| 1 |
vip-ire |
1.1 |
|
| 2 |
|
|
http://git.php.net/?p=php-src.git;a=patch;h=ce96fd6b0761d98353761bf78d5bfb55291179fd |
| 3 |
|
|
|
| 4 |
|
|
From ce96fd6b0761d98353761bf78d5bfb55291179fd Mon Sep 17 00:00:00 2001 |
| 5 |
|
|
From: Pierre Joye <pajoye@php.net> |
| 6 |
|
|
Date: Thu, 18 Nov 2010 15:22:22 +0000 |
| 7 |
|
|
Subject: [PATCH] - fix #39863, do not accept paths with NULL in them. |
| 8 |
|
|
|
| 9 |
|
|
diff -up php-5.3.3/ext/bz2/bz2.c.cve7243 php-5.3.3/ext/bz2/bz2.c |
| 10 |
|
|
--- php-5.3.3/ext/bz2/bz2.c.cve7243 2010-06-26 18:03:39.000000000 +0200 |
| 11 |
|
|
+++ php-5.3.3/ext/bz2/bz2.c 2013-05-03 11:57:08.291141605 +0200 |
| 12 |
|
|
@@ -387,6 +387,9 @@ static PHP_FUNCTION(bzopen) |
| 13 |
|
|
if (Z_TYPE_PP(file) == IS_STRING) { |
| 14 |
|
|
convert_to_string_ex(file); |
| 15 |
|
|
|
| 16 |
|
|
+ if (strlen(Z_STRVAL_PP(file)) != Z_STRLEN_PP(file)) { |
| 17 |
|
|
+ RETURN_FALSE; |
| 18 |
|
|
+ } |
| 19 |
|
|
if (Z_STRLEN_PP(file) == 0) { |
| 20 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "filename cannot be empty"); |
| 21 |
|
|
RETURN_FALSE; |
| 22 |
|
|
diff -up php-5.3.3/ext/com_dotnet/com_persist.c.cve7243 php-5.3.3/ext/com_dotnet/com_persist.c |
| 23 |
|
|
--- php-5.3.3/ext/com_dotnet/com_persist.c.cve7243 2010-01-03 10:23:27.000000000 +0100 |
| 24 |
|
|
+++ php-5.3.3/ext/com_dotnet/com_persist.c 2013-05-03 11:57:08.291141605 +0200 |
| 25 |
|
|
@@ -389,6 +389,9 @@ CPH_METHOD(SaveToFile) |
| 26 |
|
|
} |
| 27 |
|
|
|
| 28 |
|
|
if (filename) { |
| 29 |
|
|
+ if (strlen(filename) != filename_len) { |
| 30 |
|
|
+ RETURN_FALSE; |
| 31 |
|
|
+ } |
| 32 |
|
|
fullpath = expand_filepath(filename, NULL TSRMLS_CC); |
| 33 |
|
|
if (!fullpath) { |
| 34 |
|
|
RETURN_FALSE; |
| 35 |
|
|
@@ -453,6 +456,10 @@ CPH_METHOD(LoadFromFile) |
| 36 |
|
|
return; |
| 37 |
|
|
} |
| 38 |
|
|
|
| 39 |
|
|
+ if (strlen(filename) != filename_len) { |
| 40 |
|
|
+ RETURN_FALSE; |
| 41 |
|
|
+ } |
| 42 |
|
|
+ |
| 43 |
|
|
if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { |
| 44 |
|
|
RETURN_FALSE; |
| 45 |
|
|
} |
| 46 |
|
|
diff -up php-5.3.3/ext/enchant/enchant.c.cve7243 php-5.3.3/ext/enchant/enchant.c |
| 47 |
|
|
--- php-5.3.3/ext/enchant/enchant.c.cve7243 2010-05-02 07:01:51.000000000 +0200 |
| 48 |
|
|
+++ php-5.3.3/ext/enchant/enchant.c 2013-05-03 11:57:08.291141605 +0200 |
| 49 |
|
|
@@ -587,6 +587,10 @@ PHP_FUNCTION(enchant_broker_request_pwl_ |
| 50 |
|
|
RETURN_FALSE; |
| 51 |
|
|
} |
| 52 |
|
|
|
| 53 |
|
|
+ if (strlen(pwl) != pwllen) { |
| 54 |
|
|
+ RETURN_FALSE; |
| 55 |
|
|
+ } |
| 56 |
|
|
+ |
| 57 |
|
|
#if PHP_API_VERSION < 20100412 |
| 58 |
|
|
if ((PG(safe_mode) && (!php_checkuid(pwl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(pwl TSRMLS_CC)) { |
| 59 |
|
|
#else |
| 60 |
|
|
diff -up php-5.3.3/ext/fileinfo/fileinfo.c.cve7243 php-5.3.3/ext/fileinfo/fileinfo.c |
| 61 |
|
|
--- php-5.3.3/ext/fileinfo/fileinfo.c.cve7243 2013-05-03 11:57:08.057140307 +0200 |
| 62 |
|
|
+++ php-5.3.3/ext/fileinfo/fileinfo.c 2013-05-03 11:57:08.292141611 +0200 |
| 63 |
|
|
@@ -294,6 +294,9 @@ PHP_FUNCTION(finfo_open) |
| 64 |
|
|
if (file_len == 0) { |
| 65 |
|
|
file = NULL; |
| 66 |
|
|
} else if (file && *file) { /* user specified file, perform open_basedir checks */ |
| 67 |
|
|
+ if (strlen(file) != file_len) { |
| 68 |
|
|
+ RETURN_FALSE; |
| 69 |
|
|
+ } |
| 70 |
|
|
if (!VCWD_REALPATH(file, resolved_path)) { |
| 71 |
|
|
RETURN_FALSE; |
| 72 |
|
|
} |
| 73 |
|
|
diff -up php-5.3.3/ext/gd/gd.c.cve7243 php-5.3.3/ext/gd/gd.c |
| 74 |
|
|
--- php-5.3.3/ext/gd/gd.c.cve7243 2010-01-15 18:09:14.000000000 +0100 |
| 75 |
|
|
+++ php-5.3.3/ext/gd/gd.c 2013-05-03 11:57:08.292141611 +0200 |
| 76 |
|
|
@@ -2642,6 +2642,9 @@ static void _php_image_output(INTERNAL_F |
| 77 |
|
|
} |
| 78 |
|
|
|
| 79 |
|
|
if (argc >= 2 && file_len) { |
| 80 |
|
|
+ if (strlen(file) != file_len) { |
| 81 |
|
|
+ RETURN_FALSE; |
| 82 |
|
|
+ } |
| 83 |
|
|
PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); |
| 84 |
|
|
|
| 85 |
|
|
fp = VCWD_FOPEN(fn, "wb"); |
| 86 |
|
|
@@ -4552,6 +4555,14 @@ static void _php_image_convert(INTERNAL_ |
| 87 |
|
|
dest_width = width; |
| 88 |
|
|
int_threshold = threshold; |
| 89 |
|
|
|
| 90 |
|
|
+ if (strlen(f_org) != f_org_len) { |
| 91 |
|
|
+ RETURN_FALSE; |
| 92 |
|
|
+ } |
| 93 |
|
|
+ |
| 94 |
|
|
+ if (strlen(f_dest) != f_dest_len) { |
| 95 |
|
|
+ RETURN_FALSE; |
| 96 |
|
|
+ } |
| 97 |
|
|
+ |
| 98 |
|
|
/* Check threshold value */ |
| 99 |
|
|
if (int_threshold < 0 || int_threshold > 8) { |
| 100 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid threshold value '%d'", int_threshold); |
| 101 |
|
|
diff -up php-5.3.3/ext/gd/gd_ctx.c.cve7243 php-5.3.3/ext/gd/gd_ctx.c |
| 102 |
|
|
--- php-5.3.3/ext/gd/gd_ctx.c.cve7243 2010-01-03 10:23:27.000000000 +0100 |
| 103 |
|
|
+++ php-5.3.3/ext/gd/gd_ctx.c 2013-05-03 11:57:08.292141611 +0200 |
| 104 |
|
|
@@ -91,6 +91,9 @@ static void _php_image_output_ctx(INTERN |
| 105 |
|
|
} |
| 106 |
|
|
|
| 107 |
|
|
if (argc > 1 && file_len) { |
| 108 |
|
|
+ if (strlen(file) != file_len) { |
| 109 |
|
|
+ RETURN_FALSE; |
| 110 |
|
|
+ } |
| 111 |
|
|
PHP_GD_CHECK_OPEN_BASEDIR(file, "Invalid filename"); |
| 112 |
|
|
|
| 113 |
|
|
fp = VCWD_FOPEN(file, "wb"); |
| 114 |
|
|
diff -up php-5.3.3/ext/imap/php_imap.c.cve7243 php-5.3.3/ext/imap/php_imap.c |
| 115 |
|
|
--- php-5.3.3/ext/imap/php_imap.c.cve7243 2013-05-03 11:57:08.063140340 +0200 |
| 116 |
|
|
+++ php-5.3.3/ext/imap/php_imap.c 2013-05-03 11:57:08.293141616 +0200 |
| 117 |
|
|
@@ -1216,10 +1216,14 @@ static void php_imap_do_open(INTERNAL_FU |
| 118 |
|
|
} |
| 119 |
|
|
|
| 120 |
|
|
/* local filename, need to perform open_basedir and safe_mode checks */ |
| 121 |
|
|
- if (mailbox[0] != '{' && |
| 122 |
|
|
- (php_check_open_basedir(mailbox TSRMLS_CC) || |
| 123 |
|
|
- (PG(safe_mode) && !php_checkuid(mailbox, NULL, CHECKUID_CHECK_FILE_AND_DIR)))) { |
| 124 |
|
|
- RETURN_FALSE; |
| 125 |
|
|
+ if (mailbox[0] != '{') { |
| 126 |
|
|
+ if (strlen(mailbox) != mailbox_len) { |
| 127 |
|
|
+ RETURN_FALSE; |
| 128 |
|
|
+ } |
| 129 |
|
|
+ if (php_check_open_basedir(mailbox TSRMLS_CC) || |
| 130 |
|
|
+ (PG(safe_mode) && !php_checkuid(mailbox, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 131 |
|
|
+ RETURN_FALSE; |
| 132 |
|
|
+ } |
| 133 |
|
|
} |
| 134 |
|
|
|
| 135 |
|
|
IMAPG(imap_user) = estrndup(user, user_len); |
| 136 |
|
|
diff -up php-5.3.3/ext/oci8/oci8_interface.c.cve7243 php-5.3.3/ext/oci8/oci8_interface.c |
| 137 |
|
|
--- php-5.3.3/ext/oci8/oci8_interface.c.cve7243 2010-01-06 19:58:16.000000000 +0100 |
| 138 |
|
|
+++ php-5.3.3/ext/oci8/oci8_interface.c 2013-05-03 11:57:08.294141621 +0200 |
| 139 |
|
|
@@ -271,6 +271,10 @@ PHP_FUNCTION(oci_lob_load) |
| 140 |
|
|
return; |
| 141 |
|
|
} |
| 142 |
|
|
} |
| 143 |
|
|
+ |
| 144 |
|
|
+ if (strlen(filename) != filename_len) { |
| 145 |
|
|
+ RETURN_FALSE; |
| 146 |
|
|
+ } |
| 147 |
|
|
|
| 148 |
|
|
if (zend_hash_find(Z_OBJPROP_P(z_descriptor), "descriptor", sizeof("descriptor"), (void **)&tmp) == FAILURE) { |
| 149 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find descriptor property"); |
| 150 |
|
|
@@ -662,7 +666,7 @@ PHP_FUNCTION(oci_lob_erase) |
| 151 |
|
|
RETURN_FALSE; |
| 152 |
|
|
} |
| 153 |
|
|
} |
| 154 |
|
|
- |
| 155 |
|
|
+ |
| 156 |
|
|
if (zend_hash_find(Z_OBJPROP_P(z_descriptor), "descriptor", sizeof("descriptor"), (void **)&tmp) == FAILURE) { |
| 157 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find descriptor property"); |
| 158 |
|
|
RETURN_FALSE; |
| 159 |
|
|
@@ -918,6 +922,10 @@ PHP_FUNCTION(oci_lob_export) |
| 160 |
|
|
/* nothing to write, fail silently */ |
| 161 |
|
|
RETURN_FALSE; |
| 162 |
|
|
} |
| 163 |
|
|
+ |
| 164 |
|
|
+ if (strlen(filename) != filename_len) { |
| 165 |
|
|
+ RETURN_FALSE; |
| 166 |
|
|
+ } |
| 167 |
|
|
|
| 168 |
|
|
if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 169 |
|
|
RETURN_FALSE; |
| 170 |
|
|
diff -up php-5.3.3/ext/odbc/php_odbc.c.cve7243 php-5.3.3/ext/odbc/php_odbc.c |
| 171 |
|
|
--- php-5.3.3/ext/odbc/php_odbc.c.cve7243 2013-05-03 11:57:08.067140362 +0200 |
| 172 |
|
|
+++ php-5.3.3/ext/odbc/php_odbc.c 2013-05-03 11:57:08.294141621 +0200 |
| 173 |
|
|
@@ -1300,8 +1300,11 @@ PHP_FUNCTION(odbc_execute) |
| 174 |
|
|
if (Z_STRLEN_PP(tmp) > 2 && |
| 175 |
|
|
Z_STRVAL_PP(tmp)[0] == '\'' && |
| 176 |
|
|
Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') { |
| 177 |
|
|
+ if (strlen(tmp) != Z_STRLEN_PP(tmp)) { |
| 178 |
|
|
+ RETURN_FALSE; |
| 179 |
|
|
+ } |
| 180 |
|
|
+ |
| 181 |
|
|
filename = estrndup(&Z_STRVAL_PP(tmp)[1], Z_STRLEN_PP(tmp) - 2); |
| 182 |
|
|
- filename[strlen(filename)] = '\0'; |
| 183 |
|
|
|
| 184 |
|
|
/* Check for safe mode. */ |
| 185 |
|
|
if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 186 |
|
|
diff -up php-5.3.3/ext/openssl/openssl.c.cve7243 php-5.3.3/ext/openssl/openssl.c |
| 187 |
|
|
--- php-5.3.3/ext/openssl/openssl.c.cve7243 2013-05-03 11:57:08.184141011 +0200 |
| 188 |
|
|
+++ php-5.3.3/ext/openssl/openssl.c 2013-05-03 11:57:08.295141627 +0200 |
| 189 |
|
|
@@ -1771,6 +1771,10 @@ PHP_FUNCTION(openssl_pkcs12_export_to_fi |
| 190 |
|
|
return; |
| 191 |
|
|
|
| 192 |
|
|
RETVAL_FALSE; |
| 193 |
|
|
+ |
| 194 |
|
|
+ if (strlen(filename) != filename_len) { |
| 195 |
|
|
+ return; |
| 196 |
|
|
+ } |
| 197 |
|
|
|
| 198 |
|
|
cert = php_openssl_x509_from_zval(zcert, 0, &certresource TSRMLS_CC); |
| 199 |
|
|
if (cert == NULL) { |
| 200 |
|
|
@@ -2218,6 +2222,10 @@ PHP_FUNCTION(openssl_csr_export_to_file) |
| 201 |
|
|
} |
| 202 |
|
|
RETVAL_FALSE; |
| 203 |
|
|
|
| 204 |
|
|
+ if (strlen(filename) != filename_len) { |
| 205 |
|
|
+ return; |
| 206 |
|
|
+ } |
| 207 |
|
|
+ |
| 208 |
|
|
csr = php_openssl_csr_from_zval(&zcsr, 0, &csr_resource TSRMLS_CC); |
| 209 |
|
|
if (csr == NULL) { |
| 210 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get CSR from parameter 1"); |
| 211 |
|
|
@@ -3002,6 +3010,10 @@ PHP_FUNCTION(openssl_pkey_export_to_file |
| 212 |
|
|
} |
| 213 |
|
|
RETVAL_FALSE; |
| 214 |
|
|
|
| 215 |
|
|
+ if (strlen(filename) != filename_len) { |
| 216 |
|
|
+ return; |
| 217 |
|
|
+ } |
| 218 |
|
|
+ |
| 219 |
|
|
key = php_openssl_evp_from_zval(zpkey, 0, passphrase, 0, &key_resource TSRMLS_CC); |
| 220 |
|
|
|
| 221 |
|
|
if (key == NULL) { |
| 222 |
|
|
@@ -3394,7 +3406,14 @@ PHP_FUNCTION(openssl_pkcs7_encrypt) |
| 223 |
|
|
&outfilename, &outfilename_len, &zrecipcerts, &zheaders, &flags, &cipherid) == FAILURE) |
| 224 |
|
|
return; |
| 225 |
|
|
|
| 226 |
|
|
- |
| 227 |
|
|
+ if (strlen(infilename) != infilename_len) { |
| 228 |
|
|
+ return; |
| 229 |
|
|
+ } |
| 230 |
|
|
+ |
| 231 |
|
|
+ if (strlen(outfilename) != outfilename_len) { |
| 232 |
|
|
+ return; |
| 233 |
|
|
+ } |
| 234 |
|
|
+ |
| 235 |
|
|
if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) || php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) { |
| 236 |
|
|
return; |
| 237 |
|
|
} |
| 238 |
|
|
@@ -3526,14 +3545,22 @@ PHP_FUNCTION(openssl_pkcs7_sign) |
| 239 |
|
|
char * outfilename; int outfilename_len; |
| 240 |
|
|
char * extracertsfilename = NULL; int extracertsfilename_len; |
| 241 |
|
|
|
| 242 |
|
|
+ RETVAL_FALSE; |
| 243 |
|
|
+ |
| 244 |
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls", |
| 245 |
|
|
&infilename, &infilename_len, &outfilename, &outfilename_len, |
| 246 |
|
|
&zcert, &zprivkey, &zheaders, &flags, &extracertsfilename, |
| 247 |
|
|
&extracertsfilename_len) == FAILURE) { |
| 248 |
|
|
return; |
| 249 |
|
|
} |
| 250 |
|
|
- |
| 251 |
|
|
- RETVAL_FALSE; |
| 252 |
|
|
+ |
| 253 |
|
|
+ if (strlen(infilename) != infilename_len) { |
| 254 |
|
|
+ return; |
| 255 |
|
|
+ } |
| 256 |
|
|
+ |
| 257 |
|
|
+ if (strlen(outfilename) != outfilename_len) { |
| 258 |
|
|
+ return; |
| 259 |
|
|
+ } |
| 260 |
|
|
|
| 261 |
|
|
if (extracertsfilename) { |
| 262 |
|
|
others = load_all_certs_from_file(extracertsfilename); |
| 263 |
|
|
@@ -3630,12 +3657,20 @@ PHP_FUNCTION(openssl_pkcs7_decrypt) |
| 264 |
|
|
char * infilename; int infilename_len; |
| 265 |
|
|
char * outfilename; int outfilename_len; |
| 266 |
|
|
|
| 267 |
|
|
+ RETVAL_FALSE; |
| 268 |
|
|
+ |
| 269 |
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZ|Z", &infilename, &infilename_len, |
| 270 |
|
|
&outfilename, &outfilename_len, &recipcert, &recipkey) == FAILURE) { |
| 271 |
|
|
return; |
| 272 |
|
|
} |
| 273 |
|
|
|
| 274 |
|
|
- RETVAL_FALSE; |
| 275 |
|
|
+ if (strlen(infilename) != infilename_len) { |
| 276 |
|
|
+ return; |
| 277 |
|
|
+ } |
| 278 |
|
|
+ |
| 279 |
|
|
+ if (strlen(outfilename) != outfilename_len) { |
| 280 |
|
|
+ return; |
| 281 |
|
|
+ } |
| 282 |
|
|
|
| 283 |
|
|
cert = php_openssl_x509_from_zval(recipcert, 0, &certresval TSRMLS_CC); |
| 284 |
|
|
if (cert == NULL) { |
| 285 |
|
|
diff -up php-5.3.3/ext/pgsql/pgsql.c.cve7243 php-5.3.3/ext/pgsql/pgsql.c |
| 286 |
|
|
--- php-5.3.3/ext/pgsql/pgsql.c.cve7243 2010-05-01 20:27:42.000000000 +0200 |
| 287 |
|
|
+++ php-5.3.3/ext/pgsql/pgsql.c 2013-05-03 11:57:08.297141638 +0200 |
| 288 |
|
|
@@ -3339,6 +3339,10 @@ PHP_FUNCTION(pg_lo_import) |
| 289 |
|
|
WRONG_PARAM_COUNT; |
| 290 |
|
|
} |
| 291 |
|
|
|
| 292 |
|
|
+ if (strlen(file_in) != name_len) { |
| 293 |
|
|
+ RETURN_FALSE; |
| 294 |
|
|
+ } |
| 295 |
|
|
+ |
| 296 |
|
|
if (PG(safe_mode) &&(!php_checkuid(file_in, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 297 |
|
|
RETURN_FALSE; |
| 298 |
|
|
} |
| 299 |
|
|
@@ -3476,6 +3480,10 @@ PHP_FUNCTION(pg_lo_export) |
| 300 |
|
|
RETURN_FALSE; |
| 301 |
|
|
} |
| 302 |
|
|
|
| 303 |
|
|
+ if (strlen(file_out) != name_len) { |
| 304 |
|
|
+ RETURN_FALSE; |
| 305 |
|
|
+ } |
| 306 |
|
|
+ |
| 307 |
|
|
if (PG(safe_mode) &&(!php_checkuid(file_out, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 308 |
|
|
RETURN_FALSE; |
| 309 |
|
|
} |
| 310 |
|
|
diff -up php-5.3.3/ext/posix/posix.c.cve7243 php-5.3.3/ext/posix/posix.c |
| 311 |
|
|
--- php-5.3.3/ext/posix/posix.c.cve7243 2010-06-26 18:03:39.000000000 +0200 |
| 312 |
|
|
+++ php-5.3.3/ext/posix/posix.c 2013-05-03 11:57:08.297141638 +0200 |
| 313 |
|
|
@@ -842,6 +842,10 @@ PHP_FUNCTION(posix_mkfifo) |
| 314 |
|
|
RETURN_FALSE; |
| 315 |
|
|
} |
| 316 |
|
|
|
| 317 |
|
|
+ if (strlen(path) != path_len) { |
| 318 |
|
|
+ RETURN_FALSE; |
| 319 |
|
|
+ } |
| 320 |
|
|
+ |
| 321 |
|
|
if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) || |
| 322 |
|
|
(PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR)))) { |
| 323 |
|
|
RETURN_FALSE; |
| 324 |
|
|
@@ -877,6 +881,10 @@ PHP_FUNCTION(posix_mknod) |
| 325 |
|
|
RETURN_FALSE; |
| 326 |
|
|
} |
| 327 |
|
|
|
| 328 |
|
|
+ if (strlen(path) != path_len) { |
| 329 |
|
|
+ RETURN_FALSE; |
| 330 |
|
|
+ } |
| 331 |
|
|
+ |
| 332 |
|
|
if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) || |
| 333 |
|
|
(PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR)))) { |
| 334 |
|
|
RETURN_FALSE; |
| 335 |
|
|
@@ -957,6 +965,10 @@ PHP_FUNCTION(posix_access) |
| 336 |
|
|
RETURN_FALSE; |
| 337 |
|
|
} |
| 338 |
|
|
|
| 339 |
|
|
+ if (strlen(filename) != filename_len) { |
| 340 |
|
|
+ RETURN_FALSE; |
| 341 |
|
|
+ } |
| 342 |
|
|
+ |
| 343 |
|
|
path = expand_filepath(filename, NULL TSRMLS_CC); |
| 344 |
|
|
if (!path) { |
| 345 |
|
|
POSIX_G(last_error) = EIO; |
| 346 |
|
|
diff -up php-5.3.3/ext/pspell/pspell.c.cve7243 php-5.3.3/ext/pspell/pspell.c |
| 347 |
|
|
--- php-5.3.3/ext/pspell/pspell.c.cve7243 2010-01-03 10:23:27.000000000 +0100 |
| 348 |
|
|
+++ php-5.3.3/ext/pspell/pspell.c 2013-05-03 11:57:08.298141644 +0200 |
| 349 |
|
|
@@ -402,6 +402,10 @@ static PHP_FUNCTION(pspell_new_personal) |
| 350 |
|
|
} |
| 351 |
|
|
#endif |
| 352 |
|
|
|
| 353 |
|
|
+ if (strlen(personal) != personal_len) { |
| 354 |
|
|
+ RETURN_FALSE; |
| 355 |
|
|
+ } |
| 356 |
|
|
+ |
| 357 |
|
|
if (PG(safe_mode) && (!php_checkuid(personal, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 358 |
|
|
delete_pspell_config(config); |
| 359 |
|
|
RETURN_FALSE; |
| 360 |
|
|
@@ -834,6 +838,10 @@ static void pspell_config_path(INTERNAL_ |
| 361 |
|
|
return; |
| 362 |
|
|
} |
| 363 |
|
|
|
| 364 |
|
|
+ if (strlen(value) != value_len) { |
| 365 |
|
|
+ RETURN_FALSE; |
| 366 |
|
|
+ } |
| 367 |
|
|
+ |
| 368 |
|
|
PSPELL_FETCH_CONFIG; |
| 369 |
|
|
|
| 370 |
|
|
if (PG(safe_mode) && (!php_checkuid(value, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 371 |
|
|
@@ -891,6 +899,10 @@ static PHP_FUNCTION(pspell_config_repl) |
| 372 |
|
|
|
| 373 |
|
|
pspell_config_replace(config, "save-repl", "true"); |
| 374 |
|
|
|
| 375 |
|
|
+ if (strlen(repl) != repl_len) { |
| 376 |
|
|
+ RETURN_FALSE; |
| 377 |
|
|
+ } |
| 378 |
|
|
+ |
| 379 |
|
|
if (PG(safe_mode) && (!php_checkuid(repl, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 380 |
|
|
RETURN_FALSE; |
| 381 |
|
|
} |
| 382 |
|
|
diff -up php-5.3.3/ext/sqlite3/sqlite3.c.cve7243 php-5.3.3/ext/sqlite3/sqlite3.c |
| 383 |
|
|
--- php-5.3.3/ext/sqlite3/sqlite3.c.cve7243 2010-06-21 13:06:31.000000000 +0200 |
| 384 |
|
|
+++ php-5.3.3/ext/sqlite3/sqlite3.c 2013-05-03 11:57:08.299141649 +0200 |
| 385 |
|
|
@@ -114,6 +114,9 @@ PHP_METHOD(sqlite3, open) |
| 386 |
|
|
zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Already initialised DB Object", 0 TSRMLS_CC); |
| 387 |
|
|
} |
| 388 |
|
|
|
| 389 |
|
|
+ if (strlen(filename) != filename_len) { |
| 390 |
|
|
+ return; |
| 391 |
|
|
+ } |
| 392 |
|
|
if (strncmp(filename, ":memory:", 8) != 0) { |
| 393 |
|
|
if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { |
| 394 |
|
|
zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Unable to expand filepath", 0 TSRMLS_CC); |
| 395 |
|
|
diff -up php-5.3.3/ext/sqlite/sqlite.c.cve7243 php-5.3.3/ext/sqlite/sqlite.c |
| 396 |
|
|
--- php-5.3.3/ext/sqlite/sqlite.c.cve7243 2010-04-28 14:10:10.000000000 +0200 |
| 397 |
|
|
+++ php-5.3.3/ext/sqlite/sqlite.c 2013-05-03 11:57:08.298141644 +0200 |
| 398 |
|
|
@@ -1560,6 +1560,9 @@ PHP_FUNCTION(sqlite_popen) |
| 399 |
|
|
ZVAL_NULL(errmsg); |
| 400 |
|
|
} |
| 401 |
|
|
|
| 402 |
|
|
+ if (strlen(filename) != filename_len) { |
| 403 |
|
|
+ RETURN_FALSE; |
| 404 |
|
|
+ } |
| 405 |
|
|
if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { |
| 406 |
|
|
/* resolve the fully-qualified path name to use as the hash key */ |
| 407 |
|
|
if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { |
| 408 |
|
|
@@ -1637,6 +1640,9 @@ PHP_FUNCTION(sqlite_open) |
| 409 |
|
|
ZVAL_NULL(errmsg); |
| 410 |
|
|
} |
| 411 |
|
|
|
| 412 |
|
|
+ if (strlen(filename) != filename_len) { |
| 413 |
|
|
+ RETURN_FALSE; |
| 414 |
|
|
+ } |
| 415 |
|
|
if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { |
| 416 |
|
|
/* resolve the fully-qualified path name to use as the hash key */ |
| 417 |
|
|
if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { |
| 418 |
|
|
@@ -1690,6 +1696,10 @@ PHP_FUNCTION(sqlite_factory) |
| 419 |
|
|
ZVAL_NULL(errmsg); |
| 420 |
|
|
} |
| 421 |
|
|
|
| 422 |
|
|
+ if (strlen(filename) != filename_len) { |
| 423 |
|
|
+ RETURN_FALSE; |
| 424 |
|
|
+ } |
| 425 |
|
|
+ |
| 426 |
|
|
if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) { |
| 427 |
|
|
/* resolve the fully-qualified path name to use as the hash key */ |
| 428 |
|
|
if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) { |
| 429 |
|
|
diff -up php-5.3.3/ext/standard/basic_functions.c.cve7243 php-5.3.3/ext/standard/basic_functions.c |
| 430 |
|
|
--- php-5.3.3/ext/standard/basic_functions.c.cve7243 2013-05-03 11:57:08.078140423 +0200 |
| 431 |
|
|
+++ php-5.3.3/ext/standard/basic_functions.c 2013-05-03 11:57:08.300141655 +0200 |
| 432 |
|
|
@@ -4667,6 +4667,12 @@ PHP_FUNCTION(error_log) |
| 433 |
|
|
opt_err = erropt; |
| 434 |
|
|
} |
| 435 |
|
|
|
| 436 |
|
|
+ if (opt_err == 3) { |
| 437 |
|
|
+ if (strlen(opt) != opt_len) { |
| 438 |
|
|
+ RETURN_FALSE; |
| 439 |
|
|
+ } |
| 440 |
|
|
+ } |
| 441 |
|
|
+ |
| 442 |
|
|
if (_php_error_log_ex(opt_err, message, message_len, opt, headers TSRMLS_CC) == FAILURE) { |
| 443 |
|
|
RETURN_FALSE; |
| 444 |
|
|
} |
| 445 |
|
|
@@ -5155,6 +5161,10 @@ PHP_FUNCTION(highlight_file) |
| 446 |
|
|
RETURN_FALSE; |
| 447 |
|
|
} |
| 448 |
|
|
|
| 449 |
|
|
+ if (strlen(filename) != filename_len) { |
| 450 |
|
|
+ RETURN_FALSE; |
| 451 |
|
|
+ } |
| 452 |
|
|
+ |
| 453 |
|
|
if (i) { |
| 454 |
|
|
php_start_ob_buffer (NULL, 0, 1 TSRMLS_CC); |
| 455 |
|
|
} |
| 456 |
|
|
@@ -5201,6 +5211,10 @@ PHP_FUNCTION(php_strip_whitespace) |
| 457 |
|
|
RETURN_FALSE; |
| 458 |
|
|
} |
| 459 |
|
|
|
| 460 |
|
|
+ if (strlen(filename) != filename_len) { |
| 461 |
|
|
+ RETURN_FALSE; |
| 462 |
|
|
+ } |
| 463 |
|
|
+ |
| 464 |
|
|
file_handle.type = ZEND_HANDLE_FILENAME; |
| 465 |
|
|
file_handle.filename = filename; |
| 466 |
|
|
file_handle.free_filename = 0; |
| 467 |
|
|
@@ -5461,6 +5475,11 @@ PHP_FUNCTION(set_include_path) |
| 468 |
|
|
return; |
| 469 |
|
|
} |
| 470 |
|
|
|
| 471 |
|
|
+ /* No nulls allowed in paths */ |
| 472 |
|
|
+ if (strlen(new_value) != new_value_len) { |
| 473 |
|
|
+ RETURN_FALSE; |
| 474 |
|
|
+ } |
| 475 |
|
|
+ |
| 476 |
|
|
old_value = zend_ini_string("include_path", sizeof("include_path"), 0); |
| 477 |
|
|
/* copy to return here, because alter might free it! */ |
| 478 |
|
|
if (old_value) { |
| 479 |
|
|
@@ -5771,6 +5790,10 @@ PHP_FUNCTION(is_uploaded_file) |
| 480 |
|
|
return; |
| 481 |
|
|
} |
| 482 |
|
|
|
| 483 |
|
|
+ if (strlen(path) != path_len) { |
| 484 |
|
|
+ RETURN_FALSE; |
| 485 |
|
|
+ } |
| 486 |
|
|
+ |
| 487 |
|
|
if (zend_hash_exists(SG(rfc1867_uploaded_files), path, path_len + 1)) { |
| 488 |
|
|
RETURN_TRUE; |
| 489 |
|
|
} else { |
| 490 |
|
|
@@ -5811,6 +5834,14 @@ PHP_FUNCTION(move_uploaded_file) |
| 491 |
|
|
RETURN_FALSE; |
| 492 |
|
|
} |
| 493 |
|
|
|
| 494 |
|
|
+ if (strlen(path) != path_len) { |
| 495 |
|
|
+ RETURN_FALSE; |
| 496 |
|
|
+ } |
| 497 |
|
|
+ |
| 498 |
|
|
+ if (strlen(new_path) != new_path_len) { |
| 499 |
|
|
+ RETURN_FALSE; |
| 500 |
|
|
+ } |
| 501 |
|
|
+ |
| 502 |
|
|
VCWD_UNLINK(new_path); |
| 503 |
|
|
if (VCWD_RENAME(path, new_path) == 0) { |
| 504 |
|
|
successful = 1; |
| 505 |
|
|
@@ -5954,6 +5985,10 @@ PHP_FUNCTION(parse_ini_file) |
| 506 |
|
|
RETURN_FALSE; |
| 507 |
|
|
} |
| 508 |
|
|
|
| 509 |
|
|
+ if (strlen(filename) != filename_len) { |
| 510 |
|
|
+ RETURN_FALSE; |
| 511 |
|
|
+ } |
| 512 |
|
|
+ |
| 513 |
|
|
/* Set callback function */ |
| 514 |
|
|
if (process_sections) { |
| 515 |
|
|
BG(active_ini_file_section) = NULL; |
| 516 |
|
|
diff -up php-5.3.3/ext/standard/dir.c.cve7243 php-5.3.3/ext/standard/dir.c |
| 517 |
|
|
--- php-5.3.3/ext/standard/dir.c.cve7243 2010-06-26 18:03:39.000000000 +0200 |
| 518 |
|
|
+++ php-5.3.3/ext/standard/dir.c 2013-05-03 11:57:08.301141660 +0200 |
| 519 |
|
|
@@ -325,6 +325,10 @@ PHP_FUNCTION(chdir) |
| 520 |
|
|
RETURN_FALSE; |
| 521 |
|
|
} |
| 522 |
|
|
|
| 523 |
|
|
+ if (strlen(str) != str_len) { |
| 524 |
|
|
+ RETURN_FALSE; |
| 525 |
|
|
+ } |
| 526 |
|
|
+ |
| 527 |
|
|
if ((PG(safe_mode) && !php_checkuid(str, NULL, CHECKUID_CHECK_FILE_AND_DIR)) || php_check_open_basedir(str TSRMLS_CC)) { |
| 528 |
|
|
RETURN_FALSE; |
| 529 |
|
|
} |
| 530 |
|
|
@@ -436,6 +440,10 @@ PHP_FUNCTION(glob) |
| 531 |
|
|
return; |
| 532 |
|
|
} |
| 533 |
|
|
|
| 534 |
|
|
+ if (strlen(pattern) != pattern_len) { |
| 535 |
|
|
+ RETURN_FALSE; |
| 536 |
|
|
+ } |
| 537 |
|
|
+ |
| 538 |
|
|
if (pattern_len >= MAXPATHLEN) { |
| 539 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Pattern exceeds the maximum allowed length of %d characters", MAXPATHLEN); |
| 540 |
|
|
RETURN_FALSE; |
| 541 |
|
|
@@ -557,6 +565,10 @@ PHP_FUNCTION(scandir) |
| 542 |
|
|
return; |
| 543 |
|
|
} |
| 544 |
|
|
|
| 545 |
|
|
+ if (strlen(dirn) != dirn_len) { |
| 546 |
|
|
+ RETURN_FALSE; |
| 547 |
|
|
+ } |
| 548 |
|
|
+ |
| 549 |
|
|
if (dirn_len < 1) { |
| 550 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Directory name cannot be empty"); |
| 551 |
|
|
RETURN_FALSE; |
| 552 |
|
|
diff -up php-5.3.3/ext/standard/file.c.cve7243 php-5.3.3/ext/standard/file.c |
| 553 |
|
|
--- php-5.3.3/ext/standard/file.c.cve7243 2013-05-03 11:57:08.024140124 +0200 |
| 554 |
|
|
+++ php-5.3.3/ext/standard/file.c 2013-05-03 11:57:08.302141666 +0200 |
| 555 |
|
|
@@ -382,6 +382,10 @@ PHP_FUNCTION(get_meta_tags) |
| 556 |
|
|
return; |
| 557 |
|
|
} |
| 558 |
|
|
|
| 559 |
|
|
+ if (strlen(filename) != filename_len) { |
| 560 |
|
|
+ RETURN_FALSE; |
| 561 |
|
|
+ } |
| 562 |
|
|
+ |
| 563 |
|
|
md.stream = php_stream_open_wrapper(filename, "rb", |
| 564 |
|
|
(use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, |
| 565 |
|
|
NULL); |
| 566 |
|
|
@@ -535,6 +539,10 @@ PHP_FUNCTION(file_get_contents) |
| 567 |
|
|
return; |
| 568 |
|
|
} |
| 569 |
|
|
|
| 570 |
|
|
+ if (strlen(filename) != filename_len) { |
| 571 |
|
|
+ RETURN_FALSE; |
| 572 |
|
|
+ } |
| 573 |
|
|
+ |
| 574 |
|
|
if (ZEND_NUM_ARGS() == 5 && maxlen < 0) { |
| 575 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "length must be greater than or equal to zero"); |
| 576 |
|
|
RETURN_FALSE; |
| 577 |
|
|
@@ -592,6 +600,10 @@ PHP_FUNCTION(file_put_contents) |
| 578 |
|
|
return; |
| 579 |
|
|
} |
| 580 |
|
|
|
| 581 |
|
|
+ if (strlen(filename) != filename_len) { |
| 582 |
|
|
+ RETURN_FALSE; |
| 583 |
|
|
+ } |
| 584 |
|
|
+ |
| 585 |
|
|
if (Z_TYPE_P(data) == IS_RESOURCE) { |
| 586 |
|
|
php_stream_from_zval(srcstream, &data); |
| 587 |
|
|
} |
| 588 |
|
|
@@ -736,6 +748,11 @@ PHP_FUNCTION(file) |
| 589 |
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|lr!", &filename, &filename_len, &flags, &zcontext) == FAILURE) { |
| 590 |
|
|
return; |
| 591 |
|
|
} |
| 592 |
|
|
+ |
| 593 |
|
|
+ if (strlen(filename) != filename_len) { |
| 594 |
|
|
+ RETURN_FALSE; |
| 595 |
|
|
+ } |
| 596 |
|
|
+ |
| 597 |
|
|
if (flags < 0 || flags > (PHP_FILE_USE_INCLUDE_PATH | PHP_FILE_IGNORE_NEW_LINES | PHP_FILE_SKIP_EMPTY_LINES | PHP_FILE_NO_DEFAULT_CONTEXT)) { |
| 598 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "'%ld' flag is not supported", flags); |
| 599 |
|
|
RETURN_FALSE; |
| 600 |
|
|
@@ -833,6 +850,14 @@ PHP_FUNCTION(tempnam) |
| 601 |
|
|
return; |
| 602 |
|
|
} |
| 603 |
|
|
|
| 604 |
|
|
+ if (strlen(dir) != dir_len) { |
| 605 |
|
|
+ RETURN_FALSE; |
| 606 |
|
|
+ } |
| 607 |
|
|
+ |
| 608 |
|
|
+ if (strlen(prefix) != prefix_len) { |
| 609 |
|
|
+ RETURN_FALSE; |
| 610 |
|
|
+ } |
| 611 |
|
|
+ |
| 612 |
|
|
if (PG(safe_mode) &&(!php_checkuid(dir, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 613 |
|
|
RETURN_FALSE; |
| 614 |
|
|
} |
| 615 |
|
|
@@ -891,6 +916,10 @@ PHP_NAMED_FUNCTION(php_if_fopen) |
| 616 |
|
|
RETURN_FALSE; |
| 617 |
|
|
} |
| 618 |
|
|
|
| 619 |
|
|
+ if (strlen(filename) != filename_len) { |
| 620 |
|
|
+ RETURN_FALSE; |
| 621 |
|
|
+ } |
| 622 |
|
|
+ |
| 623 |
|
|
context = php_stream_context_from_zval(zcontext, 0); |
| 624 |
|
|
|
| 625 |
|
|
stream = php_stream_open_wrapper_ex(filename, mode, (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); |
| 626 |
|
|
@@ -1394,6 +1423,10 @@ PHP_FUNCTION(mkdir) |
| 627 |
|
|
RETURN_FALSE; |
| 628 |
|
|
} |
| 629 |
|
|
|
| 630 |
|
|
+ if (strlen(dir) != dir_len) { |
| 631 |
|
|
+ RETURN_FALSE; |
| 632 |
|
|
+ } |
| 633 |
|
|
+ |
| 634 |
|
|
context = php_stream_context_from_zval(zcontext, 0); |
| 635 |
|
|
|
| 636 |
|
|
RETURN_BOOL(php_stream_mkdir(dir, mode, (recursive ? PHP_STREAM_MKDIR_RECURSIVE : 0) | REPORT_ERRORS, context)); |
| 637 |
|
|
@@ -1413,6 +1446,10 @@ PHP_FUNCTION(rmdir) |
| 638 |
|
|
RETURN_FALSE; |
| 639 |
|
|
} |
| 640 |
|
|
|
| 641 |
|
|
+ if (strlen(dir) != dir_len) { |
| 642 |
|
|
+ RETURN_FALSE; |
| 643 |
|
|
+ } |
| 644 |
|
|
+ |
| 645 |
|
|
context = php_stream_context_from_zval(zcontext, 0); |
| 646 |
|
|
|
| 647 |
|
|
RETURN_BOOL(php_stream_rmdir(dir, REPORT_ERRORS, context)); |
| 648 |
|
|
@@ -1435,6 +1472,10 @@ PHP_FUNCTION(readfile) |
| 649 |
|
|
RETURN_FALSE; |
| 650 |
|
|
} |
| 651 |
|
|
|
| 652 |
|
|
+ if (strlen(filename) != filename_len) { |
| 653 |
|
|
+ RETURN_FALSE; |
| 654 |
|
|
+ } |
| 655 |
|
|
+ |
| 656 |
|
|
context = php_stream_context_from_zval(zcontext, 0); |
| 657 |
|
|
|
| 658 |
|
|
stream = php_stream_open_wrapper_ex(filename, "rb", (use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); |
| 659 |
|
|
@@ -1508,6 +1549,14 @@ PHP_FUNCTION(rename) |
| 660 |
|
|
RETURN_FALSE; |
| 661 |
|
|
} |
| 662 |
|
|
|
| 663 |
|
|
+ if (strlen(old_name) != old_name_len) { |
| 664 |
|
|
+ RETURN_FALSE; |
| 665 |
|
|
+ } |
| 666 |
|
|
+ |
| 667 |
|
|
+ if (strlen(new_name) != new_name_len) { |
| 668 |
|
|
+ RETURN_FALSE; |
| 669 |
|
|
+ } |
| 670 |
|
|
+ |
| 671 |
|
|
wrapper = php_stream_locate_url_wrapper(old_name, NULL, 0 TSRMLS_CC); |
| 672 |
|
|
|
| 673 |
|
|
if (!wrapper || !wrapper->wops) { |
| 674 |
|
|
@@ -1545,6 +1594,10 @@ PHP_FUNCTION(unlink) |
| 675 |
|
|
RETURN_FALSE; |
| 676 |
|
|
} |
| 677 |
|
|
|
| 678 |
|
|
+ if (strlen(filename) != filename_len) { |
| 679 |
|
|
+ RETURN_FALSE; |
| 680 |
|
|
+ } |
| 681 |
|
|
+ |
| 682 |
|
|
context = php_stream_context_from_zval(zcontext, 0); |
| 683 |
|
|
|
| 684 |
|
|
wrapper = php_stream_locate_url_wrapper(filename, NULL, 0 TSRMLS_CC); |
| 685 |
|
|
@@ -1681,6 +1734,14 @@ PHP_FUNCTION(copy) |
| 686 |
|
|
return; |
| 687 |
|
|
} |
| 688 |
|
|
|
| 689 |
|
|
+ if (strlen(source) != source_len) { |
| 690 |
|
|
+ RETURN_FALSE; |
| 691 |
|
|
+ } |
| 692 |
|
|
+ |
| 693 |
|
|
+ if (strlen(target) != target_len) { |
| 694 |
|
|
+ RETURN_FALSE; |
| 695 |
|
|
+ } |
| 696 |
|
|
+ |
| 697 |
|
|
if (PG(safe_mode) &&(!php_checkuid(source, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 698 |
|
|
RETURN_FALSE; |
| 699 |
|
|
} |
| 700 |
|
|
@@ -2372,6 +2433,10 @@ PHP_FUNCTION(realpath) |
| 701 |
|
|
return; |
| 702 |
|
|
} |
| 703 |
|
|
|
| 704 |
|
|
+ if (strlen(filename) != filename_len) { |
| 705 |
|
|
+ RETURN_FALSE; |
| 706 |
|
|
+ } |
| 707 |
|
|
+ |
| 708 |
|
|
if (VCWD_REALPATH(filename, resolved_path_buff)) { |
| 709 |
|
|
if (PG(safe_mode) && (!php_checkuid(resolved_path_buff, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 710 |
|
|
RETURN_FALSE; |
| 711 |
|
|
@@ -2514,6 +2579,14 @@ PHP_FUNCTION(fnmatch) |
| 712 |
|
|
return; |
| 713 |
|
|
} |
| 714 |
|
|
|
| 715 |
|
|
+ if (strlen(pattern) != pattern_len) { |
| 716 |
|
|
+ RETURN_FALSE; |
| 717 |
|
|
+ } |
| 718 |
|
|
+ |
| 719 |
|
|
+ if (strlen(filename) != filename_len) { |
| 720 |
|
|
+ RETURN_FALSE; |
| 721 |
|
|
+ } |
| 722 |
|
|
+ |
| 723 |
|
|
if (filename_len >= MAXPATHLEN) { |
| 724 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Filename exceeds the maximum allowed length of %d characters", MAXPATHLEN); |
| 725 |
|
|
RETURN_FALSE; |
| 726 |
|
|
diff -up php-5.3.3/ext/standard/filestat.c.cve7243 php-5.3.3/ext/standard/filestat.c |
| 727 |
|
|
--- php-5.3.3/ext/standard/filestat.c.cve7243 2010-01-03 10:23:27.000000000 +0100 |
| 728 |
|
|
+++ php-5.3.3/ext/standard/filestat.c 2013-05-03 11:57:08.302141666 +0200 |
| 729 |
|
|
@@ -379,6 +379,10 @@ PHP_FUNCTION(disk_free_space) |
| 730 |
|
|
RETURN_FALSE; |
| 731 |
|
|
} |
| 732 |
|
|
|
| 733 |
|
|
+ if (strlen(path) != path_len) { |
| 734 |
|
|
+ RETURN_FALSE; |
| 735 |
|
|
+ } |
| 736 |
|
|
+ |
| 737 |
|
|
if (php_disk_free_space(path, &bytesfree TSRMLS_CC) == SUCCESS) { |
| 738 |
|
|
RETURN_DOUBLE(bytesfree); |
| 739 |
|
|
} |
| 740 |
|
|
@@ -399,6 +403,10 @@ static void php_do_chgrp(INTERNAL_FUNCTI |
| 741 |
|
|
RETURN_FALSE; |
| 742 |
|
|
} |
| 743 |
|
|
|
| 744 |
|
|
+ if (strlen(filename) != filename_len) { |
| 745 |
|
|
+ RETURN_FALSE; |
| 746 |
|
|
+ } |
| 747 |
|
|
+ |
| 748 |
|
|
if (Z_TYPE_P(group) == IS_LONG) { |
| 749 |
|
|
gid = (gid_t)Z_LVAL_P(group); |
| 750 |
|
|
} else if (Z_TYPE_P(group) == IS_STRING) { |
| 751 |
|
|
@@ -500,6 +508,10 @@ static void php_do_chown(INTERNAL_FUNCTI |
| 752 |
|
|
return; |
| 753 |
|
|
} |
| 754 |
|
|
|
| 755 |
|
|
+ if (strlen(filename) != filename_len) { |
| 756 |
|
|
+ RETURN_FALSE; |
| 757 |
|
|
+ } |
| 758 |
|
|
+ |
| 759 |
|
|
if (Z_TYPE_P(user) == IS_LONG) { |
| 760 |
|
|
uid = (uid_t)Z_LVAL_P(user); |
| 761 |
|
|
} else if (Z_TYPE_P(user) == IS_STRING) { |
| 762 |
|
|
@@ -607,6 +619,10 @@ PHP_FUNCTION(chmod) |
| 763 |
|
|
RETURN_FALSE; |
| 764 |
|
|
} |
| 765 |
|
|
|
| 766 |
|
|
+ if (strlen(filename) != filename_len) { |
| 767 |
|
|
+ RETURN_FALSE; |
| 768 |
|
|
+ } |
| 769 |
|
|
+ |
| 770 |
|
|
/* Check the basedir */ |
| 771 |
|
|
if (php_check_open_basedir(filename TSRMLS_CC)) { |
| 772 |
|
|
RETURN_FALSE; |
| 773 |
|
|
@@ -660,6 +676,10 @@ PHP_FUNCTION(touch) |
| 774 |
|
|
return; |
| 775 |
|
|
} |
| 776 |
|
|
|
| 777 |
|
|
+ if (strlen(filename) != filename_len) { |
| 778 |
|
|
+ RETURN_FALSE; |
| 779 |
|
|
+ } |
| 780 |
|
|
+ |
| 781 |
|
|
switch (argc) { |
| 782 |
|
|
case 1: |
| 783 |
|
|
#ifdef HAVE_UTIME_NULL |
| 784 |
|
|
@@ -715,8 +735,9 @@ PHP_FUNCTION(touch) |
| 785 |
|
|
PHPAPI void php_clear_stat_cache(zend_bool clear_realpath_cache, const char *filename, int filename_len TSRMLS_DC) |
| 786 |
|
|
{ |
| 787 |
|
|
/* always clear CurrentStatFile and CurrentLStatFile even if filename is not NULL |
| 788 |
|
|
- * as it may contains outdated data (e.g. "nlink" for a directory when deleting a file |
| 789 |
|
|
+ * as it may contain outdated data (e.g. "nlink" for a directory when deleting a file |
| 790 |
|
|
* in this directory, as shown by lstat_stat_variation9.phpt) */ |
| 791 |
|
|
+ |
| 792 |
|
|
if (BG(CurrentStatFile)) { |
| 793 |
|
|
efree(BG(CurrentStatFile)); |
| 794 |
|
|
BG(CurrentStatFile) = NULL; |
| 795 |
|
|
@@ -777,6 +798,10 @@ PHPAPI void php_stat(const char *filenam |
| 796 |
|
|
RETURN_FALSE; |
| 797 |
|
|
} |
| 798 |
|
|
|
| 799 |
|
|
+ if (strlen(filename) != filename_length) { |
| 800 |
|
|
+ RETURN_FALSE; |
| 801 |
|
|
+ } |
| 802 |
|
|
+ |
| 803 |
|
|
if ((wrapper = php_stream_locate_url_wrapper(filename, &local, 0 TSRMLS_CC)) == &php_plain_files_wrapper) { |
| 804 |
|
|
if (php_check_open_basedir(local TSRMLS_CC)) { |
| 805 |
|
|
RETURN_FALSE; |
| 806 |
|
|
diff -up php-5.3.3/ext/standard/ftok.c.cve7243 php-5.3.3/ext/standard/ftok.c |
| 807 |
|
|
--- php-5.3.3/ext/standard/ftok.c.cve7243 2010-01-03 10:23:27.000000000 +0100 |
| 808 |
|
|
+++ php-5.3.3/ext/standard/ftok.c 2013-05-03 11:57:08.302141666 +0200 |
| 809 |
|
|
@@ -39,6 +39,10 @@ PHP_FUNCTION(ftok) |
| 810 |
|
|
return; |
| 811 |
|
|
} |
| 812 |
|
|
|
| 813 |
|
|
+ if (strlen(pathname) != pathname_len) { |
| 814 |
|
|
+ RETURN_FALSE; |
| 815 |
|
|
+ } |
| 816 |
|
|
+ |
| 817 |
|
|
if (pathname_len == 0){ |
| 818 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Pathname is invalid"); |
| 819 |
|
|
RETURN_LONG(-1); |
| 820 |
|
|
diff -up php-5.3.3/ext/standard/iptc.c.cve7243 php-5.3.3/ext/standard/iptc.c |
| 821 |
|
|
--- php-5.3.3/ext/standard/iptc.c.cve7243 2010-01-03 10:23:27.000000000 +0100 |
| 822 |
|
|
+++ php-5.3.3/ext/standard/iptc.c 2013-05-03 11:57:08.302141666 +0200 |
| 823 |
|
|
@@ -190,6 +190,10 @@ PHP_FUNCTION(iptcembed) |
| 824 |
|
|
return; |
| 825 |
|
|
} |
| 826 |
|
|
|
| 827 |
|
|
+ if (strlen(jpeg_file) != jpeg_file_len) { |
| 828 |
|
|
+ RETURN_FALSE; |
| 829 |
|
|
+ } |
| 830 |
|
|
+ |
| 831 |
|
|
if (PG(safe_mode) && (!php_checkuid(jpeg_file, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { |
| 832 |
|
|
RETURN_FALSE; |
| 833 |
|
|
} |
| 834 |
|
|
diff -up php-5.3.3/ext/standard/link.c.cve7243 php-5.3.3/ext/standard/link.c |
| 835 |
|
|
--- php-5.3.3/ext/standard/link.c.cve7243 2010-01-03 10:23:27.000000000 +0100 |
| 836 |
|
|
+++ php-5.3.3/ext/standard/link.c 2013-05-03 11:57:08.303141671 +0200 |
| 837 |
|
|
@@ -64,6 +64,10 @@ PHP_FUNCTION(readlink) |
| 838 |
|
|
return; |
| 839 |
|
|
} |
| 840 |
|
|
|
| 841 |
|
|
+ if (strlen(link) != link_len) { |
| 842 |
|
|
+ RETURN_FALSE; |
| 843 |
|
|
+ } |
| 844 |
|
|
+ |
| 845 |
|
|
if (PG(safe_mode) && !php_checkuid(link, NULL, CHECKUID_CHECK_FILE_AND_DIR)) { |
| 846 |
|
|
RETURN_FALSE; |
| 847 |
|
|
} |
| 848 |
|
|
@@ -123,6 +127,14 @@ PHP_FUNCTION(symlink) |
| 849 |
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &topath, &topath_len, &frompath, &frompath_len) == FAILURE) { |
| 850 |
|
|
return; |
| 851 |
|
|
} |
| 852 |
|
|
+ |
| 853 |
|
|
+ if (strlen(topath) != topath_len) { |
| 854 |
|
|
+ RETURN_FALSE; |
| 855 |
|
|
+ } |
| 856 |
|
|
+ |
| 857 |
|
|
+ if (strlen(frompath) != frompath_len) { |
| 858 |
|
|
+ RETURN_FALSE; |
| 859 |
|
|
+ } |
| 860 |
|
|
|
| 861 |
|
|
if (!expand_filepath(frompath, source_p TSRMLS_CC)) { |
| 862 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or directory"); |
| 863 |
|
|
@@ -188,6 +200,14 @@ PHP_FUNCTION(link) |
| 864 |
|
|
return; |
| 865 |
|
|
} |
| 866 |
|
|
|
| 867 |
|
|
+ if (strlen(topath) != topath_len) { |
| 868 |
|
|
+ RETURN_FALSE; |
| 869 |
|
|
+ } |
| 870 |
|
|
+ |
| 871 |
|
|
+ if (strlen(frompath) != frompath_len) { |
| 872 |
|
|
+ RETURN_FALSE; |
| 873 |
|
|
+ } |
| 874 |
|
|
+ |
| 875 |
|
|
if (!expand_filepath(frompath, source_p TSRMLS_CC) || !expand_filepath(topath, dest_p TSRMLS_CC)) { |
| 876 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such file or directory"); |
| 877 |
|
|
RETURN_FALSE; |
| 878 |
|
|
diff -up php-5.3.3/ext/tidy/tidy.c.cve7243 php-5.3.3/ext/tidy/tidy.c |
| 879 |
|
|
--- php-5.3.3/ext/tidy/tidy.c.cve7243 2010-03-12 11:28:59.000000000 +0100 |
| 880 |
|
|
+++ php-5.3.3/ext/tidy/tidy.c 2013-05-03 11:57:08.303141671 +0200 |
| 881 |
|
|
@@ -567,6 +567,9 @@ static void php_tidy_quick_repair(INTERN |
| 882 |
|
|
} |
| 883 |
|
|
|
| 884 |
|
|
if (is_file) { |
| 885 |
|
|
+ if (strlen(arg1) != arg1_len) { |
| 886 |
|
|
+ RETURN_FALSE; |
| 887 |
|
|
+ } |
| 888 |
|
|
if (!(data = php_tidy_file_to_mem(arg1, use_include_path, &data_len TSRMLS_CC))) { |
| 889 |
|
|
RETURN_FALSE; |
| 890 |
|
|
} |
| 891 |
|
|
@@ -1221,6 +1224,9 @@ static PHP_FUNCTION(tidy_parse_file) |
| 892 |
|
|
RETURN_FALSE; |
| 893 |
|
|
} |
| 894 |
|
|
|
| 895 |
|
|
+ if (strlen(inputfile) != input_len) { |
| 896 |
|
|
+ RETURN_FALSE; |
| 897 |
|
|
+ } |
| 898 |
|
|
tidy_instanciate(tidy_ce_doc, return_value TSRMLS_CC); |
| 899 |
|
|
obj = (PHPTidyObj *) zend_object_store_get_object(return_value TSRMLS_CC); |
| 900 |
|
|
|
| 901 |
|
|
@@ -1534,10 +1540,13 @@ static TIDY_DOC_METHOD(__construct) |
| 902 |
|
|
&options, &enc, &enc_len, &use_include_path) == FAILURE) { |
| 903 |
|
|
RETURN_FALSE; |
| 904 |
|
|
} |
| 905 |
|
|
- |
| 906 |
|
|
+ |
| 907 |
|
|
obj = (PHPTidyObj *)zend_object_store_get_object(object TSRMLS_CC); |
| 908 |
|
|
|
| 909 |
|
|
if (inputfile) { |
| 910 |
|
|
+ if (strlen(inputfile) != input_len) { |
| 911 |
|
|
+ RETURN_FALSE; |
| 912 |
|
|
+ } |
| 913 |
|
|
if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path, &contents_len TSRMLS_CC))) { |
| 914 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s' into memory %s", inputfile, (use_include_path) ? "(Using include path)" : ""); |
| 915 |
|
|
return; |
| 916 |
|
|
@@ -1568,7 +1577,10 @@ static TIDY_DOC_METHOD(parseFile) |
| 917 |
|
|
&options, &enc, &enc_len, &use_include_path) == FAILURE) { |
| 918 |
|
|
RETURN_FALSE; |
| 919 |
|
|
} |
| 920 |
|
|
- |
| 921 |
|
|
+ |
| 922 |
|
|
+ if (strlen(inputfile) != input_len) { |
| 923 |
|
|
+ RETURN_FALSE; |
| 924 |
|
|
+ } |
| 925 |
|
|
if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path, &contents_len TSRMLS_CC))) { |
| 926 |
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s' into memory %s", inputfile, (use_include_path) ? "(Using include path)" : ""); |
| 927 |
|
|
RETURN_FALSE; |
| 928 |
|
|
diff -up php-5.3.3/ext/xsl/xsltprocessor.c.cve7243 php-5.3.3/ext/xsl/xsltprocessor.c |
| 929 |
|
|
--- php-5.3.3/ext/xsl/xsltprocessor.c.cve7243 2013-05-03 11:57:08.259141427 +0200 |
| 930 |
|
|
+++ php-5.3.3/ext/xsl/xsltprocessor.c 2013-05-03 11:57:08.303141671 +0200 |
| 931 |
|
|
@@ -690,6 +690,9 @@ PHP_FUNCTION(xsl_xsltprocessor_transform |
| 932 |
|
|
|
| 933 |
|
|
ret = -1; |
| 934 |
|
|
if (newdocp) { |
| 935 |
|
|
+ if (strlen(uri) != uri_len) { |
| 936 |
|
|
+ RETURN_FALSE; |
| 937 |
|
|
+ } |
| 938 |
|
|
ret = xsltSaveResultToFilename(uri, newdocp, sheetp, 0); |
| 939 |
|
|
xmlFreeDoc(newdocp); |
| 940 |
|
|
} |
| 941 |
|
|
@@ -893,7 +896,7 @@ PHP_FUNCTION(xsl_xsltprocessor_set_profi |
| 942 |
|
|
if (intern->profiling) { |
| 943 |
|
|
efree(intern->profiling); |
| 944 |
|
|
} |
| 945 |
|
|
- if (filename != NULL) { |
| 946 |
|
|
+ if (filename != NULL && strlen(filename) == filename_len) { |
| 947 |
|
|
intern->profiling = estrndup(filename,filename_len); |
| 948 |
|
|
} else { |
| 949 |
|
|
intern->profiling = NULL; |
| 950 |
|
|
diff -up php-5.3.3/ext/zip/php_zip.c.cve7243 php-5.3.3/ext/zip/php_zip.c |
| 951 |
|
|
--- php-5.3.3/ext/zip/php_zip.c.cve7243 2013-05-03 11:57:08.141140773 +0200 |
| 952 |
|
|
+++ php-5.3.3/ext/zip/php_zip.c 2013-05-03 11:59:23.507871248 +0200 |
| 953 |
|
|
@@ -1148,6 +1148,10 @@ static PHP_NAMED_FUNCTION(zif_zip_open) |
| 954 |
|
|
RETURN_FALSE; |
| 955 |
|
|
} |
| 956 |
|
|
|
| 957 |
|
|
+ if (strlen(filename) != filename_len) { |
| 958 |
|
|
+ RETURN_FALSE; |
| 959 |
|
|
+ } |
| 960 |
|
|
+ |
| 961 |
|
|
if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { |
| 962 |
|
|
RETURN_FALSE; |
| 963 |
|
|
} |
| 964 |
|
|
@@ -1437,6 +1441,10 @@ static ZIPARCHIVE_METHOD(open) |
| 965 |
|
|
RETURN_FALSE; |
| 966 |
|
|
} |
| 967 |
|
|
|
| 968 |
|
|
+ if (strlen(filename) != filename_len) { |
| 969 |
|
|
+ RETURN_FALSE; |
| 970 |
|
|
+ } |
| 971 |
|
|
+ |
| 972 |
|
|
if (ZIP_OPENBASEDIR_CHECKPATH(filename)) { |
| 973 |
|
|
RETURN_FALSE; |
| 974 |
|
|
} |
| 975 |
|
|
@@ -2363,6 +2371,10 @@ static ZIPARCHIVE_METHOD(extractTo) |
| 976 |
|
|
RETURN_FALSE; |
| 977 |
|
|
} |
| 978 |
|
|
|
| 979 |
|
|
+ if (strlen(pathto) != pathto_len) { |
| 980 |
|
|
+ RETURN_FALSE; |
| 981 |
|
|
+ } |
| 982 |
|
|
+ |
| 983 |
|
|
if (php_stream_stat_path(pathto, &ssb) < 0) { |
| 984 |
|
|
ret = php_stream_mkdir(pathto, 0777, PHP_STREAM_MKDIR_RECURSIVE, NULL); |
| 985 |
|
|
if (!ret) { |
| 986 |
|
|
@@ -2449,6 +2461,9 @@ static void php_zip_get_from(INTERNAL_FU |
| 987 |
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|ll", &filename, &filename_len, &len, &flags) == FAILURE) { |
| 988 |
|
|
return; |
| 989 |
|
|
} |
| 990 |
|
|
+ if (strlen(filename) != filename_len) { |
| 991 |
|
|
+ return; |
| 992 |
|
|
+ } |
| 993 |
|
|
PHP_ZIP_STAT_PATH(intern, filename, filename_len, flags, sb); |
| 994 |
|
|
} else { |
| 995 |
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|ll", &index, &len, &flags) == FAILURE) { |
| 996 |
|
|
diff -up php-5.3.3/main/fopen_wrappers.c.cve7243 php-5.3.3/main/fopen_wrappers.c |
| 997 |
|
|
--- php-5.3.3/main/fopen_wrappers.c.cve7243 2010-04-22 00:22:31.000000000 +0200 |
| 998 |
|
|
+++ php-5.3.3/main/fopen_wrappers.c 2013-05-03 11:57:08.304141677 +0200 |
| 999 |
|
|
@@ -519,6 +519,10 @@ PHPAPI char *php_resolve_path(const char |
| 1000 |
|
|
return NULL; |
| 1001 |
|
|
} |
| 1002 |
|
|
|
| 1003 |
|
|
+ if (strlen(filename) != filename_length) { |
| 1004 |
|
|
+ return NULL; |
| 1005 |
|
|
+ } |
| 1006 |
|
|
+ |
| 1007 |
|
|
/* Don't resolve paths which contain protocol (except of file://) */ |
| 1008 |
|
|
for (p = filename; isalnum((int)*p) || *p == '+' || *p == '-' || *p == '.'; p++); |
| 1009 |
|
|
if ((*p == ':') && (p - filename > 1) && (p[1] == '/') && (p[2] == '/')) { |
| 1010 |
|
|
diff -up php-5.3.3/Zend/zend_vm_execute.h.cve7243 php-5.3.3/Zend/zend_vm_execute.h |
| 1011 |
|
|
--- php-5.3.3/Zend/zend_vm_execute.h.cve7243 2010-07-05 11:08:35.000000000 +0200 |
| 1012 |
|
|
+++ php-5.3.3/Zend/zend_vm_execute.h 2013-05-03 11:57:08.290141599 +0200 |
| 1013 |
|
|
@@ -1880,6 +1880,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1014 |
|
|
|
| 1015 |
|
|
return_value_used = RETURN_VALUE_USED(opline); |
| 1016 |
|
|
|
| 1017 |
|
|
+ if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { |
| 1018 |
|
|
+ if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || |
| 1019 |
|
|
+ Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { |
| 1020 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1021 |
|
|
+ } else { |
| 1022 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1023 |
|
|
+ } |
| 1024 |
|
|
+ goto done; |
| 1025 |
|
|
+ } |
| 1026 |
|
|
+ |
| 1027 |
|
|
switch (Z_LVAL(opline->op2.u.constant)) { |
| 1028 |
|
|
case ZEND_INCLUDE_ONCE: |
| 1029 |
|
|
case ZEND_REQUIRE_ONCE: { |
| 1030 |
|
|
@@ -1933,6 +1943,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1031 |
|
|
break; |
| 1032 |
|
|
EMPTY_SWITCH_DEFAULT_CASE() |
| 1033 |
|
|
} |
| 1034 |
|
|
+done: |
| 1035 |
|
|
if (inc_filename==&tmp_inc_filename) { |
| 1036 |
|
|
zval_dtor(&tmp_inc_filename); |
| 1037 |
|
|
} |
| 1038 |
|
|
@@ -5154,6 +5165,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1039 |
|
|
|
| 1040 |
|
|
return_value_used = RETURN_VALUE_USED(opline); |
| 1041 |
|
|
|
| 1042 |
|
|
+ if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { |
| 1043 |
|
|
+ if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || |
| 1044 |
|
|
+ Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { |
| 1045 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1046 |
|
|
+ } else { |
| 1047 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1048 |
|
|
+ } |
| 1049 |
|
|
+ goto done; |
| 1050 |
|
|
+ } |
| 1051 |
|
|
+ |
| 1052 |
|
|
switch (Z_LVAL(opline->op2.u.constant)) { |
| 1053 |
|
|
case ZEND_INCLUDE_ONCE: |
| 1054 |
|
|
case ZEND_REQUIRE_ONCE: { |
| 1055 |
|
|
@@ -5207,6 +5228,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1056 |
|
|
break; |
| 1057 |
|
|
EMPTY_SWITCH_DEFAULT_CASE() |
| 1058 |
|
|
} |
| 1059 |
|
|
+done: |
| 1060 |
|
|
if (inc_filename==&tmp_inc_filename) { |
| 1061 |
|
|
zval_dtor(&tmp_inc_filename); |
| 1062 |
|
|
} |
| 1063 |
|
|
@@ -8524,6 +8546,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1064 |
|
|
|
| 1065 |
|
|
return_value_used = RETURN_VALUE_USED(opline); |
| 1066 |
|
|
|
| 1067 |
|
|
+ if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { |
| 1068 |
|
|
+ if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || |
| 1069 |
|
|
+ Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { |
| 1070 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1071 |
|
|
+ } else { |
| 1072 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1073 |
|
|
+ } |
| 1074 |
|
|
+ goto done; |
| 1075 |
|
|
+ } |
| 1076 |
|
|
+ |
| 1077 |
|
|
switch (Z_LVAL(opline->op2.u.constant)) { |
| 1078 |
|
|
case ZEND_INCLUDE_ONCE: |
| 1079 |
|
|
case ZEND_REQUIRE_ONCE: { |
| 1080 |
|
|
@@ -8577,6 +8609,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1081 |
|
|
break; |
| 1082 |
|
|
EMPTY_SWITCH_DEFAULT_CASE() |
| 1083 |
|
|
} |
| 1084 |
|
|
+done: |
| 1085 |
|
|
if (inc_filename==&tmp_inc_filename) { |
| 1086 |
|
|
zval_dtor(&tmp_inc_filename); |
| 1087 |
|
|
} |
| 1088 |
|
|
@@ -22387,6 +22420,16 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1089 |
|
|
|
| 1090 |
|
|
return_value_used = RETURN_VALUE_USED(opline); |
| 1091 |
|
|
|
| 1092 |
|
|
+ if (Z_LVAL(opline->op2.u.constant) != ZEND_EVAL && strlen(Z_STRVAL_P(inc_filename)) != Z_STRLEN_P(inc_filename)) { |
| 1093 |
|
|
+ if (Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE_ONCE || |
| 1094 |
|
|
+ Z_LVAL(opline->op2.u.constant)==ZEND_INCLUDE) { |
| 1095 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_INCLUDE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1096 |
|
|
+ } else { |
| 1097 |
|
|
+ zend_message_dispatcher(ZMSG_FAILED_REQUIRE_FOPEN, Z_STRVAL_P(inc_filename) TSRMLS_CC); |
| 1098 |
|
|
+ } |
| 1099 |
|
|
+ goto done; |
| 1100 |
|
|
+ } |
| 1101 |
|
|
+ |
| 1102 |
|
|
switch (Z_LVAL(opline->op2.u.constant)) { |
| 1103 |
|
|
case ZEND_INCLUDE_ONCE: |
| 1104 |
|
|
case ZEND_REQUIRE_ONCE: { |
| 1105 |
|
|
@@ -22440,6 +22483,7 @@ static int ZEND_FASTCALL ZEND_INCLUDE_O |
| 1106 |
|
|
break; |
| 1107 |
|
|
EMPTY_SWITCH_DEFAULT_CASE() |
| 1108 |
|
|
} |
| 1109 |
|
|
+done: |
| 1110 |
|
|
if (inc_filename==&tmp_inc_filename) { |
| 1111 |
|
|
zval_dtor(&tmp_inc_filename); |
| 1112 |
|
|
} |
| 1113 |
|
|
From 7deec592fdc57f7a4d96390d021c9ae2e9715cee Mon Sep 17 00:00:00 2001 |
| 1114 |
|
|
From: Pierre Joye <pajoye@php.net> |
| 1115 |
|
|
Date: Mon, 21 Feb 2011 10:09:50 +0000 |
| 1116 |
|
|
Subject: [PATCH] - fix test 025 |
| 1117 |
|
|
|
| 1118 |
|
|
--- |
| 1119 |
|
|
ext/openssl/openssl.c | 3 +-- |
| 1120 |
|
|
1 file changed, 1 insertion(+), 2 deletions(-) |
| 1121 |
|
|
|
| 1122 |
|
|
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c |
| 1123 |
|
|
index 47deeb3..5f86bb8 100644 |
| 1124 |
|
|
--- a/ext/openssl/openssl.c |
| 1125 |
|
|
+++ b/ext/openssl/openssl.c |
| 1126 |
|
|
@@ -3543,14 +3543,13 @@ PHP_FUNCTION(openssl_pkcs7_sign) |
| 1127 |
|
|
char * outfilename; int outfilename_len; |
| 1128 |
|
|
char * extracertsfilename = NULL; int extracertsfilename_len; |
| 1129 |
|
|
|
| 1130 |
|
|
- RETVAL_FALSE; |
| 1131 |
|
|
- |
| 1132 |
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls", |
| 1133 |
|
|
&infilename, &infilename_len, &outfilename, &outfilename_len, |
| 1134 |
|
|
&zcert, &zprivkey, &zheaders, &flags, &extracertsfilename, |
| 1135 |
|
|
&extracertsfilename_len) == FAILURE) { |
| 1136 |
|
|
return; |
| 1137 |
|
|
} |
| 1138 |
|
|
+ RETVAL_FALSE; |
| 1139 |
|
|
|
| 1140 |
|
|
if (strlen(infilename) != infilename_len) { |
| 1141 |
|
|
return; |
| 1142 |
|
|
-- |
| 1143 |
|
|
1.7.11.5 |
| 1144 |
|
|
|
| 1145 |
|
|
From 2a545be57f7ca7bc269eb9c93a07e1b85d4e8172 Mon Sep 17 00:00:00 2001 |
| 1146 |
|
|
From: =?utf8?q?Gustavo=20Andr=C3=A9=20dos=20Santos=20Lopes?= |
| 1147 |
|
|
<cataphract@php.net> |
| 1148 |
|
|
Date: Mon, 22 Nov 2010 05:10:14 +0000 |
| 1149 |
|
|
Subject: [PATCH] - Fix tests for \0 patch in PHP 5.3. - Fix |
| 1150 |
|
|
constants_error_004.phpt (closes bug #51901) |
| 1151 |
|
|
|
| 1152 |
|
|
--- |
| 1153 |
|
|
ext/standard/tests/file/copy_variation4.phpt | Bin 4654 -> 4467 bytes |
| 1154 |
|
|
.../tests/file/disk_free_space_variation.phpt | 16 +++++------ |
| 1155 |
|
|
.../file/file_get_contents_variation8-win32.phpt | 2 -- |
| 1156 |
|
|
.../tests/file/file_get_contents_variation8.phpt | 2 -- |
| 1157 |
|
|
.../tests/file/file_put_contents_variation8.phpt | Bin 2302 -> 2228 bytes |
| 1158 |
|
|
ext/standard/tests/file/filegroup_variation3.phpt | 4 +-- |
| 1159 |
|
|
ext/standard/tests/file/fileinode_variation3.phpt | 4 +-- |
| 1160 |
|
|
ext/standard/tests/file/fileowner_variation3.phpt | 4 +-- |
| 1161 |
|
|
ext/standard/tests/file/fileperms_variation3.phpt | 4 +-- |
| 1162 |
|
|
ext/standard/tests/file/fnmatch_variation.phpt | 30 ++++++++++----------- |
| 1163 |
|
|
ext/standard/tests/file/glob_variation.phpt | 23 +++++----------- |
| 1164 |
|
|
ext/standard/tests/file/is_dir_variation4.phpt | 4 +-- |
| 1165 |
|
|
.../tests/file/is_executable_variation1.phpt | 4 +-- |
| 1166 |
|
|
ext/standard/tests/file/is_file_variation4.phpt | 4 +-- |
| 1167 |
|
|
.../tests/file/is_readable_variation1.phpt | 6 ++--- |
| 1168 |
|
|
.../tests/file/is_writable_variation1.phpt | 12 ++++----- |
| 1169 |
|
|
.../tests/file/mkdir_rmdir_variation2.phpt | 4 +-- |
| 1170 |
|
|
.../tests/file/readfile_variation10-win32.phpt | 14 +++++++--- |
| 1171 |
|
|
ext/standard/tests/file/readfile_variation10.phpt | Bin 1786 -> 1847 bytes |
| 1172 |
|
|
.../tests/file/rename_variation13-win32.phpt | Bin 3947 -> 3805 bytes |
| 1173 |
|
|
ext/standard/tests/file/rename_variation13.phpt | 4 --- |
| 1174 |
|
|
ext/standard/tests/file/stream_rfc2397_006.phpt | 4 +-- |
| 1175 |
|
|
.../tests/file/tempnam_variation3-win32.phpt | 5 ++-- |
| 1176 |
|
|
ext/standard/tests/file/tempnam_variation3.phpt | 6 ++--- |
| 1177 |
|
|
.../tests/file/tempnam_variation7-win32.phpt | 6 ++--- |
| 1178 |
|
|
ext/standard/tests/file/tempnam_variation7.phpt | 6 ++--- |
| 1179 |
|
|
tests/classes/constants_error_004.phpt | 2 +- |
| 1180 |
|
|
27 files changed, 81 insertions(+), 89 deletions(-) |
| 1181 |
|
|
|
| 1182 |
|
|
diff --git a/ext/standard/tests/file/copy_variation4.phpt b/ext/standard/tests/file/copy_variation4.phpt |
| 1183 |
|
|
index 48386743f325e3cfedaa7712443a6af249aa9593..32756c1ede19ac8fb5e1029e4cd549b1bf42c199 100644 |
| 1184 |
|
|
GIT binary patch |
| 1185 |
|
|
delta 51 |
| 1186 |
|
|
zcmZ3d@>yxZ<c+rzm>82bTQfi7n4BXhH<_PLmnAJRr+BhGUo3Z0etwPyh?lCl*@yQL |
| 1187 |
|
|
F3jp%@5;6b) |
| 1188 |
|
|
|
| 1189 |
|
|
delta 78 |
| 1190 |
|
|
zcmV-U0I~n`BCaHmlPgzAP9iA^ARuIEWhf$ZYiV#GL~kH&Z*(AXb#5SUZXj1_Ze(wF |
| 1191 |
|
|
kb0R4_3bA&50<-i2<_MGe2+RQhlO7R5lL!hcv!D#q1Rf_E<^TWy |
| 1192 |
|
|
|
| 1193 |
|
|
diff --git a/ext/standard/tests/file/disk_free_space_variation.phpt b/ext/standard/tests/file/disk_free_space_variation.phpt |
| 1194 |
|
|
index c180998..178f857 100644 |
| 1195 |
|
|
--- a/ext/standard/tests/file/disk_free_space_variation.phpt |
| 1196 |
|
|
+++ b/ext/standard/tests/file/disk_free_space_variation.phpt |
| 1197 |
|
|
@@ -105,19 +105,19 @@ float(%d) |
| 1198 |
|
|
float(%d) |
| 1199 |
|
|
|
| 1200 |
|
|
-- Iteration 9 -- |
| 1201 |
|
|
-float(%d) |
| 1202 |
|
|
-float(%d) |
| 1203 |
|
|
+bool(false) |
| 1204 |
|
|
+bool(false) |
| 1205 |
|
|
|
| 1206 |
|
|
-- Iteration 10 -- |
| 1207 |
|
|
-float(%d) |
| 1208 |
|
|
-float(%d) |
| 1209 |
|
|
+bool(false) |
| 1210 |
|
|
+bool(false) |
| 1211 |
|
|
|
| 1212 |
|
|
-- Iteration 11 -- |
| 1213 |
|
|
-float(%d) |
| 1214 |
|
|
-float(%d) |
| 1215 |
|
|
+bool(false) |
| 1216 |
|
|
+bool(false) |
| 1217 |
|
|
|
| 1218 |
|
|
-- Iteration 12 -- |
| 1219 |
|
|
-float(%d) |
| 1220 |
|
|
-float(%d) |
| 1221 |
|
|
+bool(false) |
| 1222 |
|
|
+bool(false) |
| 1223 |
|
|
|
| 1224 |
|
|
--- Done --- |
| 1225 |
|
|
diff --git a/ext/standard/tests/file/file_get_contents_variation8-win32.phpt b/ext/standard/tests/file/file_get_contents_variation8-win32.phpt |
| 1226 |
|
|
index 43d742a..c0074ff 100644 |
| 1227 |
|
|
--- a/ext/standard/tests/file/file_get_contents_variation8-win32.phpt |
| 1228 |
|
|
+++ b/ext/standard/tests/file/file_get_contents_variation8-win32.phpt |
| 1229 |
|
|
@@ -76,8 +76,6 @@ Warning: file_get_contents( ): failed to open stream: Permission denied in %s on |
| 1230 |
|
|
bool(false) |
| 1231 |
|
|
|
| 1232 |
|
|
-- Filename: \0 -- |
| 1233 |
|
|
- |
| 1234 |
|
|
-Warning: file_get_contents(): Filename cannot be empty in %s on line %d |
| 1235 |
|
|
bool(false) |
| 1236 |
|
|
|
| 1237 |
|
|
-- Filename: array() -- |
| 1238 |
|
|
diff --git a/ext/standard/tests/file/file_get_contents_variation8.phpt b/ext/standard/tests/file/file_get_contents_variation8.phpt |
| 1239 |
|
|
index dca75a0..84621e1 100644 |
| 1240 |
|
|
--- a/ext/standard/tests/file/file_get_contents_variation8.phpt |
| 1241 |
|
|
+++ b/ext/standard/tests/file/file_get_contents_variation8.phpt |
| 1242 |
|
|
@@ -68,8 +68,6 @@ bool(false) |
| 1243 |
|
|
Warning: file_get_contents( ): failed to open stream: No such file or directory in %s on line %d |
| 1244 |
|
|
bool(false) |
| 1245 |
|
|
-- Iteration 6 -- |
| 1246 |
|
|
- |
| 1247 |
|
|
-Warning: file_get_contents(): Filename cannot be empty in %s on line %d |
| 1248 |
|
|
bool(false) |
| 1249 |
|
|
-- Iteration 7 -- |
| 1250 |
|
|
|
| 1251 |
|
|
diff --git a/ext/standard/tests/file/file_put_contents_variation8.phpt b/ext/standard/tests/file/file_put_contents_variation8.phpt |
| 1252 |
|
|
index 1e27e71334165f687b4bf263cfd56e934dbce78d..c35ace47b2c0037484e7d90885bd0876d29a7e9f 100644 |
| 1253 |
|
|
GIT binary patch |
| 1254 |
|
|
delta 20 |
| 1255 |
|
|
ccmew-xJ7WoU$)5?*d-_Xvhi)sW1qkX0A3phxBvhE |
| 1256 |
|
|
|
| 1257 |
|
|
delta 18 |
| 1258 |
|
|
acmdlY_)l=dU$)5!Y)Om^o5k4YF#-Tc0tQn6 |
| 1259 |
|
|
|
| 1260 |
|
|
diff --git a/ext/standard/tests/file/filegroup_variation3.phpt b/ext/standard/tests/file/filegroup_variation3.phpt |
| 1261 |
|
|
index dd875a0..c41f383 100644 |
| 1262 |
|
|
--- a/ext/standard/tests/file/filegroup_variation3.phpt |
| 1263 |
|
|
+++ b/ext/standard/tests/file/filegroup_variation3.phpt |
| 1264 |
|
|
@@ -74,8 +74,8 @@ bool(false) |
| 1265 |
|
|
Warning: filegroup(): stat failed for %s/filegroup_variation3/filegroup*.tmp in %s on line %d |
| 1266 |
|
|
bool(false) |
| 1267 |
|
|
- Iteration 7 - |
| 1268 |
|
|
-int(%d) |
| 1269 |
|
|
+bool(false) |
| 1270 |
|
|
- Iteration 8 - |
| 1271 |
|
|
-int(%d) |
| 1272 |
|
|
+bool(false) |
| 1273 |
|
|
|
| 1274 |
|
|
*** Done *** |
| 1275 |
|
|
diff --git a/ext/standard/tests/file/fileinode_variation3.phpt b/ext/standard/tests/file/fileinode_variation3.phpt |
| 1276 |
|
|
index c81b573..23cf3c7 100644 |
| 1277 |
|
|
--- a/ext/standard/tests/file/fileinode_variation3.phpt |
| 1278 |
|
|
+++ b/ext/standard/tests/file/fileinode_variation3.phpt |
| 1279 |
|
|
@@ -75,8 +75,8 @@ bool(false) |
| 1280 |
|
|
Warning: fileinode(): stat failed for %s/fileinode_variation3/fileinode*.tmp in %s on line %d |
| 1281 |
|
|
bool(false) |
| 1282 |
|
|
- Iteration 7 - |
| 1283 |
|
|
-int(%d) |
| 1284 |
|
|
+bool(false) |
| 1285 |
|
|
- Iteration 8 - |
| 1286 |
|
|
-int(%d) |
| 1287 |
|
|
+bool(false) |
| 1288 |
|
|
|
| 1289 |
|
|
*** Done *** |
| 1290 |
|
|
diff --git a/ext/standard/tests/file/fileowner_variation3.phpt b/ext/standard/tests/file/fileowner_variation3.phpt |
| 1291 |
|
|
index 2a322b6..b2691e9 100644 |
| 1292 |
|
|
--- a/ext/standard/tests/file/fileowner_variation3.phpt |
| 1293 |
|
|
+++ b/ext/standard/tests/file/fileowner_variation3.phpt |
| 1294 |
|
|
@@ -75,8 +75,8 @@ bool(false) |
| 1295 |
|
|
Warning: fileowner(): stat failed for %s/fileowner_variation3/fileowner*.tmp in %s on line %d |
| 1296 |
|
|
bool(false) |
| 1297 |
|
|
- Iteration 7 - |
| 1298 |
|
|
-int(%d) |
| 1299 |
|
|
+bool(false) |
| 1300 |
|
|
- Iteration 8 - |
| 1301 |
|
|
-int(%d) |
| 1302 |
|
|
+bool(false) |
| 1303 |
|
|
|
| 1304 |
|
|
*** Done *** |
| 1305 |
|
|
diff --git a/ext/standard/tests/file/fileperms_variation3.phpt b/ext/standard/tests/file/fileperms_variation3.phpt |
| 1306 |
|
|
index 38101e3..1e7396a 100644 |
| 1307 |
|
|
--- a/ext/standard/tests/file/fileperms_variation3.phpt |
| 1308 |
|
|
+++ b/ext/standard/tests/file/fileperms_variation3.phpt |
| 1309 |
|
|
@@ -74,8 +74,8 @@ bool(false) |
| 1310 |
|
|
Warning: fileperms(): stat failed for %s/fileperms_variation3/fileperms*.tmp in %s on line %d |
| 1311 |
|
|
bool(false) |
| 1312 |
|
|
- Iteration 7 - |
| 1313 |
|
|
-int(%d) |
| 1314 |
|
|
+bool(false) |
| 1315 |
|
|
- Iteration 8 - |
| 1316 |
|
|
-int(%d) |
| 1317 |
|
|
+bool(false) |
| 1318 |
|
|
|
| 1319 |
|
|
*** Done *** |
| 1320 |
|
|
diff --git a/ext/standard/tests/file/fnmatch_variation.phpt b/ext/standard/tests/file/fnmatch_variation.phpt |
| 1321 |
|
|
index e65bdd0..13afebb 100644 |
| 1322 |
|
|
--- a/ext/standard/tests/file/fnmatch_variation.phpt |
| 1323 |
|
|
+++ b/ext/standard/tests/file/fnmatch_variation.phpt |
| 1324 |
|
|
@@ -259,21 +259,21 @@ bool(true) |
| 1325 |
|
|
--- With Strings --- |
| 1326 |
|
|
-- Iteration 0 -- |
| 1327 |
|
|
bool(true) |
| 1328 |
|
|
-bool(true) |
| 1329 |
|
|
+bool(false) |
| 1330 |
|
|
bool(true) |
| 1331 |
|
|
bool(false) |
| 1332 |
|
|
bool(false) |
| 1333 |
|
|
bool(true) |
| 1334 |
|
|
-- Iteration 1 -- |
| 1335 |
|
|
-bool(true) |
| 1336 |
|
|
-bool(true) |
| 1337 |
|
|
-bool(true) |
| 1338 |
|
|
bool(false) |
| 1339 |
|
|
bool(false) |
| 1340 |
|
|
-bool(true) |
| 1341 |
|
|
+bool(false) |
| 1342 |
|
|
+bool(false) |
| 1343 |
|
|
+bool(false) |
| 1344 |
|
|
+bool(false) |
| 1345 |
|
|
-- Iteration 2 -- |
| 1346 |
|
|
bool(true) |
| 1347 |
|
|
-bool(true) |
| 1348 |
|
|
+bool(false) |
| 1349 |
|
|
bool(true) |
| 1350 |
|
|
bool(false) |
| 1351 |
|
|
bool(false) |
| 1352 |
|
|
@@ -282,7 +282,7 @@ bool(true) |
| 1353 |
|
|
bool(false) |
| 1354 |
|
|
bool(false) |
| 1355 |
|
|
bool(false) |
| 1356 |
|
|
-bool(true) |
| 1357 |
|
|
+bool(false) |
| 1358 |
|
|
bool(false) |
| 1359 |
|
|
bool(false) |
| 1360 |
|
|
-- Iteration 4 -- |
| 1361 |
|
|
@@ -294,7 +294,7 @@ bool(true) |
| 1362 |
|
|
bool(false) |
| 1363 |
|
|
-- Iteration 5 -- |
| 1364 |
|
|
bool(true) |
| 1365 |
|
|
-bool(true) |
| 1366 |
|
|
+bool(false) |
| 1367 |
|
|
bool(true) |
| 1368 |
|
|
bool(false) |
| 1369 |
|
|
bool(false) |
| 1370 |
|
|
@@ -397,28 +397,28 @@ bool(true) |
| 1371 |
|
|
bool(true) |
| 1372 |
|
|
bool(true) |
| 1373 |
|
|
bool(true) |
| 1374 |
|
|
-bool(true) |
| 1375 |
|
|
+bool(false) |
| 1376 |
|
|
bool(false) |
| 1377 |
|
|
bool(false) |
| 1378 |
|
|
-- Iteration 1 -- |
| 1379 |
|
|
bool(true) |
| 1380 |
|
|
bool(true) |
| 1381 |
|
|
bool(true) |
| 1382 |
|
|
-bool(true) |
| 1383 |
|
|
+bool(false) |
| 1384 |
|
|
bool(false) |
| 1385 |
|
|
bool(false) |
| 1386 |
|
|
-- Iteration 2 -- |
| 1387 |
|
|
bool(true) |
| 1388 |
|
|
bool(true) |
| 1389 |
|
|
bool(true) |
| 1390 |
|
|
-bool(true) |
| 1391 |
|
|
+bool(false) |
| 1392 |
|
|
bool(false) |
| 1393 |
|
|
bool(false) |
| 1394 |
|
|
-- Iteration 3 -- |
| 1395 |
|
|
-bool(true) |
| 1396 |
|
|
-bool(true) |
| 1397 |
|
|
-bool(true) |
| 1398 |
|
|
-bool(true) |
| 1399 |
|
|
+bool(false) |
| 1400 |
|
|
+bool(false) |
| 1401 |
|
|
+bool(false) |
| 1402 |
|
|
+bool(false) |
| 1403 |
|
|
bool(false) |
| 1404 |
|
|
bool(false) |
| 1405 |
|
|
-- Iteration 4 -- |
| 1406 |
|
|
diff --git a/ext/standard/tests/file/glob_variation.phpt b/ext/standard/tests/file/glob_variation.phpt |
| 1407 |
|
|
index 52c0dc8..64d3d8a 100755 |
| 1408 |
|
|
--- a/ext/standard/tests/file/glob_variation.phpt |
| 1409 |
|
|
+++ b/ext/standard/tests/file/glob_variation.phpt |
| 1410 |
|
|
@@ -325,20 +325,12 @@ array(0) { |
| 1411 |
|
|
} |
| 1412 |
|
|
|
| 1413 |
|
|
-- Iteration 8 -- |
| 1414 |
|
|
-array(0) { |
| 1415 |
|
|
-} |
| 1416 |
|
|
-array(0) { |
| 1417 |
|
|
-} |
| 1418 |
|
|
-array(0) { |
| 1419 |
|
|
-} |
| 1420 |
|
|
-array(1) { |
| 1421 |
|
|
- [0]=> |
| 1422 |
|
|
- string(%d) "%s/glob_variation/WONDER5" |
| 1423 |
|
|
-} |
| 1424 |
|
|
-array(0) { |
| 1425 |
|
|
-} |
| 1426 |
|
|
-array(0) { |
| 1427 |
|
|
-} |
| 1428 |
|
|
+bool(false) |
| 1429 |
|
|
+bool(false) |
| 1430 |
|
|
+bool(false) |
| 1431 |
|
|
+bool(false) |
| 1432 |
|
|
+bool(false) |
| 1433 |
|
|
+bool(false) |
| 1434 |
|
|
|
| 1435 |
|
|
-- Iteration 9 -- |
| 1436 |
|
|
array(0) { |
| 1437 |
|
|
@@ -441,8 +433,7 @@ array(1) { |
| 1438 |
|
|
array(0) { |
| 1439 |
|
|
} |
| 1440 |
|
|
-- Iteration 8 -- |
| 1441 |
|
|
-array(0) { |
| 1442 |
|
|
-} |
| 1443 |
|
|
+bool(false) |
| 1444 |
|
|
-- Iteration 9 -- |
| 1445 |
|
|
array(0) { |
| 1446 |
|
|
} |
| 1447 |
|
|
diff --git a/ext/standard/tests/file/is_dir_variation4.phpt b/ext/standard/tests/file/is_dir_variation4.phpt |
| 1448 |
|
|
index a68fe0b..b83d185 100644 |
| 1449 |
|
|
--- a/ext/standard/tests/file/is_dir_variation4.phpt |
| 1450 |
|
|
+++ b/ext/standard/tests/file/is_dir_variation4.phpt |
| 1451 |
|
|
@@ -77,9 +77,9 @@ bool(true) |
| 1452 |
|
|
bool(false) |
| 1453 |
|
|
|
| 1454 |
|
|
-- Iteration 9 -- |
| 1455 |
|
|
-bool(true) |
| 1456 |
|
|
+bool(false) |
| 1457 |
|
|
|
| 1458 |
|
|
-- Iteration 10 -- |
| 1459 |
|
|
-bool(true) |
| 1460 |
|
|
+bool(false) |
| 1461 |
|
|
|
| 1462 |
|
|
*** Done *** |
| 1463 |
|
|
diff --git a/ext/standard/tests/file/is_executable_variation1.phpt b/ext/standard/tests/file/is_executable_variation1.phpt |
| 1464 |
|
|
index 9969911..bc826b9 100644 |
| 1465 |
|
|
--- a/ext/standard/tests/file/is_executable_variation1.phpt |
| 1466 |
|
|
+++ b/ext/standard/tests/file/is_executable_variation1.phpt |
| 1467 |
|
|
@@ -76,9 +76,9 @@ bool(false) |
| 1468 |
|
|
-- Iteration 5 -- |
| 1469 |
|
|
bool(false) |
| 1470 |
|
|
-- Iteration 6 -- |
| 1471 |
|
|
-bool(true) |
| 1472 |
|
|
+bool(false) |
| 1473 |
|
|
-- Iteration 7 -- |
| 1474 |
|
|
-bool(true) |
| 1475 |
|
|
+bool(false) |
| 1476 |
|
|
-- Iteration 8 -- |
| 1477 |
|
|
bool(false) |
| 1478 |
|
|
-- Iteration 9 -- |
| 1479 |
|
|
diff --git a/ext/standard/tests/file/is_file_variation4.phpt b/ext/standard/tests/file/is_file_variation4.phpt |
| 1480 |
|
|
index 55aeedf..fbdf438 100644 |
| 1481 |
|
|
--- a/ext/standard/tests/file/is_file_variation4.phpt |
| 1482 |
|
|
+++ b/ext/standard/tests/file/is_file_variation4.phpt |
| 1483 |
|
|
@@ -67,8 +67,8 @@ bool(false) |
| 1484 |
|
|
- Iteration 6 - |
| 1485 |
|
|
bool(false) |
| 1486 |
|
|
- Iteration 7 - |
| 1487 |
|
|
-bool(true) |
| 1488 |
|
|
+bool(false) |
| 1489 |
|
|
- Iteration 8 - |
| 1490 |
|
|
-bool(true) |
| 1491 |
|
|
+bool(false) |
| 1492 |
|
|
|
| 1493 |
|
|
*** Done *** |
| 1494 |
|
|
diff --git a/ext/standard/tests/file/is_readable_variation1.phpt b/ext/standard/tests/file/is_readable_variation1.phpt |
| 1495 |
|
|
index a131032..7493574 100644 |
| 1496 |
|
|
--- a/ext/standard/tests/file/is_readable_variation1.phpt |
| 1497 |
|
|
+++ b/ext/standard/tests/file/is_readable_variation1.phpt |
| 1498 |
|
|
@@ -87,11 +87,11 @@ bool(false) |
| 1499 |
|
|
-- Iteration 6 -- |
| 1500 |
|
|
bool(false) |
| 1501 |
|
|
-- Iteration 7 -- |
| 1502 |
|
|
-bool(true) |
| 1503 |
|
|
+bool(false) |
| 1504 |
|
|
-- Iteration 8 -- |
| 1505 |
|
|
-bool(true) |
| 1506 |
|
|
+bool(false) |
| 1507 |
|
|
-- Iteration 9 -- |
| 1508 |
|
|
-bool(true) |
| 1509 |
|
|
+bool(false) |
| 1510 |
|
|
-- Iteration 10 -- |
| 1511 |
|
|
bool(true) |
| 1512 |
|
|
-- Iteration 11 -- |
| 1513 |
|
|
diff --git a/ext/standard/tests/file/is_writable_variation1.phpt b/ext/standard/tests/file/is_writable_variation1.phpt |
| 1514 |
|
|
index bf3e7e1..1f3cbf5 100644 |
| 1515 |
|
|
--- a/ext/standard/tests/file/is_writable_variation1.phpt |
| 1516 |
|
|
+++ b/ext/standard/tests/file/is_writable_variation1.phpt |
| 1517 |
|
|
@@ -96,14 +96,14 @@ bool(false) |
| 1518 |
|
|
bool(false) |
| 1519 |
|
|
bool(false) |
| 1520 |
|
|
-- Iteration 7 -- |
| 1521 |
|
|
-bool(true) |
| 1522 |
|
|
-bool(true) |
| 1523 |
|
|
+bool(false) |
| 1524 |
|
|
+bool(false) |
| 1525 |
|
|
-- Iteration 8 -- |
| 1526 |
|
|
-bool(true) |
| 1527 |
|
|
-bool(true) |
| 1528 |
|
|
+bool(false) |
| 1529 |
|
|
+bool(false) |
| 1530 |
|
|
-- Iteration 9 -- |
| 1531 |
|
|
-bool(true) |
| 1532 |
|
|
-bool(true) |
| 1533 |
|
|
+bool(false) |
| 1534 |
|
|
+bool(false) |
| 1535 |
|
|
-- Iteration 10 -- |
| 1536 |
|
|
bool(true) |
| 1537 |
|
|
bool(true) |
| 1538 |
|
|
diff --git a/ext/standard/tests/file/mkdir_rmdir_variation2.phpt b/ext/standard/tests/file/mkdir_rmdir_variation2.phpt |
| 1539 |
|
|
index e7c41c4..101e890 100644 |
| 1540 |
|
|
--- a/ext/standard/tests/file/mkdir_rmdir_variation2.phpt |
| 1541 |
|
|
+++ b/ext/standard/tests/file/mkdir_rmdir_variation2.phpt |
| 1542 |
|
|
@@ -64,8 +64,8 @@ Warning: rmdir(%s/mkdir_variation2/): %s on line %d |
| 1543 |
|
|
bool(false) |
| 1544 |
|
|
|
| 1545 |
|
|
*** Testing mkdir() and rmdir() for binary safe functionality *** |
| 1546 |
|
|
-bool(true) |
| 1547 |
|
|
-bool(true) |
| 1548 |
|
|
+bool(false) |
| 1549 |
|
|
+bool(false) |
| 1550 |
|
|
|
| 1551 |
|
|
*** Testing mkdir() with miscelleneous input *** |
| 1552 |
|
|
bool(true) |
| 1553 |
|
|
diff --git a/ext/standard/tests/file/readfile_variation10-win32.phpt b/ext/standard/tests/file/readfile_variation10-win32.phpt |
| 1554 |
|
|
index 6453b98..1624194 100644 |
| 1555 |
|
|
--- a/ext/standard/tests/file/readfile_variation10-win32.phpt |
| 1556 |
|
|
+++ b/ext/standard/tests/file/readfile_variation10-win32.phpt |
| 1557 |
|
|
@@ -37,7 +37,7 @@ $names_arr = array( |
| 1558 |
|
|
|
| 1559 |
|
|
foreach($names_arr as $key => $value) { |
| 1560 |
|
|
echo "\n-- Filename: $key --\n"; |
| 1561 |
|
|
- readfile($value); |
| 1562 |
|
|
+ var_dump(readfile($value)); |
| 1563 |
|
|
}; |
| 1564 |
|
|
|
| 1565 |
|
|
?> |
| 1566 |
|
|
@@ -48,40 +48,48 @@ foreach($names_arr as $key => $value) { |
| 1567 |
|
|
-- Filename: -1 -- |
| 1568 |
|
|
|
| 1569 |
|
|
Warning: readfile(-1): failed to open stream: No such file or directory in %s on line %d |
| 1570 |
|
|
+bool(false) |
| 1571 |
|
|
|
| 1572 |
|
|
-- Filename: TRUE -- |
| 1573 |
|
|
|
| 1574 |
|
|
Warning: readfile(1): failed to open stream: No such file or directory in %s on line %d |
| 1575 |
|
|
+bool(false) |
| 1576 |
|
|
|
| 1577 |
|
|
-- Filename: FALSE -- |
| 1578 |
|
|
|
| 1579 |
|
|
Warning: readfile(): Filename cannot be empty in %s on line %d |
| 1580 |
|
|
+bool(false) |
| 1581 |
|
|
|
| 1582 |
|
|
-- Filename: NULL -- |
| 1583 |
|
|
|
| 1584 |
|
|
Warning: readfile(): Filename cannot be empty in %s on line %d |
| 1585 |
|
|
+bool(false) |
| 1586 |
|
|
|
| 1587 |
|
|
-- Filename: "" -- |
| 1588 |
|
|
|
| 1589 |
|
|
Warning: readfile(): Filename cannot be empty in %s on line %d |
| 1590 |
|
|
+bool(false) |
| 1591 |
|
|
|
| 1592 |
|
|
-- Filename: " " -- |
| 1593 |
|
|
|
| 1594 |
|
|
Warning: readfile( ): failed to open stream: Permission denied in %s on line %d |
| 1595 |
|
|
+bool(false) |
| 1596 |
|
|
|
| 1597 |
|
|
-- Filename: \0 -- |
| 1598 |
|
|
- |
| 1599 |
|
|
-Warning: readfile(): Filename cannot be empty in %s on line %d |
| 1600 |
|
|
+bool(false) |
| 1601 |
|
|
|
| 1602 |
|
|
-- Filename: array() -- |
| 1603 |
|
|
|
| 1604 |
|
|
Warning: readfile() expects parameter 1 to be string, array given in %s on line %d |
| 1605 |
|
|
+bool(false) |
| 1606 |
|
|
|
| 1607 |
|
|
-- Filename: /no/such/file/dir -- |
| 1608 |
|
|
|
| 1609 |
|
|
Warning: readfile(/no/such/file/dir): failed to open stream: No such file or directory in %s on line %d |
| 1610 |
|
|
+bool(false) |
| 1611 |
|
|
|
| 1612 |
|
|
-- Filename: php/php -- |
| 1613 |
|
|
|
| 1614 |
|
|
Warning: readfile(php/php): failed to open stream: No such file or directory in %s on line %d |
| 1615 |
|
|
+bool(false) |
| 1616 |
|
|
===Done=== |
| 1617 |
|
|
\ No newline at end of file |
| 1618 |
|
|
diff --git a/ext/standard/tests/file/readfile_variation10.phpt b/ext/standard/tests/file/readfile_variation10.phpt |
| 1619 |
|
|
index a48150aee0fcf1240a7f47b7939c317043ae037f..2caa2de1d259b0012f6f5722b441a25666b1f9b8 100644 |
| 1620 |
|
|
GIT binary patch |
| 1621 |
|
|
delta 216 |
| 1622 |
|
|
zcmeyxyPa=?3bRC6Vo`ibX>Nf=QEFmJT4qkFhDu&yZmQ;FBj(lIN%{FX8fl3+#X$ZY |
| 1623 |
|
|
z=1>%VBTEoTd}Y>96(sYxbafR<Qj1G6^U@X6xsW6#pJdHOG1!<b7KPu>7Au9Mo{LLM |
| 1624 |
|
|
POH08eKQC1Q$lwA1(T_+Z |
| 1625 |
|
|
|
| 1626 |
|
|
delta 94 |
| 1627 |
|
|
zcmdna_ltLf3Nv3(YGO)SW=^VxN?u}a>SP<{)ssInhfLnU5(vjxtRcL*x(X$!#U+_} |
| 1628 |
|
|
q=?dx$lUO7sm$T?je$1LRIg%}A@<Fy3J}xaSEd`hSyi^4sg9`vL;2zZg |
| 1629 |
|
|
|
| 1630 |
|
|
diff --git a/ext/standard/tests/file/rename_variation13-win32.phpt b/ext/standard/tests/file/rename_variation13-win32.phpt |
| 1631 |
|
|
index a86025889d31bedfad6b7214ff98c1a4cd9dcd62..2cd9dbdd949d456a4e7093b3e0993f45f1c71046 100644 |
| 1632 |
|
|
GIT binary patch |
| 1633 |
|
|
delta 25 |
| 1634 |
|
|
gcmaDYcUN`;4>u22Qht7pMp|M{ajNF#W!y)Z0e1xn6#xJL |
| 1635 |
|
|
|
| 1636 |
|
|
delta 26 |
| 1637 |
|
|
icmcaB`&w=T4>u#j<b9lGlN~tyC*S5!*{s36l^Fnh^a#HI |
| 1638 |
|
|
|
| 1639 |
|
|
diff --git a/ext/standard/tests/file/rename_variation13.phpt b/ext/standard/tests/file/rename_variation13.phpt |
| 1640 |
|
|
index 24697d5..2c35198 100644 |
| 1641 |
|
|
--- a/ext/standard/tests/file/rename_variation13.phpt |
| 1642 |
|
|
+++ b/ext/standard/tests/file/rename_variation13.phpt |
| 1643 |
|
|
@@ -98,11 +98,7 @@ bool(true) |
| 1644 |
|
|
Warning: rename( ,%s/renameVar13/afile.tmp): No such file or directory in %s on line %d |
| 1645 |
|
|
bool(false) |
| 1646 |
|
|
-- testing '%s' -- |
| 1647 |
|
|
- |
| 1648 |
|
|
-Warning: rename(%s/renameVar13/afile.tmp,): %s in %s on line %d |
| 1649 |
|
|
bool(false) |
| 1650 |
|
|
- |
| 1651 |
|
|
-Warning: rename(,%s/renameVar13/afile.tmp): %s in %s on line %d |
| 1652 |
|
|
bool(false) |
| 1653 |
|
|
-- testing 'Array' -- |
| 1654 |
|
|
|
| 1655 |
|
|
diff --git a/ext/standard/tests/file/stream_rfc2397_006.phpt b/ext/standard/tests/file/stream_rfc2397_006.phpt |
| 1656 |
|
|
index dab6cd5..b1b3111 100755 |
| 1657 |
|
|
--- a/ext/standard/tests/file/stream_rfc2397_006.phpt |
| 1658 |
|
|
+++ b/ext/standard/tests/file/stream_rfc2397_006.phpt |
| 1659 |
|
|
@@ -21,8 +21,8 @@ foreach($streams as $stream) |
| 1660 |
|
|
===DONE=== |
| 1661 |
|
|
<?php exit(0); ?> |
| 1662 |
|
|
--EXPECTF-- |
| 1663 |
|
|
-string(0) "" |
| 1664 |
|
|
-string(6) "foobar" |
| 1665 |
|
|
+bool(false) |
| 1666 |
|
|
+bool(false) |
| 1667 |
|
|
string(13) "foobar foobar" |
| 1668 |
|
|
|
| 1669 |
|
|
Warning: file_get_contents(data:;base64,#Zm9vYmFyIGZvb2Jhc=): failed to open stream: rfc2397: unable to decode in %sstream_rfc2397_006.php on line %d |
| 1670 |
|
|
diff --git a/ext/standard/tests/file/tempnam_variation3-win32.phpt b/ext/standard/tests/file/tempnam_variation3-win32.phpt |
| 1671 |
|
|
index fb457cb..a51a10a 100644 |
| 1672 |
|
|
--- a/ext/standard/tests/file/tempnam_variation3-win32.phpt |
| 1673 |
|
|
+++ b/ext/standard/tests/file/tempnam_variation3-win32.phpt |
| 1674 |
|
|
@@ -31,8 +31,8 @@ $names_arr = array( |
| 1675 |
|
|
NULL, |
| 1676 |
|
|
"", |
| 1677 |
|
|
" ", |
| 1678 |
|
|
- "\0", |
| 1679 |
|
|
/* Invalid args */ |
| 1680 |
|
|
+ "\0", |
| 1681 |
|
|
array(), |
| 1682 |
|
|
|
| 1683 |
|
|
/* Valid args*/ |
| 1684 |
|
|
@@ -102,7 +102,8 @@ OK |
| 1685 |
|
|
Failed, not created in the correct directory %s vs %s |
| 1686 |
|
|
0 |
| 1687 |
|
|
-- Iteration 6 -- |
| 1688 |
|
|
-OK |
| 1689 |
|
|
+Failed, not created in the correct directory %s vs %s |
| 1690 |
|
|
+0 |
| 1691 |
|
|
-- Iteration 7 -- |
| 1692 |
|
|
|
| 1693 |
|
|
Warning: tempnam() expects parameter 2 to be string, array given in %s\ext\standard\tests\file\tempnam_variation3-win32.php on line %d |
| 1694 |
|
|
diff --git a/ext/standard/tests/file/tempnam_variation3.phpt b/ext/standard/tests/file/tempnam_variation3.phpt |
| 1695 |
|
|
index 69ab16c..4a0e861 100644 |
| 1696 |
|
|
--- a/ext/standard/tests/file/tempnam_variation3.phpt |
| 1697 |
|
|
+++ b/ext/standard/tests/file/tempnam_variation3.phpt |
| 1698 |
|
|
@@ -100,9 +100,9 @@ File name is => %s/%s |
| 1699 |
|
|
File permissions are => 100600 |
| 1700 |
|
|
File created in => directory specified |
| 1701 |
|
|
-- Iteration 6 -- |
| 1702 |
|
|
-File name is => %s/%s |
| 1703 |
|
|
-File permissions are => 100600 |
| 1704 |
|
|
-File created in => directory specified |
| 1705 |
|
|
+-- File is not created -- |
| 1706 |
|
|
+ |
| 1707 |
|
|
+Warning: unlink(): %s in %s on line %d |
| 1708 |
|
|
-- Iteration 7 -- |
| 1709 |
|
|
|
| 1710 |
|
|
Warning: tempnam() expects parameter 2 to be string, array given in %s on line %d |
| 1711 |
|
|
diff --git a/ext/standard/tests/file/tempnam_variation7-win32.phpt b/ext/standard/tests/file/tempnam_variation7-win32.phpt |
| 1712 |
|
|
index 34e352a..8ea839e 100644 |
| 1713 |
|
|
--- a/ext/standard/tests/file/tempnam_variation7-win32.phpt |
| 1714 |
|
|
+++ b/ext/standard/tests/file/tempnam_variation7-win32.phpt |
| 1715 |
|
|
@@ -89,9 +89,9 @@ File name is => %s%et%s |
| 1716 |
|
|
File permissions are => 100666 |
| 1717 |
|
|
File created in => temp dir |
| 1718 |
|
|
-- Iteration 6 -- |
| 1719 |
|
|
-File name is => %s%et%s |
| 1720 |
|
|
-File permissions are => 100666 |
| 1721 |
|
|
-File created in => temp dir |
| 1722 |
|
|
+-- File is not created -- |
| 1723 |
|
|
+ |
| 1724 |
|
|
+Warning: unlink(): %s in %s on line %d |
| 1725 |
|
|
-- Iteration 7 -- |
| 1726 |
|
|
|
| 1727 |
|
|
Warning: tempnam() expects parameter 1 to be string, array given in %s on line %d |
| 1728 |
|
|
diff --git a/ext/standard/tests/file/tempnam_variation7.phpt b/ext/standard/tests/file/tempnam_variation7.phpt |
| 1729 |
|
|
index 18d074d..16f94f0 100644 |
| 1730 |
|
|
--- a/ext/standard/tests/file/tempnam_variation7.phpt |
| 1731 |
|
|
+++ b/ext/standard/tests/file/tempnam_variation7.phpt |
| 1732 |
|
|
@@ -94,9 +94,9 @@ File name is => %s%etempnam_variation3.tmp%s |
| 1733 |
|
|
File permissions are => 100600 |
| 1734 |
|
|
File created in => temp dir |
| 1735 |
|
|
-- Iteration 6 -- |
| 1736 |
|
|
-File name is => %s%etempnam_variation3.tmp%s |
| 1737 |
|
|
-File permissions are => 100600 |
| 1738 |
|
|
-File created in => temp dir |
| 1739 |
|
|
+-- File is not created -- |
| 1740 |
|
|
+ |
| 1741 |
|
|
+Warning: unlink(): %s in %s on line %d |
| 1742 |
|
|
-- Iteration 7 -- |
| 1743 |
|
|
|
| 1744 |
|
|
Warning: tempnam() expects parameter 1 to be string, array given in %s on line %d |
| 1745 |
|
|
diff --git a/tests/classes/constants_error_004.phpt b/tests/classes/constants_error_004.phpt |
| 1746 |
|
|
index 732c530..03e6725 100644 |
| 1747 |
|
|
--- a/tests/classes/constants_error_004.phpt |
| 1748 |
|
|
+++ b/tests/classes/constants_error_004.phpt |
| 1749 |
|
|
@@ -10,4 +10,4 @@ Class constant whose initial value refereces a non-existent class |
| 1750 |
|
|
$a = new C(); |
| 1751 |
|
|
?> |
| 1752 |
|
|
--EXPECTF-- |
| 1753 |
|
|
-Fatal error: Undefined class constant 'D::hello' in %s on line %d |
| 1754 |
|
|
+Fatal error: Class 'D' not found in %s on line %d |
| 1755 |
|
|
-- |
| 1756 |
|
|
1.7.11.5 |
| 1757 |
|
|
|
Parent Directory
| 
Revision Log
| 
Revision Graph
