X-Git-Url: https://git.tld-linux.org/?a=blobdiff_plain;ds=inline;f=suhosin.patch;h=378a4e45e429458180c8b8927b02ea7bc2618c78;hb=30149e8140d7063ad08ec22e1148e2f3926deb27;hp=84315555550848be8dce3444790abea196904712;hpb=47130bb86ff82df6ba9ec83597ffeacabc1d888a;p=packages%2Fphp.git
diff --git a/suhosin.patch b/suhosin.patch
index 8431555..378a4e4 100644
--- a/suhosin.patch
+++ b/suhosin.patch
@@ -9,16 +9,16 @@ the following modifications have been made:
* removed changes to ./configure & ./main/php_config.h.in since those
files are autogenerated
* "quilt refresh" has been run to clean up the offsets, etc
- * chunk adjusted for PLD Logo patch
---- a/Zend/Makefile.am
-+++ b/Zend/Makefile.am
-@@ -17,7 +17,8 @@ libZend_la_SOURCES=\
- zend_objects_API.c zend_ts_hash.c zend_stream.c \
+ * logo patch disabled (needs porting to DATA_URIs)
+ * expose php disabled (unref symbols)
+--- php-5.5.0alpha1/Zend/Makefile.am~ 2012-11-13 22:00:16.000000000 +0200
++++ php-5.5.0alpha1/Zend/Makefile.am 2012-11-17 13:37:04.263279745 +0200
+@@ -18,7 +18,7 @@
zend_default_classes.c \
zend_iterators.c zend_interfaces.c zend_exceptions.c \
-- zend_strtod.c zend_closures.c zend_float.c zend_string.c zend_signal.c
-+ zend_strtod.c zend_closures.c zend_float.c zend_string.c zend_signal.c \
-+ zend_canary.c zend_alloc_canary.c
+ zend_strtod.c zend_closures.c zend_float.c zend_string.c zend_signal.c \
+- zend_generators.c
++ zend_generators.c zend_canary.c zend_alloc_canary.c
libZend_la_LDFLAGS =
libZend_la_LIBADD = @ZEND_EXTRA_LIBS@
@@ -3833,8 +3833,8 @@ the following modifications have been made:
#endif /* ZEND_ERRORS_H */
/*
---- a/Zend/zend_hash.c
-+++ b/Zend/zend_hash.c
+--- php-5.5.0/Zend/zend_hash.c~ 2013-06-20 23:57:44.000000000 +0300
++++ php-5.5.0/Zend/zend_hash.c 2013-06-20 23:58:38.383348644 +0300
@@ -21,6 +21,7 @@
#include "zend.h"
@@ -4075,10 +4075,10 @@ the following modifications have been made:
if (ht->pDestructor) {
ht->pDestructor(p->pData);
}
-@@ -527,6 +725,7 @@ ZEND_API int zend_hash_del_key_or_index(
- if (ht->pInternalPointer == p) {
+@@ -726,6 +726,7 @@
ht->pInternalPointer = p->pListNext;
}
+ ht->nNumOfElements--;
+ zend_hash_check_destructor(ht->pDestructor);
if (ht->pDestructor) {
ht->pDestructor(p->pData);
@@ -4447,8 +4447,8 @@ the following modifications have been made:
break;
case IS_ARRAY:
case IS_CONSTANT_ARRAY:
---- a/configure.in
-+++ b/configure.in
+--- php-5.5.0alpha1/configure.in~ 2012-11-17 13:36:25.000000000 +0200
++++ php-5.5.0alpha1/configure.in 2012-11-17 13:37:55.705648875 +0200
@@ -359,6 +359,7 @@ case $host_alias in
;;
esac
@@ -4457,21 +4457,22 @@ the following modifications have been made:
dnl Include Zend and TSRM configurations.
dnl -------------------------------------------------------------------------
-@@ -1440,7 +1441,7 @@ PHP_ADD_SOURCES(main, main.c snprintf.c
+@@ -1439,7 +1439,7 @@
php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
- network.c php_open_temporary_file.c php_logos.c \
+ network.c php_open_temporary_file.c \
- output.c getopt.c)
-+ output.c getopt.c suhosin_patch.c )
++ output.c getopt.c suhosin_patch.c)
PHP_ADD_SOURCES(main/streams, streams.c cast.c memory.c filter.c \
plain_wrapper.c userspace.c transports.c xp_socket.c mmap.c \
-@@ -1468,7 +1469,7 @@ PHP_ADD_SOURCES(Zend, \
+@@ -1467,7 +1467,8 @@
zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c zend_gc.c \
-- zend_closures.c zend_float.c zend_string.c zend_signal.c)
-+ zend_closures.c zend_float.c zend_string.c zend_signal.c zend_canary.c zend_alloc_canary.c )
+- zend_closures.c zend_float.c zend_string.c zend_signal.c zend_generators.c)
++ zend_closures.c zend_float.c zend_string.c zend_signal.c zend_generators.c \
++ zend_canary.c zend_alloc_canary.c)
if test -r "$abs_srcdir/Zend/zend_objects.c"; then
PHP_ADD_SOURCES(Zend, zend_objects.c zend_object_handlers.c zend_objects_API.c zend_default_classes.c)
@@ -4501,42 +4502,42 @@ the following modifications have been made:
return SUCCESS;
}
/* }}} */
---- a/ext/standard/info.c
-+++ b/ext/standard/info.c
-@@ -785,6 +785,33 @@ PHPAPI void php_print_info(int flag TSRM
-
- php_info_print_table_end();
-
-+ /* Suhosin Patch */
-+ php_info_print_box_start(0);
-+ if (expose_php && !sapi_module.phpinfo_as_text) {
-+ PUTS("\n");
-+ }
-+ PUTS("This server is protected with the Suhosin Patch ");
-+ if (sapi_module.phpinfo_as_text) {
-+ PUTS(SUHOSIN_PATCH_VERSION);
-+ } else {
-+ zend_html_puts(SUHOSIN_PATCH_VERSION, strlen(SUHOSIN_PATCH_VERSION) TSRMLS_CC);
-+ }
-+ PUTS(!sapi_module.phpinfo_as_text?"
":"\n");
-+ if (sapi_module.phpinfo_as_text) {
-+ PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
-+ PUTS("Copyright (c) 2007-2009 SektionEins GmbH\n");
-+ } else {
-+ PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
-+ PUTS("Copyright (c) 2007-2009 SektionEins GmbH\n");
-+ }
-+ php_info_print_box_end();
-+
- /* Zend Engine */
- php_info_print_box_start(0);
- if (expose_php && !sapi_module.phpinfo_as_text) {
+#--- a/ext/standard/info.c
+#+++ b/ext/standard/info.c
+#@@ -785,6 +785,33 @@ PHPAPI void php_print_info(int flag TSRM
+#
+# php_info_print_table_end();
+#
+#+ /* Suhosin Patch */
+#+ php_info_print_box_start(0);
+#+ if (expose_php && !sapi_module.phpinfo_as_text) {
+#+ PUTS("\n");
+#+ }
+#+ PUTS("This server is protected with the Suhosin Patch ");
+#+ if (sapi_module.phpinfo_as_text) {
+#+ PUTS(SUHOSIN_PATCH_VERSION);
+#+ } else {
+#+ zend_html_puts(SUHOSIN_PATCH_VERSION, strlen(SUHOSIN_PATCH_VERSION) TSRMLS_CC);
+#+ }
+#+ PUTS(!sapi_module.phpinfo_as_text?"
":"\n");
+#+ if (sapi_module.phpinfo_as_text) {
+#+ PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
+#+ PUTS("Copyright (c) 2007-2009 SektionEins GmbH\n");
+#+ } else {
+#+ PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
+#+ PUTS("Copyright (c) 2007-2009 SektionEins GmbH\n");
+#+ }
+#+ php_info_print_box_end();
+#+
+# /* Zend Engine */
+# php_info_print_box_start(0);
+# if (expose_php && !sapi_module.phpinfo_as_text) {
--- a/ext/standard/syslog.c
+++ b/ext/standard/syslog.c
@@ -40,6 +40,7 @@
@@ -4641,30 +4642,30 @@ the following modifications have been made:
#endif
/*
---- php-5.4.6/main/php_logos.c~ 2012-08-23 12:04:01.000000000 +0300
-+++ php-5.4.6/main/php_logos.c 2012-08-23 12:04:39.401608052 +0300
-@@ -50,6 +50,10 @@ PHPAPI int php_unregister_info_logo(char
- return zend_hash_del(&phpinfo_logo_hash, logo_string, strlen(logo_string));
- }
-
-+#if SUHOSIN_PATCH
-+#include "suhosin_logo.h"
-+#endif
-+
- int php_init_info_logos(void)
- {
- if(zend_hash_init(&phpinfo_logo_hash, 0, NULL, NULL, 1)==FAILURE)
-@@ -64,6 +64,10 @@
- php_register_info_logo(ZEND_LOGO_GUID , "image/gif", zend_logo , sizeof(zend_logo));
- php_register_info_logo(PLD_LOGO_GUID , "image/png", pld_logo , sizeof(pld_logo));
-
-+#if SUHOSIN_PATCH
-+ php_register_info_logo(SUHOSIN_LOGO_GUID, "image/jpeg", suhosin_logo , sizeof(suhosin_logo));
-+#endif
-+
- return SUCCESS;
- }
-
+#--- php-5.4.6/main/php_logos.c~ 2012-08-23 12:04:01.000000000 +0300
+#+++ php-5.4.6/main/php_logos.c 2012-08-23 12:04:39.401608052 +0300
+#@@ -50,6 +50,10 @@ PHPAPI int php_unregister_info_logo(char
+# return zend_hash_del(&phpinfo_logo_hash, logo_string, strlen(logo_string));
+# }
+#
+#+#if SUHOSIN_PATCH
+#+#include "suhosin_logo.h"
+#+#endif
+#+
+# int php_init_info_logos(void)
+# {
+# if(zend_hash_init(&phpinfo_logo_hash, 0, NULL, NULL, 1)==FAILURE)
+#@@ -64,6 +64,10 @@
+# php_register_info_logo(ZEND_LOGO_GUID , "image/gif", zend_logo , sizeof(zend_logo));
+# php_register_info_logo(PLD_LOGO_GUID , "image/png", pld_logo , sizeof(pld_logo));
+#
+#+#if SUHOSIN_PATCH
+#+ php_register_info_logo(SUHOSIN_LOGO_GUID, "image/jpeg", suhosin_logo , sizeof(suhosin_logo));
+#+#endif
+#+
+# return SUCCESS;
+# }
+#
--- a/main/snprintf.c
+++ b/main/snprintf.c
@@ -782,6 +782,10 @@ static int format_converter(register buf
@@ -5586,17 +5587,17 @@ the following modifications have been made:
}
+#if SUHOSIN_PATCH
#if ZEND_DEBUG
-- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
#else
-- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+#endif
+#else
+ #if ZEND_DEBUG
-+ php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ #else
-+ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ #endif
#endif
php_request_shutdown((void *) 0);
@@ -5608,35 +5609,35 @@ the following modifications have been made:
case 'v': /* show php version & quit */
+#if SUHOSIN_PATCH
-+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) %s\nCopyright (c) 1997-2013 The PHP Group\n%s",
++ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) %s\nCopyright (c) 1997-2014 The PHP Group\n%s",
+#else
- php_printf("PHP %s (%s) (built: %s %s) %s\nCopyright (c) 1997-2013 The PHP Group\n%s",
+ php_printf("PHP %s (%s) (built: %s %s) %s\nCopyright (c) 1997-2014 The PHP Group\n%s",
+#endif
PHP_VERSION, cli_sapi_module.name, __DATE__, __TIME__,
#if ZEND_DEBUG && defined(HAVE_GCOV)
"(DEBUG GCOV)",
---- php-5.4.8/sapi/litespeed/lsapi_main.c~ 2012-10-16 13:05:41.000000000 +0300
-+++ php-5.4.8/sapi/litespeed/lsapi_main.c 2012-11-09 09:30:54.304162453 +0200
-@@ -718,11 +718,19 @@
- break;
+--- php-5.5.15/sapi/litespeed/lsapi_main.c 2014-08-21 11:45:02.000000000 +0300
++++ php-5.5.15/sapi/litespeed/lsapi_main.c 2014-08-25 11:50:36.603155796 +0300
+@@ -734,11 +546,19 @@
case 'v':
if (php_request_startup(TSRMLS_C) != FAILURE) {
+#if SUHOSIN_PATCH
+#if ZEND_DEBUG
-+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+#else
-+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+#endif
+#else
#if ZEND_DEBUG
- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
#else
- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
#endif
+#endif
#ifdef PHP_OUTPUT_NEWAPI
php_output_end_all(TSRMLS_C);
#else
+ php_end_ob_buffers(1 TSRMLS_CC);
--- a/sapi/milter/php_milter.c
+++ b/sapi/milter/php_milter.c
@@ -1109,7 +1109,11 @@ int main(int argc, char *argv[])
@@ -5644,21 +5645,21 @@ the following modifications have been made:
SG(headers_sent) = 1;
SG(request_info).no_headers = 1;
+#if SUHOSIN_PATCH
-+ php_printf("PHP with Suhosin-Patch %s (%s) (built: %s %s)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP with Suhosin-Patch %s (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+#else
- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2013 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+#endif
php_output_teardown();
exit(1);
break;
---- a/win32/build/config.w32
-+++ b/win32/build/config.w32
-@@ -333,7 +333,7 @@ ADD_SOURCES("Zend", "zend_language_parse
+--- php-5.5.0alpha1/win32/build/config.w32~ 2012-11-17 13:39:12.000000000 +0200
++++ php-5.5.0alpha1/win32/build/config.w32 2012-11-17 13:48:11.720739542 +0200
+@@ -364,7 +364,7 @@
zend_stream.c zend_iterators.c zend_interfaces.c zend_objects.c \
zend_object_handlers.c zend_objects_API.c \
zend_default_classes.c zend_execute.c zend_strtod.c zend_gc.c zend_closures.c \
-- zend_float.c zend_string.c");
-+ zend_float.c zend_string.c zend_canary.c zend_alloc_canary.c");
+- zend_float.c zend_string.c zend_generators.c");
++ zend_float.c zend_string.c zend_generators.c zend_canary.c zend_alloc_canary.c");
if (VCVERS == 1200) {
AC_DEFINE('ZEND_DVAL_TO_LVAL_CAST_OK', 1);