17362112 problem in UTILITY/PHP
18083695 problem in UTILITY/PHP
18181920 remove BUILD_VERSION from php package manifests
18368537 problem in UTILITY/PHP
18368630 problem in UTILITY/PHP
--- a/components/apache2/apache-22.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/apache2/apache-22.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
#
<transform file path=usr.*/man/.+ -> default mangler.man.stability uncommitted>
set name=pkg.fmri \
@@ -672,4 +672,4 @@
fmri=web/server/apache-22/module/[email protected]
depend type=conditional \
predicate=web/php-53 \
- fmri=web/server/apache-22/module/[email protected]
+ fmri=web/server/apache-22/module/[email protected]
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_2/php-sapi/patches/30_php_17362112.patch Fri Apr 18 11:03:12 2014 -0700
@@ -0,0 +1,198 @@
+Fix for CVE-2013-4248
+Patch:
+http://git.php.net/?p=php-src.git;a=patch;h=2874696a5a8d46639d261571f915c493cd875897
+Code:
+http://git.php.net/?p=php-src.git;a=commit;h=2874696a5a8d46639d261571f915c493cd875897
+This patch is for php 5.4 code but works well enough on php 5.2 code.
+Verified by hand that it patches the correct code.
+
+
+
+From 2874696a5a8d46639d261571f915c493cd875897 Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <[email protected]>
+Date: Tue, 13 Aug 2013 22:20:33 -0700
+Subject: [PATCH] Fix CVE-2013-4073 - handling of certs with null bytes
+
+---
+ NEWS | 4 ++
+ ext/openssl/openssl.c | 86 ++++++++++++++++++++++++++++++++++++-
+ ext/openssl/tests/cve2013_4073.pem | 28 ++++++++++++
+ ext/openssl/tests/cve2013_4073.phpt | 19 ++++++++
+ 4 files changed, 135 insertions(+), 2 deletions(-)
+ create mode 100644 ext/openssl/tests/cve2013_4073.pem
+ create mode 100644 ext/openssl/tests/cve2013_4073.phpt
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index d7ac117..c32748c 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -1398,6 +1398,74 @@ PHP_FUNCTION(openssl_x509_check_private_key)
+ }
+ /* }}} */
+
++/* Special handling of subjectAltName, see CVE-2013-4073
++ * Christian Heimes
++ */
++
++static int openssl_x509v3_subjectAltName(BIO *bio, X509_EXTENSION *extension)
++{
++ GENERAL_NAMES *names;
++ const X509V3_EXT_METHOD *method = NULL;
++ long i, length, num;
++ const unsigned char *p;
++
++ method = X509V3_EXT_get(extension);
++ if (method == NULL) {
++ return -1;
++ }
++
++ p = extension->value->data;
++ length = extension->value->length;
++ if (method->it) {
++ names = (GENERAL_NAMES*)(ASN1_item_d2i(NULL, &p, length,
++ ASN1_ITEM_ptr(method->it)));
++ } else {
++ names = (GENERAL_NAMES*)(method->d2i(NULL, &p, length));
++ }
++ if (names == NULL) {
++ return -1;
++ }
++
++ num = sk_GENERAL_NAME_num(names);
++ for (i = 0; i < num; i++) {
++ GENERAL_NAME *name;
++ ASN1_STRING *as;
++ name = sk_GENERAL_NAME_value(names, i);
++ switch (name->type) {
++ case GEN_EMAIL:
++ BIO_puts(bio, "email:");
++ as = name->d.rfc822Name;
++ BIO_write(bio, ASN1_STRING_data(as),
++ ASN1_STRING_length(as));
++ break;
++ case GEN_DNS:
++ BIO_puts(bio, "DNS:");
++ as = name->d.dNSName;
++ BIO_write(bio, ASN1_STRING_data(as),
++ ASN1_STRING_length(as));
++ break;
++ case GEN_URI:
++ BIO_puts(bio, "URI:");
++ as = name->d.uniformResourceIdentifier;
++ BIO_write(bio, ASN1_STRING_data(as),
++ ASN1_STRING_length(as));
++ break;
++ default:
++ /* use builtin print for GEN_OTHERNAME, GEN_X400,
++ * GEN_EDIPARTY, GEN_DIRNAME, GEN_IPADD and GEN_RID
++ */
++ GENERAL_NAME_print(bio, name);
++ }
++ /* trailing ', ' except for last element */
++ if (i < (num - 1)) {
++ BIO_puts(bio, ", ");
++ }
++ }
++ sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
++
++ return 0;
++}
++
+ /* {{{ proto array openssl_x509_parse(mixed x509 [, bool shortnames=true])
+ Returns an array of the fields/values of the CERT */
+ PHP_FUNCTION(openssl_x509_parse)
+@@ -1494,15 +1562,29 @@ PHP_FUNCTION(openssl_x509_parse)
+
+
+ for (i = 0; i < X509_get_ext_count(cert); i++) {
++ int nid;
+ extension = X509_get_ext(cert, i);
+- if (OBJ_obj2nid(X509_EXTENSION_get_object(extension)) != NID_undef) {
++ nid = OBJ_obj2nid(X509_EXTENSION_get_object(extension));
++ if (nid != NID_undef) {
+ extname = (char *)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
+ } else {
+ OBJ_obj2txt(buf, sizeof(buf)-1, X509_EXTENSION_get_object(extension), 1);
+ extname = buf;
+ }
+ bio_out = BIO_new(BIO_s_mem());
+- if (X509V3_EXT_print(bio_out, extension, 0, 0)) {
++ if (nid == NID_subject_alt_name) {
++ if (openssl_x509v3_subjectAltName(bio_out, extension) == 0) {
++ add_assoc_stringl(subitem, extname, bio_buf->data, bio_buf->length, 1);
++ } else {
++ zval_dtor(return_value);
++ if (certresource == -1 && cert) {
++ X509_free(cert);
++ }
++ BIO_free(bio_out);
++ RETURN_FALSE;
++ }
++ }
++ else if (X509V3_EXT_print(bio_out, extension, 0, 0)) {
+ BIO_get_mem_ptr(bio_out, &bio_buf);
+ add_assoc_stringl(subitem, extname, bio_buf->data, bio_buf->length, 1);
+ } else {
+diff --git a/ext/openssl/tests/cve2013_4073.pem b/ext/openssl/tests/cve2013_4073.pem
+new file mode 100644
+index 0000000..7ebb994
+--- /dev/null
++++ b/ext/openssl/tests/cve2013_4073.pem
+@@ -0,0 +1,28 @@
++-----BEGIN CERTIFICATE-----
++MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx
++DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ
++eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg
++RGV2ZWxvcG1lbnQxJDAiBgNVBAMMG251bGwucHl0aG9uLm9yZwBleGFtcGxlLm9y
++ZzEkMCIGCSqGSIb3DQEJARYVcHl0aG9uLWRldkBweXRob24ub3JnMB4XDTEzMDgw
++NzEzMTE1MloXDTEzMDgwNzEzMTI1MlowgcUxCzAJBgNVBAYTAlVTMQ8wDQYDVQQI
++DAZPcmVnb24xEjAQBgNVBAcMCUJlYXZlcnRvbjEjMCEGA1UECgwaUHl0aG9uIFNv
++ZnR3YXJlIEZvdW5kYXRpb24xIDAeBgNVBAsMF1B5dGhvbiBDb3JlIERldmVsb3Bt
++ZW50MSQwIgYDVQQDDBtudWxsLnB5dGhvbi5vcmcAZXhhbXBsZS5vcmcxJDAiBgkq
++hkiG9w0BCQEWFXB5dGhvbi1kZXZAcHl0aG9uLm9yZzCCASIwDQYJKoZIhvcNAQEB
++BQADggEPADCCAQoCggEBALXq7cn7Rn1vO3aA3TrzA5QLp6bb7B3f/yN0CJ2XFj+j
++pHs+Gw6WWSUDpybiiKnPec33BFawq3kyblnBMjBU61ioy5HwQqVkJ8vUVjGIUq3P
++vX/wBmQfzCe4o4uM89gpHyUL9UYGG8oCRa17dgqcv7u5rg0Wq2B1rgY+nHwx3JIv
++KRrgSwyRkGzpN8WQ1yrXlxWjgI9de0mPVDDUlywcWze1q2kwaEPTM3hLAmD1PESA
++oY/n8A/RXoeeRs9i/Pm/DGUS8ZPINXk/yOzsR/XvvkTVroIeLZqfmFpnZeF0cHzL
++08LODkVJJ9zjLdT7SA4vnne4FEbAxDbKAq5qkYzaL4UCAwEAAaOB0DCBzTAMBgNV
++HRMBAf8EAjAAMB0GA1UdDgQWBBSIWlXAUv9hzVKjNQ/qWpwkOCL3XDALBgNVHQ8E
++BAMCBeAwgZAGA1UdEQSBiDCBhYIeYWx0bnVsbC5weXRob24ub3JnAGV4YW1wbGUu
++Y29tgSBudWxsQHB5dGhvbi5vcmcAdXNlckBleGFtcGxlLm9yZ4YpaHR0cDovL251
++bGwucHl0aG9uLm9yZwBodHRwOi8vZXhhbXBsZS5vcmeHBMAAAgGHECABDbgAAAAA
++AAAAAAAAAAEwDQYJKoZIhvcNAQEFBQADggEBAKxPRe99SaghcI6IWT7UNkJw9aO9
++i9eo0Fj2MUqxpKbdb9noRDy2CnHWf7EIYZ1gznXPdwzSN4YCjV5d+Q9xtBaowT0j
++HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk
++kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx
++VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW
++RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ=
++-----END CERTIFICATE-----
+diff --git a/ext/openssl/tests/cve2013_4073.phpt b/ext/openssl/tests/cve2013_4073.phpt
+new file mode 100644
+index 0000000..e676ddf
+--- /dev/null
++++ b/ext/openssl/tests/cve2013_4073.phpt
+@@ -0,0 +1,19 @@
++--TEST--
++CVE 2013-4073: Null-byte certificate handling
++--SKIPIF--
++<?php
++if (!extension_loaded("openssl")) die("skip");
++--FILE--
++<?php
++$cert = file_get_contents(__DIR__ . '/cve2013_4073.pem');
++$info = openssl_x509_parse($cert);
++var_export($info['extensions']);
++
++--EXPECTF--
++array (
++ 'basicConstraints' => 'CA:FALSE',
++ 'subjectKeyIdentifier' => '88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C',
++ 'keyUsage' => 'Digital Signature, Non Repudiation, Key Encipherment',
++ 'subjectAltName' => 'DNS:altnull.python.org' . "\0" . 'example.com, email:[email protected]' . "\0" . '[email protected], URI:http://null.python.org' . "\0" . 'http://example.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1
++',
++)
+--
+1.8.4.3
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_2/php-sapi/patches/40_php_18083695.patch Fri Apr 18 11:03:12 2014 -0700
@@ -0,0 +1,124 @@
+Fix for CVE-2013-6420
+Patch:
+http://git.php.net/?p=php-src.git;a=patch;h=c1224573c773b6845e83505f717fbf820fc18415
+Code:
+http://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415
+This patch is for php 5.3 code but works well enough on php 5.2 code.
+Verified by hand that it patches the correct code.
+
+
+
+From c1224573c773b6845e83505f717fbf820fc18415 Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <[email protected]>
+Date: Sun, 8 Dec 2013 11:40:18 -0800
+Subject: [PATCH] Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
+
+---
+ NEWS | 4 +++-
+ ext/openssl/openssl.c | 18 ++++++++++++++----
+ ext/openssl/tests/cve-2013-6420.crt | 29 +++++++++++++++++++++++++++++
+ ext/openssl/tests/cve-2013-6420.phpt | 18 ++++++++++++++++++
+ 4 files changed, 64 insertions(+), 5 deletions(-)
+ create mode 100644 ext/openssl/tests/cve-2013-6420.crt
+ create mode 100644 ext/openssl/tests/cve-2013-6420.phpt
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index e7672e4..0d2d644 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -644,18 +644,28 @@ static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /* {{{ */
+ char * thestr;
+ long gmadjust = 0;
+
+- if (timestr->length < 13) {
+- php_error_docref(NULL TSRMLS_CC, E_WARNING, "extension author too lazy to parse %s correctly", timestr->data);
++ if (ASN1_STRING_type(timestr) != V_ASN1_UTCTIME) {
++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "illegal ASN1 data type for timestamp");
+ return (time_t)-1;
+ }
+
+- strbuf = estrdup((char *)timestr->data);
++ if (ASN1_STRING_length(timestr) != strlen(ASN1_STRING_data(timestr))) {
++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "illegal length in timestamp");
++ return (time_t)-1;
++ }
++
++ if (ASN1_STRING_length(timestr) < 13) {
++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to parse time string %s correctly", timestr->data);
++ return (time_t)-1;
++ }
++
++ strbuf = estrdup((char *)ASN1_STRING_data(timestr));
+
+ memset(&thetime, 0, sizeof(thetime));
+
+ /* we work backwards so that we can use atoi more easily */
+
+- thestr = strbuf + timestr->length - 3;
++ thestr = strbuf + ASN1_STRING_length(timestr) - 3;
+
+ thetime.tm_sec = atoi(thestr);
+ *thestr = '\0';
+diff --git a/ext/openssl/tests/cve-2013-6420.crt b/ext/openssl/tests/cve-2013-6420.crt
+new file mode 100644
+index 0000000..4543314
+--- /dev/null
++++ b/ext/openssl/tests/cve-2013-6420.crt
+@@ -0,0 +1,29 @@
++-----BEGIN CERTIFICATE-----
++MIIEpDCCA4ygAwIBAgIJAJzu8r6u6eBcMA0GCSqGSIb3DQEBBQUAMIHDMQswCQYD
++VQQGEwJERTEcMBoGA1UECAwTTm9yZHJoZWluLVdlc3RmYWxlbjEQMA4GA1UEBwwH
++S8ODwrZsbjEUMBIGA1UECgwLU2VrdGlvbkVpbnMxHzAdBgNVBAsMFk1hbGljaW91
++cyBDZXJ0IFNlY3Rpb24xITAfBgNVBAMMGG1hbGljaW91cy5zZWt0aW9uZWlucy5k
++ZTEqMCgGCSqGSIb3DQEJARYbc3RlZmFuLmVzc2VyQHNla3Rpb25laW5zLmRlMHUY
++ZDE5NzAwMTAxMDAwMDAwWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAXDTE0MTEyODExMzkzNVowgcMxCzAJBgNVBAYTAkRFMRwwGgYDVQQIDBNO
++b3JkcmhlaW4tV2VzdGZhbGVuMRAwDgYDVQQHDAdLw4PCtmxuMRQwEgYDVQQKDAtT
++ZWt0aW9uRWluczEfMB0GA1UECwwWTWFsaWNpb3VzIENlcnQgU2VjdGlvbjEhMB8G
++A1UEAwwYbWFsaWNpb3VzLnNla3Rpb25laW5zLmRlMSowKAYJKoZIhvcNAQkBFhtz
++dGVmYW4uZXNzZXJAc2VrdGlvbmVpbnMuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
++DwAwggEKAoIBAQDDAf3hl7JY0XcFniyEJpSSDqn0OqBr6QP65usJPRt/8PaDoqBu
++wEYT/Na+6fsgPjC0uK9DZgWg2tHWWoanSblAMoz5PH6Z+S4SHRZ7e2dDIjPjdhjh
++0mLg2UMO5yp0V797Ggs9lNt6JRfH81MN2obXWs4NtztLMuD6egqpr8dDbr34aOs8
++pkdui5UawTZksy5pLPHq5cMhFGm06v65CLo0V2Pd9+KAokPrPcN5KLKebz7mLpk6
++SMeEXOKP4idEqxyQ7O7fBuHMedsQhu+prY3si3BUyKfQtP5CZnX2bp0wKHxX12DX
++1nfFIt9DbGvHTcyOuN+nZLPBm3vWxntyIIvVAgMBAAGjQjBAMAkGA1UdEwQCMAAw
++EQYJYIZIAYb4QgEBBAQDAgeAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEF
++BQcDAjANBgkqhkiG9w0BAQUFAAOCAQEAG0fZYYCTbdj1XYc+1SnoaPR+vI8C8CaD
++8+0UYhdnyU4gga0BAcDrY9e94eEAu6ZqycF6FjLqXXdAboppWocr6T6GD1x33Ckl
++VArzG/KxQohGD2JeqkhIMlDomxHO7ka39+Oa8i2vWLVyjU8AZvWMAruHa4EENyG7
++lW2AagaFKFCr9TnXTfrdxGVEbv7KVQ6bdhg5p5SjpWH1+Mq03uR3ZXPBYdyV8319
++o0lVj1KFI2DCL/liWisJRoof+1cR35Ctd0wYBcpB6TZslMcOPl76dwKwJgeJo2Qg
++Zsfmc2vC1/qOlNuNq/0TzzkVGv8ETT3CgaU+UXe4XOVvkccebJn2dg==
++-----END CERTIFICATE-----
++
++
+diff --git a/ext/openssl/tests/cve-2013-6420.phpt b/ext/openssl/tests/cve-2013-6420.phpt
+new file mode 100644
+index 0000000..b946cf0
+--- /dev/null
++++ b/ext/openssl/tests/cve-2013-6420.phpt
+@@ -0,0 +1,18 @@
++--TEST--
++CVE-2013-6420
++--SKIPIF--
++<?php
++if (!extension_loaded("openssl")) die("skip");
++?>
++--FILE--
++<?php
++$crt = substr(__FILE__, 0, -4).'.crt';
++$info = openssl_x509_parse("file://$crt");
++var_dump($info['issuer']['emailAddress'], $info["validFrom_time_t"]);
++?>
++Done
++--EXPECTF--
++%s openssl_x509_parse(): illegal ASN1 data type for timestamp in %s/cve-2013-6420.php on line 3
++string(27) "[email protected]"
++int(-1)
++Done
+--
+1.8.4.3
+
+
--- a/components/php-5_3/Makefile Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/Makefile Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
include ../../make-rules/shared-macros.mk
include ../../make-rules/ips.mk
@@ -115,7 +115,7 @@
# looks like i DO NEED the pear patches
COMPONENT_NAME= php
-COMPONENT_VERSION= 5.3.27
+COMPONENT_VERSION= 5.3.28
COMPONENT_PROJECT_URL= http://www.php.net/
COMPONENT_BUGDB= utility/php
--- a/components/php-5_3/apache-php53.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/apache-php53.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,13 +18,13 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
-set name=pkg.fmri value=pkg:/web/server/apache-22/module/[email protected],$(BUILD_VERSION)
+set name=pkg.fmri value=pkg:/web/server/apache-22/module/apache-php53@$(COMPONENT_VERSION),$(BUILD_VERSION)
set name=pkg.summary value="PHP Server for Apache Web Server"
set name=info.classification value="org.opensolaris.category.2008:Web Services/Application and Web Servers"
-set name=info.source-url value=http://us.php.net/get/php-5.3.27.tar.gz/from/this/mirror
+set name=info.source-url value=http://us.php.net/get/php-$(COMPONENT_VERSION).tar.gz/from/this/mirror
set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
set name=org.opensolaris.arc-caseid value=PSARC/2012/067
set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
@@ -46,7 +46,7 @@
file path=usr/apache2/2.2/libexec/mod_php5.3.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
# if php5.2 apache is present drag forward because php.conf files
# move around
--- a/components/php-5_3/php-53.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-53.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
<transform file path=usr.*/man/.+ -> default mangler.man.stability uncommitted>
@@ -26,7 +26,7 @@
<transform file path=etc/php/.* -> default mode 0644>
<transform file path=etc/php/.* -> default preserve renamenew>
-set name=pkg.fmri value=pkg:/web/[email protected],$(BUILD_VERSION)
+set name=pkg.fmri value=pkg:/web/php-53@$(COMPONENT_VERSION),$(BUILD_VERSION)
set name=pkg.description \
value="A general-purpose scripting language originally designed for web development to produce dynamic web pages."
set name=pkg.summary value="PHP Server"
@@ -34,7 +34,7 @@
value="org.opensolaris.category.2008:Development/PHP"
set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
set name=info.source-url \
- value=http://us.php.net/get/php-5.3.27.tar.bz2/from/this/mirror
+ value=http://us.php.net/get/php-$(COMPONENT_VERSION).tar.bz2/from/this/mirror
set name=org.opensolaris.arc-caseid value=PSARC/2012/067
set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
@@ -488,7 +488,7 @@
depend fmri=pkg:/web/php-common type=require
# if php5.2 is present drag forward because of /usr/php/* mediated links
-depend fmri=pkg:/web/[email protected],$(BUILD_VERSION) type=optional
+depend fmri=pkg:/web/[email protected] type=optional
# if php5.2's apache module is present then make sure
# php5.3's apache module is installed
--- a/components/php-5_3/php-apc.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-apc.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
@@ -58,4 +58,4 @@
file path=usr/php/5.3/zts-modules/apc.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-5_3/php-cgi/Makefile Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-cgi/Makefile Fri Apr 18 11:03:12 2014 -0700
@@ -18,26 +18,27 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
include ../../../make-rules/shared-macros.mk
COMPONENT_NAME= php
-COMPONENT_VERSION= 5.3.27
+COMPONENT_VERSION= 5.3.28
COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.bz2
COMPONENT_ARCHIVE_HASH= \
- sha256:e12db21c623b82a2244c4dd9b06bb75af20868c1b748a105a6829a5acc36b287
+ sha256:0cac960c651c4fbb3d21cf2f2b279a06e21948fb35a0d1439b97296cac1d8513
COMPONENT_ARCHIVE_URL= http://us.php.net/get/$(COMPONENT_ARCHIVE)/from/this/mirror
PATCH_DIR = ../php-sapi/patches
+include ../php-sapi/php.mk
+
include $(WS_TOP)/make-rules/prep.mk
include $(WS_TOP)/make-rules/configure.mk
include $(WS_TOP)/make-rules/ips.mk
include ../common.mk
-include ../php-sapi/php.mk
CONFIGURE_OPTIONS += \
--disable-all \
--- a/components/php-5_3/php-doc.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-doc.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,10 +18,10 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
-set name=pkg.fmri value=pkg:/web/php-53/[email protected],$(BUILD_VERSION)
+set name=pkg.fmri value=pkg:/web/php-53/documentation@$(COMPONENT_VERSION),$(BUILD_VERSION)
set name=pkg.summary value="PHP Server Documentation"
set name=info.classification \
value="org.opensolaris.category.2008:Development/PHP"
@@ -12169,4 +12169,4 @@
# if php5.2 doc is present drag forward because of /usr/php/doc
# mediated link
-depend fmri=pkg:/web/php-52/[email protected],$(BUILD_VERSION) type=optional
+depend fmri=pkg:/web/php-52/[email protected] type=optional
--- a/components/php-5_3/php-idn.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-idn.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
@@ -48,4 +48,4 @@
file path=usr/php/5.3/zts-modules/idn.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-5_3/php-memcache.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-memcache.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
@@ -57,4 +57,4 @@
file path=usr/php/5.3/zts-modules/memcache.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-5_3/php-mysql.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-mysql.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,15 +18,15 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
-set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
+set name=pkg.fmri value=pkg:/web/php-53/extension/php-mysql@$(COMPONENT_VERSION),$(BUILD_VERSION)
set name=pkg.summary value="MySQL extension module for PHP"
set name=info.classification \
value="org.opensolaris.category.2008:Development/PHP"
set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
-set name=info.source-url value=http://us.php.net/get/php-5.3.27.tar.gz/from/this/mirror
+set name=info.source-url value=http://us.php.net/get/php-$(COMPONENT_VERSION).tar.gz/from/this/mirror
set name=org.opensolaris.arc-caseid value=PSARC/2012/067
set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
@@ -56,4 +56,4 @@
file path=usr/php/5.3/zts-modules/pdo_mysql.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-5_3/php-nsapi/Makefile Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-nsapi/Makefile Fri Apr 18 11:03:12 2014 -0700
@@ -18,17 +18,17 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
include ../../../make-rules/shared-macros.mk
COMPONENT_NAME= php
-COMPONENT_VERSION= 5.3.27
+COMPONENT_VERSION= 5.3.28
COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.bz2
COMPONENT_ARCHIVE_HASH= \
- sha256:e12db21c623b82a2244c4dd9b06bb75af20868c1b748a105a6829a5acc36b287
+ sha256:0cac960c651c4fbb3d21cf2f2b279a06e21948fb35a0d1439b97296cac1d8513
COMPONENT_ARCHIVE_URL= http://us.php.net/get/$(COMPONENT_ARCHIVE)/from/this/mirror
COMPONENT_PROJECT_URL= http://www.php.net/
@@ -48,12 +48,13 @@
PATCH_DIR = ../php-sapi/patches
+include ../php-sapi/php.mk
+
include $(WS_TOP)/make-rules/prep.mk
include $(WS_TOP)/make-rules/configure.mk
include $(WS_TOP)/make-rules/ips.mk
include ../common.mk
-include ../php-sapi/php.mk
COMPONENT_POST_UNPACK_ACTION += && ( \
$(RM) -r $(COMPONENT_DIR)/$(COMPONENT_SRC_1); \
@@ -97,9 +98,9 @@
COMPONENT_POST_BUILD_ACTION = ( \
cat $(BUILD_DIR_32)/scripts/phpize | \
sed -e "s,^\#!/bin/sh,\#!$(CONFIG_SHELL)," | \
- sed -e "s%^prefix=.*%prefix=$(SOURCE_DIR)%" | \
- sed -e "s%^includedir=.*%includedir=$(SOURCE_DIR)%" | \
- sed -e "s%^phpdir=.*%phpdir=$(SOURCE_DIR)%" | \
+ sed -e "s%^prefix=.*%prefix=$(BUILD_DIR_32)%" | \
+ sed -e "s%^includedir=.*%includedir=$(BUILD_DIR_32)%" | \
+ sed -e "s%^phpdir=.*%phpdir=$(BUILD_DIR_32)%" | \
sed -e "s%phpdir/phpize.m4%phpdir/scripts/phpize.m4%" | \
sed -e 's%cd "$$phpdir" && cp $$FILES_BUILD "$$builddir"/build%cd "$$phpdir/build" \&\& cp $$FILES_BUILD "$$builddir"/build%' \
> phpize-proto.zts ; \
--- a/components/php-5_3/php-pear.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-pear.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
# All the files under /var/php are mode=0644
@@ -26,13 +26,13 @@
<transform file path=var/php/.* -> default group bin>
<transform file path=var/php/.* -> default preserve renamenew>
-set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
+set name=pkg.fmri value=pkg:/web/php-53/extension/php-pear@$(COMPONENT_VERSION),$(BUILD_VERSION)
set name=pkg.description \
value="Framework and reusable PHP components from PEAR repository for PHP"
set name=pkg.summary value="PHP Extension and Application Repository"
set name=info.classification \
value="org.opensolaris.category.2008:Development/PHP"
-set name=info.source-url value=http://us.php.net/get/php-5.3.27.tar.gz/from/this/mirror
+set name=info.source-url value=http://us.php.net/get/php-$(COMPONENT_VERSION).tar.gz/from/this/mirror
set name=info.upstream-url value=http://pear.php.net/
set name=org.opensolaris.arc-caseid value=PSARC/2012/067
set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
@@ -301,4 +301,4 @@
file path=var/php/5.3/pear/test/XML_Util/tests/testBug_5392.phpt
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-5_3/php-sapi/Makefile Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-sapi/Makefile Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
include ../../../make-rules/shared-macros.mk
@@ -29,11 +29,11 @@
# published from.
COMPONENT_NAME= php
-COMPONENT_VERSION= 5.3.27
+COMPONENT_VERSION= 5.3.28
COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.bz2
COMPONENT_ARCHIVE_HASH= \
- sha256:e12db21c623b82a2244c4dd9b06bb75af20868c1b748a105a6829a5acc36b287
+ sha256:0cac960c651c4fbb3d21cf2f2b279a06e21948fb35a0d1439b97296cac1d8513
COMPONENT_ARCHIVE_URL= http://us.php.net/get/$(COMPONENT_ARCHIVE)/from/this/mirror
COMPONENT_PROJECT_URL= http://www.php.net/
@@ -57,12 +57,14 @@
# will pick it up.
COMPONENT_ARCHIVE_URL_1=http://us.php.net/get/$(COMPONENT_ARCHIVE_1)/from/this/mirror
+include ./php.mk
+
+
include $(WS_TOP)/make-rules/prep.mk
include $(WS_TOP)/make-rules/configure.mk
include $(WS_TOP)/make-rules/ips.mk
include ../common.mk
-include ./php.mk
CONFIGURE_OPTIONS += \
$(COMMON_CONFIG_OPTIONS) \
@@ -100,9 +102,9 @@
COMPONENT_POST_BUILD_ACTION = ( \
cat $(BUILD_DIR_32)/scripts/phpize | \
sed -e "s,^\#!/bin/sh,\#!$(CONFIG_SHELL)," | \
- sed -e "s%^prefix=.*%prefix=$(SOURCE_DIR)%" | \
- sed -e "s%^includedir=.*%includedir=$(SOURCE_DIR)%" | \
- sed -e "s%^phpdir=.*%phpdir=$(SOURCE_DIR)%" | \
+ sed -e "s%^prefix=.*%prefix=$(BUILD_DIR_32)%" | \
+ sed -e "s%^includedir=.*%includedir=$(BUILD_DIR_32)%" | \
+ sed -e "s%^phpdir=.*%phpdir=$(BUILD_DIR_32)%" | \
sed -e "s%phpdir/phpize.m4%phpdir/scripts/phpize.m4%" | \
sed -e "s%$PHP_AUTOCONF || exit 1%$PHP_AUTOCONF -f || exit 1%" | \
sed -e "s%$PHP_AUTOHEADER || exit 1%$PHP_AUTOHEADER -f || exit 1%" | \
@@ -112,8 +114,8 @@
chmod 755 phpize-proto ) ; \
( cat $(BUILD_DIR_32)/scripts/php-config | \
sed -e "s,^\#! /bin/sh,\#!$(CONFIG_SHELL)," | \
- sed -e "s%^prefix=.*%prefix=$(SOURCE_DIR)%" | \
- sed -e "s%^include_dir=.*%include_dir=$(SOURCE_DIR)%" \
+ sed -e "s%^prefix=.*%prefix=$(BUILD_DIR_32)%" | \
+ sed -e "s%^include_dir=.*%include_dir=$(BUILD_DIR_32)%" \
> php-config-proto ; \
chmod 755 php-config-proto ) ; \
( cat $(BUILD_DIR_32)/scripts/php-config | \
@@ -138,8 +140,8 @@
# Ship a default php.ini to simplify ease of use.
FIX_CONFIG_FILES = ( \
- cd $(SOURCE_DIR); \
- $(GPATCH) -p0 -o php.ini-patched -i ../patches-other/php_ini.patch; \
+ cd $(BUILD_DIR_32); \
+ $(GPATCH) -p0 -o php.ini-patched -i ../../patches-other/php_ini.patch; \
$(GSED) -e "s@<<VERSION>>@$(PHP_REL)@g" < php.ini-patched > php.ini; \
$(INSTALL) -m 644 php.ini $(PROTO_DIR)/$(CONF_DIR)/php.ini; \
)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/150_php_18083695.patch Fri Apr 18 11:03:12 2014 -0700
@@ -0,0 +1,51 @@
+Fix for CVE-2013-6712
+Patch:
+http://git.php.net/?p=php-src.git;a=patch;h=12fe4e90be7bfa2a763197079f68f5568a14e071
+Code:
+http://git.php.net/?p=php-src.git;a=commitdiff;h=12fe4e90be7bfa2a763197079f68f5568a14e071
+This patch is for php 5.4 code but works well enough on php 5.3 code.
+Verified by hand that it patches the correct code.
+Slightly modified by hand to remove unnecessary parts that fail to patch.
+
+
+From 12fe4e90be7bfa2a763197079f68f5568a14e071 Mon Sep 17 00:00:00 2001
+From: Remi Collet <[email protected]>
+Date: Wed, 27 Nov 2013 11:13:16 +0100
+Subject: [PATCH] Fixed bug #66060 (Heap buffer over-read in DateInterval)
+
+---
+ NEWS | 3 +++
+ ext/date/lib/parse_iso_intervals.c | 4 ++--
+ ext/date/lib/parse_iso_intervals.re | 2 +-
+ 3 files changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/ext/date/lib/parse_iso_intervals.c b/ext/date/lib/parse_iso_intervals.c
+index bd1ad05..480ea38 100644
+--- a/ext/date/lib/parse_iso_intervals.c
++++ b/ext/date/lib/parse_iso_intervals.c
+@@ -415,7 +415,7 @@ yy6:
+ break;
+ }
+ ptr++;
+- } while (*ptr);
++ } while (!s->errors->error_count && *ptr);
+ s->have_period = 1;
+ TIMELIB_DEINIT;
+ return TIMELIB_PERIOD;
+diff --git a/ext/date/lib/parse_iso_intervals.re b/ext/date/lib/parse_iso_intervals.re
+index 56aa34d..c5e9f67 100644
+--- a/ext/date/lib/parse_iso_intervals.re
++++ b/ext/date/lib/parse_iso_intervals.re
+@@ -383,7 +383,7 @@ isoweek = year4 "-"? "W" weekofyear;
+ break;
+ }
+ ptr++;
+- } while (*ptr);
++ } while (!s->errors->error_count && *ptr);
+ s->have_period = 1;
+ TIMELIB_DEINIT;
+ return TIMELIB_PERIOD;
+--
+1.8.4.3
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/160_php_18368537.patch Fri Apr 18 11:03:12 2014 -0700
@@ -0,0 +1,190 @@
+Fix for CVE-2014-1943
+Modified version of this patch:
+http://git.php.net/?p=php-src.git;a=patch;h=fdb9b6e5ec73d37b9734c9f7c50b3946ed85b5e3
+which is for php 5.4 code.
+php 5.4 code is here:
+http://git.php.net/?p=php-src.git;a=commit;h=fdb9b6e5ec73d37b9734c9f7c50b3946ed85b5e3
+Got this verson from [email protected] who is a
+PHP community member.
+Comparing the 2 versions and this one looks believable.
+
+
+php-5.3.28-CVE-2014-1943.diff
+
+diff -Naurp php-5.3.28/ext/fileinfo/libmagic/ascmagic.c php-5.3.28.oden/ext/fileinfo/libmagic/ascmagic.c
+--- php-5.3.28/ext/fileinfo/libmagic/ascmagic.c 2013-12-10 19:04:57.000000000 +0000
++++ php-5.3.28.oden/ext/fileinfo/libmagic/ascmagic.c 2014-02-19 15:59:40.000000000 +0000
+@@ -145,7 +145,7 @@ file_ascmagic_with_encoding(struct magic
+ == NULL)
+ goto done;
+ if ((rv = file_softmagic(ms, utf8_buf,
+- (size_t)(utf8_end - utf8_buf), TEXTTEST, text)) == 0)
++ (size_t)(utf8_end - utf8_buf), 0, TEXTTEST, text)) == 0)
+ rv = -1;
+ }
+
+diff -Naurp php-5.3.28/ext/fileinfo/libmagic/file.h php-5.3.28.oden/ext/fileinfo/libmagic/file.h
+--- php-5.3.28/ext/fileinfo/libmagic/file.h 2013-12-10 19:04:57.000000000 +0000
++++ php-5.3.28.oden/ext/fileinfo/libmagic/file.h 2014-02-19 15:59:40.000000000 +0000
+@@ -414,7 +414,7 @@ protected int file_encoding(struct magic
+ unichar **, size_t *, const char **, const char **, const char **);
+ protected int file_is_tar(struct magic_set *, const unsigned char *, size_t);
+ protected int file_softmagic(struct magic_set *, const unsigned char *, size_t,
+- int, int);
++ size_t, int, int);
+ protected struct mlist *file_apprentice(struct magic_set *, const char *, int);
+ protected uint64_t file_signextend(struct magic_set *, struct magic *,
+ uint64_t);
+diff -Naurp php-5.3.28/ext/fileinfo/libmagic/funcs.c php-5.3.28.oden/ext/fileinfo/libmagic/funcs.c
+--- php-5.3.28/ext/fileinfo/libmagic/funcs.c 2013-12-10 19:04:57.000000000 +0000
++++ php-5.3.28.oden/ext/fileinfo/libmagic/funcs.c 2014-02-19 15:59:40.000000000 +0000
+@@ -235,7 +235,7 @@ file_buffer(struct magic_set *ms, php_st
+
+ /* try soft magic tests */
+ if ((ms->flags & MAGIC_NO_CHECK_SOFT) == 0)
+- if ((m = file_softmagic(ms, ubuf, nb, BINTEST,
++ if ((m = file_softmagic(ms, ubuf, nb, 0, BINTEST,
+ looks_text)) != 0) {
+ if ((ms->flags & MAGIC_DEBUG) != 0)
+ (void)fprintf(stderr, "softmagic %d\n", m);
+diff -Naurp php-5.3.28/ext/fileinfo/libmagic/softmagic.c php-5.3.28.oden/ext/fileinfo/libmagic/softmagic.c
+--- php-5.3.28/ext/fileinfo/libmagic/softmagic.c 2013-12-10 19:04:57.000000000 +0000
++++ php-5.3.28.oden/ext/fileinfo/libmagic/softmagic.c 2014-02-19 15:59:40.000000000 +0000
+@@ -48,9 +48,9 @@ FILE_RCSID("@(#)$File: softmagic.c,v 1.1
+
+
+ private int match(struct magic_set *, struct magic *, uint32_t,
+- const unsigned char *, size_t, int, int);
++ const unsigned char *, size_t, int, int, int);
+ private int mget(struct magic_set *, const unsigned char *,
+- struct magic *, size_t, unsigned int, int);
++ struct magic *, size_t, unsigned int, int, int);
+ private int magiccheck(struct magic_set *, struct magic *);
+ private int32_t mprint(struct magic_set *, struct magic *);
+ private int32_t moffset(struct magic_set *, struct magic *);
+@@ -72,13 +72,13 @@ private void cvt_64(union VALUETYPE *, c
+ /*ARGSUSED1*/ /* nbytes passed for regularity, maybe need later */
+ protected int
+ file_softmagic(struct magic_set *ms, const unsigned char *buf, size_t nbytes,
+- int mode, int text)
++ size_t level, int mode, int text)
+ {
+ struct mlist *ml;
+ int rv;
+ for (ml = ms->mlist->next; ml != ms->mlist; ml = ml->next)
+ if ((rv = match(ms, ml->magic, ml->nmagic, buf, nbytes, mode,
+- text)) != 0)
++ text, level)) != 0)
+ return rv;
+
+ return 0;
+@@ -113,7 +113,8 @@ file_softmagic(struct magic_set *ms, con
+ */
+ private int
+ match(struct magic_set *ms, struct magic *magic, uint32_t nmagic,
+- const unsigned char *s, size_t nbytes, int mode, int text)
++ const unsigned char *s, size_t nbytes, int mode, int text,
++ int recursion_level)
+ {
+ uint32_t magindex = 0;
+ unsigned int cont_level = 0;
+@@ -145,7 +146,7 @@ match(struct magic_set *ms, struct magic
+ ms->line = m->lineno;
+
+ /* if main entry matches, print it... */
+- switch (mget(ms, s, m, nbytes, cont_level, text)) {
++ switch (mget(ms, s, m, nbytes, cont_level, text, recursion_level + 1)) {
+ case -1:
+ return -1;
+ case 0:
+@@ -227,7 +228,7 @@ match(struct magic_set *ms, struct magic
+ continue;
+ }
+ #endif
+- switch (mget(ms, s, m, nbytes, cont_level, text)) {
++ switch (mget(ms, s, m, nbytes, cont_level, text, recursion_level + 1)) {
+ case -1:
+ return -1;
+ case 0:
+@@ -997,12 +998,18 @@ mcopy(struct magic_set *ms, union VALUET
+
+ private int
+ mget(struct magic_set *ms, const unsigned char *s,
+- struct magic *m, size_t nbytes, unsigned int cont_level, int text)
++ struct magic *m, size_t nbytes, unsigned int cont_level, int text,
++ int recursion_level)
+ {
+ uint32_t offset = ms->offset;
+ uint32_t count = m->str_range;
+ union VALUETYPE *p = &ms->ms_value;
+
++ if (recursion_level >= 20) {
++ file_error(ms, 0, "recursion nesting exceeded");
++ return -1;
++ }
++
+ if (mcopy(ms, p, m->type, m->flag & INDIR, s, offset, nbytes, count) == -1)
+ return -1;
+
+@@ -1550,13 +1557,15 @@ mget(struct magic_set *ms, const unsigne
+ break;
+
+ case FILE_INDIRECT:
++ if (offset == 0)
++ return 0;
+ if ((ms->flags & (MAGIC_MIME|MAGIC_APPLE)) == 0 &&
+ file_printf(ms, "%s", m->desc) == -1)
+ return -1;
+ if (nbytes < offset)
+ return 0;
+ return file_softmagic(ms, s + offset, nbytes - offset,
+- BINTEST, text);
++ recursion_level, BINTEST, text);
+
+ case FILE_DEFAULT: /* nothing to check */
+ default:
+diff -Naurp php-5.3.28/ext/fileinfo/tests/cve-2014-1943.phpt php-5.3.28.oden/ext/fileinfo/tests/cve-2014-1943.phpt
+--- php-5.3.28/ext/fileinfo/tests/cve-2014-1943.phpt 1970-01-01 00:00:00.000000000 +0000
++++ php-5.3.28.oden/ext/fileinfo/tests/cve-2014-1943.phpt 2014-02-19 16:00:20.000000000 +0000
+@@ -0,0 +1,39 @@
++--TEST--
++Bug #66731: file: infinite recursion
++--SKIPIF--
++<?php
++if (!class_exists('finfo'))
++ die('skip no fileinfo extension');
++--FILE--
++<?php
++$fd = __DIR__.'/cve-2014-1943.data';
++$fm = __DIR__.'/cve-2014-1943.magic';
++
++$a = "\105\122\000\000\000\000\000";
++$b = str_repeat("\001", 250000);
++$m = "0 byte x\n".
++ ">(1.b) indirect x\n";
++
++file_put_contents($fd, $a);
++$fi = finfo_open(FILEINFO_NONE);
++var_dump(finfo_file($fi, $fd));
++finfo_close($fi);
++
++file_put_contents($fd, $b);
++file_put_contents($fm, $m);
++$fi = finfo_open(FILEINFO_NONE, $fm);
++var_dump(finfo_file($fi, $fd));
++finfo_close($fi);
++?>
++Done
++--CLEAN--
++<?php
++@unlink(__DIR__.'/cve-2014-1943.data');
++@unlink(__DIR__.'/cve-2014-1943.magic');
++?>
++--EXPECTF--
++string(%d) "%s"
++
++Warning: finfo_file(): Failed identify data 0:(null) in %s on line %d
++bool(false)
++Done
+
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/170_php_18368630.patch Fri Apr 18 11:03:12 2014 -0700
@@ -0,0 +1,111 @@
+Fix for CVE-2014-2270
+Patch:
+http://git.php.net/?p=php-src.git;a=patch;h=a33759fd27
+Code:
+http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd27
+This patch is for php 5.5 code but works well enough on php 5.3 code.
+Verified by hand that it patches the correct code.
+Slightly modified by hand to remove unnecessary parts that fail to patch.
+
+
+
+From a33759fd275b32ed0bbe89796fe2953b3cb0b41f Mon Sep 17 00:00:00 2001
+From: Remi Collet <[email protected]>
+Date: Tue, 4 Mar 2014 20:32:52 +0100
+Subject: [PATCH] Fixed Bug #66820 out-of-bounds memory access in fileinfo
+
+Upstream fix:
+https://github.com/glensc/file/commit/447558595a3650db2886cd2f416ad0beba965801
+
+Notice, test changed, with upstream agreement:
+-define OFFSET_OOB(n, o, i) ((n) < (o) || (i) >= ((n) - (o)))
++define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o)))
+---
+ ext/fileinfo/libmagic/softmagic.c | 34 ++++++++++++++++++----------------
+ 1 file changed, 18 insertions(+), 16 deletions(-)
+
+diff --git a/ext/fileinfo/libmagic/softmagic.c b/ext/fileinfo/libmagic/softmagic.c
+index 82a470a..21fea6b 100644
+--- a/ext/fileinfo/libmagic/softmagic.c
++++ b/ext/fileinfo/libmagic/softmagic.c
+@@ -67,6 +67,8 @@ private void cvt_16(union VALUETYPE *, const struct magic *);
+ private void cvt_32(union VALUETYPE *, const struct magic *);
+ private void cvt_64(union VALUETYPE *, const struct magic *);
+
++#define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o)))
++
+ /*
+ * softmagic - lookup one file in parsed, in-memory copy of database
+ * Passed the name and FILE * of one file to be typed.
+@@ -1171,7 +1173,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ }
+ switch (cvt_flip(m->in_type, flip)) {
+ case FILE_BYTE:
+- if (nbytes < (offset + 1))
++ if (OFFSET_OOB(nbytes, offset, 1))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
+@@ -1206,7 +1208,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ offset = ~offset;
+ break;
+ case FILE_BESHORT:
+- if (nbytes < (offset + 2))
++ if (OFFSET_OOB(nbytes, offset, 2))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
+@@ -1258,7 +1260,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ offset = ~offset;
+ break;
+ case FILE_LESHORT:
+- if (nbytes < (offset + 2))
++ if (OFFSET_OOB(nbytes, offset, 2))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
+@@ -1310,7 +1312,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ offset = ~offset;
+ break;
+ case FILE_SHORT:
+- if (nbytes < (offset + 2))
++ if (OFFSET_OOB(nbytes, offset, 2))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
+@@ -1347,7 +1349,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ break;
+ case FILE_BELONG:
+ case FILE_BEID3:
+- if (nbytes < (offset + 4))
++ if (OFFSET_OOB(nbytes, offset, 4))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
+@@ -1418,7 +1420,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ break;
+ case FILE_LELONG:
+ case FILE_LEID3:
+- if (nbytes < (offset + 4))
++ if (OFFSET_OOB(nbytes, offset, 4))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
+@@ -1488,7 +1490,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ offset = ~offset;
+ break;
+ case FILE_MELONG:
+- if (nbytes < (offset + 4))
++ if (OFFSET_OOB(nbytes, offset, 4))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
+@@ -1558,7 +1560,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m,
+ offset = ~offset;
+ break;
+ case FILE_LONG:
+- if (nbytes < (offset + 4))
++ if (OFFSET_OOB(nbytes, offset, 4))
+ return 0;
+ if (off) {
+ switch (m->in_op & FILE_OPS_MASK) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/171_php_18368630.patch Fri Apr 18 11:03:12 2014 -0700
@@ -0,0 +1,63 @@
+170_php_18368630.patch continued.
+This corrects parts of the above patch because of context diffs.
+
+
+--- php-5.3.28/ext/fileinfo/libmagic/softmagic.c_orig 2013-12-10 11:04:57.000000000 -0800
++++ php-5.3.28/ext/fileinfo/libmagic/softmagic.c 2014-03-10 16:11:12.236393936 -0700
+@@ -1500,14 +1500,14 @@
+ /* Verify we have enough data to match magic type */
+ switch (m->type) {
+ case FILE_BYTE:
+- if (nbytes < (offset + 1)) /* should alway be true */
++ if (OFFSET_OOB(nbytes, offset, 1)) /* should alway be true */
+ return 0;
+ break;
+
+ case FILE_SHORT:
+ case FILE_BESHORT:
+ case FILE_LESHORT:
+- if (nbytes < (offset + 2))
++ if (OFFSET_OOB(nbytes, offset, 2))
+ return 0;
+ break;
+
+@@ -1526,26 +1526,26 @@
+ case FILE_FLOAT:
+ case FILE_BEFLOAT:
+ case FILE_LEFLOAT:
+- if (nbytes < (offset + 4))
++ if (OFFSET_OOB(nbytes, offset, 4))
+ return 0;
+ break;
+
+ case FILE_DOUBLE:
+ case FILE_BEDOUBLE:
+ case FILE_LEDOUBLE:
+- if (nbytes < (offset + 8))
++ if (OFFSET_OOB(nbytes, offset, 8))
+ return 0;
+ break;
+
+ case FILE_STRING:
+ case FILE_PSTRING:
+ case FILE_SEARCH:
+- if (nbytes < (offset + m->vallen))
++ if (OFFSET_OOB(nbytes, offset, m->vallen))
+ return 0;
+ break;
+
+ case FILE_REGEX:
+- if (nbytes < offset)
++ if (OFFSET_OOB(nbytes, offset, 0))
+ return 0;
+ break;
+
+@@ -1553,7 +1553,7 @@
+ if ((ms->flags & (MAGIC_MIME|MAGIC_APPLE)) == 0 &&
+ file_printf(ms, "%s", m->desc) == -1)
+ return -1;
+- if (nbytes < offset)
++ if (OFFSET_OOB(nbytes, offset, 0))
+ return 0;
+ return file_softmagic(ms, s + offset, nbytes - offset,
+ BINTEST, text);
--- a/components/php-5_3/php-suhosin.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-suhosin.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
@@ -48,4 +48,4 @@
file path=usr/php/5.3/zts-modules/suhosin.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-5_3/php-tcpwrap.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-tcpwrap.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
@@ -48,4 +48,4 @@
file path=usr/php/5.3/zts-modules/tcpwrap.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-5_3/php-xdebug.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-5_3/php-xdebug.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
set name=pkg.fmri value=pkg:/web/php-53/extension/[email protected],$(BUILD_VERSION)
@@ -50,4 +50,4 @@
file path=usr/php/5.3/zts-modules/xdebug.so
# need generic dependency on PHP itself
-depend fmri=web/[email protected] type=require
+depend fmri=web/php-53@$(COMPONENT_VERSION) type=require
--- a/components/php-common/php-common.p5m Fri Apr 18 06:38:30 2014 -0700
+++ b/components/php-common/php-common.p5m Fri Apr 18 11:03:12 2014 -0700
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
#
# Bypassing the mangler because the ATTRIBUTES section shouldn't include
@@ -54,7 +54,7 @@
pkg.linted.pkglint.dupaction001.1=true
# if php5.2 is present drag forward because the man page moved to here
-depend fmri=pkg:/web/[email protected],$(BUILD_VERSION) type=optional
+depend fmri=pkg:/web/[email protected] type=optional
# if php5.2 apache present drag forward because of php.conf file movement
depend fmri=pkg:/web/server/apache-22/module/[email protected] \
type=optional