/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2006-7243.patch
ViewVC logotype

Annotation of /rpms/php/sme8/php-5.3.3-CVE-2006-7243.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Mon Dec 16 10:46:46 2013 UTC (10 years, 10 months ago) by vip-ire
Branch: MAIN
CVS Tags: php-5_3_3-14_el5_sme, php-5_3_3-17_el5_sme, php-5_3_3-15_el5_sme, php-5_3_3-16_el5_sme, HEAD
* Mon Dec 16 2013 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-14.sme
- Resync with upstream php53, which include:
- add security fix for CVE-2013-6420
- add security fix for CVE-2013-4248
- add upstream reproducer for error_handler (#951075)
- add security fixes for CVE-2006-7243
- add security fixes for CVE-2012-2688, CVE-2012-0831,
  CVE-2011-1398, CVE-2013-1643
- fix segfault in error_handler with
  allow_call_time_pass_reference = Off (#951075)
- fix double free when destroy_zend_class fails (#951076)
- fix possible buffer overflow in pdo_odbc (#869694)
- php script hangs when it exceeds max_execution_time
  when inside an ODBC call (#864954)
- fix zend garbage collector (#892695)
- fix transposed memset arguments in libzip (#953818)
- fix possible segfault in pdo_mysql (#869693)
- fix imap_open DISABLE_AUTHENTICATOR param ignores array (#859369)
- fix stream support in fileinfo (#869697)
- fix setDate when DateTime created from timestamp (#869691)
- fix permission on source files (#869688)
- add php(language) and missing provides (#837044)
-
- fix copy doesn't report failure on partial copy (#951413)

1 vip-ire 1.1
2     http://git.php.net/?p=php-src.git;a=patch;h=ce96fd6b0761d98353761bf78d5bfb55291179fd
3    
4     From ce96fd6b0761d98353761bf78d5bfb55291179fd Mon Sep 17 00:00:00 2001
5     From: Pierre Joye <pajoye@php.net>
6     Date: Thu, 18 Nov 2010 15:22:22 +0000
7     Subject: [PATCH] - fix #39863, do not accept paths with NULL in them.
8    
9     diff -up php-5.3.3/ext/bz2/bz2.c.cve7243 php-5.3.3/ext/bz2/bz2.c
10     --- php-5.3.3/ext/bz2/bz2.c.cve7243 2010-06-26 18:03:39.000000000 +0200
11     +++ php-5.3.3/ext/bz2/bz2.c 2013-05-03 11:57:08.291141605 +0200
12     @@ -387,6 +387,9 @@ static PHP_FUNCTION(bzopen)
13     if (Z_TYPE_PP(file) == IS_STRING) {
14     convert_to_string_ex(file);
15    
16     + if (strlen(Z_STRVAL_PP(file)) != Z_STRLEN_PP(file)) {
17     + RETURN_FALSE;
18     + }
19     if (Z_STRLEN_PP(file) == 0) {
20     php_error_docref(NULL TSRMLS_CC, E_WARNING, "filename cannot be empty");
21     RETURN_FALSE;
22     diff -up php-5.3.3/ext/com_dotnet/com_persist.c.cve7243 php-5.3.3/ext/com_dotnet/com_persist.c
23     --- php-5.3.3/ext/com_dotnet/com_persist.c.cve7243 2010-01-03 10:23:27.000000000 +0100
24     +++ php-5.3.3/ext/com_dotnet/com_persist.c 2013-05-03 11:57:08.291141605 +0200
25     @@ -389,6 +389,9 @@ CPH_METHOD(SaveToFile)
26     }
27    
28     if (filename) {
29     + if (strlen(filename) != filename_len) {
30     + RETURN_FALSE;
31     + }
32     fullpath = expand_filepath(filename, NULL TSRMLS_CC);
33     if (!fullpath) {
34     RETURN_FALSE;
35     @@ -453,6 +456,10 @@ CPH_METHOD(LoadFromFile)
36     return;
37     }
38    
39     + if (strlen(filename) != filename_len) {
40     + RETURN_FALSE;
41     + }
42     +
43     if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
44     RETURN_FALSE;
45     }
46     diff -up php-5.3.3/ext/enchant/enchant.c.cve7243 php-5.3.3/ext/enchant/enchant.c
47     --- php-5.3.3/ext/enchant/enchant.c.cve7243 2010-05-02 07:01:51.000000000 +0200
48     +++ php-5.3.3/ext/enchant/enchant.c 2013-05-03 11:57:08.291141605 +0200
49     @@ -587,6 +587,10 @@ PHP_FUNCTION(enchant_broker_request_pwl_
50     RETURN_FALSE;
51     }
52    
53     + if (strlen(pwl) != pwllen) {
54     + RETURN_FALSE;
55     + }
56     +
57     #if PHP_API_VERSION < 20100412
58     if ((PG(safe_mode) && (!php_checkuid(pwl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(pwl TSRMLS_CC)) {
59     #else
60     diff -up php-5.3.3/ext/fileinfo/fileinfo.c.cve7243 php-5.3.3/ext/fileinfo/fileinfo.c
61     --- php-5.3.3/ext/fileinfo/fileinfo.c.cve7243 2013-05-03 11:57:08.057140307 +0200
62     +++ php-5.3.3/ext/fileinfo/fileinfo.c 2013-05-03 11:57:08.292141611 +0200
63     @@ -294,6 +294,9 @@ PHP_FUNCTION(finfo_open)
64     if (file_len == 0) {
65     file = NULL;
66     } else if (file && *file) { /* user specified file, perform open_basedir checks */
67     + if (strlen(file) != file_len) {
68     + RETURN_FALSE;
69     + }
70     if (!VCWD_REALPATH(file, resolved_path)) {
71     RETURN_FALSE;
72     }
73     diff -up php-5.3.3/ext/gd/gd.c.cve7243 php-5.3.3/ext/gd/gd.c
74     --- php-5.3.3/ext/gd/gd.c.cve7243 2010-01-15 18:09:14.000000000 +0100
75     +++ php-5.3.3/ext/gd/gd.c 2013-05-03 11:57:08.292141611 +0200
76     @@ -2642,6 +2642,9 @@ static void _php_image_output(INTERNAL_F
77     }
78    
79     if (argc >= 2 && file_len) {
80     + if (strlen(file) != file_len) {
81     + RETURN_FALSE;
82     + }
83     PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename");
84    
85     fp = VCWD_FOPEN(fn, "wb");
86     @@ -4552,6 +4555,14 @@ static void _php_image_convert(INTERNAL_
87     dest_width = width;
88     int_threshold = threshold;
89    
90     + if (strlen(f_org) != f_org_len) {
91     + RETURN_FALSE;
92     + }
93     +
94     + if (strlen(f_dest) != f_dest_len) {
95     + RETURN_FALSE;
96     + }
97     +
98     /* Check threshold value */
99     if (int_threshold < 0 || int_threshold > 8) {
100     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid threshold value '%d'", int_threshold);
101     diff -up php-5.3.3/ext/gd/gd_ctx.c.cve7243 php-5.3.3/ext/gd/gd_ctx.c
102     --- php-5.3.3/ext/gd/gd_ctx.c.cve7243 2010-01-03 10:23:27.000000000 +0100
103     +++ php-5.3.3/ext/gd/gd_ctx.c 2013-05-03 11:57:08.292141611 +0200
104     @@ -91,6 +91,9 @@ static void _php_image_output_ctx(INTERN
105     }
106    
107     if (argc > 1 && file_len) {
108     + if (strlen(file) != file_len) {
109     + RETURN_FALSE;
110     + }
111     PHP_GD_CHECK_OPEN_BASEDIR(file, "Invalid filename");
112    
113     fp = VCWD_FOPEN(file, "wb");
114     diff -up php-5.3.3/ext/imap/php_imap.c.cve7243 php-5.3.3/ext/imap/php_imap.c
115     --- php-5.3.3/ext/imap/php_imap.c.cve7243 2013-05-03 11:57:08.063140340 +0200
116     +++ php-5.3.3/ext/imap/php_imap.c 2013-05-03 11:57:08.293141616 +0200
117     @@ -1216,10 +1216,14 @@ static void php_imap_do_open(INTERNAL_FU
118     }
119    
120     /* local filename, need to perform open_basedir and safe_mode checks */
121     - if (mailbox[0] != '{' &&
122     - (php_check_open_basedir(mailbox TSRMLS_CC) ||
123     - (PG(safe_mode) && !php_checkuid(mailbox, NULL, CHECKUID_CHECK_FILE_AND_DIR)))) {
124     - RETURN_FALSE;
125     + if (mailbox[0] != '{') {
126     + if (strlen(mailbox) != mailbox_len) {
127     + RETURN_FALSE;
128     + }
129     + if (php_check_open_basedir(mailbox TSRMLS_CC) ||
130     + (PG(safe_mode) && !php_checkuid(mailbox, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
131     + RETURN_FALSE;
132     + }
133     }
134    
135     IMAPG(imap_user) = estrndup(user, user_len);
136     diff -up php-5.3.3/ext/oci8/oci8_interface.c.cve7243 php-5.3.3/ext/oci8/oci8_interface.c
137     --- php-5.3.3/ext/oci8/oci8_interface.c.cve7243 2010-01-06 19:58:16.000000000 +0100
138     +++ php-5.3.3/ext/oci8/oci8_interface.c 2013-05-03 11:57:08.294141621 +0200
139     @@ -271,6 +271,10 @@ PHP_FUNCTION(oci_lob_load)
140     return;
141     }
142     }
143     +
144     + if (strlen(filename) != filename_len) {
145     + RETURN_FALSE;
146     + }
147    
148     if (zend_hash_find(Z_OBJPROP_P(z_descriptor), "descriptor", sizeof("descriptor"), (void **)&tmp) == FAILURE) {
149     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find descriptor property");
150     @@ -662,7 +666,7 @@ PHP_FUNCTION(oci_lob_erase)
151     RETURN_FALSE;
152     }
153     }
154     -
155     +
156     if (zend_hash_find(Z_OBJPROP_P(z_descriptor), "descriptor", sizeof("descriptor"), (void **)&tmp) == FAILURE) {
157     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find descriptor property");
158     RETURN_FALSE;
159     @@ -918,6 +922,10 @@ PHP_FUNCTION(oci_lob_export)
160     /* nothing to write, fail silently */
161     RETURN_FALSE;
162     }
163     +
164     + if (strlen(filename) != filename_len) {
165     + RETURN_FALSE;
166     + }
167    
168     if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
169     RETURN_FALSE;
170     diff -up php-5.3.3/ext/odbc/php_odbc.c.cve7243 php-5.3.3/ext/odbc/php_odbc.c
171     --- php-5.3.3/ext/odbc/php_odbc.c.cve7243 2013-05-03 11:57:08.067140362 +0200
172     +++ php-5.3.3/ext/odbc/php_odbc.c 2013-05-03 11:57:08.294141621 +0200
173     @@ -1300,8 +1300,11 @@ PHP_FUNCTION(odbc_execute)
174     if (Z_STRLEN_PP(tmp) > 2 &&
175     Z_STRVAL_PP(tmp)[0] == '\'' &&
176     Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') {
177     + if (strlen(tmp) != Z_STRLEN_PP(tmp)) {
178     + RETURN_FALSE;
179     + }
180     +
181     filename = estrndup(&Z_STRVAL_PP(tmp)[1], Z_STRLEN_PP(tmp) - 2);
182     - filename[strlen(filename)] = '\0';
183    
184     /* Check for safe mode. */
185     if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
186     diff -up php-5.3.3/ext/openssl/openssl.c.cve7243 php-5.3.3/ext/openssl/openssl.c
187     --- php-5.3.3/ext/openssl/openssl.c.cve7243 2013-05-03 11:57:08.184141011 +0200
188     +++ php-5.3.3/ext/openssl/openssl.c 2013-05-03 11:57:08.295141627 +0200
189     @@ -1771,6 +1771,10 @@ PHP_FUNCTION(openssl_pkcs12_export_to_fi
190     return;
191    
192     RETVAL_FALSE;
193     +
194     + if (strlen(filename) != filename_len) {
195     + return;
196     + }
197    
198     cert = php_openssl_x509_from_zval(zcert, 0, &certresource TSRMLS_CC);
199     if (cert == NULL) {
200     @@ -2218,6 +2222,10 @@ PHP_FUNCTION(openssl_csr_export_to_file)
201     }
202     RETVAL_FALSE;
203    
204     + if (strlen(filename) != filename_len) {
205     + return;
206     + }
207     +
208     csr = php_openssl_csr_from_zval(&zcsr, 0, &csr_resource TSRMLS_CC);
209     if (csr == NULL) {
210     php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get CSR from parameter 1");
211     @@ -3002,6 +3010,10 @@ PHP_FUNCTION(openssl_pkey_export_to_file
212     }
213     RETVAL_FALSE;
214    
215     + if (strlen(filename) != filename_len) {
216     + return;
217     + }
218     +
219     key = php_openssl_evp_from_zval(zpkey, 0, passphrase, 0, &key_resource TSRMLS_CC);
220    
221     if (key == NULL) {
222     @@ -3394,7 +3406,14 @@ PHP_FUNCTION(openssl_pkcs7_encrypt)
223     &outfilename, &outfilename_len, &zrecipcerts, &zheaders, &flags, &cipherid) == FAILURE)
224     return;
225    
226     -
227     + if (strlen(infilename) != infilename_len) {
228     + return;
229     + }
230     +
231     + if (strlen(outfilename) != outfilename_len) {
232     + return;
233     + }
234     +
235     if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) || php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
236     return;
237     }
238     @@ -3526,14 +3545,22 @@ PHP_FUNCTION(openssl_pkcs7_sign)
239     char * outfilename; int outfilename_len;
240     char * extracertsfilename = NULL; int extracertsfilename_len;
241    
242     + RETVAL_FALSE;
243     +
244     if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls",
245     &infilename, &infilename_len, &outfilename, &outfilename_len,
246     &zcert, &zprivkey, &zheaders, &flags, &extracertsfilename,
247     &extracertsfilename_len) == FAILURE) {
248     return;
249     }
250     -
251     - RETVAL_FALSE;
252     +
253     + if (strlen(infilename) != infilename_len) {
254     + return;
255     + }
256     +
257     + if (strlen(outfilename) != outfilename_len) {
258     + return;
259     + }
260    
261     if (extracertsfilename) {
262     others = load_all_certs_from_file(extracertsfilename);
263     @@ -3630,12 +3657,20 @@ PHP_FUNCTION(openssl_pkcs7_decrypt)
264     char * infilename; int infilename_len;
265     char * outfilename; int outfilename_len;
266    
267     + RETVAL_FALSE;
268     +
269     if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZ|Z", &infilename, &infilename_len,
270     &outfilename, &outfilename_len, &recipcert, &recipkey) == FAILURE) {
271     return;
272     }
273    
274     - RETVAL_FALSE;
275     + if (strlen(infilename) != infilename_len) {
276     + return;
277     + }
278     +
279     + if (strlen(outfilename) != outfilename_len) {
280     + return;
281     + }
282    
283     cert = php_openssl_x509_from_zval(recipcert, 0, &certresval TSRMLS_CC);
284     if (cert == NULL) {
285     diff -up php-5.3.3/ext/pgsql/pgsql.c.cve7243 php-5.3.3/ext/pgsql/pgsql.c
286     --- php-5.3.3/ext/pgsql/pgsql.c.cve7243 2010-05-01 20:27:42.000000000 +0200
287     +++ php-5.3.3/ext/pgsql/pgsql.c 2013-05-03 11:57:08.297141638 +0200
288     @@ -3339,6 +3339,10 @@ PHP_FUNCTION(pg_lo_import)
289     WRONG_PARAM_COUNT;
290     }
291    
292     + if (strlen(file_in) != name_len) {
293     + RETURN_FALSE;
294     + }
295     +
296     if (PG(safe_mode) &&(!php_checkuid(file_in, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
297     RETURN_FALSE;
298     }
299     @@ -3476,6 +3480,10 @@ PHP_FUNCTION(pg_lo_export)
300     RETURN_FALSE;
301     }
302    
303     + if (strlen(file_out) != name_len) {
304     + RETURN_FALSE;
305     + }
306     +
307     if (PG(safe_mode) &&(!php_checkuid(file_out, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
308     RETURN_FALSE;
309     }
310     diff -up php-5.3.3/ext/posix/posix.c.cve7243 php-5.3.3/ext/posix/posix.c
311     --- php-5.3.3/ext/posix/posix.c.cve7243 2010-06-26 18:03:39.000000000 +0200
312     +++ php-5.3.3/ext/posix/posix.c 2013-05-03 11:57:08.297141638 +0200
313     @@ -842,6 +842,10 @@ PHP_FUNCTION(posix_mkfifo)
314     RETURN_FALSE;
315     }
316    
317     + if (strlen(path) != path_len) {
318     + RETURN_FALSE;
319     + }
320     +
321     if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) ||
322     (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR)))) {
323     RETURN_FALSE;
324     @@ -877,6 +881,10 @@ PHP_FUNCTION(posix_mknod)
325     RETURN_FALSE;
326     }
327    
328     + if (strlen(path) != path_len) {
329     + RETURN_FALSE;
330     + }
331     +
332     if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) ||
333     (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR)))) {
334     RETURN_FALSE;
335     @@ -957,6 +965,10 @@ PHP_FUNCTION(posix_access)
336     RETURN_FALSE;
337     }
338    
339     + if (strlen(filename) != filename_len) {
340     + RETURN_FALSE;
341     + }
342     +
343     path = expand_filepath(filename, NULL TSRMLS_CC);
344     if (!path) {
345     POSIX_G(last_error) = EIO;
346     diff -up php-5.3.3/ext/pspell/pspell.c.cve7243 php-5.3.3/ext/pspell/pspell.c
347     --- php-5.3.3/ext/pspell/pspell.c.cve7243 2010-01-03 10:23:27.000000000 +0100
348     +++ php-5.3.3/ext/pspell/pspell.c 2013-05-03 11:57:08.298141644 +0200
349     @@ -402,6 +402,10 @@ static PHP_FUNCTION(pspell_new_personal)
350     }
351     #endif
352    
353     + if (strlen(personal) != personal_len) {
354     + RETURN_FALSE;
355     + }
356     +
357     if (PG(safe_mode) && (!php_checkuid(personal, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
358     delete_pspell_config(config);
359     RETURN_FALSE;
360     @@ -834,6 +838,10 @@ static void pspell_config_path(INTERNAL_
361     return;
362     }
363    
364     + if (strlen(value) != value_len) {
365     + RETURN_FALSE;
366     + }
367     +
368     PSPELL_FETCH_CONFIG;
369    
370     if (PG(safe_mode) && (!php_checkuid(value, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
371     @@ -891,6 +899,10 @@ static PHP_FUNCTION(pspell_config_repl)
372    
373     pspell_config_replace(config, "save-repl", "true");
374    
375     + if (strlen(repl) != repl_len) {
376     + RETURN_FALSE;
377     + }
378     +
379     if (PG(safe_mode) && (!php_checkuid(repl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
380     RETURN_FALSE;
381     }
382     diff -up php-5.3.3/ext/sqlite3/sqlite3.c.cve7243 php-5.3.3/ext/sqlite3/sqlite3.c
383     --- php-5.3.3/ext/sqlite3/sqlite3.c.cve7243 2010-06-21 13:06:31.000000000 +0200
384     +++ php-5.3.3/ext/sqlite3/sqlite3.c 2013-05-03 11:57:08.299141649 +0200
385     @@ -114,6 +114,9 @@ PHP_METHOD(sqlite3, open)
386     zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Already initialised DB Object", 0 TSRMLS_CC);
387     }
388    
389     + if (strlen(filename) != filename_len) {
390     + return;
391     + }
392     if (strncmp(filename, ":memory:", 8) != 0) {
393     if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
394     zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Unable to expand filepath", 0 TSRMLS_CC);
395     diff -up php-5.3.3/ext/sqlite/sqlite.c.cve7243 php-5.3.3/ext/sqlite/sqlite.c
396     --- php-5.3.3/ext/sqlite/sqlite.c.cve7243 2010-04-28 14:10:10.000000000 +0200
397     +++ php-5.3.3/ext/sqlite/sqlite.c 2013-05-03 11:57:08.298141644 +0200
398     @@ -1560,6 +1560,9 @@ PHP_FUNCTION(sqlite_popen)
399     ZVAL_NULL(errmsg);
400     }
401    
402     + if (strlen(filename) != filename_len) {
403     + RETURN_FALSE;
404     + }
405     if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
406     /* resolve the fully-qualified path name to use as the hash key */
407     if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
408     @@ -1637,6 +1640,9 @@ PHP_FUNCTION(sqlite_open)
409     ZVAL_NULL(errmsg);
410     }
411    
412     + if (strlen(filename) != filename_len) {
413     + RETURN_FALSE;
414     + }
415     if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
416     /* resolve the fully-qualified path name to use as the hash key */
417     if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
418     @@ -1690,6 +1696,10 @@ PHP_FUNCTION(sqlite_factory)
419     ZVAL_NULL(errmsg);
420     }
421    
422     + if (strlen(filename) != filename_len) {
423     + RETURN_FALSE;
424     + }
425     +
426     if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
427     /* resolve the fully-qualified path name to use as the hash key */
428     if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
429     diff -up php-5.3.3/ext/standard/basic_functions.c.cve7243 php-5.3.3/ext/standard/basic_functions.c
430     --- php-5.3.3/ext/standard/basic_functions.c.cve7243 2013-05-03 11:57:08.078140423 +0200
431     +++ php-5.3.3/ext/standard/basic_functions.c 2013-05-03 11:57:08.300141655 +0200
432     @@ -4667,6 +4667,12 @@ PHP_FUNCTION(error_log)
433     opt_err = erropt;
434     }
435    
436     + if (opt_err == 3) {
437     + if (strlen(opt) != opt_len) {
438     + RETURN_FALSE;
439     + }
440     + }
441     +
442     if (_php_error_log_ex(opt_err, message, message_len, opt, headers TSRMLS_CC) == FAILURE) {
443     RETURN_FALSE;
444     }
445     @@ -5155,6 +5161,10 @@ PHP_FUNCTION(highlight_file)
446     RETURN_FALSE;
447     }
448    
449     + if (strlen(filename) != filename_len) {
450     + RETURN_FALSE;
451     + }
452     +
453     if (i) {
454     php_start_ob_buffer (NULL, 0, 1 TSRMLS_CC);
455     }
456     @@ -5201,6 +5211,10 @@ PHP_FUNCTION(php_strip_whitespace)
457     RETURN_FALSE;
458     }
459    
460     + if (strlen(filename) != filename_len) {
461     + RETURN_FALSE;
462     + }
463     +
464     file_handle.type = ZEND_HANDLE_FILENAME;
465     file_handle.filename = filename;
466     file_handle.free_filename = 0;
467     @@ -5461,6 +5475,11 @@ PHP_FUNCTION(set_include_path)
468     return;
469     }
470    
471     + /* No nulls allowed in paths */
472     + if (strlen(new_value) != new_value_len) {
473     + RETURN_FALSE;
474     + }
475     +
476     old_value = zend_ini_string("include_path", sizeof("include_path"), 0);
477     /* copy to return here, because alter might free it! */
478     if (old_value) {
479     @@ -5771,6 +5790,10 @@ PHP_FUNCTION(is_uploaded_file)
480     return;
481     }
482    
483     + if (strlen(path) != path_len) {
484     + RETURN_FALSE;
485     + }
486     +
487     if (zend_hash_exists(SG(rfc1867_uploaded_files), path, path_len + 1)) {
488     RETURN_TRUE;
489     } else {
490     @@ -5811,6 +5834,14 @@ PHP_FUNCTION(move_uploaded_file)
491     RETURN_FALSE;
492     }
493    
494     + if (strlen(path) != path_len) {
495     + RETURN_FALSE;
496     + }
497     +
498     + if (strlen(new_path) != new_path_len) {
499     + RETURN_FALSE;
500     + }
501     +
502     VCWD_UNLINK(new_path);
503     if (VCWD_RENAME(path, new_path) == 0) {
504     successful = 1;
505     @@ -5954,6 +5985,10 @@ PHP_FUNCTION(parse_ini_file)
506     RETURN_FALSE;
507     }
508    
509     + if (strlen(filename) != filename_len) {
510     + RETURN_FALSE;
511     + }
512     +
513     /* Set callback function */
514     if (process_sections) {
515     BG(active_ini_file_section) = NULL;
516     diff -up php-5.3.3/ext/standard/dir.c.cve7243 php-5.3.3/ext/standard/dir.c
517     --- php-5.3.3/ext/standard/dir.c.cve7243 2010-06-26 18:03:39.000000000 +0200
518     +++ php-5.3.3/ext/standard/dir.c 2013-05-03 11:57:08.301141660 +0200
519     @@ -325,6 +325,10 @@ PHP_FUNCTION(chdir)
520     RETURN_FALSE;
521     }
522    
523     + if (strlen(str) != str_len) {
524     + RETURN_FALSE;
525     + }
526     +
527     if ((PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir(str TSRMLS_CC)) {
528     RETURN_FALSE;
529     }
530     @@ -436,6 +440,10 @@ PHP_FUNCTION(glob)
531     return;
532     }
533    
534     + if (strlen(pattern) != pattern_len) {
535     + RETURN_FALSE;
536     + }
537     +
538     if (pattern_len >= MAXPATHLEN) {
539     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Pattern exceeds the maximum allowed length of %d characters", MAXPATHLEN);
540     RETURN_FALSE;
541     @@ -557,6 +565,10 @@ PHP_FUNCTION(scandir)
542     return;
543     }
544    
545     + if (strlen(dirn) != dirn_len) {
546     + RETURN_FALSE;
547     + }
548     +
549     if (dirn_len < 1) {
550     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Directory name cannot be empty");
551     RETURN_FALSE;
552     diff -up php-5.3.3/ext/standard/file.c.cve7243 php-5.3.3/ext/standard/file.c
553     --- php-5.3.3/ext/standard/file.c.cve7243 2013-05-03 11:57:08.024140124 +0200
554     +++ php-5.3.3/ext/standard/file.c 2013-05-03 11:57:08.302141666 +0200
555     @@ -382,6 +382,10 @@ PHP_FUNCTION(get_meta_tags)
556     return;
557     }
558    
559     + if (strlen(filename) != filename_len) {
560     + RETURN_FALSE;
561     + }
562     +
563     md.stream = php_stream_open_wrapper(filename, "rb",
564     (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS,
565     NULL);
566     @@ -535,6 +539,10 @@ PHP_FUNCTION(file_get_contents)
567     return;
568     }
569    
570     + if (strlen(filename) != filename_len) {
571     + RETURN_FALSE;
572     + }
573     +
574     if (ZEND_NUM_ARGS() == 5 && maxlen < 0) {
575     php_error_docref(NULL TSRMLS_CC, E_WARNING, "length must be greater than or equal to zero");
576     RETURN_FALSE;
577     @@ -592,6 +600,10 @@ PHP_FUNCTION(file_put_contents)
578     return;
579     }
580    
581     + if (strlen(filename) != filename_len) {
582     + RETURN_FALSE;
583     + }
584     +
585     if (Z_TYPE_P(data) == IS_RESOURCE) {
586     php_stream_from_zval(srcstream, &data);
587     }
588     @@ -736,6 +748,11 @@ PHP_FUNCTION(file)
589     if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|lr!", &filename, &filename_len, &flags, &zcontext) == FAILURE) {
590     return;
591     }
592     +
593     + if (strlen(filename) != filename_len) {
594     + RETURN_FALSE;
595     + }
596     +
597     if (flags < 0 || flags > (PHP_FILE_USE_INCLUDE_PATH | PHP_FILE_IGNORE_NEW_LINES | PHP_FILE_SKIP_EMPTY_LINES | PHP_FILE_NO_DEFAULT_CONTEXT)) {
598     php_error_docref(NULL TSRMLS_CC, E_WARNING, "'%ld' flag is not supported", flags);
599     RETURN_FALSE;
600     @@ -833,6 +850,14 @@ PHP_FUNCTION(tempnam)
601     return;
602     }
603    
604     + if (strlen(dir) != dir_len) {
605     + RETURN_FALSE;
606     + }
607     +
608     + if (strlen(prefix) != prefix_len) {
609     + RETURN_FALSE;
610     + }
611     +
612     if (PG(safe_mode) &&(!php_checkuid(dir, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
613     RETURN_FALSE;
614     }
615     @@ -891,6 +916,10 @@ PHP_NAMED_FUNCTION(php_if_fopen)
616     RETURN_FALSE;
617     }
618    
619     + if (strlen(filename) != filename_len) {
620     + RETURN_FALSE;
621     + }
622     +
623     context = php_stream_context_from_zval(zcontext, 0);
624    
625     stream = php_stream_open_wrapper_ex(filename, mode, (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context);
626     @@ -1394,6 +1423,10 @@ PHP_FUNCTION(mkdir)
627     RETURN_FALSE;
628     }
629    
630     + if (strlen(dir) != dir_len) {
631     + RETURN_FALSE;
632     + }
633     +
634     context = php_stream_context_from_zval(zcontext, 0);
635    
636     RETURN_BOOL(php_stream_mkdir(dir, mode, (recursive ? PHP_STREAM_MKDIR_RECURSIVE : 0) | REPORT_ERRORS, context));
637     @@ -1413,6 +1446,10 @@ PHP_FUNCTION(rmdir)
638     RETURN_FALSE;
639     }
640    
641     + if (strlen(dir) != dir_len) {
642     + RETURN_FALSE;
643     + }
644     +
645     context = php_stream_context_from_zval(zcontext, 0);
646    
647     RETURN_BOOL(php_stream_rmdir(dir, REPORT_ERRORS, context));
648     @@ -1435,6 +1472,10 @@ PHP_FUNCTION(readfile)
649     RETURN_FALSE;
650     }
651    
652     + if (strlen(filename) != filename_len) {
653     + RETURN_FALSE;
654     + }
655     +
656     context = php_stream_context_from_zval(zcontext, 0);
657    
658     stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context);
659     @@ -1508,6 +1549,14 @@ PHP_FUNCTION(rename)
660     RETURN_FALSE;
661     }
662    
663     + if (strlen(old_name) != old_name_len) {
664     + RETURN_FALSE;
665     + }
666     +
667     + if (strlen(new_name) != new_name_len) {
668     + RETURN_FALSE;
669     + }
670     +
671     wrapper = php_stream_locate_url_wrapper(old_name, NULL, 0 TSRMLS_CC);
672    
673     if (!wrapper || !wrapper->wops) {
674     @@ -1545,6 +1594,10 @@ PHP_FUNCTION(unlink)
675     RETURN_FALSE;
676     }
677    
678     + if (strlen(filename) != filename_len) {
679     + RETURN_FALSE;
680     + }
681     +
682     context = php_stream_context_from_zval(zcontext, 0);
683    
684     wrapper = php_stream_locate_url_wrapper(filename, NULL, 0 TSRMLS_CC);
685     @@ -1681,6 +1734,14 @@ PHP_FUNCTION(copy)
686     return;
687     }
688    
689     + if (strlen(source) != source_len) {
690     + RETURN_FALSE;
691     + }
692     +
693     + if (strlen(target) != target_len) {
694     + RETURN_FALSE;
695     + }
696     +
697     if (PG(safe_mode) &&(!php_checkuid(source, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
698     RETURN_FALSE;
699     }
700     @@ -2372,6 +2433,10 @@ PHP_FUNCTION(realpath)
701     return;
702     }
703    
704     + if (strlen(filename) != filename_len) {
705     + RETURN_FALSE;
706     + }
707     +
708     if (VCWD_REALPATH(filename, resolved_path_buff)) {
709     if (PG(safe_mode) && (!php_checkuid(resolved_path_buff, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
710     RETURN_FALSE;
711     @@ -2514,6 +2579,14 @@ PHP_FUNCTION(fnmatch)
712     return;
713     }
714    
715     + if (strlen(pattern) != pattern_len) {
716     + RETURN_FALSE;
717     + }
718     +
719     + if (strlen(filename) != filename_len) {
720     + RETURN_FALSE;
721     + }
722     +
723     if (filename_len >= MAXPATHLEN) {
724     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Filename exceeds the maximum allowed length of %d characters", MAXPATHLEN);
725     RETURN_FALSE;
726     diff -up php-5.3.3/ext/standard/filestat.c.cve7243 php-5.3.3/ext/standard/filestat.c
727     --- php-5.3.3/ext/standard/filestat.c.cve7243 2010-01-03 10:23:27.000000000 +0100
728     +++ php-5.3.3/ext/standard/filestat.c 2013-05-03 11:57:08.302141666 +0200
729     @@ -379,6 +379,10 @@ PHP_FUNCTION(disk_free_space)
730     RETURN_FALSE;
731     }
732    
733     + if (strlen(path) != path_len) {
734     + RETURN_FALSE;
735     + }
736     +
737     if (php_disk_free_space(path, &bytesfree TSRMLS_CC) == SUCCESS) {
738     RETURN_DOUBLE(bytesfree);
739     }
740     @@ -399,6 +403,10 @@ static void php_do_chgrp(INTERNAL_FUNCTI
741     RETURN_FALSE;
742     }
743    
744     + if (strlen(filename) != filename_len) {
745     + RETURN_FALSE;
746     + }
747     +
748     if (Z_TYPE_P(group) == IS_LONG) {
749     gid = (gid_t)Z_LVAL_P(group);
750     } else if (Z_TYPE_P(group) == IS_STRING) {
751     @@ -500,6 +508,10 @@ static void php_do_chown(INTERNAL_FUNCTI
752     return;
753     }
754    
755     + if (strlen(filename) != filename_len) {
756     + RETURN_FALSE;
757     + }
758     +
759     if (Z_TYPE_P(user) == IS_LONG) {
760     uid = (uid_t)Z_LVAL_P(user);
761     } else if (Z_TYPE_P(user) == IS_STRING) {
762     @@ -607,6 +619,10 @@ PHP_FUNCTION(chmod)
763     RETURN_FALSE;
764     }
765    
766     + if (strlen(filename) != filename_len) {
767     + RETURN_FALSE;
768     + }
769     +
770     /* Check the basedir */
771     if (php_check_open_basedir(filename TSRMLS_CC)) {
772     RETURN_FALSE;
773     @@ -660,6 +676,10 @@ PHP_FUNCTION(touch)
774     return;
775     }
776    
777     + if (strlen(filename) != filename_len) {
778     + RETURN_FALSE;
779     + }
780     +
781     switch (argc) {
782     case 1:
783     #ifdef HAVE_UTIME_NULL
784     @@ -715,8 +735,9 @@ PHP_FUNCTION(touch)
785     PHPAPI void php_clear_stat_cache(zend_bool clear_realpath_cache, const char *filename, int filename_len TSRMLS_DC)
786     {
787     /* always clear CurrentStatFile and CurrentLStatFile even if filename is not NULL
788     - * as it may contains outdated data (e.g. "nlink" for a directory when deleting a file
789     + * as it may contain outdated data (e.g. "nlink" for a directory when deleting a file
790     * in this directory, as shown by lstat_stat_variation9.phpt) */
791     +
792     if (BG(CurrentStatFile)) {
793     efree(BG(CurrentStatFile));
794     BG(CurrentStatFile) = NULL;
795     @@ -777,6 +798,10 @@ PHPAPI void php_stat(const char *filenam
796     RETURN_FALSE;
797     }
798    
799     + if (strlen(filename) != filename_length) {
800     + RETURN_FALSE;
801     + }
802     +
803     if ((wrapper = php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC)) == &php_plain_files_wrapper) {
804     if (php_check_open_basedir(local TSRMLS_CC)) {
805     RETURN_FALSE;
806     diff -up php-5.3.3/ext/standard/ftok.c.cve7243 php-5.3.3/ext/standard/ftok.c
807     --- php-5.3.3/ext/standard/ftok.c.cve7243 2010-01-03 10:23:27.000000000 +0100
808     +++ php-5.3.3/ext/standard/ftok.c 2013-05-03 11:57:08.302141666 +0200
809     @@ -39,6 +39,10 @@ PHP_FUNCTION(ftok)
810     return;
811     }
812    
813     + if (strlen(pathname) != pathname_len) {
814     + RETURN_FALSE;
815     + }
816     +
817     if (pathname_len == 0){
818     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Pathname is invalid");
819     RETURN_LONG(-1);
820     diff -up php-5.3.3/ext/standard/iptc.c.cve7243 php-5.3.3/ext/standard/iptc.c
821     --- php-5.3.3/ext/standard/iptc.c.cve7243 2010-01-03 10:23:27.000000000 +0100
822     +++ php-5.3.3/ext/standard/iptc.c 2013-05-03 11:57:08.302141666 +0200
823     @@ -190,6 +190,10 @@ PHP_FUNCTION(iptcembed)
824     return;
825     }
826    
827     + if (strlen(jpeg_file) != jpeg_file_len) {
828     + RETURN_FALSE;
829     + }
830     +
831     if (PG(safe_mode) && (!php_checkuid(jpeg_file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
832     RETURN_FALSE;
833     }
834     diff -up php-5.3.3/ext/standard/link.c.cve7243 php-5.3.3/ext/standard/link.c
835     --- php-5.3.3/ext/standard/link.c.cve7243 2010-01-03 10:23:27.000000000 +0100
836     +++ php-5.3.3/ext/standard/link.c 2013-05-03 11:57:08.303141671 +0200
837     @@ -64,6 +64,10 @@ PHP_FUNCTION(readlink)
838     return;
839     }
840    
841     + if (strlen(link) != link_len) {
842     + RETURN_FALSE;
843     + }
844     +
845     if (PG(safe_mode) && !php_checkuid(link, NULL, CHECKUID_CHECK_FILE_AND_DIR)) {
846     RETURN_FALSE;
847     }
848     @@ -123,6 +127,14 @@ PHP_FUNCTION(symlink)
849     if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &topath, &topath_len, &frompath, &frompath_len) == FAILURE) {
850     return;
851     }
852     +
853     + if (strlen(topath) != topath_len) {
854     + RETURN_FALSE;
855     + }
856     +
857     + if (strlen(frompath) != frompath_len) {
858     + RETURN_FALSE;
859     + }
860    
861     if (!expand_filepath(frompath, source_p TSRMLS_CC)) {
862     php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or directory");
863     @@ -188,6 +200,14 @@ PHP_FUNCTION(link)
864     return;
865     }
866    
867     + if (strlen(topath) != topath_len) {
868     + RETURN_FALSE;
869     + }
870     +
871     + if (strlen(frompath) != frompath_len) {
872     + RETURN_FALSE;
873     + }
874     +
875     if (!expand_filepath(frompath, source_p TSRMLS_CC) || !expand_filepath(topath, dest_p TSRMLS_CC)) {
876     php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or directory");
877     RETURN_FALSE;
878     diff -up php-5.3.3/ext/tidy/tidy.c.cve7243 php-5.3.3/ext/tidy/tidy.c
879     --- php-5.3.3/ext/tidy/tidy.c.cve7243 2010-03-12 11:28:59.000000000 +0100
880     +++ php-5.3.3/ext/tidy/tidy.c 2013-05-03 11:57:08.303141671 +0200
881     @@ -567,6 +567,9 @@ static void php_tidy_quick_repair(INTERN
882     }
883    
884     if (is_file) {
885     + if (strlen(arg1) != arg1_len) {
886     + RETURN_FALSE;
887     + }
888     if (!(data = php_tidy_file_to_mem(arg1, use_include_path, &data_len TSRMLS_CC))) {
889     RETURN_FALSE;
890     }
891     @@ -1221,6 +1224,9 @@ static PHP_FUNCTION(tidy_parse_file)
892     RETURN_FALSE;
893     }
894    
895     + if (strlen(inputfile) != input_len) {
896     + RETURN_FALSE;
897     + }
898     tidy_instanciate(tidy_ce_doc, return_value TSRMLS_CC);
899     obj = (PHPTidyObj *) zend_object_store_get_object(return_value TSRMLS_CC);
900    
901     @@ -1534,10 +1540,13 @@ static TIDY_DOC_METHOD(__construct)
902     &options, &enc, &enc_len, &use_include_path) == FAILURE) {
903     RETURN_FALSE;
904     }
905     -
906     +
907     obj = (PHPTidyObj *)zend_object_store_get_object(object TSRMLS_CC);
908    
909     if (inputfile) {
910     + if (strlen(inputfile) != input_len) {
911     + RETURN_FALSE;
912     + }
913     if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path, &contents_len TSRMLS_CC))) {
914     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s' into memory %s", inputfile, (use_include_path) ? "(Using include path)" : "");
915     return;
916     @@ -1568,7 +1577,10 @@ static TIDY_DOC_METHOD(parseFile)
917     &options, &enc, &enc_len, &use_include_path) == FAILURE) {
918     RETURN_FALSE;
919     }
920     -
921     +
922     + if (strlen(inputfile) != input_len) {
923     + RETURN_FALSE;
924     + }
925     if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path, &contents_len TSRMLS_CC))) {
926     php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s' into memory %s", inputfile, (use_include_path) ? "(Using include path)" : "");
927     RETURN_FALSE;
928     diff -up php-5.3.3/ext/xsl/xsltprocessor.c.cve7243 php-5.3.3/ext/xsl/xsltprocessor.c
929     --- php-5.3.3/ext/xsl/xsltprocessor.c.cve7243 2013-05-03 11:57:08.259141427 +0200
930     +++ php-5.3.3/ext/xsl/xsltprocessor.c 2013-05-03 11:57:08.303141671 +0200
931     @@ -690,6 +690,9 @@ PHP_FUNCTION(xsl_xsltprocessor_transform
932    
933     ret = -1;
934     if (newdocp) {
935     + if (strlen(uri) != uri_len) {
936     + RETURN_FALSE;
937     + }
938     ret = xsltSaveResultToFilename(uri, newdocp, sheetp, 0);
939     xmlFreeDoc(newdocp);
940     }
941     @@ -893,7 +896,7 @@ PHP_FUNCTION(xsl_xsltprocessor_set_profi
942     if (intern->profiling) {
943     efree(intern->profiling);
944     }
945     - if (filename != NULL) {
946     + if (filename != NULL && strlen(filename) == filename_len) {
947     intern->profiling = estrndup(filename,filename_len);
948     } else {
949     intern->profiling = NULL;
950     diff -up php-5.3.3/ext/zip/php_zip.c.cve7243 php-5.3.3/ext/zip/php_zip.c
951     --- php-5.3.3/ext/zip/php_zip.c.cve7243 2013-05-03 11:57:08.141140773 +0200
952     +++ php-5.3.3/ext/zip/php_zip.c 2013-05-03 11:59:23.507871248 +0200
953     @@ -1148,6 +1148,10 @@ static PHP_NAMED_FUNCTION(zif_zip_open)
954     RETURN_FALSE;
955     }
956    
957     + if (strlen(filename) != filename_len) {
958     + RETURN_FALSE;
959     + }
960     +
961     if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
962     RETURN_FALSE;
963     }
964     @@ -1437,6 +1441,10 @@ static ZIPARCHIVE_METHOD(open)
965     RETURN_FALSE;
966     }
967    
968     + if (strlen(filename) != filename_len) {
969     + RETURN_FALSE;
970     + }
971     +
972     if (ZIP_OPENBASEDIR_CHECKPATH(filename)) {
973     RETURN_FALSE;
974     }
975     @@ -2363,6 +2371,10 @@ static ZIPARCHIVE_METHOD(extractTo)
976     RETURN_FALSE;
977     }
978    
979     + if (strlen(pathto) != pathto_len) {
980     + RETURN_FALSE;
981     + }
982     +
983     if (php_stream_stat_path(pathto, &ssb) < 0) {
984     ret = php_stream_mkdir(pathto, 0777, PHP_STREAM_MKDIR_RECURSIVE, NULL);
985     if (!ret) {
986     @@ -2449,6 +2461,9 @@ static void php_zip_get_from(INTERNAL_FU
987     if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|ll", &filename, &filename_len, &len, &flags) == FAILURE) {
988     return;
989     }
990     + if (strlen(filename) != filename_len) {
991     + return;
992     + }
993     PHP_ZIP_STAT_PATH(intern, filename, filename_len, flags, sb);
994     } else {
995     if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|ll", &index, &len, &flags) == FAILURE) {
996     diff -up php-5.3.3/main/fopen_wrappers.c.cve7243 php-5.3.3/main/fopen_wrappers.c
997     --- php-5.3.3/main/fopen_wrappers.c.cve7243 2010-04-22 00:22:31.000000000 +0200
998     +++ php-5.3.3/main/fopen_wrappers.c 2013-05-03 11:57:08.304141677 +0200
999     @@ -519,6 +519,10 @@ PHPAPI char *php_resolve_path(const char
1000     return NULL;
1001     }
1002    
1003     + if (strlen(filename) != filename_length) {
1004     + return NULL;
1005     + }
1006     +
1007     /* Don't resolve paths which contain protocol (except of file://) */
1008     for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++);
1009     if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) {
1010     diff -up php-5.3.3/Zend/zend_vm_execute.h.cve7243 php-5.3.3/Zend/zend_vm_execute.h
1011     --- php-5.3.3/Zend/zend_vm_execute.h.cve7243 2010-07-05 11:08:35.000000000 +0200
1012     +++ php-5.3.3/Zend/zend_vm_execute.h 2013-05-03 11:57:08.290141599 +0200
1013     @@ -1880,6 +1880,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1014    
1015     return_value_used = RETURN_VALUE_USED(opline);
1016    
1017     + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
1018     + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE ||
1019     + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
1020     + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1021     + } else {
1022     + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1023     + }
1024     + goto done;
1025     + }
1026     +
1027     switch (Z_LVAL(opline->op2.u.constant)) {
1028     case ZEND_INCLUDE_ONCE:
1029     case ZEND_REQUIRE_ONCE: {
1030     @@ -1933,6 +1943,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1031     break;
1032     EMPTY_SWITCH_DEFAULT_CASE()
1033     }
1034     +done:
1035     if (inc_filename==&tmp_inc_filename) {
1036     zval_dtor(&tmp_inc_filename);
1037     }
1038     @@ -5154,6 +5165,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1039    
1040     return_value_used = RETURN_VALUE_USED(opline);
1041    
1042     + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
1043     + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE ||
1044     + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
1045     + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1046     + } else {
1047     + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1048     + }
1049     + goto done;
1050     + }
1051     +
1052     switch (Z_LVAL(opline->op2.u.constant)) {
1053     case ZEND_INCLUDE_ONCE:
1054     case ZEND_REQUIRE_ONCE: {
1055     @@ -5207,6 +5228,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1056     break;
1057     EMPTY_SWITCH_DEFAULT_CASE()
1058     }
1059     +done:
1060     if (inc_filename==&tmp_inc_filename) {
1061     zval_dtor(&tmp_inc_filename);
1062     }
1063     @@ -8524,6 +8546,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1064    
1065     return_value_used = RETURN_VALUE_USED(opline);
1066    
1067     + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
1068     + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE ||
1069     + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
1070     + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1071     + } else {
1072     + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1073     + }
1074     + goto done;
1075     + }
1076     +
1077     switch (Z_LVAL(opline->op2.u.constant)) {
1078     case ZEND_INCLUDE_ONCE:
1079     case ZEND_REQUIRE_ONCE: {
1080     @@ -8577,6 +8609,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1081     break;
1082     EMPTY_SWITCH_DEFAULT_CASE()
1083     }
1084     +done:
1085     if (inc_filename==&tmp_inc_filename) {
1086     zval_dtor(&tmp_inc_filename);
1087     }
1088     @@ -22387,6 +22420,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1089    
1090     return_value_used = RETURN_VALUE_USED(opline);
1091    
1092     + if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) {
1093     + if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE ||
1094     + Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) {
1095     + zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1096     + } else {
1097     + zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC);
1098     + }
1099     + goto done;
1100     + }
1101     +
1102     switch (Z_LVAL(opline->op2.u.constant)) {
1103     case ZEND_INCLUDE_ONCE:
1104     case ZEND_REQUIRE_ONCE: {
1105     @@ -22440,6 +22483,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O
1106     break;
1107     EMPTY_SWITCH_DEFAULT_CASE()
1108     }
1109     +done:
1110     if (inc_filename==&tmp_inc_filename) {
1111     zval_dtor(&tmp_inc_filename);
1112     }
1113     From 7deec592fdc57f7a4d96390d021c9ae2e9715cee Mon Sep 17 00:00:00 2001
1114     From: Pierre Joye <pajoye@php.net>
1115     Date: Mon, 21 Feb 2011 10:09:50 +0000
1116     Subject: [PATCH] - fix test 025
1117    
1118     ---
1119     ext/openssl/openssl.c | 3 +--
1120     1 file changed, 1 insertion(+), 2 deletions(-)
1121    
1122     diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
1123     index 47deeb3..5f86bb8 100644
1124     --- a/ext/openssl/openssl.c
1125     +++ b/ext/openssl/openssl.c
1126     @@ -3543,14 +3543,13 @@ PHP_FUNCTION(openssl_pkcs7_sign)
1127     char * outfilename; int outfilename_len;
1128     char * extracertsfilename = NULL; int extracertsfilename_len;
1129    
1130     - RETVAL_FALSE;
1131     -
1132     if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls",
1133     &infilename, &infilename_len, &outfilename, &outfilename_len,
1134     &zcert, &zprivkey, &zheaders, &flags, &extracertsfilename,
1135     &extracertsfilename_len) == FAILURE) {
1136     return;
1137     }
1138     + RETVAL_FALSE;
1139    
1140     if (strlen(infilename) != infilename_len) {
1141     return;
1142     --
1143     1.7.11.5
1144    
1145     From 2a545be57f7ca7bc269eb9c93a07e1b85d4e8172 Mon Sep 17 00:00:00 2001
1146     From: =?utf8?q?Gustavo=20Andr=C3=A9=20dos=20Santos=20Lopes?=
1147     <cataphract@php.net>
1148     Date: Mon, 22 Nov 2010 05:10:14 +0000
1149     Subject: [PATCH] - Fix tests for \0 patch in PHP 5.3. - Fix
1150     constants_error_004.phpt (closes bug #51901)
1151    
1152     ---
1153     ext/standard/tests/file/copy_variation4.phpt | Bin 4654 -> 4467 bytes
1154     .../tests/file/disk_free_space_variation.phpt | 16 +++++------
1155     .../file/file_get_contents_variation8-win32.phpt | 2 --
1156     .../tests/file/file_get_contents_variation8.phpt | 2 --
1157     .../tests/file/file_put_contents_variation8.phpt | Bin 2302 -> 2228 bytes
1158     ext/standard/tests/file/filegroup_variation3.phpt | 4 +--
1159     ext/standard/tests/file/fileinode_variation3.phpt | 4 +--
1160     ext/standard/tests/file/fileowner_variation3.phpt | 4 +--
1161     ext/standard/tests/file/fileperms_variation3.phpt | 4 +--
1162     ext/standard/tests/file/fnmatch_variation.phpt | 30 ++++++++++-----------
1163     ext/standard/tests/file/glob_variation.phpt | 23 +++++-----------
1164     ext/standard/tests/file/is_dir_variation4.phpt | 4 +--
1165     .../tests/file/is_executable_variation1.phpt | 4 +--
1166     ext/standard/tests/file/is_file_variation4.phpt | 4 +--
1167     .../tests/file/is_readable_variation1.phpt | 6 ++---
1168     .../tests/file/is_writable_variation1.phpt | 12 ++++-----
1169     .../tests/file/mkdir_rmdir_variation2.phpt | 4 +--
1170     .../tests/file/readfile_variation10-win32.phpt | 14 +++++++---
1171     ext/standard/tests/file/readfile_variation10.phpt | Bin 1786 -> 1847 bytes
1172     .../tests/file/rename_variation13-win32.phpt | Bin 3947 -> 3805 bytes
1173     ext/standard/tests/file/rename_variation13.phpt | 4 ---
1174     ext/standard/tests/file/stream_rfc2397_006.phpt | 4 +--
1175     .../tests/file/tempnam_variation3-win32.phpt | 5 ++--
1176     ext/standard/tests/file/tempnam_variation3.phpt | 6 ++---
1177     .../tests/file/tempnam_variation7-win32.phpt | 6 ++---
1178     ext/standard/tests/file/tempnam_variation7.phpt | 6 ++---
1179     tests/classes/constants_error_004.phpt | 2 +-
1180     27 files changed, 81 insertions(+), 89 deletions(-)
1181    
1182     diff --git a/ext/standard/tests/file/copy_variation4.phpt b/ext/standard/tests/file/copy_variation4.phpt
1183     index 48386743f325e3cfedaa7712443a6af249aa9593..32756c1ede19ac8fb5e1029e4cd549b1bf42c199 100644
1184     GIT binary patch
1185     delta 51
1186     zcmZ3d@>yxZ<c+rzm>82bTQfi7n4BXhH<_PLmnAJRr+BhGUo3Z0etwPyh?lCl*@yQL
1187     F3jp%@5;6b)
1188    
1189     delta 78
1190     zcmV-U0I~n`BCaHmlPgzAP9iA^ARuIEWhf$ZYiV#GL~kH&Z*(AXb#5SUZXj1_Ze(wF
1191     kb0R4_3bA&50<-i2<_MGe2+RQhlO7R5lL!hcv!D#q1Rf_E<^TWy
1192    
1193     diff --git a/ext/standard/tests/file/disk_free_space_variation.phpt b/ext/standard/tests/file/disk_free_space_variation.phpt
1194     index c180998..178f857 100644
1195     --- a/ext/standard/tests/file/disk_free_space_variation.phpt
1196     +++ b/ext/standard/tests/file/disk_free_space_variation.phpt
1197     @@ -105,19 +105,19 @@ float(%d)
1198     float(%d)
1199    
1200     -- Iteration 9 --
1201     -float(%d)
1202     -float(%d)
1203     +bool(false)
1204     +bool(false)
1205    
1206     -- Iteration 10 --
1207     -float(%d)
1208     -float(%d)
1209     +bool(false)
1210     +bool(false)
1211    
1212     -- Iteration 11 --
1213     -float(%d)
1214     -float(%d)
1215     +bool(false)
1216     +bool(false)
1217    
1218     -- Iteration 12 --
1219     -float(%d)
1220     -float(%d)
1221     +bool(false)
1222     +bool(false)
1223    
1224     --- Done ---
1225     diff --git a/ext/standard/tests/file/file_get_contents_variation8-win32.phpt b/ext/standard/tests/file/file_get_contents_variation8-win32.phpt
1226     index 43d742a..c0074ff 100644
1227     --- a/ext/standard/tests/file/file_get_contents_variation8-win32.phpt
1228     +++ b/ext/standard/tests/file/file_get_contents_variation8-win32.phpt
1229     @@ -76,8 +76,6 @@ Warning: file_get_contents( ): failed to open stream: Permission denied in %s on
1230     bool(false)
1231    
1232     -- Filename: \0 --
1233     -
1234     -Warning: file_get_contents(): Filename cannot be empty in %s on line %d
1235     bool(false)
1236    
1237     -- Filename: array() --
1238     diff --git a/ext/standard/tests/file/file_get_contents_variation8.phpt b/ext/standard/tests/file/file_get_contents_variation8.phpt
1239     index dca75a0..84621e1 100644
1240     --- a/ext/standard/tests/file/file_get_contents_variation8.phpt
1241     +++ b/ext/standard/tests/file/file_get_contents_variation8.phpt
1242     @@ -68,8 +68,6 @@ bool(false)
1243     Warning: file_get_contents( ): failed to open stream: No such file or directory in %s on line %d
1244     bool(false)
1245     -- Iteration 6 --
1246     -
1247     -Warning: file_get_contents(): Filename cannot be empty in %s on line %d
1248     bool(false)
1249     -- Iteration 7 --
1250    
1251     diff --git a/ext/standard/tests/file/file_put_contents_variation8.phpt b/ext/standard/tests/file/file_put_contents_variation8.phpt
1252     index 1e27e71334165f687b4bf263cfd56e934dbce78d..c35ace47b2c0037484e7d90885bd0876d29a7e9f 100644
1253     GIT binary patch
1254     delta 20
1255     ccmew-xJ7WoU$)5?*d-_Xvhi)sW1qkX0A3phxBvhE
1256    
1257     delta 18
1258     acmdlY_)l=dU$)5!Y)Om^o5k4YF#-Tc0tQn6
1259    
1260     diff --git a/ext/standard/tests/file/filegroup_variation3.phpt b/ext/standard/tests/file/filegroup_variation3.phpt
1261     index dd875a0..c41f383 100644
1262     --- a/ext/standard/tests/file/filegroup_variation3.phpt
1263     +++ b/ext/standard/tests/file/filegroup_variation3.phpt
1264     @@ -74,8 +74,8 @@ bool(false)
1265     Warning: filegroup(): stat failed for %s/filegroup_variation3/filegroup*.tmp in %s on line %d
1266     bool(false)
1267     - Iteration 7 -
1268     -int(%d)
1269     +bool(false)
1270     - Iteration 8 -
1271     -int(%d)
1272     +bool(false)
1273    
1274     *** Done ***
1275     diff --git a/ext/standard/tests/file/fileinode_variation3.phpt b/ext/standard/tests/file/fileinode_variation3.phpt
1276     index c81b573..23cf3c7 100644
1277     --- a/ext/standard/tests/file/fileinode_variation3.phpt
1278     +++ b/ext/standard/tests/file/fileinode_variation3.phpt
1279     @@ -75,8 +75,8 @@ bool(false)
1280     Warning: fileinode(): stat failed for %s/fileinode_variation3/fileinode*.tmp in %s on line %d
1281     bool(false)
1282     - Iteration 7 -
1283     -int(%d)
1284     +bool(false)
1285     - Iteration 8 -
1286     -int(%d)
1287     +bool(false)
1288    
1289     *** Done ***
1290     diff --git a/ext/standard/tests/file/fileowner_variation3.phpt b/ext/standard/tests/file/fileowner_variation3.phpt
1291     index 2a322b6..b2691e9 100644
1292     --- a/ext/standard/tests/file/fileowner_variation3.phpt
1293     +++ b/ext/standard/tests/file/fileowner_variation3.phpt
1294     @@ -75,8 +75,8 @@ bool(false)
1295     Warning: fileowner(): stat failed for %s/fileowner_variation3/fileowner*.tmp in %s on line %d
1296     bool(false)
1297     - Iteration 7 -
1298     -int(%d)
1299     +bool(false)
1300     - Iteration 8 -
1301     -int(%d)
1302     +bool(false)
1303    
1304     *** Done ***
1305     diff --git a/ext/standard/tests/file/fileperms_variation3.phpt b/ext/standard/tests/file/fileperms_variation3.phpt
1306     index 38101e3..1e7396a 100644
1307     --- a/ext/standard/tests/file/fileperms_variation3.phpt
1308     +++ b/ext/standard/tests/file/fileperms_variation3.phpt
1309     @@ -74,8 +74,8 @@ bool(false)
1310     Warning: fileperms(): stat failed for %s/fileperms_variation3/fileperms*.tmp in %s on line %d
1311     bool(false)
1312     - Iteration 7 -
1313     -int(%d)
1314     +bool(false)
1315     - Iteration 8 -
1316     -int(%d)
1317     +bool(false)
1318    
1319     *** Done ***
1320     diff --git a/ext/standard/tests/file/fnmatch_variation.phpt b/ext/standard/tests/file/fnmatch_variation.phpt
1321     index e65bdd0..13afebb 100644
1322     --- a/ext/standard/tests/file/fnmatch_variation.phpt
1323     +++ b/ext/standard/tests/file/fnmatch_variation.phpt
1324     @@ -259,21 +259,21 @@ bool(true)
1325     --- With Strings ---
1326     -- Iteration 0 --
1327     bool(true)
1328     -bool(true)
1329     +bool(false)
1330     bool(true)
1331     bool(false)
1332     bool(false)
1333     bool(true)
1334     -- Iteration 1 --
1335     -bool(true)
1336     -bool(true)
1337     -bool(true)
1338     bool(false)
1339     bool(false)
1340     -bool(true)
1341     +bool(false)
1342     +bool(false)
1343     +bool(false)
1344     +bool(false)
1345     -- Iteration 2 --
1346     bool(true)
1347     -bool(true)
1348     +bool(false)
1349     bool(true)
1350     bool(false)
1351     bool(false)
1352     @@ -282,7 +282,7 @@ bool(true)
1353     bool(false)
1354     bool(false)
1355     bool(false)
1356     -bool(true)
1357     +bool(false)
1358     bool(false)
1359     bool(false)
1360     -- Iteration 4 --
1361     @@ -294,7 +294,7 @@ bool(true)
1362     bool(false)
1363     -- Iteration 5 --
1364     bool(true)
1365     -bool(true)
1366     +bool(false)
1367     bool(true)
1368     bool(false)
1369     bool(false)
1370     @@ -397,28 +397,28 @@ bool(true)
1371     bool(true)
1372     bool(true)
1373     bool(true)
1374     -bool(true)
1375     +bool(false)
1376     bool(false)
1377     bool(false)
1378     -- Iteration 1 --
1379     bool(true)
1380     bool(true)
1381     bool(true)
1382     -bool(true)
1383     +bool(false)
1384     bool(false)
1385     bool(false)
1386     -- Iteration 2 --
1387     bool(true)
1388     bool(true)
1389     bool(true)
1390     -bool(true)
1391     +bool(false)
1392     bool(false)
1393     bool(false)
1394     -- Iteration 3 --
1395     -bool(true)
1396     -bool(true)
1397     -bool(true)
1398     -bool(true)
1399     +bool(false)
1400     +bool(false)
1401     +bool(false)
1402     +bool(false)
1403     bool(false)
1404     bool(false)
1405     -- Iteration 4 --
1406     diff --git a/ext/standard/tests/file/glob_variation.phpt b/ext/standard/tests/file/glob_variation.phpt
1407     index 52c0dc8..64d3d8a 100755
1408     --- a/ext/standard/tests/file/glob_variation.phpt
1409     +++ b/ext/standard/tests/file/glob_variation.phpt
1410     @@ -325,20 +325,12 @@ array(0) {
1411     }
1412    
1413     -- Iteration 8 --
1414     -array(0) {
1415     -}
1416     -array(0) {
1417     -}
1418     -array(0) {
1419     -}
1420     -array(1) {
1421     - [0]=>
1422     - string(%d) "%s/glob_variation/WONDER5"
1423     -}
1424     -array(0) {
1425     -}
1426     -array(0) {
1427     -}
1428     +bool(false)
1429     +bool(false)
1430     +bool(false)
1431     +bool(false)
1432     +bool(false)
1433     +bool(false)
1434    
1435     -- Iteration 9 --
1436     array(0) {
1437     @@ -441,8 +433,7 @@ array(1) {
1438     array(0) {
1439     }
1440     -- Iteration 8 --
1441     -array(0) {
1442     -}
1443     +bool(false)
1444     -- Iteration 9 --
1445     array(0) {
1446     }
1447     diff --git a/ext/standard/tests/file/is_dir_variation4.phpt b/ext/standard/tests/file/is_dir_variation4.phpt
1448     index a68fe0b..b83d185 100644
1449     --- a/ext/standard/tests/file/is_dir_variation4.phpt
1450     +++ b/ext/standard/tests/file/is_dir_variation4.phpt
1451     @@ -77,9 +77,9 @@ bool(true)
1452     bool(false)
1453    
1454     -- Iteration 9 --
1455     -bool(true)
1456     +bool(false)
1457    
1458     -- Iteration 10 --
1459     -bool(true)
1460     +bool(false)
1461    
1462     *** Done ***
1463     diff --git a/ext/standard/tests/file/is_executable_variation1.phpt b/ext/standard/tests/file/is_executable_variation1.phpt
1464     index 9969911..bc826b9 100644
1465     --- a/ext/standard/tests/file/is_executable_variation1.phpt
1466     +++ b/ext/standard/tests/file/is_executable_variation1.phpt
1467     @@ -76,9 +76,9 @@ bool(false)
1468     -- Iteration 5 --
1469     bool(false)
1470     -- Iteration 6 --
1471     -bool(true)
1472     +bool(false)
1473     -- Iteration 7 --
1474     -bool(true)
1475     +bool(false)
1476     -- Iteration 8 --
1477     bool(false)
1478     -- Iteration 9 --
1479     diff --git a/ext/standard/tests/file/is_file_variation4.phpt b/ext/standard/tests/file/is_file_variation4.phpt
1480     index 55aeedf..fbdf438 100644
1481     --- a/ext/standard/tests/file/is_file_variation4.phpt
1482     +++ b/ext/standard/tests/file/is_file_variation4.phpt
1483     @@ -67,8 +67,8 @@ bool(false)
1484     - Iteration 6 -
1485     bool(false)
1486     - Iteration 7 -
1487     -bool(true)
1488     +bool(false)
1489     - Iteration 8 -
1490     -bool(true)
1491     +bool(false)
1492    
1493     *** Done ***
1494     diff --git a/ext/standard/tests/file/is_readable_variation1.phpt b/ext/standard/tests/file/is_readable_variation1.phpt
1495     index a131032..7493574 100644
1496     --- a/ext/standard/tests/file/is_readable_variation1.phpt
1497     +++ b/ext/standard/tests/file/is_readable_variation1.phpt
1498     @@ -87,11 +87,11 @@ bool(false)
1499     -- Iteration 6 --
1500     bool(false)
1501     -- Iteration 7 --
1502     -bool(true)
1503     +bool(false)
1504     -- Iteration 8 --
1505     -bool(true)
1506     +bool(false)
1507     -- Iteration 9 --
1508     -bool(true)
1509     +bool(false)
1510     -- Iteration 10 --
1511     bool(true)
1512     -- Iteration 11 --
1513     diff --git a/ext/standard/tests/file/is_writable_variation1.phpt b/ext/standard/tests/file/is_writable_variation1.phpt
1514     index bf3e7e1..1f3cbf5 100644
1515     --- a/ext/standard/tests/file/is_writable_variation1.phpt
1516     +++ b/ext/standard/tests/file/is_writable_variation1.phpt
1517     @@ -96,14 +96,14 @@ bool(false)
1518     bool(false)
1519     bool(false)
1520     -- Iteration 7 --
1521     -bool(true)
1522     -bool(true)
1523     +bool(false)
1524     +bool(false)
1525     -- Iteration 8 --
1526     -bool(true)
1527     -bool(true)
1528     +bool(false)
1529     +bool(false)
1530     -- Iteration 9 --
1531     -bool(true)
1532     -bool(true)
1533     +bool(false)
1534     +bool(false)
1535     -- Iteration 10 --
1536     bool(true)
1537     bool(true)
1538     diff --git a/ext/standard/tests/file/mkdir_rmdir_variation2.phpt b/ext/standard/tests/file/mkdir_rmdir_variation2.phpt
1539     index e7c41c4..101e890 100644
1540     --- a/ext/standard/tests/file/mkdir_rmdir_variation2.phpt
1541     +++ b/ext/standard/tests/file/mkdir_rmdir_variation2.phpt
1542     @@ -64,8 +64,8 @@ Warning: rmdir(%s/mkdir_variation2/): %s on line %d
1543     bool(false)
1544    
1545     *** Testing mkdir() and rmdir() for binary safe functionality ***
1546     -bool(true)
1547     -bool(true)
1548     +bool(false)
1549     +bool(false)
1550    
1551     *** Testing mkdir() with miscelleneous input ***
1552     bool(true)
1553     diff --git a/ext/standard/tests/file/readfile_variation10-win32.phpt b/ext/standard/tests/file/readfile_variation10-win32.phpt
1554     index 6453b98..1624194 100644
1555     --- a/ext/standard/tests/file/readfile_variation10-win32.phpt
1556     +++ b/ext/standard/tests/file/readfile_variation10-win32.phpt
1557     @@ -37,7 +37,7 @@ $names_arr = array(
1558    
1559     foreach($names_arr as $key => $value) {
1560     echo "\n-- Filename: $key --\n";
1561     - readfile($value);
1562     + var_dump(readfile($value));
1563     };
1564    
1565     ?>
1566     @@ -48,40 +48,48 @@ foreach($names_arr as $key => $value) {
1567     -- Filename: -1 --
1568    
1569     Warning: readfile(-1): failed to open stream: No such file or directory in %s on line %d
1570     +bool(false)
1571    
1572     -- Filename: TRUE --
1573    
1574     Warning: readfile(1): failed to open stream: No such file or directory in %s on line %d
1575     +bool(false)
1576    
1577     -- Filename: FALSE --
1578    
1579     Warning: readfile(): Filename cannot be empty in %s on line %d
1580     +bool(false)
1581    
1582     -- Filename: NULL --
1583    
1584     Warning: readfile(): Filename cannot be empty in %s on line %d
1585     +bool(false)
1586    
1587     -- Filename: "" --
1588    
1589     Warning: readfile(): Filename cannot be empty in %s on line %d
1590     +bool(false)
1591    
1592     -- Filename: " " --
1593    
1594     Warning: readfile( ): failed to open stream: Permission denied in %s on line %d
1595     +bool(false)
1596    
1597     -- Filename: \0 --
1598     -
1599     -Warning: readfile(): Filename cannot be empty in %s on line %d
1600     +bool(false)
1601    
1602     -- Filename: array() --
1603    
1604     Warning: readfile() expects parameter 1 to be string, array given in %s on line %d
1605     +bool(false)
1606    
1607     -- Filename: /no/such/file/dir --
1608    
1609     Warning: readfile(/no/such/file/dir): failed to open stream: No such file or directory in %s on line %d
1610     +bool(false)
1611    
1612     -- Filename: php/php --
1613    
1614     Warning: readfile(php/php): failed to open stream: No such file or directory in %s on line %d
1615     +bool(false)
1616     ===Done===
1617     \ No newline at end of file
1618     diff --git a/ext/standard/tests/file/readfile_variation10.phpt b/ext/standard/tests/file/readfile_variation10.phpt
1619     index a48150aee0fcf1240a7f47b7939c317043ae037f..2caa2de1d259b0012f6f5722b441a25666b1f9b8 100644
1620     GIT binary patch
1621     delta 216
1622     zcmeyxyPa=?3bRC6Vo`ibX>Nf=QEFmJT4qkFhDu&yZmQ;FBj(lIN%{FX8fl3+#X$ZY
1623     z=1>%VBTEoTd}Y>96(sYxbafR<Qj1G6^U@X6xsW6#pJdHOG1!<b7KPu>7Au9Mo{LLM
1624     POH08eKQC1Q$lwA1(T_+Z
1625    
1626     delta 94
1627     zcmdna_ltLf3Nv3(YGO)SW=^VxN?u}a>SP<{)ssInhfLnU5(vjxtRcL*x(X$!#U+_}
1628     q=?dx$lUO7sm$T?je$1LRIg%}A@<Fy3J}xaSEd`hSyi^4sg9`vL;2zZg
1629    
1630     diff --git a/ext/standard/tests/file/rename_variation13-win32.phpt b/ext/standard/tests/file/rename_variation13-win32.phpt
1631     index a86025889d31bedfad6b7214ff98c1a4cd9dcd62..2cd9dbdd949d456a4e7093b3e0993f45f1c71046 100644
1632     GIT binary patch
1633     delta 25
1634     gcmaDYcUN`;4>u22Qht7pMp|M{ajNF#W!y)Z0e1xn6#xJL
1635    
1636     delta 26
1637     icmcaB`&w=T4>u#j<b9lGlN~tyC*S5!*{s36l^Fnh^a#HI
1638    
1639     diff --git a/ext/standard/tests/file/rename_variation13.phpt b/ext/standard/tests/file/rename_variation13.phpt
1640     index 24697d5..2c35198 100644
1641     --- a/ext/standard/tests/file/rename_variation13.phpt
1642     +++ b/ext/standard/tests/file/rename_variation13.phpt
1643     @@ -98,11 +98,7 @@ bool(true)
1644     Warning: rename( ,%s/renameVar13/afile.tmp): No such file or directory in %s on line %d
1645     bool(false)
1646     -- testing '%s' --
1647     -
1648     -Warning: rename(%s/renameVar13/afile.tmp,): %s in %s on line %d
1649     bool(false)
1650     -
1651     -Warning: rename(,%s/renameVar13/afile.tmp): %s in %s on line %d
1652     bool(false)
1653     -- testing 'Array' --
1654    
1655     diff --git a/ext/standard/tests/file/stream_rfc2397_006.phpt b/ext/standard/tests/file/stream_rfc2397_006.phpt
1656     index dab6cd5..b1b3111 100755
1657     --- a/ext/standard/tests/file/stream_rfc2397_006.phpt
1658     +++ b/ext/standard/tests/file/stream_rfc2397_006.phpt
1659     @@ -21,8 +21,8 @@ foreach($streams as $stream)
1660     ===DONE===
1661     <?php exit(0); ?>
1662     --EXPECTF--
1663     -string(0) ""
1664     -string(6) "foobar"
1665     +bool(false)
1666     +bool(false)
1667     string(13) "foobar foobar"
1668    
1669     Warning: file_get_contents(data:;base64,#Zm9vYmFyIGZvb2Jhc=): failed to open stream: rfc2397: unable to decode in %sstream_rfc2397_006.php on line %d
1670     diff --git a/ext/standard/tests/file/tempnam_variation3-win32.phpt b/ext/standard/tests/file/tempnam_variation3-win32.phpt
1671     index fb457cb..a51a10a 100644
1672     --- a/ext/standard/tests/file/tempnam_variation3-win32.phpt
1673     +++ b/ext/standard/tests/file/tempnam_variation3-win32.phpt
1674     @@ -31,8 +31,8 @@ $names_arr = array(
1675     NULL,
1676     "",
1677     " ",
1678     - "\0",
1679     /* Invalid args */
1680     + "\0",
1681     array(),
1682    
1683     /* Valid args*/
1684     @@ -102,7 +102,8 @@ OK
1685     Failed, not created in the correct directory %s vs %s
1686     0
1687     -- Iteration 6 --
1688     -OK
1689     +Failed, not created in the correct directory %s vs %s
1690     +0
1691     -- Iteration 7 --
1692    
1693     Warning: tempnam() expects parameter 2 to be string, array given in %s\ext\standard\tests\file\tempnam_variation3-win32.php on line %d
1694     diff --git a/ext/standard/tests/file/tempnam_variation3.phpt b/ext/standard/tests/file/tempnam_variation3.phpt
1695     index 69ab16c..4a0e861 100644
1696     --- a/ext/standard/tests/file/tempnam_variation3.phpt
1697     +++ b/ext/standard/tests/file/tempnam_variation3.phpt
1698     @@ -100,9 +100,9 @@ File name is => %s/%s
1699     File permissions are => 100600
1700     File created in => directory specified
1701     -- Iteration 6 --
1702     -File name is => %s/%s
1703     -File permissions are => 100600
1704     -File created in => directory specified
1705     +-- File is not created --
1706     +
1707     +Warning: unlink(): %s in %s on line %d
1708     -- Iteration 7 --
1709    
1710     Warning: tempnam() expects parameter 2 to be string, array given in %s on line %d
1711     diff --git a/ext/standard/tests/file/tempnam_variation7-win32.phpt b/ext/standard/tests/file/tempnam_variation7-win32.phpt
1712     index 34e352a..8ea839e 100644
1713     --- a/ext/standard/tests/file/tempnam_variation7-win32.phpt
1714     +++ b/ext/standard/tests/file/tempnam_variation7-win32.phpt
1715     @@ -89,9 +89,9 @@ File name is => %s%et%s
1716     File permissions are => 100666
1717     File created in => temp dir
1718     -- Iteration 6 --
1719     -File name is => %s%et%s
1720     -File permissions are => 100666
1721     -File created in => temp dir
1722     +-- File is not created --
1723     +
1724     +Warning: unlink(): %s in %s on line %d
1725     -- Iteration 7 --
1726    
1727     Warning: tempnam() expects parameter 1 to be string, array given in %s on line %d
1728     diff --git a/ext/standard/tests/file/tempnam_variation7.phpt b/ext/standard/tests/file/tempnam_variation7.phpt
1729     index 18d074d..16f94f0 100644
1730     --- a/ext/standard/tests/file/tempnam_variation7.phpt
1731     +++ b/ext/standard/tests/file/tempnam_variation7.phpt
1732     @@ -94,9 +94,9 @@ File name is => %s%etempnam_variation3.tmp%s
1733     File permissions are => 100600
1734     File created in => temp dir
1735     -- Iteration 6 --
1736     -File name is => %s%etempnam_variation3.tmp%s
1737     -File permissions are => 100600
1738     -File created in => temp dir
1739     +-- File is not created --
1740     +
1741     +Warning: unlink(): %s in %s on line %d
1742     -- Iteration 7 --
1743    
1744     Warning: tempnam() expects parameter 1 to be string, array given in %s on line %d
1745     diff --git a/tests/classes/constants_error_004.phpt b/tests/classes/constants_error_004.phpt
1746     index 732c530..03e6725 100644
1747     --- a/tests/classes/constants_error_004.phpt
1748     +++ b/tests/classes/constants_error_004.phpt
1749     @@ -10,4 +10,4 @@ Class constant whose initial value refereces a non-existent class
1750     $a = new C();
1751     ?>
1752     --EXPECTF--
1753     -Fatal error: Undefined class constant 'D::hello' in %s on line %d
1754     +Fatal error: Class 'D' not found in %s on line %d
1755     --
1756     1.7.11.5
1757    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed