From: Stanislav Malyshev Date: Tue, 4 Aug 2015 21:10:57 +0000 (-0700) Subject: Merge branch 'PHP-5.4' into PHP-5.5 X-Git-Tag: php-5.5.28~5 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=69ed3969dd3b00feaa62f611c5095e27ba96274d;p=php Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: .gitignore ext/date/php_date.c ext/spl/spl_array.c ext/spl/spl_observer.c --- 69ed3969dd3b00feaa62f611c5095e27ba96274d diff --cc .gitignore index f696b15ebf,46cddfb00a..9a6319597b --- a/.gitignore +++ b/.gitignore @@@ -19,7 -19,8 +19,10 @@@ *.tgz *.tar.gz *.tar.bz2 +*.tar.xz + *.tar.gz.asc + *.tar.bz2.asc ++*.tar.xz.asc .FBCIndex .FBCLockFolder .deps diff --cc Zend/zend_exceptions.c index f7eac9212c,82b777a958..806c2ef9e3 --- a/Zend/zend_exceptions.c +++ b/Zend/zend_exceptions.c @@@ -586,9 -613,9 +613,9 @@@ ZEND_METHOD(exception, getTraceAsString int res_len = 0, *len = &res_len, num = 0; DEFAULT_0_PARAMS; - + trace = zend_read_property(default_exception_ce, getThis(), "trace", sizeof("trace")-1, 1 TSRMLS_CC); - if(Z_TYPE_P(trace) != IS_ARRAY) { + if (Z_TYPE_P(trace) != IS_ARRAY) { RETURN_FALSE; } diff --cc ext/date/php_date.c index 5071e2eef0,dcd1b74fe4..47f78a22cd --- a/ext/date/php_date.c +++ b/ext/date/php_date.c @@@ -2307,10 -2209,10 +2307,10 @@@ static zend_object_value date_object_cl case TIMELIB_ZONETYPE_ABBR: new_obj->tzi.z.utc_offset = old_obj->tzi.z.utc_offset; new_obj->tzi.z.dst = old_obj->tzi.z.dst; - new_obj->tzi.z.abbr = old_obj->tzi.z.abbr; + new_obj->tzi.z.abbr = strdup(old_obj->tzi.z.abbr); break; } - + return new_ov; } @@@ -3512,23 -3123,8 +3512,23 @@@ static void php_date_isodate_set(zval * memset(&dateobj->time->relative, 0, sizeof(dateobj->time->relative)); dateobj->time->relative.d = timelib_daynr_from_weeknr(y, w, d); dateobj->time->have_relative = 1; - + timelib_update_ts(dateobj->time, NULL); +} + +/* {{{ proto DateTime date_isodate_set(DateTime object, long year, long week[, long day]) + Sets the ISO date. +*/ +PHP_FUNCTION(date_isodate_set) +{ + zval *object; + long y, w, d = 1; + + if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Oll|l", &object, date_ce_date, &y, &w, &d) == FAILURE) { + RETURN_FALSE; + } + + php_date_isodate_set(object, y, w, d, return_value TSRMLS_CC); RETURN_ZVAL(object, 1, 0); } @@@ -3699,13 -3257,18 +3699,13 @@@ PHP_METHOD(DateTimeZone, __construct { char *tz; int tz_len; - timelib_tzinfo *tzi = NULL; php_timezone_obj *tzobj; zend_error_handling error_handling; - + zend_replace_error_handling(EH_THROW, NULL, &error_handling TSRMLS_CC); if (SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &tz, &tz_len)) { - if (SUCCESS == timezone_initialize(&tzi, tz TSRMLS_CC)) { - tzobj = zend_object_store_get_object(getThis() TSRMLS_CC); - tzobj->type = TIMELIB_ZONETYPE_ID; - tzobj->tzi.tz = tzi; - tzobj->initialized = 1; - } else { + tzobj = zend_object_store_get_object(getThis() TSRMLS_CC); + if (FAILURE == timezone_initialize(tzobj, tz TSRMLS_CC)) { ZVAL_NULL(getThis()); } } @@@ -4381,12 -3895,12 +4387,12 @@@ PHP_METHOD(DatePeriod, __construct int isostr_len = 0; timelib_time *clone; zend_error_handling error_handling; - + zend_replace_error_handling(EH_THROW, NULL, &error_handling TSRMLS_CC); - if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "OOl|l", &start, date_ce_date, &interval, date_ce_interval, &recurrences, &options) == FAILURE) { - if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "OOO|l", &start, date_ce_date, &interval, date_ce_interval, &end, date_ce_date, &options) == FAILURE) { + if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "OOl|l", &start, date_ce_interface, &interval, date_ce_interval, &recurrences, &options) == FAILURE) { + if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "OOO|l", &start, date_ce_interface, &interval, date_ce_interval, &end, date_ce_interface, &options) == FAILURE) { if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "s|l", &isostr, &isostr_len, &options) == FAILURE) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "This constructor accepts either (DateTime, DateInterval, int) OR (DateTime, DateInterval, DateTime) OR (string) as arguments."); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "This constructor accepts either (DateTimeInterface, DateInterval, int) OR (DateTimeInterface, DateInterval, DateTime) OR (string) as arguments."); zend_restore_error_handling(&error_handling TSRMLS_CC); return; } diff --cc ext/openssl/openssl.c index 9c4131f608,c0e3d8a981..fb3069a4a7 mode 100644,100755..100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@@ -5154,9 -5087,8 +5153,8 @@@ PHP_FUNCTION(openssl_random_pseudo_byte buffer = emalloc(buffer_length + 1); #ifdef PHP_WIN32 - strong_result = 1; /* random/urandom equivalent on Windows */ - if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE) { + if (php_win32_get_random_bytes(buffer, (size_t) buffer_length) == FAILURE){ efree(buffer); if (zstrong_result_returned) { ZVAL_BOOL(zstrong_result_returned, 0);