Skip to content
Snippets Groups Projects
Commit 333e6c23 authored by Max Rees's avatar Max Rees
Browse files

user/php7: bump to 7.2.16, modernize, build with enchant-2

* Drop CVE-2018-19935.patch: included as of version 7.2.14
parent 0d7d0dd6
No related branches found
No related tags found
1 merge request!204user/php7: bump to 7.2.16, modernize, build with enchant-2
......@@ -23,15 +23,25 @@
# ----------+--------------------------------------------
# zlib | https://bugs.alpinelinux.org/issues/8299
# secfixes:
# 7.2.16-r0:
# - CVE-2016-10166
# - CVE-2018-20783
# - CVE-2019-6977
# - CVE-2019-9020
# - CVE-2019-9021
# - CVE-2019-9022
# - CVE-2019-9023
# - CVE-2019-9024
pkgname=php7
_pkgname=php
pkgver=7.2.11
pkgrel=3
pkgver=7.2.16
pkgrel=0
_apiver=20170718
pkgdesc="The PHP7 language runtime engine"
url="https://php.net/"
arch="all"
options="!checkroot"
license="PHP-3.01 AND Zend-2.0 AND Custom:TSRM AND LGPL-2.1+ AND MIT AND Beerware AND Public-Domain AND BSD-3-Clause AND Apache-1.0 AND PostgreSQL AND BSD-2-Clause AND Zlib AND BSD-4-Clause"
depends=""
depends_dev="$pkgname=$pkgver-r$pkgrel autoconf icu-dev libedit-dev libxml2-dev
......@@ -77,12 +87,12 @@ source="http://php.net/distributions/$_pkgname-$pkgver.tar.bz2
$_pkgname-fpm.logrotate
$_pkgname-module.conf
disabled-tests.list
CVE-2018-19935.patch
install-pear.patch
fpm-paths.patch
allow-build-recode-and-imap-together.patch
fix-tests-devserver.patch
pwbuflen.patch"
pwbuflen.patch
enchant-2.patch"
builddir="$srcdir/$_pkgname-$pkgver"
_libdir="/usr/lib/$_pkgname"
_extension_dir="$_libdir/modules"
......@@ -229,8 +239,6 @@ enable_ext 'zip' \
# - CVE-2018-19935
prepare() {
cd "$builddir"
default_prepare
update_config_sub
......@@ -269,8 +277,6 @@ prepare() {
# * Doesn't work with system-provided onigurama, some tests fail (invalid code
# point); probably because bundled onigurama is version 5.x, but we have 6.x.
_build() {
cd "$builddir"
EXTENSION_DIR=$_extension_dir ./configure \
--build=$CBUILD \
--host=$CHOST \
......@@ -302,8 +308,6 @@ _build() {
}
build() {
cd "$builddir"
# phpdbg
_build --enable-phpdbg \
--enable-phpdbg-webhelper \
......@@ -325,8 +329,6 @@ build() {
}
check() {
cd "$builddir"
# PHP is so stupid that it's not able to resolve dependencies
# between extensions and load them in correct order, so we must
# help it...
......@@ -346,8 +348,6 @@ check() {
}
package() {
cd "$builddir"
make -j1 INSTALL_ROOT="$pkgdir" install
install -Dm644 php.ini-production "$pkgdir"/etc/$_pkgname/php.ini
......@@ -526,14 +526,14 @@ _mv() {
mv $@
}
sha512sums="a6bdd639648ae7845467e01303d0b4f4b85fd541409be97a5a605e91a9c994609e4e221a9c87c576134e66a2439920486d1f444e6fe8c34b0e5d025cee6d0cc8 php-7.2.11.tar.bz2
sha512sums="f97545905a3ec4bc1ce431e306bffb2d7b6357164ea035a6899ea1589d8df4e6617af3924fa1abcb5da428ad691967504c3f94187d4cae6f2ef285e963d07e3d php-7.2.16.tar.bz2
23df4e779c809db3e3b8e5b0353b1aafaad2f3dc56f2d1cd45f9b0e3ad71b32e40700d6ebfe914b3c87e8e0b670d0dc862ded1e5c898adf160e33dea372e044f php-fpm.initd
01d4ba3ef104ea378eb0e8cbb7bdee3fdf65e4bd6865eb3bc6c0dc4af31c2d52887abdf0150b5ef984b877860285a3b1af84b11ffebb5b8b722ea9faf83edfeb php-fpm.logrotate
a7f9ba5e11652fd1cb9e756c3269269a95de083ecb5be936a85c7a09c1396db9088e0251c6a643c40235c0e776fce2a471e5c7f5a033b85c7d3b3110c2b39e48 php-module.conf
b1008eabc86fcff88336fe2961e3229c159c930a05d97359136c381c5c1cc572a33110308a3e5ef5e31c60327f76c9ef02b375cd2ea8ff9caa7deeddc216f4ce disabled-tests.list
4b6e4a8062808fcc54321b159f0b8bfef93267e0824f698f6ab06fc82796d62878a2e73cb44ef4bbad231658f9c0ee819ece1f7ca7517e56eea54309c92128c7 CVE-2018-19935.patch
f1177cbf6b1f44402f421c3d317aab1a2a40d0b1209c11519c1158df337c8945f3a313d689c939768584f3e4edbe52e8bd6103fb6777462326a9d94e8ab1f505 install-pear.patch
a77dd3bdf9dc7a0f2c06ff3e7c425d062bbaa29902c17402ce98701dc99499be863ad543aa5e6a7d1c249702d6afb193398dd3199ae58e42b32b95d434fb1883 fpm-paths.patch
f8ecae241a90cbc3e98aa4deb3d5d35ef555f51380e29f4e182a8060dffeb84be74f030a14c6b452668471030d78964f52795ca74275db05543ccad20ef1f2cc allow-build-recode-and-imap-together.patch
f8bb322e56df79dd9f391737fb8737945cc730b14c7dc2ae8688979c565a9b97f5f2a12c9fcd0d8124624a9d09bd10228147d9e999bb94909bbe249f0a50646c fix-tests-devserver.patch
8e538063d872f6770a57cdb844226a771ccda3d387dd1f199bb08c274b94fbe12ec0ef6df75c32071f308cb8f4ab51b91b520c7c2ed687adf96d0d322788e463 pwbuflen.patch"
8e538063d872f6770a57cdb844226a771ccda3d387dd1f199bb08c274b94fbe12ec0ef6df75c32071f308cb8f4ab51b91b520c7c2ed687adf96d0d322788e463 pwbuflen.patch
03de56676449ddc1ba1fc9c4fee2b2ed620cd1a8ce52d288c91b42e081182871ade55c8dbbe1c8286bc4eadcd92d497a62ac7b689ea8d6b1bcb5eb25225595c4 enchant-2.patch"
From 648fc1e369fc05fb9200a42c7938912236b2a318 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 11 Nov 2018 10:04:01 -0800
Subject: [PATCH] Fix #77020: null pointer dereference in imap_mail
If an empty $message is passed to imap_mail(), we must not set message
to NULL, since _php_imap_mail() is not supposed to handle NULL pointers
(opposed to pointers to NUL).
(cherry picked from commit 7edc639b9ff1c3576773d79d016abbeed1f93846)
---
ext/imap/php_imap.c | 1 -
ext/imap/tests/bug77020.phpt | 15 +++++++++++++++
2 files changed, 15 insertions(+), 1 deletion(-)
create mode 100644 ext/imap/tests/bug77020.phpt
diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c
index 9e626a4..01d1a5f 100644
--- a/ext/imap/php_imap.c
+++ b/ext/imap/php_imap.c
@@ -4116,7 +4116,6 @@ PHP_FUNCTION(imap_mail)
if (!ZSTR_LEN(message)) {
/* this is not really an error, so it is allowed. */
php_error_docref(NULL, E_WARNING, "No message string in mail command");
- message = NULL;
}
if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message), headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL,
diff --git a/ext/imap/tests/bug77020.phpt b/ext/imap/tests/bug77020.phpt
new file mode 100644
index 0000000..8a65232
--- /dev/null
+++ b/ext/imap/tests/bug77020.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #77020 (null pointer dereference in imap_mail)
+--SKIPIF--
+<?php
+if (!extension_loaded('imap')) die('skip imap extension not available');
+?>
+--FILE--
+<?php
+imap_mail('1', 1, NULL);
+?>
+===DONE===
+--EXPECTF--
+Warning: imap_mail(): No message string in mail command in %s on line %d
+%s
+===DONE===
--
2.1.4
Lifted from Arch: https://git.archlinux.org/svntogit/packages.git/tree/trunk/enchant-2.patch?h=packages/php
--- php-7.1.13/ext/enchant/config.m4.orig 2018-01-03 02:32:29.000000000 +0000
+++ php-7.1.13/ext/enchant/config.m4 2018-01-21 22:10:03.788875780 +0000
@@ -14,9 +14,9 @@
ENCHANT_SEARCH_DIRS="/usr/local /usr"
fi
for i in $ENCHANT_SEARCH_DIRS; do
- if test -f $i/include/enchant/enchant.h; then
+ if test -f $i/include/enchant-2/enchant.h; then
ENCHANT_DIR=$i
- ENCHANT_INCDIR=$i/include/enchant
+ ENCHANT_INCDIR=$i/include/enchant-2
elif test -f $i/include/enchant.h; then
ENCHANT_DIR=$i
ENCHANT_INCDIR=$i/include
@@ -31,7 +31,7 @@
AC_DEFINE(HAVE_ENCHANT,1,[ ])
PHP_SUBST(ENCHANT_SHARED_LIBADD)
- PHP_ADD_LIBRARY_WITH_PATH(enchant, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD)
+ PHP_ADD_LIBRARY_WITH_PATH(enchant-2, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD)
PHP_ADD_INCLUDE($ENCHANT_INCDIR)
PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param,
[
--- php-7.2.1/ext/enchant/enchant.c.orig 2018-01-02 22:36:05.000000000 +0000
+++ php-7.2.1/ext/enchant/enchant.c 2018-01-21 22:34:50.205791491 +0000
@@ -741,7 +741,7 @@
for (i = 0; i < n_sugg; i++) {
add_next_index_string(sugg, suggs[i]);
}
- enchant_dict_free_suggestions(pdict->pdict, suggs);
+ enchant_dict_free_string_list(pdict->pdict, suggs);
}
@@ -798,7 +798,7 @@
add_next_index_string(return_value, suggs[i]);
}
- enchant_dict_free_suggestions(pdict->pdict, suggs);
+ enchant_dict_free_string_list(pdict->pdict, suggs);
}
}
/* }}} */
@@ -818,7 +818,7 @@
PHP_ENCHANT_GET_DICT;
- enchant_dict_add_to_personal(pdict->pdict, word, wordlen);
+ enchant_dict_add(pdict->pdict, word, wordlen);
}
/* }}} */
@@ -856,7 +856,7 @@
PHP_ENCHANT_GET_DICT;
- RETURN_BOOL(enchant_dict_is_in_session(pdict->pdict, word, wordlen));
+ RETURN_BOOL(enchant_dict_is_added(pdict->pdict, word, wordlen));
}
/* }}} */
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment