]> git.pld-linux.org Git - packages/php.git/blobdiff - php-sapi-ini-file.patch
projects / packages / php.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix for CVE-2015-0232
[packages/php.git] / php-sapi-ini-file.patch
diff --git a/php-sapi-ini-file.patch b/php-sapi-ini-file.patch
index 1c051b5bb256f09c76b434d2f7ff86fed1fcbfed..0c6abd696e1783c481b4165a4019ecd8ca622d73 100644 (file)
--- a/php-sapi-ini-file.patch
+++ b/php-sapi-ini-file.patch
@@ -1,6 +1,19 @@
---- php-5.2.7/main/php_ini.c   2008-08-14 19:34:30.000000000 +0300
-+++ php-5.2.7-inidir/main/php_ini.c    2008-12-05 12:53:24.747685251 +0200
-@@ -474,6 +474,24 @@
+--- php-5.2.11/main/php_ini.c  2009-09-24 22:48:12.128424374 +0300
++++ php-5.2.11/main/php_ini.c  2009-09-24 22:50:19.481745134 +0300
+@@ -255,6 +255,12 @@
+ }
+ /* }}} */
++static int php_csort(const struct dirent **a, const struct dirent **b)
++{
++      return strcmp((*a)->d_name,(*b)->d_name);
++}
++
++
+ /* {{{ php_init_config
+  */
+ int php_init_config(TSRMLS_D)
+@@ -474,6 +480,24 @@
                                }
                        }
                }
@@ -25,7 +38,7 @@
  
                /* Otherwise search for php-%sapi-module-name%.ini file in search path */
                if (!fh.handle.fp) {
-@@ -486,14 +504,6 @@
+@@ -486,14 +510,6 @@
                                fh.filename = php_ini_opened_path;
                        }
                }
@@ -40,7 +53,7 @@
        }
  
        if (free_ini_search_path) {
-@@ -533,9 +543,13 @@
+@@ -533,9 +549,13 @@
        /* Scan and parse any .ini files found in scan path if path not empty. */
        if (!sapi_module.php_ini_ignore && php_ini_scanned_path_len) {
                struct dirent **namelist;
@@ -50,12 +63,13 @@
 +              char *sapi_scan_dir = emalloc(strlen(fmt) + strlen(sapi_module.name));
 +              sprintf(sapi_scan_dir, fmt, sapi_module.name);
  
-               if ((ndir = php_scandir(php_ini_scanned_path, &namelist, 0, php_alphasort)) > 0) {
+-              if ((ndir = php_scandir(php_ini_scanned_path, &namelist, 0, php_alphasort)) > 0) {
++              if ((ndir = php_scandir(php_ini_scanned_path, &namelist, 0, php_csort)) > 0) {
 +                      found += ndir;
                        for (i = 0; i < ndir; i++) {
                                /* check for a .ini extension */
                                if (!(p = strrchr(namelist[i]->d_name, '.')) || (p && strcmp(p, ".ini"))) {
-@@ -556,6 +570,35 @@
+@@ -556,6 +576,35 @@
                                                        /* Here, add it to the list of ini files read */
                                                        l = strlen(ini_file);
                                                        total_l += l + 2;
@@ -69,7 +83,7 @@
 +                      free(namelist);
 +              }
 +
-+              if ((ndir = php_scandir(sapi_scan_dir, &namelist, 0, php_alphasort)) > 0) {
++              if ((ndir = php_scandir(sapi_scan_dir, &namelist, 0, php_csort)) > 0) {
 +                      found += ndir;
 +
 +                      for (i = 0; i < ndir; i++) {
@@ -91,7 +105,7 @@
                                                        p = estrndup(ini_file, l);
                                                        zend_llist_add_element(&scanned_ini_list, &p);
                                                }
-@@ -564,8 +607,11 @@
+@@ -564,8 +613,11 @@
                                free(namelist[i]);
                        }
                        free(namelist);
PHP: Hypertext Preprocessor
This page took 0.608993 seconds and 4 git commands to generate.