update to version 5.2.2;

fixes many vulnerabilities http://www.php.net/ChangeLog-5.php#5.2.2 from Lawrence Teo <lteo.openbsd1@calyptix.com>;
2007-05-11 15:05:15 +00:00 · 2007-05-11 15:05:15 +00:00 · e9afe5e028
commit e9afe5e028
parent 47702bd388
14 changed files with 43 additions and 109 deletions
--- a/www/php5/Makefile.inc
+++ b/www/php5/Makefile.inc
@ -1,10 +1,10 @@
-# $OpenBSD: Makefile.inc,v 1.14 2007/03/22 22:43:20 robert Exp $
+# $OpenBSD: Makefile.inc,v 1.15 2007/05/11 15:05:15 robert Exp $

 # This port currently only works with archs supporting dynamic loading
 # and has Apache that supports DSO's.
 NOT_FOR_ARCHS=		${NO_SHARED_ARCHS}

-V=			5.2.1
+V=			5.2.2
 SUHOSIN_V=		0.9.6.2
 DISTNAME?=		php-${V}
 CATEGORIES=		www lang
--- a/www/php5/core/Makefile
+++ b/www/php5/core/Makefile
@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.23 2007/04/30 21:22:00 robert Exp $
+# $OpenBSD: Makefile,v 1.24 2007/05/11 15:05:15 robert Exp $

 COMMENT-main=	"server-side HTML-embedded scripting language"
 COMMENT-fastcgi="stand-alone FastCGI version of PHP"

-PKGNAME=	php5-core-${V}p1
-PKGNAME-main=	php5-core-${V}p1
-PKGNAME-fastcgi=php5-fastcgi-${V}p1
+PKGNAME=	php5-core-${V}
+PKGNAME-main=	php5-core-${V}
+PKGNAME-fastcgi=php5-fastcgi-${V}

 DISTFILES=	php-${V}.tar.gz

--- a/www/php5/core/patches/patch-sapi_cgi_config9_m4
+++ b/www/php5/core/patches/patch-sapi_cgi_config9_m4
@ -1,14 +1,14 @@
 --- sapi/cgi/config9.m4.orig	Thu Sep 28 11:37:52 2006
 +++ sapi/cgi/config9.m4	Sun Apr  1 15:23:31 2007
-@@ -80,7 +80,6 @@ main()
+@@ -50,7 +50,6 @@ AC_ARG_ENABLE(path-info-check,
+   PHP_ENABLE_PATHINFO_CHECK=yes
 ])
 
- 
 -if test "$PHP_SAPI" = "default"; then
   AC_MSG_CHECKING(for CGI build)
   if test "$PHP_SAPI_CGI" != "no"; then
     AC_MSG_RESULT(yes)
-@@ -141,7 +140,8 @@ if test "$PHP_SAPI" = "default"; then
+@@ -109,7 +108,8 @@ if test "$PHP_SAPI" = "default"; then
     AC_MSG_RESULT($PHP_ENABLE_FASTCGI)
 
     INSTALL_IT="@echo \"Installing PHP CGI into: \$(INSTALL_ROOT)\$(bindir)/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)\$(bindir)/\$(program_prefix)php\$(program_suffix)\$(EXEEXT)"
@ -18,12 +18,12 @@
 
     case $host_alias in
       *aix*)
-@@ -151,17 +151,26 @@ if test "$PHP_SAPI" = "default"; then
+@@ -119,17 +119,26 @@ if test "$PHP_SAPI" = "default"; then
         BUILD_CGI="\$(CC) \$(CFLAGS_CLEAN) \$(EXTRA_CFLAGS) \$(EXTRA_LDFLAGS_PROGRAM) \$(LDFLAGS) \$(NATIVE_RPATHS) \$(PHP_GLOBAL_OBJS:.lo=.o) \$(PHP_SAPI_OBJS:.lo=.o) \$(PHP_FRAMEWORKS) \$(EXTRA_LIBS) \$(ZEND_EXTRA_LIBS) -o \$(SAPI_CGI_PATH)"
       ;;
       *)
 -        BUILD_CGI="\$(LIBTOOL) --mode=link \$(CC) -export-dynamic \$(CFLAGS_CLEAN) \$(EXTRA_CFLAGS) \$(EXTRA_LDFLAGS_PROGRAM) \$(LDFLAGS) \$(PHP_RPATHS) \$(PHP_GLOBAL_OBJS) \$(PHP_SAPI_OBJS) \$(EXTRA_LIBS) \$(ZEND_EXTRA_LIBS) -o \$(SAPI_CGI_PATH)"
-+	BUILD_CGI="\$(LIBTOOL) --mode=link \$(CC) -export-dynamic \$(CFLAGS_CLEAN) \$(EXTRA_CFLAGS) \$(EXTRA_LDFLAGS_PROGRAM) \$(LDFLAGS) \$(PHP_RPATHS) \$(PHP_GLOBAL_OBJS) \$(PHP_CGI_OBJS) \$(EXTRA_LIBS) \$(ZEND_EXTRA_LIBS) -o \$(SAPI_CGI_PATH)"
+        BUILD_CGI="\$(LIBTOOL) --mode=link \$(CC) -export-dynamic \$(CFLAGS_CLEAN) \$(EXTRA_CFLAGS) \$(EXTRA_LDFLAGS_PROGRAM) \$(LDFLAGS) \$(PHP_RPATHS) \$(PHP_GLOBAL_OBJS) \$(PHP_CGI_OBJS) \$(EXTRA_LIBS) \$(ZEND_EXTRA_LIBS) -o \$(SAPI_CGI_PATH)"
       ;;
     esac
 
--- a/www/php5/distinfo
+++ b/www/php5/distinfo
@ -1,10 +1,10 @@
-MD5 (php-5.2.1.tar.gz) = YE6u4rg0uwN9LIPlPjANPw==
-MD5 (suhosin-patch-5.2.1-0.9.6.2.patch.gz) = mMro7plN904+obJclVMQ6A==
-RMD160 (php-5.2.1.tar.gz) = zKi5ZhBuqHsqvyfhAJHstEe7Ts8=
-RMD160 (suhosin-patch-5.2.1-0.9.6.2.patch.gz) = a6sR2WIkcltsRfLeG/3Gm5kjAus=
-SHA1 (php-5.2.1.tar.gz) = Ih7wQC2PpJRkxkjZXevH0ho/Ftk=
-SHA1 (suhosin-patch-5.2.1-0.9.6.2.patch.gz) = 27AHVU8sxFRNYL2Aojpq8wV0T70=
-SHA256 (php-5.2.1.tar.gz) = TcdTqbxjoWH9TdAnyf8353EkvWgdso6lRjiVspRC1m0=
-SHA256 (suhosin-patch-5.2.1-0.9.6.2.patch.gz) = eIAqccNe0r7S4OMsuEQ/aCRRmJ6+HtXVs4S3u4W5DBs=
-SIZE (php-5.2.1.tar.gz) = 9010594
-SIZE (suhosin-patch-5.2.1-0.9.6.2.patch.gz) = 22679
+MD5 (php-5.2.2.tar.gz) = epINAJaQCyuWKyHcXFX+PA==
+MD5 (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = CB/gjVhIIKbs4f4uhilxHw==
+RMD160 (php-5.2.2.tar.gz) = hzLUILAjUtly4h5aST6tzW0f+/g=
+RMD160 (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = xH1MI8+ci2VHYSYFhqAd7jQWNwg=
+SHA1 (php-5.2.2.tar.gz) = mt3KKue2vyvqeAI0hCEtnzL9CNc=
+SHA1 (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = 6C70WrsjKJuLQ2ljX13do48UNAc=
+SHA256 (php-5.2.2.tar.gz) = Bflk+EN+MdsBWDQYy6A8H6F/UeJIoS025A4O292FnPc=
+SHA256 (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = ky2BVQKGhrltPr+JIV2rfNk1OscvnqgsJS0JmftL2GQ=
+SIZE (php-5.2.2.tar.gz) = 9201988
+SIZE (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = 22850
--- a/www/php5/extensions/Makefile
+++ b/www/php5/extensions/Makefile
@ -1,6 +1,6 @@
-# $OpenBSD: Makefile,v 1.34 2007/04/01 21:37:27 robert Exp $
+# $OpenBSD: Makefile,v 1.35 2007/05/11 15:05:15 robert Exp $

-FULLPKGNAME-main=	php5-extensions-${V}p0
+FULLPKGNAME-main=	php5-extensions-${V}
 COMMENT-main=		"informational package about PHP5 extensions"

 MULTI_PACKAGES=	-main
--- a/www/php5/patches/patch-aclocal_m4
+++ b/www/php5/patches/patch-aclocal_m4
@ -1,4 +1,4 @@
-$OpenBSD: patch-aclocal_m4,v 1.7 2007/04/01 21:37:27 robert Exp $
+$OpenBSD: patch-aclocal_m4,v 1.8 2007/05/11 15:05:15 robert Exp $
 --- aclocal.m4.orig	Wed Feb  7 01:47:35 2007
 +++ aclocal.m4	Sun Apr  1 14:04:45 2007
@@ -194,7 +194,7 @@ dnl the path is interpreted relative to the top build-
@ -56,7 +56,7 @@ $OpenBSD: patch-aclocal_m4,v 1.7 2007/04/01 21:37:27 robert Exp $
       PHP_ADD_INCLUDE($PHP_KERBEROS_DIR/include)
     fi
   fi
-@@ -4290,7 +4279,7 @@ openbsd*)
+@@ -4320,7 +4309,7 @@ openbsd*)
     *)                         need_version=no  ;;
   esac
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
--- a/www/php5/patches/patch-configure_in
+++ b/www/php5/patches/patch-configure_in
@ -1,4 +1,4 @@
-$OpenBSD: patch-configure_in,v 1.7 2007/04/03 12:17:34 robert Exp $
+$OpenBSD: patch-configure_in,v 1.8 2007/05/11 15:05:15 robert Exp $
 --- configure.in.orig	Wed Feb  7 01:45:04 2007
 +++ configure.in	Tue Apr  3 12:14:04 2007
@@ -918,7 +918,7 @@ enable_static=yes
@ -10,7 +10,7 @@ $OpenBSD: patch-configure_in,v 1.7 2007/04/03 12:17:34 robert Exp $
     if test -z "$PHP_MODULES"; then
         enable_shared=no
     fi
-@@ -926,8 +926,8 @@ program|static)
+@@ -934,8 +934,8 @@ program|static)
 shared)
     enable_static=no
     case $with_pic in
@ -21,7 +21,7 @@ $OpenBSD: patch-configure_in,v 1.7 2007/04/03 12:17:34 robert Exp $
     esac
     EXTRA_LDFLAGS="$EXTRA_LDFLAGS -avoid-version -module"
 ;;
-@@ -1120,7 +1120,7 @@ EXPANDED_SYSCONFDIR=`eval echo $sysconfdir`
+@@ -1128,7 +1128,7 @@ EXPANDED_SYSCONFDIR=`eval echo $sysconfdir`
 EXPANDED_DATADIR=$datadir
 EXPANDED_PHP_CONFIG_FILE_PATH=`eval echo "$PHP_CONFIG_FILE_PATH"`
 EXPANDED_PHP_CONFIG_FILE_SCAN_DIR=`eval echo "$PHP_CONFIG_FILE_SCAN_DIR"`
@ -30,7 +30,7 @@ $OpenBSD: patch-configure_in,v 1.7 2007/04/03 12:17:34 robert Exp $
 
 exec_prefix=$old_exec_prefix
 libdir=$old_libdir
-@@ -1292,7 +1292,7 @@ CFLAGS="\$(CFLAGS_CLEAN) $standard_libtool_flag"
+@@ -1300,7 +1300,7 @@ CFLAGS="\$(CFLAGS_CLEAN) $standard_libtool_flag"
 INLINE_CFLAGS="$INLINE_CFLAGS $standard_libtool_flag"
 CXXFLAGS="$CXXFLAGS $standard_libtool_flag"
 
@ -39,7 +39,7 @@ $OpenBSD: patch-configure_in,v 1.7 2007/04/03 12:17:34 robert Exp $
 install_targets="$install_modules install-build install-headers install-programs $install_pear"
 
 case $PHP_SAPI in
-@@ -1340,7 +1340,7 @@ PHP_ADD_SOURCES(/Zend, zend_language_parser.c zend_lan
+@@ -1348,7 +1348,7 @@ PHP_ADD_SOURCES(/Zend, zend_language_parser.c zend_lan
     zend_ini_parser.c zend_ini_scanner.c)
 
 PHP_ADD_SOURCES(Zend, \
@ -48,7 +48,7 @@ $OpenBSD: patch-configure_in,v 1.7 2007/04/03 12:17:34 robert Exp $
     zend_execute_API.c zend_highlight.c zend_llist.c \
     zend_opcode.c zend_operators.c zend_ptr_stack.c zend_stack.c \
     zend_variables.c zend.c zend_API.c zend_extensions.c zend_hash.c \
-@@ -1362,6 +1362,7 @@ else
+@@ -1370,6 +1370,7 @@ else
 fi
 
 PHP_ADD_SOURCES_X(Zend, zend_execute.c,,PHP_GLOBAL_OBJS,,$flag)
--- a/www/php5/patches/patch-ext_bcmath_libbcmath_src_output_c
+++ b/www/php5/patches/patch-ext_bcmath_libbcmath_src_output_c
@ -1,12 +0,0 @@
-$OpenBSD: patch-ext_bcmath_libbcmath_src_output_c,v 1.2 2007/04/01 21:37:27 robert Exp $
--- ext/bcmath/libbcmath/src/output.c.orig	Fri Nov 22 10:25:29 2002
-+++ ext/bcmath/libbcmath/src/output.c	Sun Apr  1 13:42:42 2007
-@@ -71,7 +71,7 @@ bc_out_long (val, size, space, out_char)
-   int len, ix;
- 
-   if (space) (*out_char) (' ');
-  sprintf (digits, "%ld", val);
-+  snprintf (digits, sizeof digits, "%ld", val);
-   len = strlen (digits);
-   while (size > len)
-     {
--- a/www/php5/patches/patch-ext_bcmath_libbcmath_src_rt_c
+++ b/www/php5/patches/patch-ext_bcmath_libbcmath_src_rt_c
@ -1,21 +0,0 @@
-$OpenBSD: patch-ext_bcmath_libbcmath_src_rt_c,v 1.2 2007/04/01 21:37:27 robert Exp $
--- ext/bcmath/libbcmath/src/rt.c.orig	Wed Nov 22 21:20:02 2000
-+++ ext/bcmath/libbcmath/src/rt.c	Sun Apr  1 13:42:42 2007
-@@ -45,7 +45,7 @@ void bc_rt_warn (char *mesg ,...)
-   char error_mesg [255];
- 
-   va_start (args, mesg);
-  vsprintf (error_mesg, mesg, args);
-+  vsnprintf (error_mesg, sizeof error_mesg, mesg, args);
-   va_end (args);
- 
-   fprintf (stderr, "bc math warning: %s\n", error_mesg);
-@@ -58,7 +58,7 @@ void bc_rt_error (char *mesg ,...)
-   char error_mesg [255];
- 
-   va_start (args, mesg);
-  vsprintf (error_mesg, mesg, args);
-+  vsnprintf (error_mesg, sizeof error_mesg, mesg, args);
-   va_end (args);
- 
-   fprintf (stderr, "bc math error: %s\n", error_mesg);
--- a/www/php5/patches/patch-ext_calendar_calendar_c
+++ b/www/php5/patches/patch-ext_calendar_calendar_c
@ -1,12 +0,0 @@
-$OpenBSD: patch-ext_calendar_calendar_c,v 1.2 2007/04/01 21:37:27 robert Exp $
--- ext/calendar/calendar.c.orig	Mon Jan  1 10:35:48 2007
-+++ ext/calendar/calendar.c	Sun Apr  1 13:42:42 2007
-@@ -416,7 +416,7 @@ PHP_FUNCTION(cal_from_jd)
- 
- 	calendar->from_jd(jd, &year, &month, &day);
- 
-	sprintf(date, "%i/%i/%i", month, day, year);
-+	snprintf(date, sizeof date, "%i/%i/%i", month, day, year);
- 	add_assoc_string(return_value, "date", date, 1);
- 
- 	add_assoc_long(return_value, "month", month);
--- a/www/php5/patches/patch-ext_iconv_iconv_c
+++ b/www/php5/patches/patch-ext_iconv_iconv_c
@ -1,4 +1,4 @@
-$OpenBSD: patch-ext_iconv_iconv_c,v 1.2 2007/04/01 21:37:27 robert Exp $
+$OpenBSD: patch-ext_iconv_iconv_c,v 1.3 2007/05/11 15:05:15 robert Exp $
 --- ext/iconv/iconv.c.orig	Thu Feb  1 15:02:35 2007
 +++ ext/iconv/iconv.c	Sun Apr  1 13:42:42 2007
@@ -336,7 +336,7 @@ static php_iconv_err_t _php_iconv_appendl(smart_str *d
@ -28,7 +28,7 @@ $OpenBSD: patch-ext_iconv_iconv_c,v 1.2 2007/04/01 21:37:27 robert Exp $
 			if (prev_in_left == in_left) {
 				break;
 			}
-@@ -728,7 +728,7 @@ static php_iconv_err_t _php_iconv_substr(smart_str *pr
+@@ -730,7 +730,7 @@ static php_iconv_err_t _php_iconv_substr(smart_str *pr
 
 		prev_in_left = in_left;
 
@ -37,7 +37,7 @@ $OpenBSD: patch-ext_iconv_iconv_c,v 1.2 2007/04/01 21:37:27 robert Exp $
 			if (prev_in_left == in_left) {
 				break;
 			}
-@@ -857,7 +857,7 @@ static php_iconv_err_t _php_iconv_strpos(unsigned int 
+@@ -859,7 +859,7 @@ static php_iconv_err_t _php_iconv_strpos(unsigned int 
 
 		prev_in_left = in_left;
 
@ -46,7 +46,7 @@ $OpenBSD: patch-ext_iconv_iconv_c,v 1.2 2007/04/01 21:37:27 robert Exp $
 			if (prev_in_left == in_left) {
 #if ICONV_SUPPORTS_ERRNO
 				switch (errno) {
-@@ -1106,7 +1106,7 @@ static php_iconv_err_t _php_iconv_mime_encode(smart_st
+@@ -1108,7 +1108,7 @@ static php_iconv_err_t _php_iconv_mime_encode(smart_st
 
 					out_left = out_size - out_reserved;
 
@ -55,7 +55,7 @@ $OpenBSD: patch-ext_iconv_iconv_c,v 1.2 2007/04/01 21:37:27 robert Exp $
 #if ICONV_SUPPORTS_ERRNO
 						switch (errno) {
 							case EINVAL:
-@@ -1206,7 +1206,7 @@ static php_iconv_err_t _php_iconv_mime_encode(smart_st
+@@ -1208,7 +1208,7 @@ static php_iconv_err_t _php_iconv_mime_encode(smart_st
 					out_p = buf;
 					out_left = out_size;
 
@ -64,7 +64,7 @@ $OpenBSD: patch-ext_iconv_iconv_c,v 1.2 2007/04/01 21:37:27 robert Exp $
 #if ICONV_SUPPORTS_ERRNO
 						switch (errno) {
 							case EINVAL:
-@@ -2472,7 +2472,7 @@ static int php_iconv_stream_filter_append_bucket(
+@@ -2469,7 +2469,7 @@ static int php_iconv_stream_filter_append_bucket(
 		tcnt = self->stub_len;
 
 		while (tcnt > 0) {
--- a/www/php5/patches/patch-ext_posix_posix_c
+++ b/www/php5/patches/patch-ext_posix_posix_c
@ -1,21 +0,0 @@
-$OpenBSD: patch-ext_posix_posix_c,v 1.2 2007/04/01 21:37:27 robert Exp $
--- ext/posix/posix.c.orig	Fri Jan 12 02:46:11 2007
-+++ ext/posix/posix.c	Sun Apr  1 13:42:42 2007
-@@ -884,7 +884,7 @@ PHP_FUNCTION(posix_getgrgid)
- 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &gid) == FAILURE) {
- 		RETURN_FALSE;
- 	}
-#ifdef HAVE_GETGRGID_R
-+#if defined(ZTS) && defined(HAVE_GETGRGID_R) && defined(_SC_GETGR_R_SIZE_MAX)
- 	
- 	grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
- 	grbuf = emalloc(grbuflen);
-@@ -909,7 +909,7 @@ PHP_FUNCTION(posix_getgrgid)
- 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to convert posix group struct to array");
- 		RETVAL_FALSE;
- 	}
-#ifdef HAVE_GETGRGID_R
-+#if defined(ZTS) && defined(HAVE_GETGRGID_R) && defined(_SC_GETGR_R_SIZE_MAX)
- 	efree(grbuf);
- #endif
- }
--- a/www/php5/patches/patch-php_ini-dist
+++ b/www/php5/patches/patch-php_ini-dist
@ -1,4 +1,4 @@
-$OpenBSD: patch-php_ini-dist,v 1.8 2007/04/01 21:37:27 robert Exp $
+$OpenBSD: patch-php_ini-dist,v 1.9 2007/05/11 15:05:15 robert Exp $
 --- php.ini-dist.orig	Thu Dec 21 14:05:27 2006
 +++ php.ini-dist	Sun Apr  1 13:42:42 2007
@@ -455,10 +455,7 @@ default_mimetype = "text/html"
@ -113,7 +113,7 @@ $OpenBSD: patch-php_ini-dist,v 1.8 2007/04/01 21:37:27 robert Exp $
 ;;;;;;;;;;;;;;;;;;;
 ; Module Settings ;
 ;;;;;;;;;;;;;;;;;;;
-@@ -670,13 +592,6 @@ default_socket_timeout = 60
+@@ -676,13 +598,6 @@ default_socket_timeout = 60
 define_syslog_variables  = Off
 
 [mail function]
@ -127,7 +127,7 @@ $OpenBSD: patch-php_ini-dist,v 1.8 2007/04/01 21:37:27 robert Exp $
 ; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
 ;sendmail_path =
 
-@@ -1252,6 +1167,53 @@ soap.wsdl_cache_dir="/tmp"
+@@ -1258,6 +1173,53 @@ soap.wsdl_cache_dir="/tmp"
 ; instead of original one.
 soap.wsdl_cache_ttl=86400
 
--- a/www/php5/patches/patch-php_ini-recommended
+++ b/www/php5/patches/patch-php_ini-recommended
@ -1,4 +1,4 @@
-$OpenBSD: patch-php_ini-recommended,v 1.8 2007/04/01 21:37:27 robert Exp $
+$OpenBSD: patch-php_ini-recommended,v 1.9 2007/05/11 15:05:15 robert Exp $
 --- php.ini-recommended.orig	Thu Dec 21 14:05:27 2006
 +++ php.ini-recommended	Sun Apr  1 13:42:42 2007
@@ -500,10 +500,7 @@ default_mimetype = "text/html"
@ -113,7 +113,7 @@ $OpenBSD: patch-php_ini-recommended,v 1.8 2007/04/01 21:37:27 robert Exp $
 ;;;;;;;;;;;;;;;;;;;
 ; Module Settings ;
 ;;;;;;;;;;;;;;;;;;;
-@@ -715,13 +637,6 @@ default_socket_timeout = 60
+@@ -721,13 +643,6 @@ default_socket_timeout = 60
 define_syslog_variables  = Off
 
 [mail function]
@ -127,7 +127,7 @@ $OpenBSD: patch-php_ini-recommended,v 1.8 2007/04/01 21:37:27 robert Exp $
 ; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
 ;sendmail_path =
 
-@@ -1300,6 +1215,53 @@ soap.wsdl_cache_dir="/tmp"
+@@ -1306,6 +1221,53 @@ soap.wsdl_cache_dir="/tmp"
 ; instead of original one.
 soap.wsdl_cache_ttl=86400