Update to 7.1.7RC1

This commit is contained in:
Remi Collet 2017-06-21 11:44:16 +02:00
parent 3c6bd7c1b1
commit afbe04bb4a
4 changed files with 7 additions and 186 deletions

1
.gitignore vendored
View File

@ -24,3 +24,4 @@ php-7.0.*.xz
/php-7.1.5.tar.xz /php-7.1.5.tar.xz
/php-7.1.6RC1.tar.xz /php-7.1.6RC1.tar.xz
/php-7.1.6.tar.xz /php-7.1.6.tar.xz
/php-7.1.7RC1.tar.xz

View File

@ -1,181 +0,0 @@
From 1e0c4386ab87c6f6392933450130470cbd1a2b19 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Tue, 30 May 2017 15:35:42 +0200
Subject: [PATCH] Patch from the upstream git
https://github.com/kkos/oniguruma/issues/55 (CVE-2017-9226)
b4bf968ad52afe14e60a2dc8a95d3555c543353a Modified for onig 5.9.6
f015fbdd95f76438cd86366467bb2b39870dd7c6 Modified for onig 5.9.6
Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
---
ext/mbstring/oniguruma/regparse.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/ext/mbstring/oniguruma/regparse.c b/ext/mbstring/oniguruma/regparse.c
index bf72300..c6822e6 100644
--- a/ext/mbstring/oniguruma/regparse.c
+++ b/ext/mbstring/oniguruma/regparse.c
@@ -3064,7 +3064,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
PUNFETCH;
prev = p;
num = scan_unsigned_octal_number(&p, end, 3, enc);
- if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
+ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER;
if (p == prev) { /* can't read nothing. */
num = 0; /* but, it's not error */
}
@@ -3436,7 +3436,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_OCTAL3)) {
prev = p;
num = scan_unsigned_octal_number(&p, end, (c == '0' ? 2:3), enc);
- if (num < 0) return ONIGERR_TOO_BIG_NUMBER;
+ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER;
if (p == prev) { /* can't read nothing. */
num = 0; /* but, it's not error */
}
@@ -4084,7 +4084,11 @@ next_state_val(CClassNode* cc, OnigCodePoint *vs, OnigCodePoint v,
switch (*state) {
case CCS_VALUE:
if (*type == CCV_SB)
+ {
+ if (*vs > 0xff)
+ return ONIGERR_INVALID_CODE_POINT_VALUE;
BITSET_SET_BIT(cc->bs, (int )(*vs));
+ }
else if (*type == CCV_CODE_POINT) {
r = add_code_range(&(cc->mbuf), env, *vs, *vs);
if (r < 0) return r;
--
2.1.4
From 60b1829e1cd18facc696264fd830c4bbd593cfa9 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Tue, 30 May 2017 15:37:11 +0200
Subject: [PATCH] Patch from the upstream git
https://github.com/kkos/oniguruma/issues/57 (CVE-2017-9224)
Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
---
ext/mbstring/oniguruma/regexec.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c
index 7430d78..5e26896 100644
--- a/ext/mbstring/oniguruma/regexec.c
+++ b/ext/mbstring/oniguruma/regexec.c
@@ -1425,14 +1425,9 @@ match_at(regex_t* reg, const UChar* str, const UChar* end,
break;
case OP_EXACT1: MOP_IN(OP_EXACT1);
-#if 0
DATA_ENSURE(1);
if (*p != *s) goto fail;
p++; s++;
-#endif
- if (*p != *s++) goto fail;
- DATA_ENSURE(0);
- p++;
MOP_OUT;
break;
--
2.1.4
From 6a8ae7cf8db3ec8dabfd027e01cdbcbb52654c90 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Tue, 30 May 2017 15:38:17 +0200
Subject: [PATCH] Patch from the upstream git
https://github.com/kkos/oniguruma/issues/58 (CVE-2017-9227)
Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
---
ext/mbstring/oniguruma/regexec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c
index 5e26896..97d5f32 100644
--- a/ext/mbstring/oniguruma/regexec.c
+++ b/ext/mbstring/oniguruma/regexec.c
@@ -3123,6 +3123,8 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
}
else {
UChar *q = p + reg->dmin;
+
+ if (q >= end) return 0; /* fail */
while (p < q) p += enclen(reg->enc, p);
}
}
--
2.1.4
From 5416deec665db293ae25548828791453d776a6bf Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Tue, 30 May 2017 15:39:21 +0200
Subject: [PATCH] Patch from the upstream git
https://github.com/kkos/oniguruma/issues/59 (CVE-2017-9229)
b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6
Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
---
ext/mbstring/oniguruma/regexec.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c
index 97d5f32..42a31bd 100644
--- a/ext/mbstring/oniguruma/regexec.c
+++ b/ext/mbstring/oniguruma/regexec.c
@@ -3205,7 +3205,13 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
else {
if (reg->dmax != ONIG_INFINITE_DISTANCE) {
*low = p - reg->dmax;
- if (*low > s) {
+ if (p - str < reg->dmax) {
+ *low = (UChar* )str;
+ if (low_prev)
+ *low_prev = onigenc_get_prev_char_head(reg->enc, str, *low);
+ }
+ else {
+ if (*low > s) {
*low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s,
*low, (const UChar** )low_prev);
if (low_prev && IS_NULL(*low_prev))
@@ -3218,6 +3224,7 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
(pprev ? pprev : str), *low);
}
}
+ }
}
/* no needs to adjust *high, *high is used as range check only */
*high = p - reg->dmin;
--
2.1.4
From 1c845d295037702d63097e2216b3c5db53f79273 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Tue, 30 May 2017 15:40:32 +0200
Subject: [PATCH] Patch from the upstream git
https://github.com/kkos/oniguruma/issues/60 (CVE-2017-9228)
Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
---
ext/mbstring/oniguruma/regparse.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ext/mbstring/oniguruma/regparse.c b/ext/mbstring/oniguruma/regparse.c
index c6822e6..d2925f1 100644
--- a/ext/mbstring/oniguruma/regparse.c
+++ b/ext/mbstring/oniguruma/regparse.c
@@ -4068,7 +4068,9 @@ next_state_class(CClassNode* cc, OnigCodePoint* vs, enum CCVALTYPE* type,
}
}
- *state = CCS_VALUE;
+ if (*state != CCS_START)
+ *state = CCS_VALUE;
+
*type = CCV_CLASS;
return 0;
}
--
2.1.4

View File

@ -61,8 +61,8 @@
%global db_devel libdb-devel %global db_devel libdb-devel
%endif %endif
%global upver 7.1.6 %global upver 7.1.7
#global rcver RC1 %global rcver RC1
Summary: PHP scripting language for creating dynamic web sites Summary: PHP scripting language for creating dynamic web sites
Name: php Name: php
@ -114,7 +114,6 @@ Patch47: php-5.6.3-phpinfo.patch
# Upstream fixes (100+) # Upstream fixes (100+)
# Security fixes (200+) # Security fixes (200+)
Patch200: php-onigurama.patch
# Fixes for tests (300+) # Fixes for tests (300+)
# Factory is droped from system tzdata # Factory is droped from system tzdata
@ -724,7 +723,6 @@ httpd -V | grep -q 'threaded:.*yes' && exit 1
# upstream patches # upstream patches
# security patches # security patches
%patch200 -p1 -b .onig
# Fixes for tests # Fixes for tests
%patch300 -p1 -b .datetests %patch300 -p1 -b .datetests
@ -1508,6 +1506,9 @@ rm -f README.{Zeus,QNX,CVS-RULES}
%changelog %changelog
* Wed Jun 21 2017 Remi Collet <remi@fedoraproject.org> - 7.1.7~RC1-1
- Update to 7.1.7RC1
* Wed Jun 7 2017 Remi Collet <remi@fedoraproject.org> - 7.1.6-1 * Wed Jun 7 2017 Remi Collet <remi@fedoraproject.org> - 7.1.6-1
- Update to 7.1.6 - http://www.php.net/releases/7_1_6.php - Update to 7.1.6 - http://www.php.net/releases/7_1_6.php
- add upstream security patches for oniguruma - add upstream security patches for oniguruma

View File

@ -1 +1 @@
SHA512 (php-7.1.6.tar.xz) = b447435e8f2a28c34ca7c65e1f52147da7609f655301d7c49158052c58696a8159104c2b404d778ad4713b25df659dbc5bf186d3d1a8d51b33a03d6711e7ab65 SHA512 (php-7.1.7RC1.tar.xz) = 837a9bd825772fa09b794093eaf853d5f3f8455ad7157da32446b1c06a548bf5658ab63e00f0a30f6a34784930fd06028f0100ccb67fb86fa2701730c09b67ae