diff options
Diffstat (limited to 'source/n/php')
| -rw-r--r-- | source/n/php/CVE-2022-31631.patch | 50 | ||||
| -rw-r--r-- | source/n/php/CVE-2023-0567.patch | 142 | ||||
| -rw-r--r-- | source/n/php/CVE-2023-0568.patch | 62 | ||||
| -rw-r--r-- | source/n/php/CVE-2023-0662.patch | 411 | ||||
| -rwxr-xr-x | source/n/php/fetch-php.sh | 4 | ||||
| -rw-r--r-- | source/n/php/mod_php.conf.example | 2 | ||||
| -rwxr-xr-x | source/n/php/php.SlackBuild | 15 | ||||
| -rw-r--r-- | source/n/php/php.enchant-2.patch | 76 | ||||
| -rw-r--r-- | source/n/php/php.ini-development.diff | 10 |
9 files changed, 10 insertions, 762 deletions
diff --git a/source/n/php/CVE-2022-31631.patch b/source/n/php/CVE-2022-31631.patch deleted file mode 100644 index 6aa309549..000000000 --- a/source/n/php/CVE-2022-31631.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 921b6813da3237a83e908998483f46ae3d8bacba Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Mon, 31 Oct 2022 17:20:23 +0100 -Subject: [PATCH] Fix #81740: PDO::quote() may return unquoted string - -`sqlite3_snprintf()` expects its first parameter to be `int`; we need -to avoid overflow. ---- - ext/pdo_sqlite/sqlite_driver.c | 3 +++ - ext/pdo_sqlite/tests/bug81740.phpt | 17 +++++++++++++++++ - 2 files changed, 20 insertions(+) - create mode 100644 ext/pdo_sqlite/tests/bug81740.phpt - -diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c -index 4233ff10ff2e..5a72a1eda23f 100644 ---- a/ext/pdo_sqlite/sqlite_driver.c -+++ b/ext/pdo_sqlite/sqlite_driver.c -@@ -232,6 +232,9 @@ static char *pdo_sqlite_last_insert_id(pdo_dbh_t *dbh, const char *name, size_t - /* NB: doesn't handle binary strings... use prepared stmts for that */ - static int sqlite_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, size_t unquotedlen, char **quoted, size_t *quotedlen, enum pdo_param_type paramtype ) - { -+ if (unquotedlen > (INT_MAX - 3) / 2) { -+ return 0; -+ } - *quoted = safe_emalloc(2, unquotedlen, 3); - sqlite3_snprintf(2*unquotedlen + 3, *quoted, "'%q'", unquoted); - *quotedlen = strlen(*quoted); -diff --git a/ext/pdo_sqlite/tests/bug81740.phpt b/ext/pdo_sqlite/tests/bug81740.phpt -new file mode 100644 -index 000000000000..99fb07c3048b ---- /dev/null -+++ b/ext/pdo_sqlite/tests/bug81740.phpt -@@ -0,0 +1,17 @@ -+--TEST-- -+Bug #81740 (PDO::quote() may return unquoted string) -+--SKIPIF-- -+<?php -+if (!extension_loaded('pdo_sqlite')) print 'skip not loaded'; -+if (getenv("SKIP_SLOW_TESTS")) die("skip slow test"); -+?> -+--INI-- -+memory_limit=-1 -+--FILE-- -+<?php -+$pdo = new PDO("sqlite::memory:"); -+$string = str_repeat("a", 0x80000000); -+var_dump($pdo->quote($string)); -+?> -+--EXPECT-- -+bool(false) diff --git a/source/n/php/CVE-2023-0567.patch b/source/n/php/CVE-2023-0567.patch deleted file mode 100644 index 78defd92b..000000000 --- a/source/n/php/CVE-2023-0567.patch +++ /dev/null @@ -1,142 +0,0 @@ -From 7882d12ff2d8d8c5a4af821464e0a5ac2cde2002 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= <tim@bastelstu.be> -Date: Mon, 23 Jan 2023 21:15:24 +0100 -Subject: [PATCH] crypt: Fix validation of malformed BCrypt hashes -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -PHP’s implementation of crypt_blowfish differs from the upstream Openwall -version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt -by including a `$` character within the characters that represent the salt. - -Hashes that are affected by the “PHP Hack” may erroneously validate any -password as valid when used with `password_verify` and when comparing the -return value of `crypt()` against the input. - -The PHP Hack exists since the first version of PHP’s own crypt_blowfish -implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5. - -No clear reason is given for the PHP Hack’s existence. This commit removes it, -because BCrypt hashes containing a `$` character in their salt are not valid -BCrypt hashes. ---- - ext/standard/crypt_blowfish.c | 8 -- - .../tests/crypt/bcrypt_salt_dollar.phpt | 82 +++++++++++++++++++ - 2 files changed, 82 insertions(+), 8 deletions(-) - create mode 100644 ext/standard/tests/crypt/bcrypt_salt_dollar.phpt - -diff --git a/ext/standard/crypt_blowfish.c b/ext/standard/crypt_blowfish.c -index 3806a290aee4..351d40308089 100644 ---- a/ext/standard/crypt_blowfish.c -+++ b/ext/standard/crypt_blowfish.c -@@ -371,7 +371,6 @@ static const unsigned char BF_atoi64[0x60] = { - #define BF_safe_atoi64(dst, src) \ - { \ - tmp = (unsigned char)(src); \ -- if (tmp == '$') break; /* PHP hack */ \ - if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \ - tmp = BF_atoi64[tmp]; \ - if (tmp > 63) return -1; \ -@@ -399,13 +398,6 @@ static int BF_decode(BF_word *dst, const char *src, int size) - *dptr++ = ((c3 & 0x03) << 6) | c4; - } while (dptr < end); - -- if (end - dptr == size) { -- return -1; -- } -- -- while (dptr < end) /* PHP hack */ -- *dptr++ = 0; -- - return 0; - } - -diff --git a/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt -new file mode 100644 -index 000000000000..32e335f4b087 ---- /dev/null -+++ b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt -@@ -0,0 +1,82 @@ -+--TEST-- -+bcrypt correctly rejects salts containing $ -+--FILE-- -+<?php -+for ($i = 0; $i < 23; $i++) { -+ $salt = '$2y$04$' . str_repeat('0', $i) . '$'; -+ $result = crypt("foo", $salt); -+ var_dump($salt); -+ var_dump($result); -+ var_dump($result === $salt); -+} -+?> -+--EXPECT-- -+string(8) "$2y$04$$" -+string(2) "*0" -+bool(false) -+string(9) "$2y$04$0$" -+string(2) "*0" -+bool(false) -+string(10) "$2y$04$00$" -+string(2) "*0" -+bool(false) -+string(11) "$2y$04$000$" -+string(2) "*0" -+bool(false) -+string(12) "$2y$04$0000$" -+string(2) "*0" -+bool(false) -+string(13) "$2y$04$00000$" -+string(2) "*0" -+bool(false) -+string(14) "$2y$04$000000$" -+string(2) "*0" -+bool(false) -+string(15) "$2y$04$0000000$" -+string(2) "*0" -+bool(false) -+string(16) "$2y$04$00000000$" -+string(2) "*0" -+bool(false) -+string(17) "$2y$04$000000000$" -+string(2) "*0" -+bool(false) -+string(18) "$2y$04$0000000000$" -+string(2) "*0" -+bool(false) -+string(19) "$2y$04$00000000000$" -+string(2) "*0" -+bool(false) -+string(20) "$2y$04$000000000000$" -+string(2) "*0" -+bool(false) -+string(21) "$2y$04$0000000000000$" -+string(2) "*0" -+bool(false) -+string(22) "$2y$04$00000000000000$" -+string(2) "*0" -+bool(false) -+string(23) "$2y$04$000000000000000$" -+string(2) "*0" -+bool(false) -+string(24) "$2y$04$0000000000000000$" -+string(2) "*0" -+bool(false) -+string(25) "$2y$04$00000000000000000$" -+string(2) "*0" -+bool(false) -+string(26) "$2y$04$000000000000000000$" -+string(2) "*0" -+bool(false) -+string(27) "$2y$04$0000000000000000000$" -+string(2) "*0" -+bool(false) -+string(28) "$2y$04$00000000000000000000$" -+string(2) "*0" -+bool(false) -+string(29) "$2y$04$000000000000000000000$" -+string(2) "*0" -+bool(false) -+string(30) "$2y$04$0000000000000000000000$" -+string(60) "$2y$04$000000000000000000000u2a2UpVexIt9k3FMJeAVr3c04F5tcI8K" -+bool(false) diff --git a/source/n/php/CVE-2023-0568.patch b/source/n/php/CVE-2023-0568.patch deleted file mode 100644 index 3b8440926..000000000 --- a/source/n/php/CVE-2023-0568.patch +++ /dev/null @@ -1,62 +0,0 @@ -From c0fceebfa195b8e56a7108cb731b5ea7afbef70c Mon Sep 17 00:00:00 2001 -From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> -Date: Fri, 27 Jan 2023 19:28:27 +0100 -Subject: [PATCH] Fix array overrun when appending slash to paths - -Fix it by extending the array sizes by one character. As the input is -limited to the maximum path length, there will always be place to append -the slash. As the php_check_specific_open_basedir() simply uses the -strings to compare against each other, no new failures related to too -long paths are introduced. -We'll let the DOM and XML case handle a potentially too long path in the -library code. ---- - ext/dom/document.c | 2 +- - ext/xmlreader/php_xmlreader.c | 2 +- - main/fopen_wrappers.c | 6 +++--- - 3 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/ext/dom/document.c b/ext/dom/document.c -index 4dee5548f188..c60198a3be11 100644 ---- a/ext/dom/document.c -+++ b/ext/dom/document.c -@@ -1182,7 +1182,7 @@ static xmlDocPtr dom_document_parser(zval *id, int mode, char *source, size_t so - int validate, recover, resolve_externals, keep_blanks, substitute_ent; - int resolved_path_len; - int old_error_reporting = 0; -- char *directory=NULL, resolved_path[MAXPATHLEN]; -+ char *directory=NULL, resolved_path[MAXPATHLEN + 1]; - - if (id != NULL) { - intern = Z_DOMOBJ_P(id); -diff --git a/ext/xmlreader/php_xmlreader.c b/ext/xmlreader/php_xmlreader.c -index c17884d960cb..39141c8c1223 100644 ---- a/ext/xmlreader/php_xmlreader.c -+++ b/ext/xmlreader/php_xmlreader.c -@@ -1017,7 +1017,7 @@ PHP_METHOD(XMLReader, XML) - xmlreader_object *intern = NULL; - char *source, *uri = NULL, *encoding = NULL; - int resolved_path_len, ret = 0; -- char *directory=NULL, resolved_path[MAXPATHLEN]; -+ char *directory=NULL, resolved_path[MAXPATHLEN + 1]; - xmlParserInputBufferPtr inputbfr; - xmlTextReaderPtr reader; - -diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c -index f6ce26e104be..12cc9c8b10c0 100644 ---- a/main/fopen_wrappers.c -+++ b/main/fopen_wrappers.c -@@ -129,10 +129,10 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir) - */ - PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path) - { -- char resolved_name[MAXPATHLEN]; -- char resolved_basedir[MAXPATHLEN]; -+ char resolved_name[MAXPATHLEN + 1]; -+ char resolved_basedir[MAXPATHLEN + 1]; - char local_open_basedir[MAXPATHLEN]; -- char path_tmp[MAXPATHLEN]; -+ char path_tmp[MAXPATHLEN + 1]; - char *path_file; - size_t resolved_basedir_len; - size_t resolved_name_len; diff --git a/source/n/php/CVE-2023-0662.patch b/source/n/php/CVE-2023-0662.patch deleted file mode 100644 index e9cada2c9..000000000 --- a/source/n/php/CVE-2023-0662.patch +++ /dev/null @@ -1,411 +0,0 @@ -From 716de0cff539f46294ef70fe75d548cd66766370 Mon Sep 17 00:00:00 2001 -From: Jakub Zelenka <bukka@php.net> -Date: Thu, 19 Jan 2023 14:31:25 +0000 -Subject: [PATCH] Introduce max_multipart_body_parts INI - -This fixes GHSA-54hq-v5wp-fqgv DOS vulnerabality by limitting number of -parsed multipart body parts as currently all parts were always parsed. ---- - main/main.c | 1 + - main/rfc1867.c | 11 ++ - ...-54hq-v5wp-fqgv-max-body-parts-custom.phpt | 53 +++++++++ - ...54hq-v5wp-fqgv-max-body-parts-default.phpt | 54 +++++++++ - .../ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt | 52 +++++++++ - sapi/fpm/tests/tester.inc | 106 +++++++++++++++--- - 6 files changed, 262 insertions(+), 15 deletions(-) - create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt - create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt - create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt - -diff --git a/main/main.c b/main/main.c -index 40684f32dc14..c58ea58bf5ac 100644 ---- a/main/main.c -+++ b/main/main.c -@@ -751,6 +751,7 @@ PHP_INI_BEGIN() - PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, NULL) - PHP_INI_ENTRY("disable_classes", "", PHP_INI_SYSTEM, NULL) - PHP_INI_ENTRY("max_file_uploads", "20", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL) -+ PHP_INI_ENTRY("max_multipart_body_parts", "-1", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL) - - STD_PHP_INI_BOOLEAN("allow_url_fopen", "1", PHP_INI_SYSTEM, OnUpdateBool, allow_url_fopen, php_core_globals, core_globals) - STD_PHP_INI_BOOLEAN("allow_url_include", "0", PHP_INI_SYSTEM, OnUpdateBool, allow_url_include, php_core_globals, core_globals) -diff --git a/main/rfc1867.c b/main/rfc1867.c -index b43cfae5a1e2..3086e8da3dbe 100644 ---- a/main/rfc1867.c -+++ b/main/rfc1867.c -@@ -687,6 +687,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - void *event_extra_data = NULL; - unsigned int llen = 0; - int upload_cnt = INI_INT("max_file_uploads"); -+ int body_parts_cnt = INI_INT("max_multipart_body_parts"); - const zend_encoding *internal_encoding = zend_multibyte_get_internal_encoding(); - php_rfc1867_getword_t getword; - php_rfc1867_getword_conf_t getword_conf; -@@ -708,6 +709,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - return; - } - -+ if (body_parts_cnt < 0) { -+ body_parts_cnt = PG(max_input_vars) + upload_cnt; -+ } -+ int body_parts_limit = body_parts_cnt; -+ - /* Get the boundary */ - boundary = strstr(content_type_dup, "boundary"); - if (!boundary) { -@@ -792,6 +798,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - char *pair = NULL; - int end = 0; - -+ if (--body_parts_cnt < 0) { -+ php_error_docref(NULL, E_WARNING, "Multipart body parts limit exceeded %d. To increase the limit change max_multipart_body_parts in php.ini.", body_parts_limit); -+ goto fileupload_done; -+ } -+ - while (isspace(*cd)) { - ++cd; - } -#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt -#new file mode 100644 -#index 000000000000..d2239ac3c410 -#--- /dev/null -#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt -#@@ -0,0 +1,53 @@ -#+--TEST-- -#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini custom value -#+--SKIPIF-- -#+<?php include "skipif.inc"; ?> -#+--FILE-- -#+<?php -#+ -#+require_once "tester.inc"; -#+ -#+$cfg = <<<EOT -#+[global] -#+error_log = {{FILE:LOG}} -#+[unconfined] -#+listen = {{ADDR}} -#+pm = dynamic -#+pm.max_children = 5 -#+pm.start_servers = 1 -#+pm.min_spare_servers = 1 -#+pm.max_spare_servers = 3 -#+php_admin_value[html_errors] = false -#+php_admin_value[max_input_vars] = 20 -#+php_admin_value[max_file_uploads] = 5 -#+php_admin_value[max_multipart_body_parts] = 10 -#+php_flag[display_errors] = On -#+EOT; -#+ -#+$code = <<<EOT -#+<?php -#+var_dump(count(\$_POST)); -#+EOT; -#+ -#+$tester = new FPM\Tester($cfg, $code); -#+$tester->start(); -#+$tester->expectLogStartNotices(); -#+echo $tester -#+ ->request(stdin: [ -#+ 'parts' => [ -#+ 'count' => 30, -#+ ] -#+ ]) -#+ ->getBody(); -#+$tester->terminate(); -#+$tester->close(); -#+ -#+?> -#+--EXPECT-- -#+Warning: Unknown: Multipart body parts limit exceeded 10. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0 -#+int(10) -#+--CLEAN-- -#+<?php -#+require_once "tester.inc"; -#+FPM\Tester::clean(); -#+?> -#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt -#new file mode 100644 -#index 000000000000..42b5afbf9ee7 -#--- /dev/null -#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt -#@@ -0,0 +1,54 @@ -#+--TEST-- -#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini default -#+--SKIPIF-- -#+<?php include "skipif.inc"; ?> -#+--FILE-- -#+<?php -#+ -#+require_once "tester.inc"; -#+ -#+$cfg = <<<EOT -#+[global] -#+error_log = {{FILE:LOG}} -#+[unconfined] -#+listen = {{ADDR}} -#+pm = dynamic -#+pm.max_children = 5 -#+pm.start_servers = 1 -#+pm.min_spare_servers = 1 -#+pm.max_spare_servers = 3 -#+php_admin_value[html_errors] = false -#+php_admin_value[max_input_vars] = 20 -#+php_admin_value[max_file_uploads] = 5 -#+php_flag[display_errors] = On -#+EOT; -#+ -#+$code = <<<EOT -#+<?php -#+var_dump(count(\$_POST)); -#+EOT; -#+ -#+$tester = new FPM\Tester($cfg, $code); -#+$tester->start(); -#+$tester->expectLogStartNotices(); -#+echo $tester -#+ ->request(stdin: [ -#+ 'parts' => [ -#+ 'count' => 30, -#+ ] -#+ ]) -#+ ->getBody(); -#+$tester->terminate(); -#+$tester->close(); -#+ -#+?> -#+--EXPECT-- -#+Warning: Unknown: Input variables exceeded 20. To increase the limit change max_input_vars in php.ini. in Unknown on line 0 -#+ -#+Warning: Unknown: Multipart body parts limit exceeded 25. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0 -#+int(20) -#+--CLEAN-- -#+<?php -#+require_once "tester.inc"; -#+FPM\Tester::clean(); -#+?> -#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt -#new file mode 100644 -#index 000000000000..da81174c7280 -#--- /dev/null -#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt -#@@ -0,0 +1,52 @@ -#+--TEST-- -#+FPM: GHSA-54hq-v5wp-fqgv - exceeding max_file_uploads -#+--SKIPIF-- -#+<?php include "skipif.inc"; ?> -#+--FILE-- -#+<?php -#+ -#+require_once "tester.inc"; -#+ -#+$cfg = <<<EOT -#+[global] -#+error_log = {{FILE:LOG}} -#+[unconfined] -#+listen = {{ADDR}} -#+pm = dynamic -#+pm.max_children = 5 -#+pm.start_servers = 1 -#+pm.min_spare_servers = 1 -#+pm.max_spare_servers = 3 -#+php_admin_value[html_errors] = false -#+php_admin_value[max_file_uploads] = 5 -#+php_flag[display_errors] = On -#+EOT; -#+ -#+$code = <<<EOT -#+<?php -#+var_dump(count(\$_FILES)); -#+EOT; -#+ -#+$tester = new FPM\Tester($cfg, $code); -#+$tester->start(); -#+$tester->expectLogStartNotices(); -#+echo $tester -#+ ->request(stdin: [ -#+ 'parts' => [ -#+ 'count' => 10, -#+ 'param' => 'filename' -#+ ] -#+ ]) -#+ ->getBody(); -#+$tester->terminate(); -#+$tester->close(); -#+ -#+?> -#+--EXPECT-- -#+Warning: Maximum number of allowable file uploads has been exceeded in Unknown on line 0 -#+int(5) -#+--CLEAN-- -#+<?php -#+require_once "tester.inc"; -#+FPM\Tester::clean(); -#+?> -##diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc -##index 6197cdba53f5..e51aa0f69143 100644 -##--- a/sapi/fpm/tests/tester.inc -##+++ b/sapi/fpm/tests/tester.inc -#@@ -567,13 +567,17 @@ class Tester -# * @param string $query -# * @param array $headers -# * @param string|null $uri -#+ * @param string|null $scriptFilename -#+ * @param string|null $stdin -# * -# * @return array -# */ -# private function getRequestParams( -# string $query = '', -# array $headers = [], -#- string $uri = null -#+ string $uri = null, -#+ string $scriptFilename = null, -#+ ?string $stdin = null -# ): array { -# if (is_null($uri)) { -# $uri = $this->makeSourceFile(); -3@@ -582,8 +586,8 @@ class Tester -# $params = array_merge( -# [ -# 'GATEWAY_INTERFACE' => 'FastCGI/1.0', -#- 'REQUEST_METHOD' => 'GET', -#- 'SCRIPT_FILENAME' => $uri, -#+ 'REQUEST_METHOD' => is_null($stdin) ? 'GET' : 'POST', -#+ 'SCRIPT_FILENAME' => $scriptFilename ?: $uri, -# 'SCRIPT_NAME' => $uri, -# 'QUERY_STRING' => $query, -# 'REQUEST_URI' => $uri . ($query ? '?' . $query : ""), -#@@ -597,7 +601,7 @@ class Tester -# 'SERVER_PROTOCOL' => 'HTTP/1.1', -# 'DOCUMENT_ROOT' => __DIR__, -# 'CONTENT_TYPE' => '', -#- 'CONTENT_LENGTH' => 0 -#+ 'CONTENT_LENGTH' => strlen($stdin ?? "") // Default to 0 -# ], -# $headers -# ); -#@@ -607,20 +611,86 @@ class Tester -# }); -# } -# -#+ /** -#+ * Parse stdin and generate data for multipart config. -#+ * -#+ * @param array $stdin -#+ * @param array $headers -#+ * -#+ * @return void -#+ * @throws \Exception -#+ */ -#+ private function parseStdin(array $stdin, array &$headers) -#+ { -#+ $parts = $stdin['parts'] ?? null; -#+ if (empty($parts)) { -#+ throw new \Exception('The stdin array needs to contain parts'); -#+ } -#+ $boundary = $stdin['boundary'] ?? 'AaB03x'; -#+ if ( ! isset($headers['CONTENT_TYPE'])) { -#+ $headers['CONTENT_TYPE'] = 'multipart/form-data; boundary=' . $boundary; -#+ } -#+ $count = $parts['count'] ?? null; -#+ if ( ! is_null($count)) { -#+ $dispositionType = $parts['disposition'] ?? 'form-data'; -#+ $dispositionParam = $parts['param'] ?? 'name'; -#+ $namePrefix = $parts['prefix'] ?? 'f'; -#+ $nameSuffix = $parts['suffix'] ?? ''; -#+ $value = $parts['value'] ?? 'test'; -#+ $parts = []; -#+ for ($i = 0; $i < $count; $i++) { -#+ $parts[] = [ -#+ 'disposition' => $dispositionType, -#+ 'param' => $dispositionParam, -#+ 'name' => "$namePrefix$i$nameSuffix", -#+ 'value' => $value -#+ ]; -#+ } -#+ } -#+ $out = ''; -#+ $nl = "\r\n"; -#+ foreach ($parts as $part) { -#+ if (!is_array($part)) { -#+ $part = ['name' => $part]; -#+ } elseif ( ! isset($part['name'])) { -#+ throw new \Exception('Each part has to have a name'); -#+ } -#+ $name = $part['name']; -#+ $dispositionType = $part['disposition'] ?? 'form-data'; -#+ $dispositionParam = $part['param'] ?? 'name'; -#+ $value = $part['value'] ?? 'test'; -#+ $partHeaders = $part['headers'] ?? []; -#+ -#+ $out .= "--$boundary$nl"; -#+ $out .= "Content-disposition: $dispositionType; $dispositionParam=\"$name\"$nl"; -#+ foreach ($partHeaders as $headerName => $headerValue) { -#+ $out .= "$headerName: $headerValue$nl"; -#+ } -#+ $out .= $nl; -#+ $out .= "$value$nl"; -#+ } -#+ $out .= "--$boundary--$nl"; -#+ -#+ return $out; -#+ } -#+ -# /** -# * Execute request. -# * -#- * @param string $query -#- * @param array $headers -#- * @param string|null $uri -#- * @param string|null $address -#- * @param string|null $successMessage -#- * @param string|null $errorMessage -#- * @param bool $connKeepAlive -#- * @param bool $expectError -#- * @param int $readLimit -#+ * @param string $query -#+ * @param array $headers -#+ * @param string|null $uri -#+ * @param string|null $address -#+ * @param string|null $successMessage -#+ * @param string|null $errorMessage -#+ * @param bool $connKeepAlive -#+ * @param string|null $scriptFilename = null -#+ * @param string|array|null $stdin = null -#+ * @param bool $expectError -#+ * @param int $readLimit -# * -# * @return Response -#+ * @throws \Exception -# */ -# public function request( -# string $query = '', -#@@ -630,6 +700,8 @@ class Tester -# string $successMessage = null, -# string $errorMessage = null, -# bool $connKeepAlive = false, -#+ string $scriptFilename = null, -#+ string|array $stdin = null, -# bool $expectError = false, -# int $readLimit = -1, -# ): Response { -#@@ -637,12 +709,16 @@ class Tester -# return new Response(null, true); -# } -# -#- $params = $this->getRequestParams($query, $headers, $uri); -#+ if (is_array($stdin)) { -#+ $stdin = $this->parseStdin($stdin, $headers); -#+ } -#+ -#+ $params = $this->getRequestParams($query, $headers, $uri, $scriptFilename, $stdin); -# $this->trace('Request params', $params); -# -# try { -# $this->response = new Response( -#- $this->getClient($address, $connKeepAlive)->request_data($params, false, $readLimit) -#+ $this->getClient($address, $connKeepAlive)->request_data($params, $stdin, $readLimit) -# ); -# if ($expectError) { -# $this->error('Expected request error but the request was successful'); diff --git a/source/n/php/fetch-php.sh b/source/n/php/fetch-php.sh index e44524800..14eb1c5c3 100755 --- a/source/n/php/fetch-php.sh +++ b/source/n/php/fetch-php.sh @@ -1,2 +1,2 @@ -lftpget http://us.php.net/distributions/php-7.4.33.tar.xz.asc -lftpget http://us.php.net/distributions/php-7.4.33.tar.xz +lftpget http://us.php.net/distributions/php-8.2.3.tar.xz.asc +lftpget http://us.php.net/distributions/php-8.2.3.tar.xz diff --git a/source/n/php/mod_php.conf.example b/source/n/php/mod_php.conf.example index d8f96eb09..6ca1d3a87 100644 --- a/source/n/php/mod_php.conf.example +++ b/source/n/php/mod_php.conf.example @@ -3,7 +3,7 @@ # # Load the PHP module: -LoadModule php7_module lib/httpd/modules/libphp7.so +LoadModule php_module lib/httpd/modules/libphp.so # Tell Apache to feed all *.php files through PHP. If you'd like to # parse PHP embedded in files with different extensions, comment out diff --git a/source/n/php/php.SlackBuild b/source/n/php/php.SlackBuild index c54694b16..00f49b4d7 100755 --- a/source/n/php/php.SlackBuild +++ b/source/n/php/php.SlackBuild @@ -3,7 +3,7 @@ # Build and package mod_php on Slackware. # by: David Cantrell <david@slackware.com> # Modified for PHP 4-5 by volkerdi@slackware.com -# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021, 2023 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021 Patrick Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -28,7 +28,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=php VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} ALPINE=2.26 -BUILD=${BUILD:-3} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -127,11 +127,6 @@ rm -rf php-$VERSION tar xvf $CWD/php-$VERSION.tar.xz || exit 1 cd php-$VERSION || exit 1 -zcat $CWD/CVE-2022-31631.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/CVE-2023-0567.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/CVE-2023-0568.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/CVE-2023-0662.patch.gz | patch -p1 --verbose || exit 1 - # cleanup: find . -name "*.orig" -delete @@ -160,11 +155,6 @@ zcat $CWD/php-fpm.conf.diff.gz | patch -p1 --verbose || exit 1 # Fix for imap API change: zcat $CWD/php.imap.api.diff.gz | patch -p1 --verbose || exit 1 -# Use enchant-2: -zcat $CWD/php.enchant-2.patch.gz | patch -p1 --verbose || exit 1 -export ENCHANT_CFLAGS="-I/usr/include/enchant-2" -export ENCHANT_LIBS="-lenchant-2" - # Install the build folder into /usr/lib$LIBDIRSUFFIX/php/build # and adapt phpize accordingly: sed -i "s|build$|php/build|" scripts/Makefile.frag @@ -348,4 +338,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG /sbin/makepkg -l y -c n $TMP/php-$VERSION-$ARCH-$BUILD.txz - diff --git a/source/n/php/php.enchant-2.patch b/source/n/php/php.enchant-2.patch deleted file mode 100644 index 9d421c3bf..000000000 --- a/source/n/php/php.enchant-2.patch +++ /dev/null @@ -1,76 +0,0 @@ ---- php-7.4.4/ext/enchant/config.m4 2020-03-17 10:40:22.000000000 +0000 -+++ php-7.4.4/ext/enchant/config.m4 2020-03-27 21:25:27.754470703 +0000 -@@ -4,21 +4,21 @@ PHP_ARG_WITH([enchant], - [Include Enchant support])]) - - if test "$PHP_ENCHANT" != "no"; then -- PKG_CHECK_MODULES([ENCHANT], [enchant]) -+ PKG_CHECK_MODULES([ENCHANT], [enchant-2]) - - PHP_EVAL_INCLINE($ENCHANT_CFLAGS) - PHP_EVAL_LIBLINE($ENCHANT_LIBS, ENCHANT_SHARED_LIBADD) - - AC_DEFINE(HAVE_ENCHANT, 1, [ ]) - -- PHP_CHECK_LIBRARY(enchant, enchant_get_version, -+ PHP_CHECK_LIBRARY(enchant-2, enchant_get_version, - [ - AC_DEFINE(HAVE_ENCHANT_GET_VERSION, 1, [ ]) - ], [ ], [ - $ENCHANT_LIBS - ]) - -- PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param, -+ PHP_CHECK_LIBRARY(enchant-2, enchant_broker_set_param, - [ - AC_DEFINE(HAVE_ENCHANT_BROKER_SET_PARAM, 1, [ ]) - ], [ ], [ ---- a/ext/enchant/enchant.c.orig -+++ b/ext/enchant/enchant.c -@@ -738,7 +738,7 @@ - for (i = 0; i < n_sugg; i++) { - add_next_index_string(sugg, suggs[i]); - } -- enchant_dict_free_suggestions(pdict->pdict, suggs); -+ enchant_dict_free_string_list(pdict->pdict, suggs); - } - - -@@ -793,7 +793,7 @@ - add_next_index_string(return_value, suggs[i]); - } - -- enchant_dict_free_suggestions(pdict->pdict, suggs); -+ enchant_dict_free_string_list(pdict->pdict, suggs); - } - } - /* }}} */ -@@ -813,7 +813,7 @@ - - PHP_ENCHANT_GET_DICT; - -- enchant_dict_add_to_personal(pdict->pdict, word, wordlen); -+ enchant_dict_add(pdict->pdict, word, wordlen); - } - /* }}} */ - -@@ -851,7 +851,7 @@ - - PHP_ENCHANT_GET_DICT; - -- RETURN_BOOL(enchant_dict_is_in_session(pdict->pdict, word, wordlen)); -+ RETURN_BOOL(enchant_dict_is_added(pdict->pdict, word, wordlen)); - } - /* }}} */ - ---- php-7.4.4/build/php.m4 2020-03-17 06:40:21.000000000 -0400 -+++ php-7.4.4/build/php.m4 2020-04-05 09:27:14.634620646 -0400 -@@ -1541,7 +1541,7 @@ AC_DEFUN([PHP_CHECK_LIBRARY], [ - ],[ - LDFLAGS=$save_old_LDFLAGS - ext_shared=$save_ext_shared -- unset ac_cv_lib_$1[]_$2 -+ unset ac_cv_lib_[]translit($1, -, _)_$2 - $4 - ])dnl - ]) diff --git a/source/n/php/php.ini-development.diff b/source/n/php/php.ini-development.diff index ce12f5a4b..4240941e0 100644 --- a/source/n/php/php.ini-development.diff +++ b/source/n/php/php.ini-development.diff @@ -1,6 +1,6 @@ ---- ./php.ini-development.orig 2020-05-12 03:09:16.000000000 -0500 -+++ ./php.ini-development 2020-05-12 14:14:32.901530776 -0500 -@@ -899,7 +899,50 @@ +--- ./php.ini-development.orig 2021-11-23 12:56:11.000000000 -0600 ++++ ./php.ini-development 2021-11-29 13:08:24.467109377 -0600 +@@ -905,7 +905,50 @@ ; 'extension='php_<ext>.dll') is supported for legacy reasons and may be ; deprecated in a future PHP major version. So, when it is possible, please ; move to the new ('extension=<ext>) syntax. @@ -51,10 +51,10 @@ ; Notes for Windows environments : ; ; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) -@@ -1335,7 +1378,7 @@ +@@ -1350,7 +1393,7 @@ ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. - ; http://php.net/session.save-path + ; https://php.net/session.save-path -;session.save_path = "/tmp" +session.save_path = "/var/lib/php" |