNING, "Maximum depth exceeded - Results truncated"); - } + zend_hash_next_index_insert(Z_ARRVAL(parser->data), &tag); + } else if (parser->level == (XML_MAXLEVEL + 1)) { + php_error_docref(NULL, E_WARNING, "Maximum depth exceeded - Results truncated"); + } else { + zend_string_release_ex(decoded_value, 0); } - } else { - zend_string_release_ex(decoded_value, 0); } } } @@ -1416,6 +1421,10 @@ RETURN_FALSE; } + if (parser->isparsing) { + php_error_docref(NULL, E_WARNING, "Parser must not be called recursively"); + RETURN_FALSE; + } parser->isparsing = 1; ret = XML_Parse(parser->parser, (XML_Char*)data, data_len, isFinal); parser->isparsing = 0; @@ -1467,6 +1476,10 @@ XML_SetElementHandler(parser->parser, _xml_startElementHandler, _xml_endElementHandler); XML_SetCharacterDataHandler(parser->parser, _xml_characterDataHandler); + if (parser->isparsing) { + php_error_docref(NULL, E_WARNING, "Parser must not be called recursively"); + RETURN_FALSE; + } parser->isparsing = 1; ret = XML_Parse(parser->parser, (XML_Char*)data, data_len, 1); parser->isparsing = 0; diff -Nru php7.4-7.4.21/ext/zip/php_zip.c php7.4-7.4.25/ext/zip/php_zip.c --- php7.4-7.4.21/ext/zip/php_zip.c 2021-06-29 15:17:21.000000000 +0000 +++ php7.4-7.4.25/ext/zip/php_zip.c 2021-10-19 15:18:17.000000000 +0000 @@ -102,8 +102,8 @@ return NULL; } - if (IS_SLASH(path[0])) { - return path + 1; + if (IS_ABSOLUTE_PATH(path, path_len)) { + return path + COPY_WHEN_ABSOLUTE(path) + 1; } i = path_len; @@ -117,8 +117,8 @@ return path; } - if (i >= 2 && (path[i -1] == '.' || path[i -1] == ':')) { - /* i is the position of . or :, add 1 for / */ + if (i >= 2 && path[i -1] == '.') { + /* i is the position of ., add 1 for / */ path_begin = path + i + 1; break; } @@ -161,11 +161,13 @@ virtual_file_ex(&new_state, file, NULL, CWD_EXPAND); path_cleaned = php_zip_make_relative_path(new_state.cwd, new_state.cwd_length); if(!path_cleaned) { + CWD_STATE_FREE(new_state.cwd); return 0; } path_cleaned_len = strlen(path_cleaned); if (path_cleaned_len >= MAXPATHLEN || zip_stat(za, file, 0, &sb) != 0) { + CWD_STATE_FREE(new_state.cwd); return 0; } @@ -200,8 +202,8 @@ efree(file_dirname_fullpath); if (!is_dir_only) { zend_string_release_ex(file_basename, 0); - CWD_STATE_FREE(new_state.cwd); } + CWD_STATE_FREE(new_state.cwd); return 0; } } diff -Nru php7.4-7.4.21/ext/zip/tests/bug77978.phpt php7.4-7.4.25/ext/zip/tests/bug77978.phpt --- php7.4-7.4.21/ext/zip/tests/bug77978.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/zip/tests/bug77978.phpt 2021-10-19 15:18:17.000000000 +0000 @@ -0,0 +1,37 @@ +--TEST-- +Bug #77978 (Dirname ending in colon unzips to wrong dir) +--SKIPIF-- + +--FILE-- +open($file, ZipArchive::CREATE|ZipArchive::OVERWRITE); +$zip->addFromString("dir/test:/filename.txt", "contents"); +$zip->close(); + +$zip->open($file); +// Windows won't extract filenames with colons; we suppress the warning +@$zip->extractTo($target, "dir/test:/filename.txt"); +$zip->close(); + +var_dump(!file_exists("$target/filename.txt")); +var_dump(PHP_OS_FAMILY === "Windows" || file_exists("$target/dir/test:/filename.txt")); +?> +--EXPECT-- +bool(true) +bool(true) +--CLEAN-- + diff -Nru php7.4-7.4.21/ext/zip/tests/bug81420.phpt php7.4-7.4.25/ext/zip/tests/bug81420.phpt --- php7.4-7.4.21/ext/zip/tests/bug81420.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/zip/tests/bug81420.phpt 2021-10-19 15:18:16.000000000 +0000 @@ -0,0 +1,24 @@ +--TEST-- +Bug #81420 (ZipArchive::extractTo extracts outside of destination) +--SKIPIF-- + +--FILE-- +open(__DIR__ . "/bug81420.zip"); +$destination = __DIR__ . "/bug81420"; +mkdir($destination); +$zip->extractTo($destination); +var_dump(file_exists("$destination/nt1/zzr_noharm.php")); +?> +--CLEAN-- + +--EXPECT-- +bool(true) Binary files /srv/release.debian.org/tmp/1dFtg2tvlP/php7.4-7.4.21/ext/zip/tests/bug81420.zip and /srv/release.debian.org/tmp/Qn_X03_Z3B/php7.4-7.4.25/ext/zip/tests/bug81420.zip differ diff -Nru php7.4-7.4.21/ext/zip/tests/bug81490.phpt php7.4-7.4.25/ext/zip/tests/bug81490.phpt --- php7.4-7.4.21/ext/zip/tests/bug81490.phpt 1970-01-01 00:00:00.000000000 +0000 +++ php7.4-7.4.25/ext/zip/tests/bug81490.phpt 2021-10-19 15:18:16.000000000 +0000 @@ -0,0 +1,21 @@ +--TEST-- +Bug #81490 (ZipArchive::extractTo() may leak memory) +--SKIPIF-- + +--FILE-- +open(__DIR__ . "/bug81490.zip", ZipArchive::CREATE|ZipArchive::OVERWRITE); +$zip->addFromString("", "yada yada"); +mkdir(__DIR__ . "/bug81490"); +$zip->open(__DIR__ . "/bug81490.zip"); +$zip->extractTo(__DIR__ . "/bug81490", ""); +?> +--EXPECT-- +--CLEAN-- + diff -Nru php7.4-7.4.21/main/main.c php7.4-7.4.25/main/main.c --- php7.4-7.4.21/main/main.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/main/main.c 2021-10-19 15:18:10.000000000 +0000 @@ -479,7 +479,15 @@ } zend_unset_timeout(); ZEND_ATOL(EG(timeout_seconds), ZSTR_VAL(new_value)); - zend_set_timeout(EG(timeout_seconds), 0); + if (stage != PHP_INI_STAGE_DEACTIVATE) { + /* + * If we're restoring INI values, we shouldn't reset the timer. + * Otherwise, the timer is active when PHP is idle, such as the + * the CLI web server or CGI. Running a script will re-activate + * the timeout, so it's not needed to do so at script end. + */ + zend_set_timeout(EG(timeout_seconds), 0); + } return SUCCESS; } /* }}} */ diff -Nru php7.4-7.4.21/main/output.c php7.4-7.4.25/main/output.c --- php7.4-7.4.21/main/output.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/main/output.c 2021-10-19 15:18:10.000000000 +0000 @@ -889,7 +889,7 @@ size_t grow_buf = PHP_OUTPUT_HANDLER_INITBUF_SIZE(buf->used - (handler->buffer.size - handler->buffer.used)); size_t grow_max = MAX(grow_int, grow_buf); - handler->buffer.data = erealloc(handler->buffer.data, handler->buffer.size + grow_max); + handler->buffer.data = safe_erealloc(handler->buffer.data, 1, handler->buffer.size, grow_max); handler->buffer.size += grow_max; } memcpy(handler->buffer.data + handler->buffer.used, buf->data, buf->used); diff -Nru php7.4-7.4.21/main/php_version.h php7.4-7.4.25/main/php_version.h --- php7.4-7.4.21/main/php_version.h 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/main/php_version.h 2021-10-19 15:18:10.000000000 +0000 @@ -2,7 +2,7 @@ /* edit configure.ac to change version number */ #define PHP_MAJOR_VERSION 7 #define PHP_MINOR_VERSION 4 -#define PHP_RELEASE_VERSION 21 +#define PHP_RELEASE_VERSION 25 #define PHP_EXTRA_VERSION "" -#define PHP_VERSION "7.4.21" -#define PHP_VERSION_ID 70421 +#define PHP_VERSION "7.4.25" +#define PHP_VERSION_ID 70425 diff -Nru php7.4-7.4.21/main/streams/cast.c php7.4-7.4.25/main/streams/cast.c --- php7.4-7.4.21/main/streams/cast.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/main/streams/cast.c 2021-10-19 15:18:10.000000000 +0000 @@ -295,7 +295,9 @@ } if (php_stream_is_filtered(stream)) { - php_error_docref(NULL, E_WARNING, "cannot cast a filtered stream on this system"); + if (show_err) { + php_error_docref(NULL, E_WARNING, "cannot cast a filtered stream on this system"); + } return FAILURE; } else if (stream->ops->cast && stream->ops->cast(stream, castas, ret) == SUCCESS) { goto exit_success; diff -Nru php7.4-7.4.21/main/streams/filter.c php7.4-7.4.25/main/streams/filter.c --- php7.4-7.4.21/main/streams/filter.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/main/streams/filter.c 2021-10-19 15:18:10.000000000 +0000 @@ -418,7 +418,7 @@ for(current = filter; current; current = current->next) { php_stream_filter_status_t status; - status = filter->fops->filter(stream, current, inp, outp, NULL, flags); + status = current->fops->filter(stream, current, inp, outp, NULL, flags); if (status == PSFS_FEED_ME) { /* We've flushed the data far enough */ return SUCCESS; @@ -470,7 +470,10 @@ } else if (chain == &(stream->writefilters)) { /* Send flushed data to the stream */ while ((bucket = inp->head)) { - stream->ops->write(stream, bucket->buf, bucket->buflen); + ssize_t count = stream->ops->write(stream, bucket->buf, bucket->buflen); + if (count > 0) { + stream->position += count; + } php_stream_bucket_unlink(bucket); php_stream_bucket_delref(bucket); } diff -Nru php7.4-7.4.21/main/streams/plain_wrapper.c php7.4-7.4.25/main/streams/plain_wrapper.c --- php7.4-7.4.21/main/streams/plain_wrapper.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/main/streams/plain_wrapper.c 2021-10-19 15:18:10.000000000 +0000 @@ -770,7 +770,7 @@ { php_stream_mmap_range *range = (php_stream_mmap_range*)ptrparam; HANDLE hfile = (HANDLE)_get_osfhandle(fd); - DWORD prot, acc, loffs = 0, delta = 0; + DWORD prot, acc, loffs = 0, hoffs = 0, delta = 0; LARGE_INTEGER file_size; switch (value) { @@ -838,8 +838,11 @@ GetSystemInfo(&info); gran = info.dwAllocationGranularity; - loffs = ((DWORD)range->offset / gran) * gran; - delta = (DWORD)range->offset - loffs; + ZEND_ASSERT(gran != 0 && (gran & (gran - 1)) == 0); + size_t rounded_offset = (range->offset / gran) * gran; + delta = range->offset - rounded_offset; + loffs = (DWORD)rounded_offset; + hoffs = (DWORD)(rounded_offset >> 32); } /* MapViewOfFile()ing zero bytes would map to the end of the file; match *nix behavior instead */ @@ -847,7 +850,7 @@ return PHP_STREAM_OPTION_RETURN_ERR; } - data->last_mapped_addr = MapViewOfFile(data->file_mapping, acc, 0, loffs, range->length + delta); + data->last_mapped_addr = MapViewOfFile(data->file_mapping, acc, hoffs, loffs, range->length + delta); if (data->last_mapped_addr) { /* give them back the address of the start offset they requested */ diff -Nru php7.4-7.4.21/main/streams/streams.c php7.4-7.4.25/main/streams/streams.c --- php7.4-7.4.21/main/streams/streams.c 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/main/streams/streams.c 2021-10-19 15:18:10.000000000 +0000 @@ -1151,12 +1151,7 @@ buf += justwrote; count -= justwrote; didwrite += justwrote; - - /* Only screw with the buffer if we can seek, otherwise we lose data - * buffered from fifos and sockets */ - if (stream->ops->seek && (stream->flags & PHP_STREAM_FLAG_NO_SEEK) == 0) { - stream->position += justwrote; - } + stream->position += justwrote; } return didwrite; diff -Nru php7.4-7.4.21/pear/install-pear-nozlib.phar php7.4-7.4.25/pear/install-pear-nozlib.phar --- php7.4-7.4.21/pear/install-pear-nozlib.phar 2021-06-29 15:17:15.000000000 +0000 +++ php7.4-7.4.25/pear/install-pear-nozlib.phar 2021-10-19 15:18:10.000000000 +0000 @@ -390,7 +390,7 @@ * Any attempt to call from outside the .phar or to re-alias the .phar will fail * as a security measure. * @param string $alias - * @param int $dataoffset the value of 43987 + * @param int $dataoffset the value of 43990 */ public static final function mapPhar($alias = NULL, $dataoffset = NULL) { @@ -514,7 +514,7 @@ $flags = unpack('V', substr($manifest, 6, 4)); $ret = array('compressed' => $flags[1] & 0x00003000); // signature is not verified by default in PHP_Archive, phar is better - $ret['hassignature'] = $flags & 0x00010000; + $ret['hassignature'] = $flags[1] & 0x00010000; $aliaslen = unpack('V', substr($manifest, 10, 4)); if ($aliaslen) { $ret['alias'] = substr($manifest, 14, $aliaslen[1]); @@ -1161,7 +1161,7 @@ } }} if (!class_exists('Phar')) { - PHP_Archive::mapPhar(null, 43987 ); + PHP_Archive::mapPhar(null, 43990 ); } else { try { Phar::mapPhar(); @@ -1282,9 +1282,8 @@ require_once 'phar://install-pear-nozlib.phar/index.php'; -__HALT_COMPILER();Finstall-pear-nozlib.pharArchive/Tar.phpP^^P 쪆mArchive_Tar-1.4.9.tar^^izmConsole/Getopt.phph5^^h5mConsole_Getopt-1.4.3.tarz^^zU/m index.php\+^^\+m OS/Guess.php*^^*mPEAR-1.10.12.tarH^^Hj:mPEAR.phpK^^K^TL}mPEAR/ChannelFile.php^^omPEAR/ChannelFile/Parser.php^^mPEAR/Command.php0^^0ymPEAR/Command/Common.php; ^^; NNmPEAR/Command/Install.php^^c kmPEAR/Command/Install.xml!^^!jmPEAR/Common.phph^^h(ܞmPEAR/Config.phpl^^lKwmPEAR/Dependency2.php^^l֗mPEAR/DependencyDB.php^^^^%mPEAR/Downloader.php^^mPEAR/Downloader/Package.php*^^*.mPEAR/ErrorStack.php1^^1x4mPEAR/Frontend.php^^$+mPEAR/Frontend/CLI.phprd^^rdכmPEAR/Installer.phpr^^rޛ mPEAR/Installer/Role.php+^^+*+mPEAR/Installer/Role/Common.phpG^^GܲvmPEAR/Installer/Role/Data.php^^mPEAR/Installer/Role/Data.xml^^fszmPEAR/Installer/Role/Doc.php ^^ }mPEAR/Installer/Role/Doc.xml^^h&P*mPEAR/Installer/Role/Php.php ^^ 6mHmPEAR/Installer/Role/Php.xml^^zqmPEAR/Installer/Role/Script.php^^6|mPEAR/Installer/Role/Script.xml^^@vmPEAR/Installer/Role/Test.php^^#mPEAR/Installer/Role/Test.xml^^B] mPEAR/PackageFile.php>^^>#m!PEAR/PackageFile/Generator/v1.phpE^^Eޣm!PEAR/PackageFile/Generator/v2.php8^^8,mPEAR/PackageFile/Parser/v1.php@^^@[8AmPEAR/PackageFile/Parser/v2.php ^^ LmPEAR/PackageFile/v1.php"^^">;mPEAR/PackageFile/v2.phpd^^dX\m!PEAR/PackageFile/v2/Validator.phpL^^LmPEAR/Proxy.php^^+mPEAR/Registry.php*^^*~Km PEAR/REST.phpA^^A7@ mPEAR/REST/10.php^^ mPEAR/Start.php :^^ :ncmPEAR/Start/CLI.phpTS^^TScmPEAR/Task/Common.phpD^^D0mPEAR/Task/Postinstallscript.php9^^9cזm"PEAR/Task/Postinstallscript/rw.phpA^^Aϧn5mPEAR/Task/Replace.php^^MpmPEAR/Task/Replace/rw.php<^^<CmPEAR/Task/Unixeol.php$ ^^$ /mPEAR/Task/Unixeol/rw.phpA^^A~sHmPEAR/Task/Windowseol.php ^^ #mPEAR/Task/Windowseol/rw.phpN^^N -4mPEAR/Validate.php?V^^?V5mPEAR/Validator/PECL.php^^^^)'mPEAR/XMLParser.phpI^^IrvmStructures/Graph.phpi^^iC}m,Structures/Graph/Manipulator/AcyclicTest.php^^1m2Structures/Graph/Manipulator/TopologicalSorter.php^^v?mStructures/Graph/Node.phpj+^^j+]#imStructures_Graph-1.1.1.tar6^^6jm -System.phpP^^Pm XML/Util.php}^^}|mXML_Util-1.4.5.tar@^^@*BkmPmPEAR/ChannelFile/Parser.php*a"ĂmPEAR/Command.php0*a0ZKKmPEAR/Command/Common.php; *a; ?mPEAR/Command/Install.php*a)mPEAR/Command/Install.xml!*a!jmPEAR/Common.phph*ahQdmPEAR/Config.phpl*al[%mPEAR/Dependency2.php*a*7mPEAR/DependencyDB.php^*a^[mPEAR/Downloader.php*aѷmPEAR/Downloader/Package.php**a*l mPEAR/ErrorStack.php1*a1mPEAR/Frontend.php*a#胡mPEAR/Frontend/CLI.phprd*ardڿmPEAR/Installer.phpr*art*a>Ubm!PEAR/PackageFile/Generator/v1.phpE*aE9!-m!PEAR/PackageFile/Generator/v2.php8*a8hmPEAR/PackageFile/Parser/v1.php@*a@[mPEAR/PackageFile/Parser/v2.php *a (mPEAR/PackageFile/v1.php"*a"?&mPEAR/PackageFile/v2.phpd*ad+m!PEAR/PackageFile/v2/Validator.phpL*aLv25mPEAR/Proxy.php*a+mPEAR/Registry.php+*a+*m PEAR/REST.phpA*aA%mPEAR/REST/10.php*a OmPEAR/Start.php :*a :ncmPEAR/Start/CLI.phpTS*aTScmPEAR/Task/Common.phpD*aD9mPEAR/Task/Postinstallscript.php9*a9m|m"PEAR/Task/Postinstallscript/rw.phpA*aA3DmPEAR/Task/Replace.php*a1bmPEAR/Task/Replace/rw.php<*a<mPEAR/Task/Unixeol.php$ *a$ TmPEAR/Task/Unixeol/rw.phpA*aAmPEAR/Task/Windowseol.php *a 5齀mPEAR/Task/Windowseol/rw.phpN*aNRvЍmPEAR/Validate.php?V*a?V%mPEAR/Validator/PECL.php^*a^Q}mPEAR/XMLParser.phpI*aIsmStructures/Graph.phpi*aiC}m,Structures/Graph/Manipulator/AcyclicTest.php*a1m2Structures/Graph/Manipulator/TopologicalSorter.php*av?mStructures/Graph/Node.phpj+*aj+]#imStructures_Graph-1.1.1.tar6*a6jm +System.php Q*a Q%m XML/Util.php}*a}|mXML_Util-1.4.5.tar@*a@*Bkm_close(); // ----- Look for a local copy to delete - if ($this->_temp_tarname != '') { + if ($this->_temp_tarname != '' && (bool) preg_match('/^tar[[:alnum:]]*\.tmp$/', $this->_temp_tarname)) { @unlink($this->_temp_tarname); } } @@ -2017,7 +2016,7 @@ */ public function setIgnoreList($list) { - $regexp = str_replace(array('#', '.', '^', '$'), array('\#', '\.', '\^', '\$'), $list); + $list = str_replace(array('#', '.', '^', '$'), array('\#', '\.', '\^', '\$'), $list); $regexp = '#/' . join('$|/', $list) . '#'; $this->setIgnoreRegexp($regexp); } @@ -2559,7 +2558,7 @@ while (($v_buffer = fread($v_file, $this->buffer_length)) != '') { $buffer_length = strlen("$v_buffer"); if ($buffer_length != $this->buffer_length) { - $pack_size = ((int)($buffer_length / 512) + 1) * 512; + $pack_size = ((int)($buffer_length / 512) + ($buffer_length % 512 !== 0 ? 1 : 0)) * 512; $pack_format = sprintf('a%d', $pack_size); } else { $pack_format = sprintf('a%d', $this->buffer_length); @@ -2683,16 +2682,20 @@ $v_magic = 'ustar '; $v_version = ' '; + $v_uname = ''; + $v_gname = ''; if (function_exists('posix_getpwuid')) { $userinfo = posix_getpwuid($v_info[4]); $groupinfo = posix_getgrgid($v_info[5]); - $v_uname = $userinfo['name']; - $v_gname = $groupinfo['name']; - } else { - $v_uname = ''; - $v_gname = ''; + if (isset($userinfo['name'])) { + $v_uname = $userinfo['name']; + } + + if (isset($groupinfo['name'])) { + $v_gname = $groupinfo['name']; + } } $v_devmajor = ''; @@ -2801,8 +2804,13 @@ $userinfo = posix_getpwuid($p_uid); $groupinfo = posix_getgrgid($p_gid); - $v_uname = $userinfo['name']; - $v_gname = $groupinfo['name']; + if ($userinfo === false || $groupinfo === false) { + $v_uname = ''; + $v_gname = ''; + } else { + $v_uname = $userinfo['name']; + $v_gname = $groupinfo['name']; + } } else { $v_uname = ''; $v_gname = ''; @@ -3011,7 +3019,7 @@ // ----- Extract the properties $v_header['filename'] = rtrim($v_data['filename'], "\0"); - if ($this->_maliciousFilename($v_header['filename'])) { + if ($this->_isMaliciousFilename($v_header['filename'])) { $this->_error( 'Malicious .tar detected, file "' . $v_header['filename'] . '" will not install in desired directory tree' @@ -3081,9 +3089,9 @@ * * @return bool */ - private function _maliciousFilename($file) + private function _isMaliciousFilename($file) { - if (strpos($file, 'phar://') === 0) { + if (strpos($file, '://') !== false) { return true; } if (strpos($file, '../') !== false || strpos($file, '..\\') !== false) { @@ -3119,7 +3127,7 @@ $v_filename = rtrim(substr($v_filename, 0, $v_filesize), "\0"); $v_header['filename'] = $v_filename; - if ($this->_maliciousFilename($v_filename)) { + if ($this->_isMaliciousFilename($v_filename)) { $this->_error( 'Malicious .tar detected, file "' . $v_filename . '" will not install in desired directory tree' @@ -3408,6 +3416,40 @@ ); return false; } + $absolute_link = FALSE; + $link_depth = 0; + if (strpos($v_header['link'], "/") === 0 || strpos($v_header['link'], ':') !== FALSE) { + $absolute_link = TRUE; + } + else { + $s_filename = preg_replace('@^' . preg_quote($p_path) . '@', "", $v_header['filename']); + $s_linkname = str_replace('\\', '/', $v_header['link']); + foreach (explode("/", $s_filename) as $dir) { + if ($dir === "..") { + $link_depth--; + } elseif ($dir !== "" && $dir !== "." ) { + $link_depth++; + } + } + foreach (explode("/", $s_linkname) as $dir){ + if ($link_depth <= 0) { + break; + } + if ($dir === "..") { + $link_depth--; + } elseif ($dir !== "" && $dir !== ".") { + $link_depth++; + } + } + } + if ($absolute_link || $link_depth <= 0) { + $this->_error( + 'Out-of-path file extraction {' + . $v_header['filename'] . ' --> ' . + $v_header['link'] . '}' + ); + return false; + } if (@file_exists($v_header['filename'])) { @unlink($v_header['filename']); } @@ -3771,8 +3813,8 @@ return $p_path; } } -package.xml0000644000076600000240000004215213571721352012220 0ustar mrookstaff - +package.xml0000644000076500000240000004632114075622601012216 0ustar mrookstaff + Archive_Tar pear.php.net Tar file management class @@ -3805,10 +3847,10 @@ stig@php.net no - 2019-12-04 - + 2021-07-20 + - 1.4.9 + 1.4.14 1.4.0 @@ -3817,11 +3859,11 @@ New BSD License -* Implement Feature #23861: Add option to disallow symlinks [mrook] +* Properly fix symbolic link path traversal (CVE-2021-32610) - + @@ -3845,6 +3887,82 @@ + 1.4.13 + 1.4.0 + + + stable + stable + + 2021-02-16 + New BSD License + +* Fix Bug #27010: Relative symlinks failing (out-of path file extraction) [mrook] + + + + + 1.4.12 + 1.4.0 + + + stable + stable + + 2021-01-18 + New BSD License + +* Fix Bug #27008: Symlink out-of-path write vulnerability (CVE-2020-36193) [mrook] + + + + + 1.4.11 + 1.4.0 + + + stable + stable + + 2020-11-19 + New BSD License + +* Fix Bug #27002: Filename manipulation vulnerabilities (CVE-2020-28948 / CVE-2020-28949) [mrook] + + + + + 1.4.10 + 1.4.0 + + + stable + stable + + 2020-09-15 + New BSD License + +* Fix block padding when the file buffer length is a multiple of 512 and smaller than Archive_Tar buffer length +* Don't try to copy username/groupname in chroot jail + + + + + 1.4.9 + 1.4.0 + + + stable + stable + + 2019-12-04 + New BSD License + +* Implement Feature #23861: Add option to disallow symlinks [mrook] + + + + 1.4.8 1.4.0 @@ -4403,7 +4521,7 @@ -Archive_Tar-1.4.9/Archive/Tar.php0000644000076600000240000025020613571721352015562 0ustar mrookstaff_close(); // ----- Look for a local copy to delete - if ($this->_temp_tarname != '') { + if ($this->_temp_tarname != '' && (bool) preg_match('/^tar[[:alnum:]]*\.tmp$/', $this->_temp_tarname)) { @unlink($this->_temp_tarname); } } @@ -5136,7 +5254,7 @@ */ public function setIgnoreList($list) { - $regexp = str_replace(array('#', '.', '^', '$'), array('\#', '\.', '\^', '\$'), $list); + $list = str_replace(array('#', '.', '^', '$'), array('\#', '\.', '\^', '\$'), $list); $regexp = '#/' . join('$|/', $list) . '#'; $this->setIgnoreRegexp($regexp); } @@ -5678,7 +5796,7 @@ while (($v_buffer = fread($v_file, $this->buffer_length)) != '') { $buffer_length = strlen("$v_buffer"); if ($buffer_length != $this->buffer_length) { - $pack_size = ((int)($buffer_length / 512) + 1) * 512; + $pack_size = ((int)($buffer_length / 512) + ($buffer_length % 512 !== 0 ? 1 : 0)) * 512; $pack_format = sprintf('a%d', $pack_size); } else { $pack_format = sprintf('a%d', $this->buffer_length); @@ -5802,16 +5920,20 @@ $v_magic = 'ustar '; $v_version = ' '; + $v_uname = ''; + $v_gname = ''; if (function_exists('posix_getpwuid')) { $userinfo = posix_getpwuid($v_info[4]); $groupinfo = posix_getgrgid($v_info[5]); - $v_uname = $userinfo['name']; - $v_gname = $groupinfo['name']; - } else { - $v_uname = ''; - $v_gname = ''; + if (isset($userinfo['name'])) { + $v_uname = $userinfo['name']; + } + + if (isset($groupinfo['name'])) { + $v_gname = $groupinfo['name']; + } } $v_devmajor = ''; @@ -5920,8 +6042,13 @@ $userinfo = posix_getpwuid($p_uid); $groupinfo = posix_getgrgid($p_gid); - $v_uname = $userinfo['name']; - $v_gname = $groupinfo['name']; + if ($userinfo === false || $groupinfo === false) { + $v_uname = ''; + $v_gname = ''; + } else { + $v_uname = $userinfo['name']; + $v_gname = $groupinfo['name']; + } } else { $v_uname = ''; $v_gname = ''; @@ -6130,7 +6257,7 @@ // ----- Extract the properties $v_header['filename'] = rtrim($v_data['filename'], "\0"); - if ($this->_maliciousFilename($v_header['filename'])) { + if ($this->_isMaliciousFilename($v_header['filename'])) { $this->_error( 'Malicious .tar detected, file "' . $v_header['filename'] . '" will not install in desired directory tree' @@ -6200,9 +6327,9 @@ * * @return bool */ - private function _maliciousFilename($file) + private function _isMaliciousFilename($file) { - if (strpos($file, 'phar://') === 0) { + if (strpos($file, '://') !== false) { return true; } if (strpos($file, '../') !== false || strpos($file, '..\\') !== false) { @@ -6238,7 +6365,7 @@ $v_filename = rtrim(substr($v_filename, 0, $v_filesize), "\0"); $v_header['filename'] = $v_filename; - if ($this->_maliciousFilename($v_filename)) { + if ($this->_isMaliciousFilename($v_filename)) { $this->_error( 'Malicious .tar detected, file "' . $v_filename . '" will not install in desired directory tree' @@ -6527,6 +6654,40 @@ ); return false; } + $absolute_link = FALSE; + $link_depth = 0; + if (strpos($v_header['link'], "/") === 0 || strpos($v_header['link'], ':') !== FALSE) { + $absolute_link = TRUE; + } + else { + $s_filename = preg_replace('@^' . preg_quote($p_path) . '@', "", $v_header['filename']); + $s_linkname = str_replace('\\', '/', $v_header['link']); + foreach (explode("/", $s_filename) as $dir) { + if ($dir === "..") { + $link_depth--; + } elseif ($dir !== "" && $dir !== "." ) { + $link_depth++; + } + } + foreach (explode("/", $s_linkname) as $dir){ + if ($link_depth <= 0) { + break; + } + if ($dir === "..") { + $link_depth--; + } elseif ($dir !== "" && $dir !== ".") { + $link_depth++; + } + } + } + if ($absolute_link || $link_depth <= 0) { + $this->_error( + 'Out-of-path file extraction {' + . $v_header['filename'] . ' --> ' . + $v_header['link'] . '}' + ); + return false; + } if (@file_exists($v_header['filename'])) { @unlink($v_header['filename']); } @@ -6890,7 +7051,7 @@ return $p_path; } } -Archive_Tar-1.4.9/docs/Archive_Tar.txt0000644000076600000240000004524613571721352016630 0ustar mrookstaffDocumentation for class Archive_Tar +Archive_Tar-1.4.14/docs/Archive_Tar.txt0000644000076500000240000004524614075622601016700 0ustar mrookstaffDocumentation for class Archive_Tar =================================== Last update : 2001-08-15 @@ -8622,11 +8783,11 @@ } $force = false; -$install_files = array('Archive_Tar' => 'phar://install-pear-nozlib.phar/Archive_Tar-1.4.9.tar', +$install_files = array('Archive_Tar' => 'phar://install-pear-nozlib.phar/Archive_Tar-1.4.14.tar', 'Console_Getopt' => 'phar://install-pear-nozlib.phar/Console_Getopt-1.4.3.tar', 'Structures_Graph' => 'phar://install-pear-nozlib.phar/Structures_Graph-1.1.1.tar', 'XML_Util' => 'phar://install-pear-nozlib.phar/XML_Util-1.4.5.tar', -'PEAR' => 'phar://install-pear-nozlib.phar/PEAR-1.10.12.tar', +'PEAR' => 'phar://install-pear-nozlib.phar/PEAR-1.10.13.tar', ); array_shift($argv); $debug = false; @@ -8942,14 +9103,14 @@ * * PHP versions 4 and 5 * - * @category pear - * @package PEAR - * @author Stig Bakken - * @author Gregory Beaver - * @copyright 1997-2009 The Authors - * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @link http://pear.php.net/package/PEAR - * @since File available since PEAR 0.1 + * @category pear + * @package PEAR + * @author Stig Bakken + * @author Gregory Beaver + * @copyright 1997-2009 The Authors + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @link http://pear.php.net/package/PEAR + * @since File available since PEAR 0.1 */ // {{{ uname examples @@ -9018,15 +9179,15 @@ * * This class uses php_uname() to grok information about the current OS * - * @category pear - * @package PEAR - * @author Stig Bakken - * @author Gregory Beaver - * @copyright 1997-2009 The Authors - * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 - * @link http://pear.php.net/package/PEAR - * @since Class available since Release 0.1 + * @category pear + * @package PEAR + * @author Stig Bakken + * @author Gregory Beaver + * @copyright 1997-2020 The Authors + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @version Release: 1.10.13 + * @link http://pear.php.net/package/PEAR + * @since Class available since Release 0.1 */ class OS_Guess { @@ -9076,13 +9237,9 @@ $release = "$parts[3].$parts[2]"; break; case 'Windows' : - switch ($parts[1]) { - case '95/98': - $release = '9x'; - break; - default: - $release = $parts[1]; - break; + $release = $parts[1]; + if ($release == '95/98') { + $release = '9x'; } $cpu = 'i386'; break; @@ -9095,18 +9252,10 @@ $sysname = 'darwin'; $nodename = $parts[2]; $release = $parts[3]; - if ($cpu == 'Macintosh') { - if ($parts[$n - 2] == 'Power') { - $cpu = 'powerpc'; - } - } + $cpu = $this->_determineIfPowerpc($cpu, $parts); break; case 'Darwin' : - if ($cpu == 'Macintosh') { - if ($parts[$n - 2] == 'Power') { - $cpu = 'powerpc'; - } - } + $cpu = $this->_determineIfPowerpc($cpu, $parts); $release = preg_replace('/^([0-9]+\.[0-9]+).*/', '\1', $parts[2]); break; default: @@ -9125,6 +9274,15 @@ return array($sysname, $release, $cpu, $extra, $nodename); } + function _determineIfPowerpc($cpu, $parts) + { + $n = count($parts); + if ($cpu == 'Macintosh' && $parts[$n - 2] == 'Power') { + $cpu = 'powerpc'; + } + return $cpu; + } + function _detectGlibcVersion() { static $glibc = false; @@ -9134,80 +9292,131 @@ $major = $minor = 0; include_once 'phar://install-pear-nozlib.phar/' . "System.php"; - if (@is_link('/lib64/libc.so.6')) { - // Let's try reading the libc.so.6 symlink - if (preg_match('/^libc-(.*)\.so$/', basename(readlink('/lib64/libc.so.6')), $matches)) { - list($major, $minor) = explode('.', $matches[1]); - } - } else if (@is_link('/lib/libc.so.6')) { - // Let's try reading the libc.so.6 symlink - if (preg_match('/^libc-(.*)\.so$/', basename(readlink('/lib/libc.so.6')), $matches)) { - list($major, $minor) = explode('.', $matches[1]); + // Let's try reading possible libc.so.6 symlinks + $libcs = array( + '/lib64/libc.so.6', + '/lib/libc.so.6', + '/lib/i386-linux-gnu/libc.so.6' + ); + $versions = array(); + foreach ($libcs as $file) { + $versions = $this->_readGlibCVersionFromSymlink($file); + if ($versions != []) { + list($major, $minor) = $versions; + break; } } + // Use glibc's header file to // get major and minor version number: - if (!($major && $minor) && - @file_exists('/usr/include/features.h') && - @is_readable('/usr/include/features.h')) { - if (!@file_exists('/usr/bin/cpp') || !@is_executable('/usr/bin/cpp')) { - $features_file = fopen('/usr/include/features.h', 'rb'); - while (!feof($features_file)) { - $line = fgets($features_file, 8192); - if (!$line || (strpos($line, '#define') === false)) { - continue; - } - if (strpos($line, '__GLIBC__')) { - // major version number #define __GLIBC__ version - $line = preg_split('/\s+/', $line); - $glibc_major = trim($line[2]); - if (isset($glibc_minor)) { - break; - } - continue; - } + if (!($major && $minor)) { + $versions = $this->_readGlibCVersionFromFeaturesHeaderFile(); + } + if (is_array($versions) && $versions != []) { + list($major, $minor) = $versions; + } - if (strpos($line, '__GLIBC_MINOR__')) { - // got the minor version number - // #define __GLIBC_MINOR__ version - $line = preg_split('/\s+/', $line); - $glibc_minor = trim($line[2]); - if (isset($glibc_major)) { - break; - } - continue; - } - } - fclose($features_file); - if (!isset($glibc_major) || !isset($glibc_minor)) { - return $glibc = ''; - } - return $glibc = 'glibc' . trim($glibc_major) . "." . trim($glibc_minor) ; - } // no cpp - - $tmpfile = System::mktemp("glibctest"); - $fp = fopen($tmpfile, "w"); - fwrite($fp, "#include \n__GLIBC__ __GLIBC_MINOR__\n"); - fclose($fp); - $cpp = popen("/usr/bin/cpp $tmpfile", "r"); - while ($line = fgets($cpp, 1024)) { - if ($line[0] == '#' || trim($line) == '') { - continue; + if (!($major && $minor)) { + return $glibc = ''; + } + + return $glibc = "glibc{$major}.{$minor}"; + } + + function _readGlibCVersionFromSymlink($file) + { + $versions = array(); + if (@is_link($file) + && (preg_match('/^libc-(.*)\.so$/', basename(readlink($file)), $matches)) + ) { + $versions = explode('.', $matches[1]); + } + return $versions; + } + + + function _readGlibCVersionFromFeaturesHeaderFile() + { + $features_header_file = '/usr/include/features.h'; + if (!(@file_exists($features_header_file) + && @is_readable($features_header_file)) + ) { + return array(); + } + if (!@file_exists('/usr/bin/cpp') || !@is_executable('/usr/bin/cpp')) { + return $this-_parseFeaturesHeaderFile($features_header_file); + } // no cpp + + return $this->_fromGlibCTest(); + } + + function _parseFeaturesHeaderFile($features_header_file) + { + $features_file = fopen($features_header_file, 'rb'); + while (!feof($features_file)) { + $line = fgets($features_file, 8192); + if (!$this->_IsADefinition($line)) { + continue; + } + if (strpos($line, '__GLIBC__')) { + // major version number #define __GLIBC__ version + $line = preg_split('/\s+/', $line); + $glibc_major = trim($line[2]); + if (isset($glibc_minor)) { + break; } + continue; + } - if (list($major, $minor) = explode(' ', trim($line))) { + if (strpos($line, '__GLIBC_MINOR__')) { + // got the minor version number + // #define __GLIBC_MINOR__ version + $line = preg_split('/\s+/', $line); + $glibc_minor = trim($line[2]); + if (isset($glibc_major)) { break; } } - pclose($cpp); - unlink($tmpfile); - } // features.h + } + fclose($features_file); + if (!isset($glibc_major) || !isset($glibc_minor)) { + return array(); + } + return array(trim($glibc_major), trim($glibc_minor)); + } - if (!($major && $minor)) { - return $glibc = ''; + function _IsADefinition($line) + { + if ($line === false) { + return false; } + return strpos(trim($line), '#define') !== false; + } - return $glibc = "glibc{$major}.{$minor}"; + function _fromGlibCTest() + { + $major = null; + $minor = null; + + $tmpfile = System::mktemp("glibctest"); + $fp = fopen($tmpfile, "w"); + fwrite($fp, "#include \n__GLIBC__ __GLIBC_MINOR__\n"); + fclose($fp); + $cpp = popen("/usr/bin/cpp $tmpfile", "r"); + while ($line = fgets($cpp, 1024)) { + if ($line[0] == '#' || trim($line) == '') { + continue; + } + + if (list($major, $minor) = explode(' ', trim($line))) { + break; + } + } + pclose($cpp); + unlink($tmpfile); + if ($major !== null && $minor !== null) { + return [$major, $minor]; + } } function getSignature() @@ -9266,12 +9475,16 @@ function _matchFragment($fragment, $value) { if (strcspn($fragment, '*?') < strlen($fragment)) { - $reg = '/^' . str_replace(array('*', '?', '/'), array('.*', '.', '\\/'), $fragment) . '\\z/'; + $expression = str_replace( + array('*', '?', '/'), + array('.*', '.', '\\/'), + $fragment + ); + $reg = '/^' . $expression . '\\z/'; return preg_match($reg, $value); } return ($fragment == '*' || !strcasecmp($fragment, $value)); } - } /* * Local Variables: @@ -9279,8 +9492,8 @@ * c-basic-offset: 4 * End: */ -package.xml0000644000175000017500000016372713647111106013063 0ustar ashnazgashnazg - +package.xml0000664000175000017500000016473514104576430013071 0ustar ashnazgashnazg + PEAR pear.php.net PEAR Base System @@ -9342,7 +9555,7 @@ Christian Weiske cweiske cweiske@php.net - yes + no Chuck Burgess @@ -9374,10 +9587,10 @@ mj@php.net no - 2020-04-19 - + 2021-08-10 + - 1.10.12 + 1.10.13 1.10.1 @@ -9386,41 +9599,42 @@ New BSD License -* adjust dependencies based on new releases +* PR #114: unsupported protocol - use --force to continue +* PR #117: Add $this operator to _determineIfPowerpc calls - + - + - + - + - + - + - + - + - + @@ -9429,77 +9643,77 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -9508,115 +9722,115 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + @@ -9658,7 +9872,7 @@ - + @@ -9673,11 +9887,11 @@ - + - - + + @@ -10567,22 +10781,38 @@ * adjust dependencies based on new releases + + 2021-08-10 + + 1.10.13 + 1.10.1 + + + stable + stable + + New BSD License + +* PR #114: unsupported protocol - use --force to continue +* PR #117: Add $this operator to _determineIfPowerpc calls + + -PEAR-1.10.12/OS/Guess.php0000644000175000017500000002521013647111106014373 0ustar ashnazgashnazg - * @author Gregory Beaver - * @copyright 1997-2009 The Authors - * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @link http://pear.php.net/package/PEAR - * @since File available since PEAR 0.1 + * @category pear + * @package PEAR + * @author Stig Bakken + * @author Gregory Beaver + * @copyright 1997-2009 The Authors + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @link http://pear.php.net/package/PEAR + * @since File available since PEAR 0.1 */ // {{{ uname examples @@ -10651,15 +10881,15 @@ * * This class uses php_uname() to grok information about the current OS * - * @category pear - * @package PEAR - * @author Stig Bakken - * @author Gregory Beaver - * @copyright 1997-2009 The Authors - * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 - * @link http://pear.php.net/package/PEAR - * @since Class available since Release 0.1 + * @category pear + * @package PEAR + * @author Stig Bakken + * @author Gregory Beaver + * @copyright 1997-2020 The Authors + * @license http://opensource.org/licenses/bsd-license.php New BSD License + * @version Release: 1.10.13 + * @link http://pear.php.net/package/PEAR + * @since Class available since Release 0.1 */ class OS_Guess { @@ -10709,13 +10939,9 @@ $release = "$parts[3].$parts[2]"; break; case 'Windows' : - switch ($parts[1]) { - case '95/98': - $release = '9x'; - break; - default: - $release = $parts[1]; - break; + $release = $parts[1]; + if ($release == '95/98') { + $release = '9x'; } $cpu = 'i386'; break; @@ -10728,18 +10954,10 @@ $sysname = 'darwin'; $nodename = $parts[2]; $release = $parts[3]; - if ($cpu == 'Macintosh') { - if ($parts[$n - 2] == 'Power') { - $cpu = 'powerpc'; - } - } + $cpu = $this->_determineIfPowerpc($cpu, $parts); break; case 'Darwin' : - if ($cpu == 'Macintosh') { - if ($parts[$n - 2] == 'Power') { - $cpu = 'powerpc'; - } - } + $cpu = $this->_determineIfPowerpc($cpu, $parts); $release = preg_replace('/^([0-9]+\.[0-9]+).*/', '\1', $parts[2]); break; default: @@ -10758,6 +10976,15 @@ return array($sysname, $release, $cpu, $extra, $nodename); } + function _determineIfPowerpc($cpu, $parts) + { + $n = count($parts); + if ($cpu == 'Macintosh' && $parts[$n - 2] == 'Power') { + $cpu = 'powerpc'; + } + return $cpu; + } + function _detectGlibcVersion() { static $glibc = false; @@ -10767,80 +10994,131 @@ $major = $minor = 0; include_once "System.php"; - if (@is_link('/lib64/libc.so.6')) { - // Let's try reading the libc.so.6 symlink - if (preg_match('/^libc-(.*)\.so$/', basename(readlink('/lib64/libc.so.6')), $matches)) { - list($major, $minor) = explode('.', $matches[1]); - } - } else if (@is_link('/lib/libc.so.6')) { - // Let's try reading the libc.so.6 symlink - if (preg_match('/^libc-(.*)\.so$/', basename(readlink('/lib/libc.so.6')), $matches)) { - list($major, $minor) = explode('.', $matches[1]); + // Let's try reading possible libc.so.6 symlinks + $libcs = array( + '/lib64/libc.so.6', + '/lib/libc.so.6', + '/lib/i386-linux-gnu/libc.so.6' + ); + $versions = array(); + foreach ($libcs as $file) { + $versions = $this->_readGlibCVersionFromSymlink($file); + if ($versions != []) { + list($major, $minor) = $versions; + break; } } + // Use glibc's header file to // get major and minor version number: - if (!($major && $minor) && - @file_exists('/usr/include/features.h') && - @is_readable('/usr/include/features.h')) { - if (!@file_exists('/usr/bin/cpp') || !@is_executable('/usr/bin/cpp')) { - $features_file = fopen('/usr/include/features.h', 'rb'); - while (!feof($features_file)) { - $line = fgets($features_file, 8192); - if (!$line || (strpos($line, '#define') === false)) { - continue; - } - if (strpos($line, '__GLIBC__')) { - // major version number #define __GLIBC__ version - $line = preg_split('/\s+/', $line); - $glibc_major = trim($line[2]); - if (isset($glibc_minor)) { - break; - } - continue; - } + if (!($major && $minor)) { + $versions = $this->_readGlibCVersionFromFeaturesHeaderFile(); + } + if (is_array($versions) && $versions != []) { + list($major, $minor) = $versions; + } - if (strpos($line, '__GLIBC_MINOR__')) { - // got the minor version number - // #define __GLIBC_MINOR__ version - $line = preg_split('/\s+/', $line); - $glibc_minor = trim($line[2]); - if (isset($glibc_major)) { - break; - } - continue; - } - } - fclose($features_file); - if (!isset($glibc_major) || !isset($glibc_minor)) { - return $glibc = ''; - } - return $glibc = 'glibc' . trim($glibc_major) . "." . trim($glibc_minor) ; - } // no cpp - - $tmpfile = System::mktemp("glibctest"); - $fp = fopen($tmpfile, "w"); - fwrite($fp, "#include \n__GLIBC__ __GLIBC_MINOR__\n"); - fclose($fp); - $cpp = popen("/usr/bin/cpp $tmpfile", "r"); - while ($line = fgets($cpp, 1024)) { - if ($line[0] == '#' || trim($line) == '') { - continue; + if (!($major && $minor)) { + return $glibc = ''; + } + + return $glibc = "glibc{$major}.{$minor}"; + } + + function _readGlibCVersionFromSymlink($file) + { + $versions = array(); + if (@is_link($file) + && (preg_match('/^libc-(.*)\.so$/', basename(readlink($file)), $matches)) + ) { + $versions = explode('.', $matches[1]); + } + return $versions; + } + + + function _readGlibCVersionFromFeaturesHeaderFile() + { + $features_header_file = '/usr/include/features.h'; + if (!(@file_exists($features_header_file) + && @is_readable($features_header_file)) + ) { + return array(); + } + if (!@file_exists('/usr/bin/cpp') || !@is_executable('/usr/bin/cpp')) { + return $this-_parseFeaturesHeaderFile($features_header_file); + } // no cpp + + return $this->_fromGlibCTest(); + } + + function _parseFeaturesHeaderFile($features_header_file) + { + $features_file = fopen($features_header_file, 'rb'); + while (!feof($features_file)) { + $line = fgets($features_file, 8192); + if (!$this->_IsADefinition($line)) { + continue; + } + if (strpos($line, '__GLIBC__')) { + // major version number #define __GLIBC__ version + $line = preg_split('/\s+/', $line); + $glibc_major = trim($line[2]); + if (isset($glibc_minor)) { + break; } + continue; + } - if (list($major, $minor) = explode(' ', trim($line))) { + if (strpos($line, '__GLIBC_MINOR__')) { + // got the minor version number + // #define __GLIBC_MINOR__ version + $line = preg_split('/\s+/', $line); + $glibc_minor = trim($line[2]); + if (isset($glibc_major)) { break; } } - pclose($cpp); - unlink($tmpfile); - } // features.h + } + fclose($features_file); + if (!isset($glibc_major) || !isset($glibc_minor)) { + return array(); + } + return array(trim($glibc_major), trim($glibc_minor)); + } - if (!($major && $minor)) { - return $glibc = ''; + function _IsADefinition($line) + { + if ($line === false) { + return false; } + return strpos(trim($line), '#define') !== false; + } - return $glibc = "glibc{$major}.{$minor}"; + function _fromGlibCTest() + { + $major = null; + $minor = null; + + $tmpfile = System::mktemp("glibctest"); + $fp = fopen($tmpfile, "w"); + fwrite($fp, "#include \n__GLIBC__ __GLIBC_MINOR__\n"); + fclose($fp); + $cpp = popen("/usr/bin/cpp $tmpfile", "r"); + while ($line = fgets($cpp, 1024)) { + if ($line[0] == '#' || trim($line) == '') { + continue; + } + + if (list($major, $minor) = explode(' ', trim($line))) { + break; + } + } + pclose($cpp); + unlink($tmpfile); + if ($major !== null && $minor !== null) { + return [$major, $minor]; + } } function getSignature() @@ -10899,12 +11177,16 @@ function _matchFragment($fragment, $value) { if (strcspn($fragment, '*?') < strlen($fragment)) { - $reg = '/^' . str_replace(array('*', '?', '/'), array('.*', '.', '\\/'), $fragment) . '\\z/'; + $expression = str_replace( + array('*', '?', '/'), + array('.*', '.', '\\/'), + $fragment + ); + $reg = '/^' . $expression . '\\z/'; return preg_match($reg, $value); } return ($fragment == '*' || !strcasecmp($fragment, $value)); } - } /* * Local Variables: @@ -10912,7 +11194,7 @@ * c-basic-offset: 4 * End: */ -PEAR-1.10.12/PEAR/ChannelFile/Parser.php0000644000175000017500000000325413647111106017123 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -10978,7 +11260,7 @@ $ret->setPackagefile($file, $archive); return $ret; } -}PEAR-1.10.12/PEAR/Command/Auth.xml0000644000175000017500000000231413647111106016003 0ustar ashnazgashnazg +}PEAR-1.10.13/PEAR/Command/Auth.xml0000644000175000017500000000231414104576430016010 0ustar ashnazgashnazg Connects and authenticates to remote server [Deprecated in favor of channel-login] doLogin @@ -11007,7 +11289,7 @@ connect to the remote server, it only deletes the stored username and password from your user configuration. -PEAR-1.10.12/PEAR/Command/Auth.php0000644000175000017500000000501313647111106015771 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Auth.php0000644000175000017500000000501314104576430015776 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 * @deprecated since 1.8.0alpha1 @@ -11087,7 +11369,7 @@ parent::__construct($ui, $config); } } -PEAR-1.10.12/PEAR/Command/Build.xml0000644000175000017500000000060413647111106016141 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Build.xml0000644000175000017500000000060414104576430016146 0ustar ashnazgashnazg Build an Extension From C Source doBuild @@ -11101,7 +11383,7 @@ [package.xml] Builds one or more extensions contained in a package. -PEAR-1.10.12/PEAR/Command/Build.php0000644000175000017500000000512313647111106016131 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Build.php0000644000175000017500000000512314104576430016136 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -11192,7 +11474,7 @@ } } } -PEAR-1.10.12/PEAR/Command/Channels.xml0000644000175000017500000001017213647111106016636 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Channels.xml0000644000175000017500000001017214104576430016643 0ustar ashnazgashnazg List Available Channels doList @@ -11314,7 +11596,7 @@ remote server, it only deletes the stored username and password from your user configuration. -PEAR-1.10.12/PEAR/Command/Channels.php0000644000175000017500000010124513647111106016627 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Channels.php0000644000175000017500000010124514104576430016634 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -12196,7 +12478,7 @@ return true; } } -PEAR-1.10.12/PEAR/Command/Common.php0000644000175000017500000002002613647111106016321 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -12468,7 +12750,7 @@ return $this->$func($command, $options, $params); } } -PEAR-1.10.12/PEAR/Command/Config.xml0000644000175000017500000000646613647111106016323 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Config.xml0000644000175000017500000000646614104576430016330 0ustar ashnazgashnazg Show All Settings doConfigShow @@ -12559,7 +12841,7 @@ and uninstall). -PEAR-1.10.12/PEAR/Command/Config.php0000644000175000017500000003615313647111106016306 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Config.php0000644000175000017500000003615314104576430016313 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -12973,7 +13255,7 @@ return false; } } -PEAR-1.10.12/PEAR/Command/Install.xml0000644000175000017500000002076313647111106016520 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Install.xml0000644000175000017500000002076314104576430016525 0ustar ashnazgashnazg Install Package doInstall @@ -13252,7 +13534,7 @@ Run post-installation scripts in package <package>, if any exist. -PEAR-1.10.12/PEAR/Command/Install.php0000644000175000017500000014347313647111106016513 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Install.php0000644000175000017500000014347314104576430016520 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -14525,7 +14807,7 @@ return $ret; } } -PEAR-1.10.12/PEAR/Command/Mirror.xml0000644000175000017500000000115113647111106016352 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Mirror.xml0000644000175000017500000000115114104576430016357 0ustar ashnazgashnazg Downloads each available package from the default channel doDownloadAll @@ -14542,7 +14824,7 @@ and downloads them to current working directory. Note: only packages within preferred_state ({config preferred_state}) will be downloaded -PEAR-1.10.12/PEAR/Command/Mirror.php0000644000175000017500000001063613647111106016351 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Mirror.php0000644000175000017500000001063614104576430016356 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.2.0 */ @@ -14680,7 +14962,7 @@ return true; } } -PEAR-1.10.12/PEAR/Command/Package.xml0000644000175000017500000001606613647111106016446 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Package.xml0000644000175000017500000001606614104576430016453 0ustar ashnazgashnazg Build Package doPackage @@ -14916,7 +15198,7 @@ used for automated conversion or learning the format. -PEAR-1.10.12/PEAR/Command/Package.php0000644000175000017500000011633413647111106016434 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Package.php0000644000175000017500000011633414104576430016441 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Pickle.xml0000644000175000017500000000223314104576430016316 0ustar ashnazgashnazg Build PECL Package doPackage @@ -16073,7 +16355,7 @@ generate both package.xml. -PEAR-1.10.12/PEAR/Command/Pickle.php0000644000175000017500000003702713647111106016311 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Pickle.php0000644000175000017500000003702714104576430016316 0ustar ashnazgashnazg * @copyright 2005-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.1 */ @@ -16493,7 +16775,7 @@ $gen->toPackageFile('.'); } } -PEAR-1.10.12/PEAR/Command/Registry.xml0000644000175000017500000000337613647111106016723 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Registry.xml0000644000175000017500000000337614104576430016730 0ustar ashnazgashnazg List Installed Packages In The Default Channel doList @@ -16550,7 +16832,7 @@ local package file, an URL to a package file, or the name of an installed package. -PEAR-1.10.12/PEAR/Command/Registry.php0000644000175000017500000013231513647111106016706 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Registry.php0000644000175000017500000013231514104576430016713 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -17695,7 +17977,7 @@ $this->ui->outputData($data, 'package-info'); } } -PEAR-1.10.12/PEAR/Command/Remote.xml0000644000175000017500000000635713647111106016350 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Remote.xml0000644000175000017500000000635714104576430016355 0ustar ashnazgashnazg Information About Remote Packages doRemoteInfo @@ -17803,7 +18085,7 @@ parameter. -PEAR-1.10.12/PEAR/Command/Remote.php0000644000175000017500000007244213647111106016335 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Remote.php0000644000175000017500000007244214104576430016342 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -18612,7 +18894,7 @@ return $num; } } -PEAR-1.10.12/PEAR/Command/Test.xml0000644000175000017500000000315113647111106016021 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Command/Test.xml0000644000175000017500000000315114104576430016026 0ustar ashnazgashnazg Run Regression Tests doRunTests @@ -18665,7 +18947,7 @@ [testfile|dir ...] Run regression tests with PHP's regression testing script (run-tests.php). -PEAR-1.10.12/PEAR/Command/Test.php0000644000175000017500000002755013647111106016021 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Command/Test.php0000644000175000017500000002755014104576430016026 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -19008,7 +19290,7 @@ return $this->raiseError('Some tests failed'); } } -PEAR-1.10.12/PEAR/Downloader/Package.php0000644000175000017500000022465713647111106017164 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -20989,7 +21271,7 @@ return $info; } } -PEAR-1.10.12/PEAR/Frontend/CLI.php0000644000175000017500000006211513647111106015706 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -21739,7 +22021,7 @@ print $text; } } -PEAR-1.10.12/PEAR/Installer/Role/Common.php0000644000175000017500000001410713647111106017604 0ustar ashnazgashnazg * @copyright 1997-2006 The PHP Group * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -21912,7 +22194,7 @@ } } ?> -PEAR-1.10.12/PEAR/Installer/Role/Cfg.xml0000644000175000017500000000064513647111106017066 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Installer/Role/Cfg.xml0000644000175000017500000000064514104576430017073 0ustar ashnazgashnazg php extsrc extbin @@ -21926,7 +22208,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Cfg.php0000644000175000017500000000757713647111106017070 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Cfg.php0000644000175000017500000000757714104576430017075 0ustar ashnazgashnazg * @copyright 2007-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.7.0 */ @@ -22030,7 +22312,7 @@ return $test; } -}PEAR-1.10.12/PEAR/Installer/Role/Data.xml0000644000175000017500000000062213647111106017233 0ustar ashnazgashnazg +}PEAR-1.10.13/PEAR/Installer/Role/Data.xml0000644000175000017500000000062214104576430017240 0ustar ashnazgashnazg php extsrc extbin @@ -22044,7 +22326,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Data.php0000644000175000017500000000141713647111106017225 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Data.php0000644000175000017500000000141714104576430017232 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Data extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.12/PEAR/Installer/Role/Doc.xml0000644000175000017500000000062113647111106017066 0ustar ashnazgashnazg +?>PEAR-1.10.13/PEAR/Installer/Role/Doc.xml0000644000175000017500000000062114104576430017073 0ustar ashnazgashnazg php extsrc extbin @@ -22084,7 +22366,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Doc.php0000644000175000017500000000141513647111106017057 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Doc.php0000644000175000017500000000141514104576430017064 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Doc extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.12/PEAR/Installer/Role/Ext.xml0000644000175000017500000000050213647111106017117 0ustar ashnazgashnazg +?>PEAR-1.10.13/PEAR/Installer/Role/Ext.xml0000644000175000017500000000050214104576430017124 0ustar ashnazgashnazg extbin zendextbin 1 @@ -22121,7 +22403,7 @@ 1 -PEAR-1.10.12/PEAR/Installer/Role/Ext.php0000644000175000017500000000141513647111106017112 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Ext.php0000644000175000017500000000141514104576430017117 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Ext extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.12/PEAR/Installer/Role/Man.xml0000644000175000017500000000064513647111106017102 0ustar ashnazgashnazg +?>PEAR-1.10.13/PEAR/Installer/Role/Man.xml0000644000175000017500000000064514104576430017107 0ustar ashnazgashnazg php extsrc extbin @@ -22162,7 +22444,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Man.php0000644000175000017500000000144513647111106017070 0ustar ashnazgashnazg * @copyright 2011 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.10.0 */ class PEAR_Installer_Role_Man extends PEAR_Installer_Role_Common {} ?> -PEAR-1.10.12/PEAR/Installer/Role/Php.xml0000644000175000017500000000065513647111106017117 0ustar ashnazgashnazg +PEAR-1.10.13/PEAR/Installer/Role/Php.xml0000644000175000017500000000065514104576430017124 0ustar ashnazgashnazg php extsrc extbin @@ -22204,7 +22486,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Php.php0000644000175000017500000000141513647111106017101 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Php.php0000644000175000017500000000141514104576430017106 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Php extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.12/PEAR/Installer/Role/Script.xml0000644000175000017500000000066013647111106017630 0ustar ashnazgashnazg +?>PEAR-1.10.13/PEAR/Installer/Role/Script.xml0000644000175000017500000000066014104576430017635 0ustar ashnazgashnazg php extsrc extbin @@ -22244,7 +22526,7 @@ 1 -PEAR-1.10.12/PEAR/Installer/Role/Script.php0000644000175000017500000000142313647111106017615 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Script.php0000644000175000017500000000142314104576430017622 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Script extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.12/PEAR/Installer/Role/Src.xml0000644000175000017500000000044213647111106017111 0ustar ashnazgashnazg +?>PEAR-1.10.13/PEAR/Installer/Role/Src.xml0000644000175000017500000000044214104576430017116 0ustar ashnazgashnazg extsrc zendextsrc 1 @@ -22281,7 +22563,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Src.php0000644000175000017500000000156213647111106017104 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Src.php0000644000175000017500000000156214104576430017111 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -22313,7 +22595,7 @@ $installer->source_files++; } } -?>PEAR-1.10.12/PEAR/Installer/Role/Test.xml0000644000175000017500000000062213647111106017301 0ustar ashnazgashnazg +?>PEAR-1.10.13/PEAR/Installer/Role/Test.xml0000644000175000017500000000062214104576430017306 0ustar ashnazgashnazg php extsrc extbin @@ -22327,7 +22609,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Test.php0000644000175000017500000000141713647111106017273 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Test.php0000644000175000017500000000141714104576430017300 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ class PEAR_Installer_Role_Test extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.12/PEAR/Installer/Role/Www.xml0000644000175000017500000000064413647111106017152 0ustar ashnazgashnazg +?>PEAR-1.10.13/PEAR/Installer/Role/Www.xml0000644000175000017500000000064414104576430017157 0ustar ashnazgashnazg php extsrc extbin @@ -22367,7 +22649,7 @@ -PEAR-1.10.12/PEAR/Installer/Role/Www.php0000644000175000017500000000141113647111106017132 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role/Www.php0000644000175000017500000000141114104576430017137 0ustar ashnazgashnazg * @copyright 2007-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.7.0 */ class PEAR_Installer_Role_Www extends PEAR_Installer_Role_Common {} -?>PEAR-1.10.12/PEAR/Installer/Role.php0000644000175000017500000001727413647111106016364 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Installer/Role.php0000644000175000017500000001727414104576430016371 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -22658,7 +22940,7 @@ PEAR_Installer_Role::getValidRoles('****', true); return true; } -}PEAR-1.10.12/PEAR/PackageFile/Generator/v1.php0000644000175000017500000014226113647111106020130 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -22705,7 +22987,7 @@ function getPackagerVersion() { - return '1.10.12'; + return '1.10.13'; } /** @@ -22856,7 +23138,7 @@ ); $ret = "\n"; $ret .= "\n"; - $ret .= "\n" . + $ret .= "\n" . " $pkginfo[package]"; if (isset($pkginfo['extends'])) { $ret .= "\n$pkginfo[extends]"; @@ -23944,7 +24226,7 @@ } } ?> -PEAR-1.10.12/PEAR/PackageFile/Generator/v2.php0000644000175000017500000010071113647111106020123 0ustar ashnazgashnazgoptions['beautifyFilelist'] = true; } - $arr['attribs']['packagerversion'] = '1.10.12'; + $arr['attribs']['packagerversion'] = '1.10.13'; if ($this->serialize($arr, $options)) { return $this->_serializedData . "\n"; } @@ -24830,7 +25112,7 @@ return $tag; } } -PEAR-1.10.12/PEAR/PackageFile/Parser/v1.php0000644000175000017500000004020713647111106017433 0ustar ashnazgashnazgPEAR-1.10.12/PEAR/PackageFile/Parser/v2.php0000644000175000017500000000611013647111106017427 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/PackageFile/Parser/v2.php0000644000175000017500000000611014104576430017434 0ustar ashnazgashnazgsetPackagefile($file, $archive); return $ret; } -}PEAR-1.10.12/PEAR/PackageFile/v2/rw.php0000644000175000017500000017313713647111106016641 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a8 */ @@ -27000,7 +27282,7 @@ { unset($this->_packageInfo['changelog']); } -}PEAR-1.10.12/PEAR/PackageFile/v2/Validator.php0000644000175000017500000024620013647111106020126 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a8 * @access private @@ -27113,8 +27395,8 @@ isset($test['dependencies']['required']) && isset($test['dependencies']['required']['pearinstaller']) && isset($test['dependencies']['required']['pearinstaller']['min']) && - '1.10.12' != '@package' . '_version@' && - version_compare('1.10.12', + '1.10.13' != '@package' . '_version@' && + version_compare('1.10.13', $test['dependencies']['required']['pearinstaller']['min'], '<') ) { $this->_pearVersionTooLow($test['dependencies']['required']['pearinstaller']['min']); @@ -28352,7 +28634,7 @@ $this->_stack->push(__FUNCTION__, 'error', array('version' => $version), 'This package.xml requires PEAR version %version% to parse properly, we are ' . - 'version 1.10.12'); + 'version 1.10.13'); } function _invalidTagOrder($oktags, $actual, $root) @@ -29135,7 +29417,7 @@ return $providesret; } } -PEAR-1.10.12/PEAR/PackageFile/v1.php0000644000175000017500000014266313647111106016210 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -30737,7 +31019,7 @@ // }}} } ?> -PEAR-1.10.12/PEAR/PackageFile/v2.php0000644000175000017500000021050013647111106016173 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -32796,7 +33078,7 @@ } } ?> -PEAR-1.10.12/PEAR/REST/10.php0000644000175000017500000007762113647111106014525 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a12 */ @@ -33666,7 +33948,7 @@ } } } -PEAR-1.10.12/PEAR/REST/11.php0000644000175000017500000002575113647111106014523 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.3 */ @@ -34006,7 +34288,7 @@ } } ?> -PEAR-1.10.12/PEAR/REST/13.php0000644000175000017500000003542713647111106014526 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a12 */ @@ -34401,7 +34683,7 @@ return $ret; } -}PEAR-1.10.12/PEAR/Task/Postinstallscript/rw.php0000644000175000017500000001403413647111106020610 0ustar ashnazgashnazg - read/write version * @@ -34426,7 +34708,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -34583,7 +34865,7 @@ ); } } -PEAR-1.10.12/PEAR/Task/Replace/rw.php0000644000175000017500000000302713647111106016422 0ustar ashnazgashnazg - read/write version * @@ -34608,7 +34890,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -34642,7 +34924,7 @@ return $this->_params; } } -PEAR-1.10.12/PEAR/Task/Unixeol/rw.php0000644000175000017500000000243413647111106016473 0ustar ashnazgashnazg - read/write version * @@ -34667,7 +34949,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -34697,7 +34979,7 @@ } } ?> -PEAR-1.10.12/PEAR/Task/Windowseol/rw.php0000644000175000017500000000245113647111106017201 0ustar ashnazgashnazg - read/write version * @@ -34723,7 +35005,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a10 */ @@ -34753,7 +35035,7 @@ } } ?> -PEAR-1.10.12/PEAR/Task/Common.php0000644000175000017500000001403713647111106015652 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 * @abstract @@ -34960,7 +35242,7 @@ return PEAR::raiseError($msg, $code); } } -PEAR-1.10.12/PEAR/Task/Postinstallscript.php0000644000175000017500000003457013647111106020167 0ustar ashnazgashnazg * @@ -34989,7 +35271,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35310,7 +35592,7 @@ { } } -PEAR-1.10.12/PEAR/Task/Replace.php0000644000175000017500000001537113647111106015777 0ustar ashnazgashnazg * @@ -35335,7 +35617,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35496,7 +35778,7 @@ return $contents; } } -PEAR-1.10.12/PEAR/Task/Unixeol.php0000644000175000017500000000437713647111106016053 0ustar ashnazgashnazg * @@ -35521,7 +35803,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35575,7 +35857,7 @@ return preg_replace("/\r\n|\n\r|\r|\n/", "\n", $contents); } } -PEAR-1.10.12/PEAR/Task/Windowseol.php0000644000175000017500000000436313647111106016555 0ustar ashnazgashnazg * @@ -35601,7 +35883,7 @@ * @author Greg Beaver * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -35655,7 +35937,7 @@ return preg_replace("/\r\n|\n\r|\r|\n/", "\r\n", $contents); } } -PEAR-1.10.12/PEAR/Validator/PECL.php0000644000175000017500000000407113647111106016165 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a5 */ @@ -35716,7 +35998,7 @@ return $ret; } } -?>PEAR-1.10.12/PEAR/Builder.php0000644000175000017500000004477213647111106015117 0ustar ashnazgashnazgPEAR-1.10.13/PEAR/Builder.php0000664000175000017500000004477314104576430015127 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since PHP 4.0.2 * @see http://pear.php.net/manual/en/core.ppm.pear-builder.php @@ -35909,7 +36191,7 @@ // msdev doesn't tell us the output directory :/ // open the dsp, find /out and use that directory - $dsptext = join(file($dsp),''); + $dsptext = join('', file($dsp)); // this regex depends on the build platform and type having been // correctly identified above. @@ -36163,7 +36445,7 @@ if (!file_exists($build_dir) || !is_dir($build_dir) || !chdir($build_dir)) { return $this->raiseError("could not chdir to $build_dir"); } - putenv('PHP_PEAR_VERSION=1.10.12'); + putenv('PHP_PEAR_VERSION=1.10.13'); foreach ($to_run as $cmd) { $err = $this->_runCommand($cmd, $callback); if (PEAR::isError($err)) { @@ -36275,7 +36557,7 @@ return parent::log($level, $msg, $append_crlf); } } -PEAR-1.10.12/PEAR/ChannelFile.php0000644000175000017500000014323413647111106015672 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -37835,7 +38117,7 @@ return time(); } } -PEAR-1.10.12/PEAR/Command.php0000644000175000017500000003021313647111106015070 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -38223,7 +38505,7 @@ return false; } // }}} -}PEAR-1.10.12/PEAR/Common.php0000644000175000017500000006354213647111106014755 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 * @deprecated This class will disappear, and its components will be spread @@ -39061,7 +39343,7 @@ require_once 'PEAR/Config.php'; require_once 'PEAR/PackageFile.php'; -PEAR-1.10.12/PEAR/Config.php0000644000175000017500000020755113647111106014732 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -41192,7 +41474,7 @@ } } } -PEAR-1.10.12/PEAR/DependencyDB.php0000644000175000017500000005707013647111106016010 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -41695,8 +41977,9 @@ } if (!is_resource($this->_lockFp)) { + $last_errormsg = error_get_last(); return PEAR::raiseError("could not create Dependency lock file" . - (isset($php_errormsg) ? ": " . $php_errormsg : "")); + (isset($last_errormsg) ? ": " . $last_errormsg : "")); } if (!(int)flock($this->_lockFp, $mode)) { @@ -41958,7 +42241,7 @@ } } } -PEAR-1.10.12/PEAR/Dependency2.php0000644000175000017500000014241613647111106015663 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -42500,7 +42783,7 @@ */ function getPEARVersion() { - return '1.10.12'; + return '1.10.13'; } function validatePearinstallerDependency($dep) @@ -43315,7 +43598,7 @@ $this->_currentPackage, true))); } } -PEAR-1.10.12/PEAR/Downloader.php0000644000175000017500000020070013647111106015610 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.3.0 */ @@ -44167,7 +44450,7 @@ !($base = $chan->getBaseURL('REST1.0', $preferred_mirror)) ) ) { - return $this->raiseError($parr['channel'] . ' is using a unsupported protocol - This should never happen.'); + return $this->raiseError($parr['channel'] . ' is using an unsupported protocol - This should never happen. Use --force to continue'); } if ($base2) { @@ -44953,7 +45236,7 @@ } $request .= $ifmodifiedsince . - "User-Agent: PEAR/1.10.12/PHP/" . PHP_VERSION . "\r\n"; + "User-Agent: PEAR/1.10.13/PHP/" . PHP_VERSION . "\r\n"; if ($object !== null) { // only pass in authentication for non-static calls $username = $config->get('username', null, $channel); @@ -45082,7 +45365,7 @@ return $dest_file; } } -PEAR-1.10.12/PEAR/ErrorStack.php0000644000175000017500000010201413647111106015570 0ustar ashnazgashnazg * @author Greg Beaver - * @version 1.10.12 + * @version 1.10.13 * @package PEAR_ErrorStack * @category Debugging * @copyright 2004-2008 Greg Beaver @@ -46061,7 +46344,7 @@ $stack = &PEAR_ErrorStack::singleton('PEAR_ErrorStack'); $stack->pushCallback(array('PEAR_ErrorStack', '_handleError')); ?> -PEAR-1.10.12/PEAR/Exception.php0000644000175000017500000003315513647111106015460 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.3.3 * @@ -46448,7 +46731,7 @@ } return $causeMsg . $this->getTraceAsString(); } -}PEAR-1.10.12/PEAR/Frontend.php0000644000175000017500000001477213647111106015305 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -46671,7 +46954,7 @@ { } } -PEAR-1.10.12/PEAR/Installer.php0000644000175000017500000021066613647111106015463 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -48478,7 +48761,7 @@ // }}} } -PEAR-1.10.12/PEAR/PackageFile.php0000644000175000017500000003674613647111106015666 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -48969,7 +49252,7 @@ return $info; } } -PEAR-1.10.12/PEAR/Packager.php0000644000175000017500000001704013647111106015232 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 0.1 */ @@ -49168,7 +49451,7 @@ return $dest_package; } -}PEAR-1.10.12/PEAR/Proxy.php0000644000175000017500000001302213647111106014632 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -50141,7 +50424,8 @@ $fp = @fopen($this->filemap, 'r'); if (!$fp) { - return $this->raiseError('PEAR_Registry: could not open filemap "' . $this->filemap . '"', PEAR_REGISTRY_ERROR_FILE, null, null, $php_errormsg); + $last_errormsg = error_get_last(); + return $this->raiseError('PEAR_Registry: could not open filemap "' . $this->filemap . '"', PEAR_REGISTRY_ERROR_FILE, null, null, $last_errormsg); } clearstatcache(); @@ -51748,7 +52032,7 @@ return $ret; } } -PEAR-1.10.12/PEAR/REST.php0000644000175000017500000004050513647111106014274 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -52133,7 +52417,7 @@ } $request .= $ifmodifiedsince . - "User-Agent: PEAR/1.10.12/PHP/" . PHP_VERSION . "\r\n"; + "User-Agent: PEAR/1.10.13/PHP/" . PHP_VERSION . "\r\n"; $username = $this->config->get('username', null, $channel); $password = $this->config->get('password', null, $channel); @@ -52222,7 +52506,7 @@ return $data; } } -PEAR-1.10.12/PEAR/RunTest.php0000644000175000017500000010622313647111106015123 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.3.3 */ @@ -53194,7 +53478,7 @@ } } } -PEAR-1.10.12/PEAR/Validate.php0000644000175000017500000005276513647111106015263 0ustar ashnazgashnazg * @copyright 1997-2009 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version Release: 1.10.12 + * @version Release: 1.10.13 * @link http://pear.php.net/package/PEAR * @since Class available since Release 1.4.0a1 */ @@ -53818,7 +54102,7 @@ { return true; } -}PEAR-1.10.12/PEAR/XMLParser.php0000644000175000017500000001537713647111106015345 0ustar ashnazgashnazg_dataStack[$this->_depth] .= $cdata; } -}PEAR-1.10.12/scripts/pear.bat0000755000175000017500000001036113647111106015365 0ustar ashnazgashnazg@ECHO OFF +}PEAR-1.10.13/scripts/pear.bat0000755000175000017500000001036114104576430015372 0ustar ashnazgashnazg@ECHO OFF REM ---------------------------------------------------------------------- REM PHP version 5 @@ -54174,7 +54458,7 @@ :RUN "%PHP_PEAR_PHP_BIN%" -C -d date.timezone=UTC -d output_buffering=1 -d safe_mode=0 -d open_basedir="" -d auto_prepend_file="" -d auto_append_file="" -d variables_order=EGPCS -d register_argc_argv="On" -d "include_path='%PHP_PEAR_INSTALL_DIR%'" -f "%PHP_PEAR_INSTALL_DIR%\pearcmd.php" -- %1 %2 %3 %4 %5 %6 %7 %8 %9 :END -@ECHO ONPEAR-1.10.12/scripts/peardev.bat0000644000175000017500000001113713647111106016063 0ustar ashnazgashnazg@ECHO OFF +@ECHO ONPEAR-1.10.13/scripts/peardev.bat0000644000175000017500000001113714104576430016070 0ustar ashnazgashnazg@ECHO OFF REM ---------------------------------------------------------------------- REM PHP version 5 @@ -54288,7 +54572,7 @@ :RUN "%PHP_PEAR_PHP_BIN%" -C -d date.timezone=UTC -d memory_limit="-1" -d safe_mode=0 -d register_argc_argv="On" -d auto_prepend_file="" -d auto_append_file="" -d variables_order=EGPCS -d open_basedir="" -d output_buffering=1 -d "include_path='%PHP_PEAR_INSTALL_DIR%'" -f "%PHP_PEAR_INSTALL_DIR%\pearcmd.php" -- %1 %2 %3 %4 %5 %6 %7 %8 %9 :END -@ECHO ONPEAR-1.10.12/scripts/pecl.bat0000644000175000017500000001103013647111106015350 0ustar ashnazgashnazg@ECHO OFF +@ECHO ONPEAR-1.10.13/scripts/pecl.bat0000644000175000017500000001103014104576430015355 0ustar ashnazgashnazg@ECHO OFF REM ---------------------------------------------------------------------- REM PHP version 5 @@ -54402,7 +54686,7 @@ :RUN "%PHP_PEAR_PHP_BIN%" -C -n -d date.timezone=UTC -d output_buffering=1 -d safe_mode=0 -d "include_path='%PHP_PEAR_INSTALL_DIR%'" -d register_argc_argv="On" -d variables_order=EGPCS -f "%PHP_PEAR_INSTALL_DIR%\peclcmd.php" -- %1 %2 %3 %4 %5 %6 %7 %8 %9 :END -@ECHO ONPEAR-1.10.12/scripts/pear.sh0000755000175000017500000000140413647111106015227 0ustar ashnazgashnazg#!/bin/sh +@ECHO ONPEAR-1.10.13/scripts/pear.sh0000755000175000017500000000140414104576430015234 0ustar ashnazgashnazg#!/bin/sh # first find which PHP binary to use if test "x$PHP_PEAR_PHP_BIN" != "x"; then @@ -54430,7 +54714,7 @@ fi exec $PHP -C -q $INCARG -d date.timezone=UTC -d output_buffering=1 -d variables_order=EGPCS -d open_basedir="" -d safe_mode=0 -d register_argc_argv="On" -d auto_prepend_file="" -d auto_append_file="" $INCDIR/pearcmd.php "$@" -PEAR-1.10.12/scripts/peardev.sh0000755000175000017500000000143113647111106015726 0ustar ashnazgashnazg#!/bin/sh +PEAR-1.10.13/scripts/peardev.sh0000755000175000017500000000143114104576430015733 0ustar ashnazgashnazg#!/bin/sh # first find which PHP binary to use if test "x$PHP_PEAR_PHP_BIN" != "x"; then @@ -54458,7 +54742,7 @@ fi exec $PHP -d date.timezone=UTC -d memory_limit="-1" -C -q $INCARG -d output_buffering=1 -d open_basedir="" -d safe_mode=0 -d register_argc_argv="On" -d auto_prepend_file="" -d variables_order=EGPCS -d auto_append_file="" $INCDIR/pearcmd.php "$@" -PEAR-1.10.12/scripts/pecl.sh0000755000175000017500000000130213647111106015220 0ustar ashnazgashnazg#!/bin/sh +PEAR-1.10.13/scripts/pecl.sh0000755000175000017500000000130214104576430015225 0ustar ashnazgashnazg#!/bin/sh # first find which PHP binary to use if test "x$PHP_PEAR_PHP_BIN" != "x"; then @@ -54486,7 +54770,7 @@ fi exec $PHP -C -q $INCARG -d date.timezone=UTC -d output_buffering=1 -d variables_order=EGPCS -d safe_mode=0 -d register_argc_argv="On" $INCDIR/peclcmd.php "$@" -PEAR-1.10.12/scripts/pearcmd.php0000644000175000017500000003541113647111106016072 0ustar ashnazgashnazg -PEAR-1.10.12/LICENSE0000644000175000017500000000270513647111106013264 0ustar ashnazgashnazgCopyright (c) 1997-2009, +PEAR-1.10.13/LICENSE0000644000175000017500000000270514104576430013271 0ustar ashnazgashnazgCopyright (c) 1997-2009, Stig Bakken , Gregory Beaver , Helgi Þormar Þorbjörnsson , @@ -55051,7 +55328,7 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -PEAR-1.10.12/INSTALL0000644000175000017500000000417013647111106013306 0ustar ashnazgashnazgPEAR - The PEAR Installer +PEAR-1.10.13/INSTALL0000644000175000017500000000417014104576430013313 0ustar ashnazgashnazgPEAR - The PEAR Installer ========================= Installing the PEAR Installer. @@ -55103,7 +55380,7 @@ related issues. Happy PHPing, we hope PEAR will be a great tool for your development work! -PEAR-1.10.12/package.dtd0000644000175000017500000000647713647111106014361 0ustar ashnazgashnazg