rpms
/
php
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import php-7.2.24-1.module+el8.2.0+4601+7c76a223

This commit is contained in:
CentOS Sources 2020-04-28 04:49:11 -04:00 committed by Andrew Lukoshko
parent 9b15c6be93
commit 3e68679d8e
6 changed files with 48 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/php-7.2.11.tar.xz
SOURCES/php-7.2.24.tar.xz

2
.php.metadata
View File

@ -1 +1 @@
4fd355950fdbe39cdab1b2bac03f25160bd441ec SOURCES/php-7.2.11.tar.xz
d31628bdc89a724a2a0950c2ed7d79b40cf489a7 SOURCES/php-7.2.24.tar.xz

134
SOURCES/php-7.2.11-CVE-2019-11043.patch
View File

@ -1,134 +0,0 @@
From 7a990257a05c725d53ca91bc9d080c99102f4e5e Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Mon, 21 Oct 2019 13:17:09 -0700
Subject: [PATCH] Merge branch 'PHP-7.1' into PHP-7.2
* PHP-7.1:
Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
bump versions after release
set versions for release
---
sapi/fpm/fpm/fpm_main.c | 4 +-
.../tests/bug78599-path-info-underflow.phpt | 61 +++++++++++++++++++
sapi/fpm/tests/tester.inc | 11 +++-
3 files changed, 72 insertions(+), 4 deletions(-)
create mode 100644 sapi/fpm/tests/bug78599-path-info-underflow.phpt
diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
index f0cc3a07a485..b0e6226d9ad8 100644
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@@ -1209,8 +1209,8 @@ static void init_request_info(void)
path_info = script_path_translated + ptlen;
tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0));
} else {
- path_info = env_path_info ? env_path_info + pilen - slen : NULL;
- tflag = (orig_path_info != path_info);
+ path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL;
+ tflag = path_info && (orig_path_info != path_info);
}
if (tflag) {
diff --git a/sapi/fpm/tests/bug78599-path-info-underflow.phpt b/sapi/fpm/tests/bug78599-path-info-underflow.phpt
new file mode 100644
index 000000000000..edd4e0d49699
--- /dev/null
+++ b/sapi/fpm/tests/bug78599-path-info-underflow.phpt
@@ -0,0 +1,61 @@
+--TEST--
+FPM: bug78599 - env_path_info underflow - CVE-2019-11043
+--SKIPIF--
+<?php include "skipif.inc"; ?>
+--FILE--
+<?php
+
+require_once "tester.inc";
+
+$cfg = <<<EOT
+[global]
+error_log = {{FILE:LOG}}
+[unconfined]
+listen = {{ADDR}}
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 1
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+EOT;
+
+$code = <<<EOT
+<?php
+echo "Test Start\n";
+var_dump(\$_SERVER["PATH_INFO"]);
+echo "Test End\n";
+EOT;
+
+$tester = new FPM\Tester($cfg, $code);
+$tester->start();
+$tester->expectLogStartNotices();
+$uri = $tester->makeSourceFile();
+$tester
+ ->request(
+ '',
+ [
+ 'SCRIPT_FILENAME' => $uri . "/" . str_repeat('A', 35),
+ 'PATH_INFO' => '',
+ 'HTTP_HUI' => str_repeat('PTEST', 1000),
+ ],
+ $uri
+ )
+ ->expectBody(
+ [
+ 'Test Start',
+ 'string(0) ""',
+ 'Test End'
+ ]
+ );
+$tester->terminate();
+$tester->close();
+
+?>
+Done
+--EXPECT--
+Done
+--CLEAN--
+<?php
+require_once "tester.inc";
+FPM\Tester::clean();
+?>
diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc
index 70c03ad70f1c..3b6702866cc1 100644
--- a/sapi/fpm/tests/tester.inc
+++ b/sapi/fpm/tests/tester.inc
@@ -513,7 +513,7 @@ class Tester
return new Response(null, true);
}
if (is_null($uri)) {
- $uri = $this->makeFile('src.php', $this->code);
+ $uri = $this->makeSourceFile();
}
$params = array_merge(
@@ -538,7 +538,6 @@ class Tester
],
$headers
);
-
try {
$this->response = new Response(
$this->getClient($address, $connKeepAlive)->request_data($params, false)
@@ -944,6 +943,14 @@ class Tester
return $filePath;
}
+ /**
+ * @return string
+ */
+ public function makeSourceFile()
+ {
+ return $this->makeFile('src.php', $this->code);
+ }
+
/**
* @param string|null $msg
*/

11
SOURCES/php-5.4.0-phpize.patch → SOURCES/php-7.2.12-phpize.patch
View File

@ -1,6 +1,7 @@
--- php-5.4.0RC5/scripts/phpize.in.orig 2012-01-18 17:13:54.018022983 +0100
+++ php-5.4.0RC5/scripts/phpize.in 2012-01-18 17:14:40.614024941 +0100
@@ -162,6 +162,15 @@
diff -up php-7.2.12RC1/scripts/phpize.in.headers php-7.2.12RC1/scripts/phpize.in
--- php-7.2.12RC1/scripts/phpize.in.headers 2018-10-23 11:47:43.000000000 +0200
+++ php-7.2.12RC1/scripts/phpize.in 2018-10-23 11:49:51.651818777 +0200
@@ -162,6 +162,15 @@ phpize_autotools()
$PHP_AUTOHEADER || exit 1
}
@ -15,8 +16,8 @@
+
# Main script
case "$1" in
@@ -180,12 +189,15 @@
case "$1" in
@@ -180,12 +189,15 @@ case "$1" in
# Version
--version|-v)

50
SOURCES/php-7.2.3-systzdata-v16.patch → SOURCES/php-7.2.16-systzdata-v17.patch
View File

@ -5,6 +5,7 @@ Add support for use of the system timezone database, rather
than embedding a copy. Discussed upstream but was not desired.
History:
r17: adapt for autotool change in 7.2.16RC1
r16: adapt for timelib 2017.06 (in 7.2.3RC1)
r15: adapt for timelib 2017.05beta7 (in 7.2.0RC1)
r14: improve check for valid tz file
@ -27,9 +28,32 @@ r3: fix a crash if /usr/share/zoneinfo doesn't exist (Raphael Geissert)
r2: add filesystem trawl to set up name alias index
r1: initial revision
diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/lib/parse_tz.c
--- php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata 2018-02-13 20:18:34.000000000 +0100
+++ php-7.2.3RC1/ext/date/lib/parse_tz.c 2018-02-14 06:14:23.484804852 +0100
diff -up php-7.2.16RC1/ext/date/config0.m4.systzdata php-7.2.16RC1/ext/date/config0.m4
--- php-7.2.16RC1/ext/date/config0.m4.systzdata 2019-02-19 11:22:22.223741585 +0100
+++ php-7.2.16RC1/ext/date/config0.m4 2019-02-19 11:23:05.089111556 +0100
@@ -10,6 +10,19 @@ io.h
dnl Check for strtoll, atoll
AC_CHECK_FUNCS(strtoll atoll)
+PHP_ARG_WITH(system-tzdata, for use of system timezone data,
+[ --with-system-tzdata[=DIR] to specify use of system timezone data],
+no, no)
+
+if test "$PHP_SYSTEM_TZDATA" != "no"; then
+ AC_DEFINE(HAVE_SYSTEM_TZDATA, 1, [Define if system timezone data is used])
+
+ if test "$PHP_SYSTEM_TZDATA" != "yes"; then
+ AC_DEFINE_UNQUOTED(HAVE_SYSTEM_TZDATA_PREFIX, "$PHP_SYSTEM_TZDATA",
+ [Define for location of system timezone data])
+ fi
+fi
+
PHP_DATE_CFLAGS="-I@ext_builddir@/lib -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1 -DHAVE_TIMELIB_CONFIG_H=1"
timelib_sources="lib/astro.c lib/dow.c lib/parse_date.c lib/parse_tz.c
lib/timelib.c lib/tm2unixtime.c lib/unixtime2tm.c lib/parse_iso_intervals.c lib/interval.c"
diff -up php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.16RC1/ext/date/lib/parse_tz.c
--- php-7.2.16RC1/ext/date/lib/parse_tz.c.systzdata 2019-02-19 11:13:22.000000000 +0100
+++ php-7.2.16RC1/ext/date/lib/parse_tz.c 2019-02-19 11:19:40.245313535 +0100
@@ -25,8 +25,21 @@
#include "timelib.h"
#include "timelib_private.h"
@ -632,23 +656,3 @@ diff -up php-7.2.3RC1/ext/date/lib/parse_tz.c.systzdata php-7.2.3RC1/ext/date/li
} else {
*error_code = TIMELIB_ERROR_NO_SUCH_TIMEZONE;
tmp = NULL;
diff -up php-7.2.3RC1/ext/date/lib/timelib.m4.systzdata php-7.2.3RC1/ext/date/lib/timelib.m4
--- php-7.2.3RC1/ext/date/lib/timelib.m4.systzdata 2018-02-13 20:18:34.000000000 +0100
+++ php-7.2.3RC1/ext/date/lib/timelib.m4 2018-02-14 06:11:54.273089963 +0100
@@ -81,3 +81,16 @@ io.h
dnl Check for strtoll, atoll
AC_CHECK_FUNCS(strtoll atoll strftime gettimeofday)
+
+PHP_ARG_WITH(system-tzdata, for use of system timezone data,
+[ --with-system-tzdata[=DIR] to specify use of system timezone data],
+no, no)
+
+if test "$PHP_SYSTEM_TZDATA" != "no"; then
+ AC_DEFINE(HAVE_SYSTEM_TZDATA, 1, [Define if system timezone data is used])
+
+ if test "$PHP_SYSTEM_TZDATA" != "yes"; then
+ AC_DEFINE_UNQUOTED(HAVE_SYSTEM_TZDATA_PREFIX, "$PHP_SYSTEM_TZDATA",
+ [Define for location of system timezone data])
+ fi
+fi

21
SPECS/php.spec
View File

@ -60,13 +60,12 @@
%global with_tidy 0
%endif
%global upver 7.2.11
#global rcver RC1
%global upver 7.2.24
Summary: PHP scripting language for creating dynamic web sites
Name: php
Version: %{upver}%{?rcver:~%{rcver}}
Release: 4%{?dist}
Release: 1%{?dist}
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
# TSRM is licensed under BSD
@ -101,9 +100,9 @@ Patch8: php-7.2.0-libdb.patch
# Functional changes
Patch40: php-7.2.4-dlopen.patch
Patch42: php-7.2.3-systzdata-v16.patch
Patch42: php-7.2.16-systzdata-v17.patch
# See http://bugs.php.net/53436
Patch43: php-5.4.0-phpize.patch
Patch43: php-7.2.12-phpize.patch
# Use -lldap_r for OpenLDAP
Patch45: php-7.2.3-ldap_r.patch
# Make php_config.h constant across builds
@ -116,7 +115,6 @@ Patch48: php-7.2.7-getallheaders.patch
# Upstream fixes (100+)
# Security fixes (200+)
Patch200: php-7.2.11-CVE-2019-11043.patch
# Fixes for tests (300+)
# Factory is droped from system tzdata
@ -603,7 +601,7 @@ Provides: php-pdo_dblib, php-pdo_dblib%{?_isa}
%description pdo-dblib
The php-pdo-dblib package contains a dynamic shared object
that implements the PHP Data Objects (PDO) interface to enable access from
PHP to Microsoft SQL Server and Sybase databases through the FreeTDS libary.
PHP to Microsoft SQL Server and Sybase databases through the FreeTDS library.
%endif
%package embedded
@ -719,7 +717,6 @@ low-level PHP extension for the libsodium cryptographic library.
# upstream patches
# security patches
%patch200 -p1 -b .cve11043
# Fixes for tests
%patch300 -p1 -b .datetests
@ -753,8 +750,13 @@ mkdir build-cgi build-apache build-embedded \
rm ext/date/tests/timezone_location_get.phpt
rm ext/date/tests/timezone_version_get.phpt
rm ext/date/tests/timezone_version_get_basic1.phpt
rm ext/date/tests/bug33414-1.phpt
rm ext/date/tests/bug33415-2.phpt
rm ext/date/tests/date_modify-1.phpt
# fails sometime
rm ext/date/tests/bug73837.phpt
rm ext/sockets/tests/mcast_ipv?_recv.phpt
rm sapi/cli/tests/upload_2G.phpt
# cause stack exhausion
rm Zend/tests/bug54268.phpt
rm Zend/tests/bug68412.phpt
@ -1567,6 +1569,9 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
%changelog
* Thu Nov 7 2019 Remi Collet <rcollet@redhat.com> - 7.2.24-1
- update to 7.2.24 #1726981
* Tue Oct 29 2019 Remi Collet <rcollet@redhat.com> - 7.2.11-4
- fix underflow in env_path_info in fpm_main.c CVE-2019-11043