php7.2: test latest patches from ubuntu

master
parent de893605f5
commit cb9105f6f3
  1. 691
      testing/php7.2/APKBUILD
  2. 20
      testing/php7.2/allow-build-recode-and-imap-together.patch
  3. 230
      testing/php7.2/disabled-tests.list
  4. 23
      testing/php7.2/fix-tests-devserver.patch
  5. 41
      testing/php7.2/includedir.patch
  6. 15
      testing/php7.2/install-pear.patch
  7. 79
      testing/php7.2/php7-fpm-version-suffix.patch
  8. 93
      testing/php7.2/php7.2-fpm.initd
  9. 13
      testing/php7.2/php7.2-fpm.logrotate
  10. 13
      testing/php7.2/php7.2-module.conf
  11. 11
      testing/php7.2/sharedir.patch
  12. 100
      testing/php7.2/u8-001-CVE-2020-7071-1.patch
  13. 112
      testing/php7.2/u8-002-CVE-2020-7071-2.patch
  14. 34
      testing/php7.2/u8-003-CVE-2020-7071-3.patch
  15. 181
      testing/php7.2/u8-004-CVE-2021-21702-1.patch
  16. 21
      testing/php7.2/u8-005-CVE-2021-21702-2.patch
  17. 30
      testing/php7.2/u8-006-CVE-2021-21704-1.patch
  18. 41
      testing/php7.2/u8-007-CVE-2021-21704-2.patch
  19. 36
      testing/php7.2/u8-008-CVE-2021-21704-3.patch
  20. 44
      testing/php7.2/u8-009-CVE-2021-21704-4.patch
  21. 50
      testing/php7.2/u8-010-CVE-2021-21705.patch
  22. 23
      testing/php7.2/u8-011-CVE-2021-21705-2.patch

@ -0,0 +1,691 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Valery Kartel <valery.kartel@gmail.com>
# Bundled libraries
#
# Name | License | Location | State
# ----------+---------+------------------------+---------
# bcmath | LGPL2 | ext/bcmath/libbcmath | used
# date | MIT | ext/date/lib | used
# gd | BSD | ext/gd/libgd | used
# file | BSD | ext/fileinfo/libmagic | used
# libmbfl | LGPLv2 | ext/mbstring/libmbfl | used
# oniguruma | BSD | ext/mbstring/oniguruma | used
# pcre | BSD | ext/pcre/pcrelib | not used
# sqlite3 | Public | ext/sqlite3/libsqlite | not used
# libzip | BSD | ext/zip/lib | not used
# libXMLRPC | BSD | ext/xmlrpc/libxmlrpc | used
# Static extensions
#
# Name | Reason
# ----------+--------------------------------------------
# zlib | https://bugs.alpinelinux.org/issues/8299
pkgname=php7.2
_pkgreal=php
pkgver=7.2.34
pkgrel=4
_apiver=20170718
_suffix=${pkgname#php}
_suffixA=7
# Is this package the default (latest) PHP version?
_default_php="no"
pkgdesc="The PHP$_suffix language runtime engine"
url="https://secure.php.net"
arch="all"
options="!check"
license="PHP-3.0 BSD LGPL-2.0 MIT Zend"
depends="$pkgname-common"
depends_dev="$pkgname=$pkgver-r$pkgrel autoconf pcre-dev"
# Most dependencies between extensions is auto-discovered (see _extension()).
_depends_mysqlnd="$pkgname-openssl"
_depends_pdo_mysql="$pkgname-pdo $pkgname-mysqlnd"
_depends_phar="$pkgname"
# openssl is actually transitive dependency here, but we need to because of
# load index based on number of dependencies.
_depends_mysqli="$pkgname-mysqlnd $pkgname-openssl"
makedepends="
autoconf
apache2-dev
aspell-dev
bison
bzip2-dev
curl-dev
db-dev
enchant-dev
freetds-dev
freetype-dev
gdbm-dev
gettext-dev
gmp-dev
icu67-dev
imap-dev
krb5-dev
libedit-dev
libical-dev
libjpeg-turbo-dev
libpng-dev
openssl-dev
libsodium-dev
libwebp-dev
libxml2-dev
libxpm-dev
libxslt-dev
libzip-dev
net-snmp-dev
oniguruma-dev
openldap-dev
pcre-dev
postgresql-dev
re2c
recode-dev
sqlite-dev
tidyhtml-dev
unixodbc-dev
zlib-dev
"
provides="php7-cli php-cli php" # for backward compatibility
provider_priority=100
subpackages="$pkgname-dev $pkgname-doc $pkgname-apache2 $pkgname-phpdbg
$pkgname-embed $pkgname-litespeed $pkgname-cgi $pkgname-fpm
$pkgname-pear::noarch
"
source="https://php.net/distributions/$_pkgreal-$pkgver.tar.xz
$pkgname-fpm.initd
$pkgname-fpm.logrotate
$pkgname-module.conf
disabled-tests.list
install-pear.patch
includedir.patch
sharedir.patch
php7-fpm-version-suffix.patch
allow-build-recode-and-imap-together.patch
fix-tests-devserver.patch
u8-001-CVE-2020-7071-1.patch
u8-002-CVE-2020-7071-2.patch
u8-003-CVE-2020-7071-3.patch
"
builddir="$srcdir/$_pkgreal-$pkgver"
_libdir="/usr/lib/$pkgname"
_extension_dir="$_libdir/modules"
_extension_confd="/etc/$pkgname/conf.d"
_extensions="
bcmath
bz2
calendar
ctype
curl
dba
dom
enchant
exif
fileinfo
ftp
gd
gettext
gmp
iconv
imap
intl
json
ldap
mbstring
mysqli
mysqlnd
odbc
opcache
openssl
pcntl
pdo
pdo_dblib
pdo_mysql
pdo_odbc
pdo_pgsql
pdo_sqlite
pgsql
phar
posix
pspell
recode
session
shmop
simplexml
snmp
soap
sodium
sockets
sqlite3
sysvmsg
sysvsem
sysvshm
tidy
tokenizer
wddx
xml
xmlreader
xmlrpc
xmlwriter
xsl
zip
"
for _ext in $_extensions; do
case "$_ext" in
phar) subpackages="$subpackages $pkgname-$_ext:$_ext";;
*) subpackages="$subpackages $pkgname-$_ext:_extension";;
esac
done
subpackages="$subpackages $pkgname-common::noarch"
# FIXME: tests fails on s390x and x86_64
case "$CARCH" in
x86_64) options="$options !check";;
s390x) options="$options !check";;
esac
# secfixes:
# 7.2.18-r0:
# - CVE-2019-11036
# 7.2.17-r0:
# - CVE-2019-11034
# - CVE-2019-11035
# - CVE-2019-9641
# - CVE-2019-9640
# - CVE-2019-9639
# - CVE-2019-9638
# - CVE-2019-9637
# 7.2.14-r0:
# - CVE-2019-9024
# - CVE-2019-9023
# - CVE-2019-9022
# - CVE-2019-9021
# - CVE-2019-9020
# 7.2.13-r0:
# - CVE-2018-20783
# 7.2.8-r0:
# - CVE-2015-9253
# - CVE-2018-12882
# - CVE-2018-12883
# - CVE-2018-14851
# 7.2.5-r0:
# - CVE-2018-5712
# - CVE-2018-10546
# - CVE-2018-10547
# - CVE-2018-10548
# - CVE-2018-10549
prepare() {
cd "$builddir"
default_prepare
update_config_sub
local vapi=$(sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h)
if [ "$vapi" != "$_apiver" ]; then
error "Upstreram API version is now $vapi. Expecting $_apiver"
error "After updating _apiver, all 3rd-party extensions must be rebuilt."
return 1
fi
# https://bugs.php.net/63362 - Not needed but installed headers.
# Drop some Windows specific headers to avoid installation,
# before build to ensure they are really not needed.
rm -f TSRM/tsrm_win32.h \
TSRM/tsrm_config.w32.h \
Zend/zend_config.w32.h \
ext/mysqlnd/config-win.h \
ext/standard/winver.h \
main/win32_internal_function_disabled.h \
main/win95nt.h
# Fix some bogus permissions.
find . -name \*.[ch] -exec chmod 644 {} \;
# XXX: Delete failing tests.
sed -n '/^[^#]/p' "$srcdir"/disabled-tests.list | while read item; do
rm -r $item # do it in this way to apply globbing...
done
autoconf
}
# Notes:
# * gd-jis-conv breaks any non-latin font rendering (vakartel).
# * libxml cannot be build as shared.
# * Doesn't work with system-provided onigurama, some tests fail (invalid code
# point); probably because bundled onigurama is version 5.x, but we have 6.x.
# Tests are faulty - use system oniguruma
_build() {
local without_pcre_jit
[ "$CARCH" = "s390x" ] && without_pcre_jit="--without-pcre-jit"
EXTENSION_DIR=$_extension_dir ./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--program-suffix=$_suffix \
--libdir=$_libdir \
--datadir=/usr/share/$pkgname \
--sysconfdir=/etc/$pkgname \
--localstatedir=/var \
--with-layout=GNU \
--with-pic \
--with-pear=/usr/share/$pkgname \
--with-config-file-path=/etc/$pkgname \
--with-config-file-scan-dir=$_extension_confd \
--disable-short-tags \
\
--enable-bcmath=shared \
--with-bz2=shared \
--enable-calendar=shared \
--enable-ctype=shared \
--with-curl=shared \
--enable-dba=shared \
--with-db4 \
--with-dbmaker=shared \
--with-gdbm \
--enable-dom=shared \
--with-enchant=shared \
--enable-exif=shared \
--enable-fileinfo=shared \
--enable-ftp=shared \
--with-gd=shared \
--with-freetype-dir=/usr \
--disable-gd-jis-conv \
--with-jpeg-dir=/usr \
--with-png-dir=/usr \
--with-webp-dir=/usr \
--with-xpm-dir=/usr \
--with-gettext=shared \
--with-gmp=shared \
--with-iconv=shared \
--with-imap=shared \
--with-imap-ssl \
--with-icu-dir=/usr/local \
--enable-intl=shared \
--enable-json=shared \
--with-kerberos \
--with-ldap=shared \
--with-ldap-sasl \
--with-libedit \
--enable-libxml \
--with-libxml-dir=/usr \
--enable-mbstring=shared \
--with-onig=/usr \
--with-mysqli=shared,mysqlnd \
--with-mysql-sock=/run/mysqld/mysqld.sock \
--enable-mysqlnd=shared \
--enable-opcache=shared \
--with-openssl=shared \
--with-system-ciphers \
--enable-pcntl=shared \
--with-pcre-regex=/usr \
$without_pcre_jit \
--enable-pdo=shared \
--with-pdo-dblib=shared \
--with-pdo-mysql=shared,mysqlnd \
--with-pdo-odbc=shared,unixODBC,/usr \
--with-pdo-pgsql=shared \
--with-pdo-sqlite=shared,/usr \
--with-pgsql=shared \
--enable-phar=shared \
--enable-posix=shared \
--with-pspell=shared \
--without-readline \
--with-recode=shared \
--enable-session=shared \
--enable-shmop=shared \
--enable-simplexml=shared \
--with-snmp=shared \
--enable-soap=shared \
--with-sodium=shared \
--enable-sockets=shared \
--with-sqlite3=shared,/usr \
--enable-sysvmsg=shared \
--enable-sysvsem=shared \
--enable-sysvshm=shared \
--with-tidy=shared \
--enable-tokenizer=shared \
--with-unixODBC=shared,/usr \
--enable-wddx=shared \
--enable-xml=shared \
--enable-xmlreader=shared \
--with-xmlrpc=shared \
--enable-xmlwriter=shared \
--with-xsl=shared \
--enable-zip=shared \
--with-libzip=/usr \
--with-zlib \
--with-zlib-dir=/usr \
$@
make
}
build() {
cd "$builddir"
# phpdbg
_build --enable-phpdbg \
--enable-phpdbg-webhelper \
--disable-cgi \
--disable-cli
# apache2 module
_build --disable-phpdbg \
--disable-cgi \
--disable-cli \
--with-apxs2
mv libs/libphp${_suffixA}.so sapi/apache2handler/mod_php${_suffix}.so
# cgi, cli, fpm, embed, litespeed
_build --disable-phpdbg \
--enable-fpm \
--enable-embed \
--with-litespeed
}
check() {
cd "$builddir"
# PHP is so stupid that it's not able to resolve dependencies
# between extensions and load them in correct order, so we must
# help it...
# opcache is Zend extension, it's handled specially in Makefile
local php_modules=$(_extensions_by_load_order \
| grep -vx opcache \
| xargs -n 1 printf "'$builddir/modules/%s.la' ")
sed -i "/^PHP_TEST_SHARED_EXTENSIONS/,/extension=/ \
s|in \$(PHP_MODULES)\"*|in $php_modules|" Makefile
# XXX: Few tests fail on the named platforms.
# Ignore it for now and continue build even on test failures.
local allow_fail='no'
case "$CARCH" in
x86 | arm* | aarch64 | ppc64le | mips*) allow_fail='yes'
esac
NO_INTERACTION=1 REPORT_EXIT_STATUS=1 \
SKIP_SLOW_TESTS=1 SKIP_ONLINE_TESTS=1 TEST_TIMEOUT=10 \
TZ= LANG= LC_ALL= \
make test || [ "$allow_fail" = yes ] || return 1
echo 'NOTE: We have skipped quite a lot tests, see disabled-tests.list.'
}
package() {
cd "$builddir"
make -j1 INSTALL_ROOT="$pkgdir" install
install -Dm644 php.ini-production "$pkgdir"/etc/$pkgname/php.ini
local file; for file in pear peardev pecl; do
sed -i -e "s|/usr/bin/php|/usr/bin/php$_suffix|g" \
-e "s|PHP=php|PHP=php$_suffix|" \
"$pkgdir"/usr/bin/$file
done
find "$pkgdir" -name '.*' | xargs rm -rf
rmdir "$pkgdir"/var/run
if [ "$_default_php" = yes ]; then
ln -s php$_suffix "$pkgdir"/usr/bin/php
fi
}
dev() {
default_dev
replaces="php7-dev php-dev"
cd "$pkgdir"
_mv usr/bin/php-config$_suffix \
usr/bin/phpize$_suffix \
"$subpkgdir"/usr/bin/
_mv ./$_libdir/build "$subpkgdir"/$_libdir/
if [ "$_default_php" = yes ]; then
ln -s phpize$_suffix "$subpkgdir"/usr/bin/phpize
ln -s php-config$_suffix "$subpkgdir"/usr/bin/php-config
fi
}
doc() {
default_doc
cd "$builddir"
mkdir -p "$subpkgdir"/usr/share/doc/$pkgname
cp CODING_STANDARDS CREDITS EXTENSIONS INSTALL LICENSE NEWS \
README* UPGRADING* \
"$subpkgdir"/usr/share/doc/$pkgname/
}
apache2() {
pkgdesc="PHP$_suffix Module for Apache2"
depends="$depends apache2"
provides="php7-apache2 php-apache2"
install -D -m 755 "$builddir"/sapi/apache2handler/mod_php$_suffix.so \
"$subpkgdir"/usr/lib/apache2/mod_php$_suffix.so
install -D -m 644 "$srcdir"/php$_suffix-module.conf \
"$subpkgdir"/etc/apache2/conf.d/php$_suffix-module.conf
}
phpdbg() {
pkgdesc="Interactive PHP$_suffix debugger"
provides="php7-phpdbg php-phpdbg"
install -Dm755 "$builddir"/sapi/phpdbg/phpdbg \
"$subpkgdir"/usr/bin/phpdbg$_suffix
if [ "$_default_php" = yes ]; then
ln -s phpdbg$_suffix "$subpkgdir"/usr/bin/phpdbg
fi
}
embed() {
pkgdesc="PHP$_suffix Embedded Library"
provides="php7-embed php-embed"
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/libphp${_suffixA}.so "$subpkgdir"/usr/lib/libphp${_suffix}.so
}
litespeed() {
pkgdesc="PHP$_suffix LiteSpeed SAPI"
provides="php7-lightspeed php-lightspeed"
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/lsphp$_suffix "$subpkgdir"/usr/bin
if [ "$_default_php" = yes ]; then
ln -s lsphp$_suffix "$subpkgdir"/usr/bin/lsphp
fi
}
cgi() {
pkgdesc="PHP$_suffix Common Gateway Interface"
provides="php7-cgi php-cgi"
_mv "$pkgdir"/usr/bin/php-cgi$_suffix "$subpkgdir"/usr/bin/
if [ "$_default_php" = yes ]; then
ln -s php-cgi$_suffix "$subpkgdir"/usr/bin/php-cgi
fi
}
fpm() {
pkgdesc="PHP$_suffix FastCGI Process Manager"
provides="php7-fpm php-fpm"
cd "$pkgdir"
_mv var "$subpkgdir"/
_mv usr/share/$pkgname/fpm "$subpkgdir"/var/lib/$pkgname/
_mv usr/sbin "$subpkgdir"/usr/
_mv etc/$pkgname/php-fpm* "$subpkgdir"/etc/$pkgname/
local file; for file in php-fpm.conf php-fpm.d/www.conf; do
mv "$subpkgdir"/etc/$pkgname/$file.default \
"$subpkgdir"/etc/$pkgname/$file
done
install -D -m 755 "$srcdir"/$pkgname-fpm.initd \
"$subpkgdir"/etc/init.d/php-fpm$_suffix
install -D -m 644 "$srcdir"/$pkgname-fpm.logrotate \
"$subpkgdir"/etc/logrotate.d/php-fpm$_suffix
mkdir -p "$subpkgdir"/var/log/$pkgname
}
pear() {
pkgdesc="PHP$_suffix Extension and Application Repository"
depends="$pkgname $pkgname-xml"
provides="php7-pear php-pear"
cd "$pkgdir"
# pecl needs xml extension and since we build it as shared, it must be
# explicitly declared to be loaded.
sed -i 's/\$INCARG/& -d extension=xml.so/' usr/bin/pecl
mkdir -p "$subpkgdir"/usr/bin
local file; for file in pecl pear peardev; do
mv usr/bin/$file "$subpkgdir"/usr/bin/$file$_suffix
if [ "$_default_php" = yes ]; then
ln -s $file$_suffix "$subpkgdir"/usr/bin/$file
fi
done
_mv etc/$pkgname/pear.conf "$subpkgdir"/etc/$pkgname/
_mv usr/share "$subpkgdir"/usr/
}
common() {
pkgdesc="$pkgdesc (common config)"
provides="php7-common php-common $pkgname-zlib php-zlib" # for backward compatibility
depends=""
cd "$pkgdir"
_mv usr/lib "$subpkgdir"/usr/
_mv etc "$subpkgdir"/
mkdir -p "$subpkgdir"/$_extension_confd
}
phar() {
_extension
cd "$pkgdir"
mkdir -p "$subpkgdir"/usr/bin
mv usr/bin/phar.phar "$subpkgdir"/usr/bin/phar.phar$_suffix
rm usr/bin/phar
ln -s phar.phar$_suffix "$subpkgdir"/usr/bin/phar$_suffix
if [ "$_default_php" = yes ]; then
ln -s phar.phar$_suffix "$subpkgdir"/usr/bin/phar.phar
ln -s phar.phar$_suffix "$subpkgdir"/usr/bin/phar
fi
}
_extension() {
local extname="${subpkgname#$pkgname-}"
local extdepends="$(eval "echo \$_depends_$extname")"
local extdesc="$(head -n1 "$builddir"/ext/$extname/CREDITS 2>/dev/null ||:)"
pkgdesc="PHP$_suffix extension: ${extdesc:-$extname}"
provides="php-$extname"
: ${extdepends:=$(_resolve_extension_deps "$extname")}
depends="$depends $extdepends"
local load_order=$(_extension_load_order "$extname")
# extension prefix
local prefix=
[ "$extname" != "opcache" ] || prefix="zend_"
_mv "$pkgdir"/$_extension_dir/$extname.so \
"$subpkgdir"/$_extension_dir/
mkdir -p "$subpkgdir"/$_extension_confd
echo "${prefix}extension=$extname.so" \
> "$subpkgdir"/$_extension_confd/$(printf %02d $load_order)_$extname.ini
}
# Resolves dependencies of the given extension name (without $pkgname- prefix)
# on other extensions in $_extensions and prints them with $pkgname- prefix.
_resolve_extension_deps() {
local name="$1"
# We use config.w32 just because it's more accurate than config.m4.
local config="$builddir/ext/$name/config.w32"
[ -f "$config" ] || return 0
cat "$config" \
| sed -En "s/.*ADD_EXTENSION_DEP\('$name', ([^)]+)\).*/\1/p" \
| tr -d "'," | tr ' ' '\n' \
| sort -u \
| while read dep; do
if echo "$_extensions" | grep -qw "$dep"; then
echo "$pkgname-$dep"
fi
done
}
# Prints a load order (0-based integer) for the given extension name. Extension
# with lower load order should be loaded before exts with higher load order.
# It's based on number of dependencies of the extension (with exception for
# "imap"), which is flawed, but simple and good enough for now.
_extension_load_order() {
local name="$1"
local deps=$(eval "echo \$_depends_$name")
case "$name" in
# XXX: This must be loaded after recode, even though it does
# not depend on it. So we must use this hack...
imap) echo 1;;
*) echo "${deps:=$(_resolve_extension_deps $name)}" | wc -w;;
esac
}
# Prints $_extensions sorted by load order and name.
_extensions_by_load_order() {
local deps list name
for name in $_extensions; do
list="$list $(_extension_load_order $name);$name"
done
printf '%s\n' $list | sort -t ';' -k 1 | sed -E 's/\d+;//'
}
_mv() {
local dest; for dest; do true; done # get last argument
mkdir -p "$dest"
mv $@
}
sha512sums="
7ecc3de3b5db41ec4ff6a5ce6c7e77dc330753c6f3fd87db4d07d6bb763a0b047e83afeef2251b4c6a5d2ff53fd9f3d7e99d091ef2e2c6ab8f18db7447d8a97d php-7.2.34.tar.xz
78ebccf0124ade38fcf8a9cadd4e3bf637f79c45f8bbaebdf1c9c387e39a311555f633ad0713ea9031986e9fb3550055e7e3d719a0477edc3458fccac9307cfd php7.2-fpm.initd
b65f01e7de2195c0ea6b9e09b5acaf022ef8e0b69bfc2c143a5316293f36e8e3a4556b1847ffd330cb7aa2106dac9ca67950c240504934418c5ceb0cea5beb56 php7.2-fpm.logrotate
b44532f8cfe74f7a0c37ede23ee736a5e86a9f254756eca90a5ed8e917bc3e282fe53f0f9a9cc030b49ba94aa52d11363d53433b957501aad2d5ffcdcf6f3573 php7.2-module.conf
6593accfe1ef0d9d28d257b2825823afdbfaa72bbf2e09e4ed689b644571a0d085cd4d6c92ffdff6ca9d0bb6d31cf84e5db5c4a4d88f192bba3f95a0c9b1dfd7 disabled-tests.list
f1177cbf6b1f44402f421c3d317aab1a2a40d0b1209c11519c1158df337c8945f3a313d689c939768584f3e4edbe52e8bd6103fb6777462326a9d94e8ab1f505 install-pear.patch
e65383c878c991f554641371c145f67eaf6a59f2a0071645279478d69ba16183e92608442ddbe9be092cb1e9f091aee62be6cc0eedeea90c3256f55ac2831b8a includedir.patch
7ded89fb6674efd57028e0e4f40b67f46af45c9bd20d56abd0a8b911c3ab506a2518a57b002e417c80b4fd767721aa2d9ba8e6decd908a742b28f1a4b7373f44 sharedir.patch
6a2f17e0e0e74810eb092da84b025c7226695a46351c3a77d56116cc671a867c97eae253ef3a5c7d34c12361b95673307dc03232b924c2668a2205fa9217632d php7-fpm-version-suffix.patch
f8ecae241a90cbc3e98aa4deb3d5d35ef555f51380e29f4e182a8060dffeb84be74f030a14c6b452668471030d78964f52795ca74275db05543ccad20ef1f2cc allow-build-recode-and-imap-together.patch
5bb1f90de8c543d4efffa8bc604fb3239e478d9d9625d30cd03449643906a0fe5407123403206ec57f4bf9f18893a7ff4524ccf417b2bd8bce4ee7d18815b576 fix-tests-devserver.patch
1ad7276cd0cc253c7c084248b7c1a3508de0a7f7df68b9b48202f225424de470f8fbc62fb2c10211042e8b7ec1ac353ca1cde1638e743199f1ff8d79ce669598 u8-001-CVE-2020-7071-1.patch
3a609c3ccbb39d518a20afd777f1100bc14de98ebc18487ab688c9633a10b44af40b63bb479ebd8b4ddf285aea14526f9b855056b5ac54c7fbd08c5f306f53d1 u8-002-CVE-2020-7071-2.patch
49edc27552743eb93666386927067b0d41846f7200d019bb3c73ffe0e3158eefc8ac01eedf132c9e59bd97b36418d0276c85151ad679e7a62da9c7ea7b7698d5 u8-003-CVE-2020-7071-3.patch
"

@ -0,0 +1,20 @@
Extensions recode and imap can't be loaded together, but they can be build
together, and that's what we want.
Source: https://src.fedoraproject.org/cgit/rpms/php.git/tree/php-5.3.0-recode.patch?h=f26
--- a/ext/recode/config9.m4
+++ b/ext/recode/config9.m4
@@ -4,13 +4,6 @@ dnl
dnl Check for extensions with which Recode can not work
if test "$PHP_RECODE" != "no"; then
- test "$PHP_IMAP" != "no" && recode_conflict="$recode_conflict imap"
-
- if test -n "$MYSQL_LIBNAME"; then
- PHP_CHECK_LIBRARY($MYSQL_LIBNAME, hash_insert, [
- recode_conflict="$recode_conflict mysql"
- ])
- fi
if test -n "$recode_conflict"; then
AC_MSG_ERROR([recode extension can not be configured together with:$recode_conflict])

@ -0,0 +1,230 @@
#
# Tests that we don't need to run
#
# These are mostly unit or regression tests, we care about integration tests.
tests/lang/*
tests/classes/*
Zend/tests/*
#
# Tests that fail and probably should not...
#
# Too many tests fail! Some of them bogus, some not.
# THIS SHOULD BE REALLY FIXED!
ext/openssl/tests/*
# Broken tests, missing config.
sapi/fpm/tests/*
# Incorrect result.
sapi/cli/tests/upload_2G.phpt
# Fails in chroot (on Travis).
sapi/cli/tests/cli_process_title_unix.phpt
# Error messages in different order.
sapi/cgi/tests/005.phpt
# Fails on ppc64le.
sapi/phpdbg/tests/watch_006.phpt
# Missing timezone in date.
ext/date/tests/bug27780.phpt
ext/date/tests/bug32555.phpt
ext/date/tests/bug33532.phpt
# Number overflow!?
ext/date/tests/bug53437_var5.phpt
ext/date/tests/bug53437_var6.phpt
# Incompatible version of enchant library?
ext/enchant/tests/broker_list_dicts.phpt
ext/enchant/tests/bug13181.phpt
# Wrong charset, conversion from `UTF-8' to `ASCII//TRANSLIT' is not allowed.
ext/iconv/tests/iconv_basic_001.phpt
# Wrong charset, conversion from `UTF-8' to `UTF-8//IGNORE' is not allowed.
ext/iconv/tests/bug48147.phpt
# Float rounding error and/or different precision.
ext/date/tests/date_time_fractions.phpt
ext/intl/tests/bug14562.phpt
ext/intl/tests/formatter_parse.phpt
ext/intl/tests/formatter_parse_currency.phpt
ext/intl/tests/msgfmt_parse.phpt
# Incorrect results.
ext/intl/tests/spoofchecker_001.phpt
ext/intl/tests/timezone_IDforWindowsID_basic.phpt
ext/intl/tests/timezone_windowsID_basic.phpt
# Class 'Phar' not found.
ext/opcache/tests/issue0115.phpt
ext/opcache/tests/issue0149.phpt
# Invalid datasource.
ext/pdo_odbc/tests/max_columns.phpt
# Fails in chroot (on Travis).
ext/posix/tests/posix_errno_variation2.phpt
ext/posix/tests/posix_kill_basic.phpt
# Randomly fails.
ext/pcntl/tests/002.phpt
# Call to undefined function session_start().
ext/session/tests/session_regenerate_id_cookie.phpt
# Class 'SoapServer' not found.
ext/soap/tests/bug73037.phpt
# Incorrect results.
ext/soap/tests/server009.phpt
# Fails on ppc64le.
ext/sockets/tests/mcast_ipv6_send.phpt
# Depends on something from ext/openssl/tests
ext/standard/tests/streams/stream_context_tcp_nodelay_server.phpt
# Incorrect results.
ext/standard/tests/crypt/bcrypt_invalid_algorithm.phpt
ext/standard/tests/crypt/bcrypt_invalid_cost.phpt
ext/standard/tests/crypt/des_fallback_invalid_salt.phpt
ext/standard/tests/strings/crypt_blowfish.phpt
ext/standard/tests/strings/crypt_blowfish_variation1.phpt
ext/standard/tests/strings/crypt_blowfish_variation2.phpt
ext/standard/tests/strings/crypt_des_error.phpt
# Incorrect results.
ext/standard/tests/strings/bug51059.phpt
# Fails in chroot (on Travis).
ext/standard/tests/general_functions/proc_nice_basic.phpt
# Cannot find serialization handler 'wddx'.
ext/wddx/tests/004.phpt
ext/wddx/tests/005.phpt
ext/wddx/tests/bug70741.phpt
# Globbing in zip file does not work.
ext/zip/tests/bug70103.phpt
# ZipArchive::close() doesn't indicate errors; fails on ppc64le.
ext/zip/tests/bug70322.phpt
# Test timeouts.
#Zend/tests/concat_003.phpt
# Failing tests related to locale and/or iconv.
ext/date/tests/009.phpt
ext/gettext/tests/gettext_basic-enus.phpt
ext/gettext/tests/gettext_basic.phpt
ext/gettext/tests/gettext_bindtextdomain-cwd.phpt
ext/gettext/tests/gettext_dcgettext.phpt
ext/gettext/tests/gettext_dgettext.phpt
ext/gettext/tests/gettext_dngettext-plural.phpt
ext/gettext/tests/gettext_ngettext.phpt
ext/iconv/tests/bug52211.phpt
ext/intl/tests/bug67052.phpt
ext/intl/tests/formatter_format6.phpt
ext/json/tests/bug41403.phpt
ext/pcre/tests/locales.phpt
ext/soap/tests/bugs/bug39815.phpt
ext/standard/tests/array/locale_sort.phpt
ext/standard/tests/file/bug43008.phpt
ext/standard/tests/strings/htmlentities02.phpt
ext/standard/tests/strings/htmlentities03.phpt
ext/standard/tests/strings/moneyformat.phpt
ext/standard/tests/strings/setlocale_basic1.phpt
ext/standard/tests/strings/setlocale_basic2.phpt
ext/standard/tests/strings/setlocale_basic3.phpt
ext/standard/tests/strings/setlocale_error.phpt
ext/standard/tests/strings/setlocale_variation1.phpt
ext/standard/tests/strings/setlocale_variation2.phpt
ext/standard/tests/strings/setlocale_variation3.phpt
ext/standard/tests/strings/setlocale_variation4.phpt
ext/standard/tests/strings/setlocale_variation5.phpt
ext/standard/tests/strings/sprintf_f_3.phpt
ext/standard/tests/strings/strtoupper.phpt
ext/standard/tests/time/strptime_basic.phpt
ext/standard/tests/time/strptime_parts.phpt
#tests/lang/034.phpt
#tests/lang/bug30638.phpt
#
# Tests that fail for known reason and/or we don't need to worry about them
#
# Output does not match due to verbose messages from curl. Probably just
# different curl version...
ext/curl/tests/bug48203.phpt
ext/curl/tests/bug48203_multi.phpt
# Fails due to unsupported JP charsets.
ext/iconv/tests/eucjp2iso2022jp.phpt
ext/iconv/tests/eucjp2sjis.phpt
ext/iconv/tests/eucjp2utf8.phpt
ext/iconv/tests/iconv_basic.phpt
ext/iconv/tests/iconv_mime_decode.phpt
ext/iconv/tests/iconv_mime_encode.phpt
ext/iconv/tests/iconv_stream_filter.phpt
ext/iconv/tests/iconv_stream_filter_delimiter.phpt
ext/iconv/tests/iconv_strpos.phpt
ext/iconv/tests/iconv_strrpos.phpt
ext/iconv/tests/iconv_substr.phpt
ext/iconv/tests/ob_iconv_handler.phpt
ext/standard/tests/strings/htmlentities04.phpt
ext/standard/tests/strings/htmlentities15.phpt
# Segfaults, it tests JIT stacklimit exhaustion.
ext/pcre/tests/preg_match_error3.phpt
# Timeouts.
ext/recode/tests/001.phpt
# Requires running SNMP server.
ext/snmp/tests/*
# Operation not permitted.
ext/sockets/tests/socket_set_option_bindtodevice.phpt
# Different wording of socket error messages (due to different libc).
ext/sockets/tests/socket_strerror.phpt
# Broken test.
ext/standard/tests/file/disk_free_space_basic.phpt
# Fails probably due to differencies in musl.
ext/standard/tests/file/lstat_stat_variation9.phpt
ext/standard/tests/file/popen_pclose_error.phpt
# WTF?! getservername(true, "tcp") and similar non-senses...
ext/standard/tests/general_functions/getservbyport_variation1.phpt
ext/standard/tests/general_functions/getservbyname_variation2.phpt
ext/standard/tests/general_functions/getservbyname_variation5.phpt
# Needs GNU cut utility.
ext/standard/tests/mail/mail_basic2.phpt
ext/standard/tests/mail/mail_variation2.phpt
# Fails probably due to differencies in musl.
ext/sockets/tests/socket_create_pair-wrongparams.phpt
# Error message does not match due to some extra info.
ext/standard/tests/strings/007.phpt
# Causes stack exhausion.
#Zend/tests/bug54268.phpt
#Zend/tests/bug68412.phpt
# Fails because of locale settings.
ext/intl/tests/dateformat_create_cal_arg_variant4.phpt
ext/intl/tests/dateformat_get_set_calendar_variant4.phpt
ext/intl/tests/formatter_get_locale_variant2.phpt

@ -0,0 +1,23 @@
From: Jakub Jirutka <jakub@jirutka.cz>
Date: Mon, 01 May 2017 01:33:00 +0200
Subject: [PATCH] Fix tests failing due to extra message from built-in web server
Remove messages like:
PHP 7.1.4 Development Server started at Mon May 1 00:42:39 2017
from test outputs, because tests do not expect them. I have no clue what
happens here...
--- a/run-tests.php
+++ b/run-tests.php
@@ -2009,6 +2009,9 @@
// Does the output match what is expected?
$output = preg_replace("/\r\n/", "\n", trim($out));
+ // Remove message from built-in development server.
+ $output = preg_replace("/^PHP [0-9.]+ Development Server started at .*\n\n?/m", "", $output);
+
/* when using CGI, strip the headers from the output */
$headers = array();

@ -0,0 +1,41 @@
--- a/scripts/Makefile.frag
+++ b/scripts/Makefile.frag
@@ -3,7 +3,7 @@
# Build environment install
#
-phpincludedir = $(includedir)/php
+phpincludedir = $(includedir)/php7.2
phpbuilddir = $(libdir)/build
BUILD_FILES = \
--- a/ext/pdo/Makefile.frag
+++ b/ext/pdo/Makefile.frag
@@ -1,4 +1,4 @@
-phpincludedir=$(prefix)/include/php
+phpincludedir=$(prefix)/include/php7.2
PDO_HEADER_FILES= \
php_pdo.h \
--- a/scripts/php-config.in
+++ b/scripts/php-config.in
@@ -6,7 +6,7 @@
exec_prefix="@exec_prefix@"
version="@PHP_VERSION@"
vernum="@PHP_VERSION_ID@"
-include_dir="@includedir@/php"
+include_dir="@includedir@/php7.2"
includes="-I$include_dir -I$include_dir/main -I$include_dir/TSRM -I$include_dir/Zend -I$include_dir/ext -I$include_dir/ext/date/lib"
ldflags="@PHP_LDFLAGS@"
libs="@EXTRA_LIBS@"
--- a/scripts/phpize.in
+++ b/scripts/phpize.in
@@ -5,7 +5,7 @@
datarootdir='@datarootdir@'
exec_prefix="`eval echo @exec_prefix@`"
phpdir="`eval echo @libdir@`/build"
-includedir="`eval echo @includedir@`/php"
+includedir="`eval echo @includedir@`/php7.2"
builddir="`pwd`"
SED="@SED@"

@ -0,0 +1,15 @@
--- ./pear/Makefile.frag.orig 2013-04-12 07:02:27.041602514 +0000
+++ ./pear/Makefile.frag 2013-04-12 07:04:09.065836822 +0000
@@ -2,8 +2,11 @@
peardir=$(PEAR_INSTALLDIR)
+# help the built php to find xml extension so we can install pear
+PEAR_INSTALL_XML_FLAGS = -d extension_dir="$(top_builddir)/modules" -d extension=xml.so
+
# Skip all php.ini files altogether
-PEAR_INSTALL_FLAGS = -n -dshort_open_tag=0 -dopen_basedir= -derror_reporting=1803 -dmemory_limit=-1 -ddetect_unicode=0
+PEAR_INSTALL_FLAGS = -n -dshort_open_tag=0 -dopen_basedir= -derror_reporting=1803 -dmemory_limit=-1 -ddetect_unicode=0 $(PEAR_INSTALL_XML_FLAGS)
WGET = `which wget 2>/dev/null`
FETCH = `which fetch 2>/dev/null`

@ -0,0 +1,79 @@
--- a/sapi/fpm/fpm/fpm_conf.c
+++ b/sapi/fpm/fpm/fpm_conf.c
@@ -1205,7 +1205,7 @@
}
if (!fpm_global_config.error_log) {
- fpm_global_config.error_log = strdup("log/php-fpm.log");
+ fpm_global_config.error_log = strdup("log/php7.2/error.log");
}
#ifdef HAVE_SYSTEMD
@@ -1216,7 +1216,7 @@
#ifdef HAVE_SYSLOG_H
if (!fpm_global_config.syslog_ident) {
- fpm_global_config.syslog_ident = strdup("php-fpm");
+ fpm_global_config.syslog_ident = strdup("php-fpm7.2");
}
if (fpm_global_config.syslog_facility < 0) {
@@ -1710,7 +1710,7 @@
if (fpm_globals.prefix == NULL) {
spprintf(&tmp, 0, "%s/php-fpm.conf", PHP_SYSCONFDIR);
} else {
- spprintf(&tmp, 0, "%s/etc/php-fpm.conf", fpm_globals.prefix);
+ spprintf(&tmp, 0, "%s/etc/php7.2/php-fpm.conf", fpm_globals.prefix);
}
if (!tmp) {
--- a/sapi/fpm/php-fpm.conf.in
+++ b/sapi/fpm/php-fpm.conf.in
@@ -16,3 +16,3 @@
; Default Value: none
-;pid = run/php-fpm.pid
+;pid = run/php-fpm7.2.pid
@@ -22,4 +22,4 @@
; Note: the default prefix is @EXPANDED_LOCALSTATEDIR@
-; Default Value: log/php-fpm.log
-;error_log = log/php-fpm.log
+; Default Value: log/php7.2/error.log
+;error_log = log/php7.2/error.log
@@ -35,4 +35,4 @@
; which must suit common needs.
-; Default Value: php-fpm
-;syslog.ident = php-fpm
+; Default Value: php-fpm7.2
+;syslog.ident = php-fpm7.2
--- a/sapi/fpm/www.conf.in
+++ b/sapi/fpm/www.conf.in
@@ -256,7 +256,7 @@
; The access log file
; Default: not set
-;access.log = log/$pool.access.log
+;access.log = log/php7.2/$pool.access.log
; The access log format.
; The following syntax is allowed
@@ -320,7 +320,7 @@
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
-;slowlog = log/$pool.log.slow
+;slowlog = log/php7.2/$pool.slow.log
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
@@ -418,6 +418,6 @@
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
-;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_value[error_log] = /var/log/php7.2/$pool.error.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M

@ -0,0 +1,93 @@
#!/sbin/openrc-run
# If you want to run separate master process per pool, then create a symlink
# to this runscript for each pool. In that mode, the php-fpm daemon is started
# as nobody by default. You can override the user (and group) by declaring
# variable "user" and optionally "group" in conf.d file, or in the $fpm_config
# file (the former has precedence).
: ${name:="PHP FastCGI Process Manager"}
command="/usr/sbin/php-fpm7.2"
command_background="yes"
start_stop_daemon_args="--quiet"
pidfile="/run/$RC_SVCNAME/php-fpm.pid"
retry="SIGTERM/20"
# configtest is here only for backward compatibility
extra_commands="checkconfig configtest"
extra_started_commands="reload reopen"
description_checkconfig="Run php-fpm config check"
description_reload="Gracefully reload workers and config"
description_reopen="Reopen log files"
required_files="$fpm_config"
depend() {
need net
use apache2 lighttpd nginx
}
init_vars() {
# Defaults for single master process with multiple pools
if [ "$RC_SVCNAME" = "php-fpm7.2" ]; then
: ${fpm_config:="/etc/php7.2/php-fpm.conf"}
: ${user:="root"}
# Defaults for master process per pool
else
: ${fpm_config="/etc/php7.2/php-fpm.d/${RC_SVCNAME#php-fpm7.2.}.conf"}
: ${user:="$(conf_get user)"}
: ${user:="nobody"}
: ${group:="$(conf_get group)"}
fi
command_args="--nodaemonize --fpm-config $fpm_config"
start_stop_daemon_args="$start_stop_daemon_args
--user $user ${group:+"--group $group"}"
}
start_pre() {
checkconfig || return 1
# If unix socket is used (instead of TCP/IP), then ensure that the
# directory exists and has correct privileges.
local listen="$(conf_get listen)"
if [ "${listen:0:1}" = "/" ]; then
checkpath -d -o $user:$group "$(dirname "$listen")"
fi
checkpath -d "$(dirname "$pidfile")"
}
reload() {
ebegin "Reloading $name"
start-stop-daemon --signal USR2 --pidfile "$pidfile"
eend $?
}
reopen() {
ebegin "Reopening $name log files"
start-stop-daemon --signal USR1 --pidfile "$pidfile"
eend $?
}
checkconfig() {
init_vars
ebegin "Checking $fpm_config"
local out
out="$(su -s /bin/sh -c "$command --test --fpm-config $fpm_config" $user 2>&1)" || {
printf "%s\n" "$out"
eend 1 "failed, please correct errors above"
return 1
}
}
configtest() {
ewarn "configtest is deprecated, use checkconfig instead"
checkconfig
}
conf_get() {
local key="$1"
sed -nE "s/^${key}\s*=\s*\"?([^\";]+).*/\1/p" "$fpm_config" | head -n 1
}

@ -0,0 +1,13 @@
/var/log/php7.2/*.log {
rotate 7
daily
missingok
notifempty
delaycompress
compress
dateext
sharedscripts
postrotate
/etc/init.d/php-fpm7.2 --ifstarted --quiet reopen
endscript
}

@ -0,0 +1,13 @@
LoadModule php7_module modules/mod_php7.2.so
DirectoryIndex index.php index.html
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
# Uncomment the following to allow .phps files to be handled by the php source filter,
# and displayed as syntax-highlighted source code
#<FilesMatch "\.phps$">
# SetHandler application/x-httpd-php-source
#</FilesMatch>

@ -0,0 +1,11 @@
--- a/php.ini-production 2018-07-28 18:05:51.737130931 +0300
+++ b/php.ini-production 2018-07-28 18:06:45.177774666 +0300
@@ -711,7 +711,7 @@
;;;;;;;;;;;;;;;;;;;;;;;;;
; UNIX: "/path1:/path2"
-;include_path = ".:/php/includes"
+include_path = ".:/usr/share/php7.2"
;
; Windows: "\path1;\path2"
;include_path = ".;c:\php\includes"

@ -0,0 +1,100 @@
Backport of:
From 2d3d72412a6734e19a38ed10f385227a6238e4a6 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Wed, 13 May 2020 09:36:52 +0200
Subject: [PATCH] Fix #77423: parse_url() will deliver a wrong host to user
To avoid that `parse_url()` returns an erroneous host, which would be
valid for `FILTER_VALIDATE_URL`, we make sure that only userinfo which
is valid according to RFC 3986 is treated as such.
For consistency with the existing url parsing code, we use ctype
functions, although that is not necessarily correct.
---
ext/standard/tests/strings/url_t.phpt | 6 ++---
ext/standard/tests/url/bug77423.phpt | 30 ++++++++++++++++++++++
ext/standard/tests/url/parse_url_basic_001.phpt | 6 ++---
ext/standard/tests/url/parse_url_basic_003.phpt | 2 +-
ext/standard/tests/url/parse_url_basic_005.phpt | 2 +-
ext/standard/tests/url/parse_url_unterminated.phpt | 6 ++---
ext/standard/url.c | 21 +++++++++++++++
7 files changed, 59 insertions(+), 14 deletions(-)
create mode 100644 ext/standard/tests/url/bug77423.phpt
--- /dev/null
+++ b/ext/filter/tests/bug77423.phpt
@@ -0,0 +1,30 @@
+--TEST--
+Bug #77423 (parse_url() will deliver a wrong host to user)
+--FILE--
+<?php
+$urls = array(
+ "http://php.net\@aliyun.com/aaa.do",
+ "https://example.com\uFF03@bing.com",
+);
+foreach ($urls as $url) {
+ var_dump(filter_var($url, FILTER_VALIDATE_URL));
+ var_dump(parse_url($url));
+}
+?>
+--EXPECT--
+bool(false)
+array(3) {
+ ["scheme"]=>
+ string(4) "http"
+ ["host"]=>
+ string(19) "php.net\@aliyun.com"
+ ["path"]=>
+ string(7) "/aaa.do"
+}
+bool(false)
+array(2) {
+ ["scheme"]=>
+ string(5) "https"
+ ["host"]=>
+ string(26) "example.com\uFF03@bing.com"
+}
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -92,6 +92,22 @@ PHPAPI php_url *php_url_parse(char const
return php_url_parse_ex(str, strlen(str));
}
+static int is_userinfo_valid(const char *str, size_t len)
+{
+ char *valid = "-._~!$&'()*+,;=:";
+ char *p = str;
+ while (p - str < len) {
+ if (isalpha(*p) || isdigit(*p) || strchr(valid, *p)) {
+ p++;
+ } else if (*p == '%' && p - str <= len - 3 && isdigit(*(p+1)) && isxdigit(*(p+2))) {
+ p += 3;
+ } else {
+ return 0;
+ }
+ }
+ return 1;
+}
+
/* {{{ php_url_parse
*/
PHPAPI php_url *php_url_parse_ex(char const *str, size_t length)
@@ -235,6 +251,9 @@ PHPAPI php_url *php_url_parse_ex(char co
ret->pass = estrndup(pp, (p-pp));
php_replace_controlchars_ex(ret->pass, (p-pp));
} else {
+ if (!is_userinfo_valid(s, p-s)) {
+ goto check_port;
+ }
ret->user = estrndup(s, (p-s));
php_replace_controlchars_ex(ret->user, (p-s));
}
@@ -242,6 +261,7 @@ PHPAPI php_url *php_url_parse_ex(char co
s = p + 1;
}
+check_port:
/* check for port */
if (s < ue && *s == '[' && *(e-1) == ']') {
/* Short circuit portscan,

@ -0,0 +1,112 @@
Backport of:
From 4a89e726bd4d0571991dc22a9a1ad4509e8fe347 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Tue, 19 Jan 2021 11:23:25 +0100
Subject: [PATCH] Alternative fix for bug 77423
That bug report originally was about `parse_url()` misbehaving, but the
security aspect was actually only regarding `FILTER_VALIDATE_URL`.
Since the changes to `parse_url_ex()` apparently affect userland code
which is relying on the sloppy URL parsing[1], this alternative
restores the old parsing behavior, but ensures that the userinfo is
checked for correctness for `FILTER_VALIDATE_URL`.
[1] <https://github.com/php/php-src/commit/5174de7cd33c3d4fa591c9c93859ff9989b07e8c#commitcomment-45967652>
---
ext/filter/logical_filters.c | 23 ++++++++++++++++++++++
.../tests/url => filter/tests}/bug77423.phpt | 15 --------------
ext/standard/tests/strings/url_t.phpt | 6 ++++--
ext/standard/tests/url/parse_url_basic_001.phpt | 6 ++++--
ext/standard/tests/url/parse_url_basic_003.phpt | 2 +-
ext/standard/tests/url/parse_url_basic_005.phpt | 2 +-
ext/standard/tests/url/parse_url_unterminated.phpt | 6 ++++--
ext/standard/url.c | 6 +-----
8 files changed, 38 insertions(+), 28 deletions(-)
rename ext/{standard/tests/url => filter/tests}/bug77423.phpt (53%)
--- a/ext/filter/logical_filters.c
+++ b/ext/filter/logical_filters.c
@@ -514,6 +514,22 @@ void php_filter_validate_domain(PHP_INPU
}
/* }}} */
+static int is_userinfo_valid(char * str)
+{
+ const char *valid = "-._~!$&'()*+,;=:";
+ const char *p = str;
+ while (p - str < strlen(str)) {
+ if (isalpha(*p) || isdigit(*p) || strchr(valid, *p)) {
+ p++;
+ } else if (*p == '%' && p - str <= strlen(str) - 3 && isdigit(*(p+1)) && isxdigit(*(p+2))) {
+ p += 3;
+ } else {
+ return 0;
+ }
+ }
+ return 1;
+}
+
void php_filter_validate_url(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */
{
php_url *url;
@@ -568,6 +584,13 @@ bad_url:
php_url_free(url);
RETURN_VALIDATION_FAILED
}
+
+ if (url->user != NULL && !is_userinfo_valid(url->user)) {
+ php_url_free(url);
+ RETURN_VALIDATION_FAILED
+
+ }
+
php_url_free(url);
}
/* }}} */
--- a/ext/filter/tests/bug77423.phpt
+++ b/ext/filter/tests/bug77423.phpt
@@ -8,23 +8,8 @@ $urls = array(
);
foreach ($urls as $url) {
var_dump(filter_var($url, FILTER_VALIDATE_URL));
- var_dump(parse_url($url));
}
?>
--EXPECT--
bool(false)
-array(3) {
- ["scheme"]=>
- string(4) "http"
- ["host"]=>
- string(19) "php.net\@aliyun.com"
- ["path"]=>
- string(7) "/aaa.do"
-}
bool(false)
-array(2) {
- ["scheme"]=>
- string(5) "https"
- ["host"]=>
- string(26) "example.com\uFF03@bing.com"
-}
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -251,9 +251,6 @@ PHPAPI php_url *php_url_parse_ex(char co
ret->pass = estrndup(pp, (p-pp));
php_replace_controlchars_ex(ret->pass, (p-pp));
} else {
- if (!is_userinfo_valid(s, p-s)) {
- goto check_port;
- }
ret->user = estrndup(s, (p-s));
php_replace_controlchars_ex(ret->user, (p-s));
}
@@ -261,7 +258,6 @@ PHPAPI php_url *php_url_parse_ex(char co
s = p + 1;
}
-check_port:
/* check for port */
if (s < ue && *s == '[' && *(e-1) == ']') {
/* Short circuit portscan,

@ -0,0 +1,34 @@
From 9c673083cd46ee2a954a62156acbe4b6e657c048 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Wed, 27 Jan 2021 00:13:43 -0800
Subject: [PATCH] Rm unneeded function
---
ext/standard/url.c | 16 ----------------
1 file changed, 16 deletions(-)
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -92,22 +92,6 @@ PHPAPI php_url *php_url_parse(char const
return php_url_parse_ex(str, strlen(str));
}
-static int is_userinfo_valid(const char *str, size_t len)
-{
- char *valid = "-._~!$&'()*+,;=:";
- char *p = str;
- while (p - str < len) {
- if (isalpha(*p) || isdigit(*p) || strchr(valid, *p)) {
- p++;
- } else if (*p == '%' && p - str <= len - 3 && isdigit(*(p+1)) && isxdigit(*(p+2))) {
- p += 3;
- } else {
- return 0;
- }
- }
- return 1;
-}
-
/* {{{ php_url_parse
*/
PHPAPI php_url *php_url_parse_ex(char const *str, size_t length)

@ -0,0 +1,181 @@
From 3c939e3f69955d087e0bb671868f7267dfb2a502 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 31 Jan 2021 21:15:23 -0800
Subject: [PATCH] Fix bug #80672 - Null Dereference in SoapClient
---
NEWS | 3 +++
ext/soap/php_sdl.c | 26 ++++++++++++++------------
ext/soap/php_xml.c | 4 ++--
ext/soap/tests/bug80672.phpt | 15 +++++++++++++++
ext/soap/tests/bug80672.xml | 6 ++++++
5 files changed, 40 insertions(+), 14 deletions(-)
create mode 100644 ext/soap/tests/bug80672.phpt
create mode 100644 ext/soap/tests/bug80672.xml
--- a/ext/soap/php_sdl.c
+++ b/ext/soap/php_sdl.c
@@ -314,6 +314,8 @@ void sdl_restore_uri_credentials(sdlCtx
ctx->context = NULL;
}
+#define SAFE_STR(a) ((a)?a:"")
+
static void load_wsdl_ex(zval *this_ptr, char *struri, sdlCtx *ctx, int include)
{
sdlPtr tmpsdl = ctx->sdl;
@@ -375,7 +377,7 @@ static void load_wsdl_ex(zval *this_ptr,
if (node_is_equal_ex(trav2, "schema", XSD_NAMESPACE)) {
load_schema(ctx, trav2);
} else if (is_wsdl_element(trav2) && !node_is_equal(trav2,"documentation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav2->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav2->name));
}
trav2 = trav2->next;
}
@@ -436,7 +438,7 @@ static void load_wsdl_ex(zval *this_ptr,
soap_error0(E_ERROR, "Parsing WSDL: <service> has no name attribute");
}
} else if (!node_is_equal(trav,"documentation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name));
}
trav = trav->next;
}
@@ -546,7 +548,7 @@ static sdlSoapBindingFunctionHeaderPtr w
}
smart_str_free(&key);
} else if (is_wsdl_element(trav) && !node_is_equal(trav,"documentation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name));
}
trav = trav->next;
}
@@ -648,7 +650,7 @@ static void wsdl_soap_binding_body(sdlCt
}
smart_str_free(&key);
} else if (is_wsdl_element(trav) && !node_is_equal(trav,"documentation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name));
}
trav = trav->next;
}
@@ -680,14 +682,14 @@ static HashTable* wsdl_message(sdlCtx *c
sdlParamPtr param;
if (trav->ns != NULL && strcmp((char*)trav->ns->href, WSDL_NAMESPACE) != 0) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected extensibility element <%s>", trav->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected extensibility element <%s>", SAFE_STR(trav->name));
}
if (node_is_equal(trav,"documentation")) {
trav = trav->next;
continue;
}
if (!node_is_equal(trav,"part")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name));
}
part = trav;
param = emalloc(sizeof(sdlParam));
@@ -696,7 +698,7 @@ static HashTable* wsdl_message(sdlCtx *c
name = get_attribute(part->properties, "name");
if (name == NULL) {
- soap_error1(E_ERROR, "Parsing WSDL: No name associated with <part> '%s'", message->name);
+ soap_error1(E_ERROR, "Parsing WSDL: No name associated with <part> '%s'", SAFE_STR(message->name));
}
param->paramName = estrdup((char*)name->children->content);
@@ -765,7 +767,7 @@ static sdlPtr load_wsdl(zval *this_ptr,
continue;
}
if (!node_is_equal(trav,"port")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name));
}
port = trav;
@@ -804,7 +806,7 @@ static sdlPtr load_wsdl(zval *this_ptr,
}
}
if (trav2 != address && is_wsdl_element(trav2) && !node_is_equal(trav2,"documentation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav2->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav2->name));
}
trav2 = trav2->next;
}
@@ -906,7 +908,7 @@ static sdlPtr load_wsdl(zval *this_ptr,
continue;
}
if (!node_is_equal(trav2,"operation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav2->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav2->name));
}
operation = trav2;
@@ -925,7 +927,7 @@ static sdlPtr load_wsdl(zval *this_ptr,
!node_is_equal(trav3,"output") &&
!node_is_equal(trav3,"fault") &&
!node_is_equal(trav3,"documentation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav3->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav3->name));
}
trav3 = trav3->next;
}
@@ -1103,7 +1105,7 @@ static sdlPtr load_wsdl(zval *this_ptr,
}
}
} else if (is_wsdl_element(trav) && !node_is_equal(trav,"documentation")) {
- soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", trav->name);
+ soap_error1(E_ERROR, "Parsing WSDL: Unexpected WSDL element <%s>", SAFE_STR(trav->name));
}
trav = trav->next;
}
--- a/ext/soap/php_xml.c
+++ b/ext/soap/php_xml.c
@@ -204,7 +204,7 @@ xmlNsPtr node_find_ns(xmlNodePtr node)
int attr_is_equal_ex(xmlAttrPtr node, char *name, char *ns)
{
- if (name == NULL || strcmp((char*)node->name, name) == 0) {
+ if (name == NULL || ((node->name) && strcmp((char*)node->name, name) == 0)) {
if (ns) {
xmlNsPtr nsPtr = attr_find_ns(node);
if (nsPtr) {
@@ -220,7 +220,7 @@ int attr_is_equal_ex(xmlAttrPtr node, ch
int node_is_equal_ex(xmlNodePtr node, char *name, char *ns)
{
- if (name == NULL || strcmp((char*)node->name, name) == 0) {
+ if (name == NULL || ((node->name) && strcmp((char*)node->name, name) == 0)) {
if (ns) {
xmlNsPtr nsPtr = node_find_ns(node);
if (nsPtr) {
--- /dev/null
+++ b/ext/soap/tests/bug80672.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #80672 Null Dereference in SoapClient
+--SKIPIF--
+<?php require_once('skipif.inc'); ?>
+--FILE--
+<?php
+try {
+ $client = new SoapClient(__DIR__ . "/bug80672.xml");
+ $query = $soap->query(array('sXML' => 'something'));
+} catch(SoapFault $e) {