# git diff php-5.3.29..PHP-5.6 ./ext/fileinfo/Makefile.frag >> ~/rpm/packages/php/php-fileinfo.patch
# git diff php-5.3.29..PHP-5.6 ./ext/fileinfo/data_file.c >> ~/rpm/packages/php/php-fileinfo.patch
Patch71: php-fileinfo.patch
+Patch72: x32-suhosin.patch
# Patch71-md5: 771e4934132c5f5c968248c954d1ef6e
# Fixes for security bugs
# https://repo.webtatic.com/yum/centos/5/SRPMS/repoview/php.html
%patch46 -p1
%if %{with suhosin}
%patch47 -p1
+%patch72 -p1
%endif
%patch68 -p1
%patch48 -p1
--- /dev/null
+--- a/Zend/zend_alloc_canary.c
++++ b/Zend/zend_alloc_canary.c
+@@ -720,7 +720,7 @@ static inline unsigned int zend_mm_high_bit(size_t _size)
+ #elif defined(__GNUC__) && defined(__x86_64__)
+ unsigned long n;
+
+- __asm__("bsrq %1,%0\n\t" : "=r" (n) : "rm" (_size));
++ __asm__("bsr %1,%0\n\t" : "=r" (n) : "rm" (_size));
+ return (unsigned int)n;
+ #elif defined(_MSC_VER) && defined(_M_IX86)
+ __asm {
+@@ -746,12 +746,12 @@ static inline unsigned int zend_mm_low_bit(size_t _size)
+ #elif defined(__GNUC__) && defined(__x86_64__)
+ unsigned long n;
+
+- __asm__("bsfq %1,%0\n\t" : "=r" (n) : "rm" (_size));
++ __asm__("bsf %1,%0\n\t" : "=r" (n) : "rm" (_size));
+ return (unsigned int)n;
+ #elif defined(_MSC_VER) && defined(_M_IX86)
+ __asm {
+ bsf eax, _size
+- }
++ }
+ #else
+ static const int offset[16] = {4,0,1,0,2,0,1,0,3,0,1,0,2,0,1,0};
+ unsigned int n;
+@@ -2481,12 +2481,22 @@ static inline size_t safe_address(size_t nmemb, size_t size, size_t offset)
+ size_t res = nmemb;
+ unsigned long overflow = 0;
+
+- __asm__ ("mulq %3\n\taddq %4,%0\n\tadcq %1,%1"
++#ifdef __ILP32__ /* x32 */
++# define LP_SUFF "l"
++#else /* amd64 */
++# define LP_SUFF "q"
++#endif
++
++ __asm__ ("mul" LP_SUFF " %3\n\t"
++ "add %4,%0\n\t"
++ "adc %1,%1"
+ : "=&a"(res), "=&d" (overflow)
+ : "%0"(res),
+ "rm"(size),
+ "rm"(offset));
+
++#undef LP_SUFF
++
+ if (UNEXPECTED(overflow)) {
+ zend_error_noreturn(E_ERROR, "Possible integer overflow in memory allocation (%zu * %zu + %zu)", nmemb, size, offset);
+ return 0;
"rm"(size),
"rm"(offset));
-+#undef LP_SUFF
-+
- if (UNEXPECTED(overflow)) {
- zend_error_noreturn(E_ERROR, "Possible integer overflow in memory allocation (%zu * %zu + %zu)", nmemb, size, offset);
- return 0;
---- a/Zend/zend_alloc_canary.c
-+++ b/Zend/zend_alloc_canary.c
-@@ -720,7 +720,7 @@ static inline unsigned int zend_mm_high_bit(size_t _size)
- #elif defined(__GNUC__) && defined(__x86_64__)
- unsigned long n;
-
-- __asm__("bsrq %1,%0\n\t" : "=r" (n) : "rm" (_size));
-+ __asm__("bsr %1,%0\n\t" : "=r" (n) : "rm" (_size));
- return (unsigned int)n;
- #elif defined(_MSC_VER) && defined(_M_IX86)
- __asm {
-@@ -746,12 +746,12 @@ static inline unsigned int zend_mm_low_bit(size_t _size)
- #elif defined(__GNUC__) && defined(__x86_64__)
- unsigned long n;
-
-- __asm__("bsfq %1,%0\n\t" : "=r" (n) : "rm" (_size));
-+ __asm__("bsf %1,%0\n\t" : "=r" (n) : "rm" (_size));
- return (unsigned int)n;
- #elif defined(_MSC_VER) && defined(_M_IX86)
- __asm {
- bsf eax, _size
-- }
-+ }
- #else
- static const int offset[16] = {4,0,1,0,2,0,1,0,3,0,1,0,2,0,1,0};
- unsigned int n;
-@@ -2481,12 +2481,22 @@ static inline size_t safe_address(size_t nmemb, size_t size, size_t offset)
- size_t res = nmemb;
- unsigned long overflow = 0;
-
-- __asm__ ("mulq %3\n\taddq %4,%0\n\tadcq %1,%1"
-+#ifdef __ILP32__ /* x32 */
-+# define LP_SUFF "l"
-+#else /* amd64 */
-+# define LP_SUFF "q"
-+#endif
-+
-+ __asm__ ("mul" LP_SUFF " %3\n\t"
-+ "add %4,%0\n\t"
-+ "adc %1,%1"
- : "=&a"(res), "=&d" (overflow)
- : "%0"(res),
- "rm"(size),
- "rm"(offset));
-
+#undef LP_SUFF
+
if (UNEXPECTED(overflow)) {