summaryrefslogtreecommitdiff
path: root/user
diff options
context:
space:
mode:
Diffstat (limited to 'user')
-rw-r--r--user/php7/APKBUILD45
-rw-r--r--user/php7/getsockopt.patch37
-rw-r--r--user/php7/libgd-unused-constants.patch51
-rw-r--r--user/php7/no-max-ent-size.patch108
-rw-r--r--user/php7/zip-glob-pathc.patch15
5 files changed, 97 insertions, 159 deletions
diff --git a/user/php7/APKBUILD b/user/php7/APKBUILD
index c86d41e84..de6c5612b 100644
--- a/user/php7/APKBUILD
+++ b/user/php7/APKBUILD
@@ -25,7 +25,7 @@
pkgname=php7
_pkgname=php
-pkgver=7.4.4
+pkgver=7.4.30
pkgrel=0
_apiver=20190902
_zendver=20190902
@@ -34,6 +34,7 @@ pkgdesc="The PHP7 language runtime engine"
url="https://php.net/"
arch="all"
license="PHP-3.01 AND Zend-2.0 AND Custom:TSRM AND LGPL-2.1+ AND MIT AND Beerware AND Public-Domain AND BSD-3-Clause AND Apache-1.0 AND PostgreSQL AND BSD-2-Clause AND Zlib AND BSD-4-Clause"
+options="!check"
depends=""
depends_dev="$pkgname=$pkgver-r$pkgrel autoconf icu-dev libedit-dev libxml2-dev
pcre2-dev zlib-dev"
@@ -80,12 +81,11 @@ source="https://www.php.net/distributions/$_pkgname-$pkgver.tar.bz2
disabled-tests.list
enchant-2.patch
fpm-paths.patch
- getsockopt.patch
install-pear.patch
+ libgd-unused-constants.patch
no-max-ent-size.patch
test-fixes.patch
zend_bool.patch
- zip-glob-pathc.patch
"
builddir="$srcdir/$_pkgname-$pkgver"
_libdir="/usr/lib/$_pkgname"
@@ -94,14 +94,14 @@ _extension_confd="/etc/$_pkgname/conf.d"
# secfixes: php
# 7.2.16-r0:
-# - CVE-2016-10166
-# - CVE-2018-20783
# - CVE-2019-6977
# - CVE-2019-9020
# - CVE-2019-9021
# - CVE-2019-9022
# - CVE-2019-9023
# - CVE-2019-9024
+# - CVE-2016-10166
+# - CVE-2018-20783
# 7.2.19-r0:
# - CVE-2019-11036
# - CVE-2019-11038
@@ -111,18 +111,32 @@ _extension_confd="/etc/$_pkgname/conf.d"
# - CVE-2019-11041
# - CVE-2019-11042
# 7.4.4-r0:
-# - CVE-2019-11043
-# - CVE-2019-11045
-# - CVE-2019-11046
-# - CVE-2019-11047
-# - CVE-2019-11050
-# - CVE-2019-13224
# - CVE-2020-7059
# - CVE-2020-7060
# - CVE-2020-7062
# - CVE-2020-7063
# - CVE-2020-7064
# - CVE-2020-7066
+# - CVE-2019-11043
+# - CVE-2019-11045
+# - CVE-2019-11046
+# - CVE-2019-11047
+# - CVE-2019-11050
+# - CVE-2019-13224
+# 7.4.29-r0:
+# - CVE-2020-7067
+# - CVE-2020-7068
+# - CVE-2020-7069
+# - CVE-2020-7070
+# - CVE-2020-7071
+# - CVE-2019-11048
+# - CVE-2021-21702
+# - CVE-2021-21703
+# - CVE-2021-21704
+# - CVE-2021-21705
+# - CVE-2021-21706
+# - CVE-2021-21707
+# - CVE-2021-21708
# Usage: _add_ext [with|enable] name [extension dependencies...] [configure options...]
_add_ext() {
@@ -529,16 +543,15 @@ _mv() {
mv "$@"
}
-sha512sums="5676023858ffbef4997c2ed99ce1689de2b56d09a0925b8fc6527d56e7f6031b380e433e417e44f84196e713d84c16b33212ed6d116b5c347d1d60586288c248 php-7.4.4.tar.bz2
+sha512sums="5d5c273805d4563ea91619a2aa21bb6f7aa3600c2e1238a37312cb7610c9aad8c6a8c3f5c9d90fda94a7bfaff6d8f26de52913b70c40a7bf23651ba64979a5dc php-7.4.30.tar.bz2
cb3ba48fbd412f12d98ef1f88b509b40bc4ca44a16779a06d43e4db3cb8d24d54404b9e11ca941b5339af8d3281ca9c8ea3ba5ced4339f91fb40608b5ce9a647 php-fpm.initd
01d4ba3ef104ea378eb0e8cbb7bdee3fdf65e4bd6865eb3bc6c0dc4af31c2d52887abdf0150b5ef984b877860285a3b1af84b11ffebb5b8b722ea9faf83edfeb php-fpm.logrotate
a7f9ba5e11652fd1cb9e756c3269269a95de083ecb5be936a85c7a09c1396db9088e0251c6a643c40235c0e776fce2a471e5c7f5a033b85c7d3b3110c2b39e48 php-module.conf
587057aaf93feec2936e2851dbb42ba78310fc012e340d90c58a8912437a8b6a15585895490c31ac31cf36969ea1f2999993c5ca42031c378f31fb83d361fd73 disabled-tests.list
7c8c3cac9efce81d525cb5a70e1402e393881b83ef4c7b5d39d3565803d21cd283daf3d74e9a8b059ecac66cf339756acc63608ffcb83d960dba86583bd45108 enchant-2.patch
a77dd3bdf9dc7a0f2c06ff3e7c425d062bbaa29902c17402ce98701dc99499be863ad543aa5e6a7d1c249702d6afb193398dd3199ae58e42b32b95d434fb1883 fpm-paths.patch
-821bf6fde83302e7613429a61066e2bd3ca4e998dcb7c11e39f4ae84829056537501b47a051e1feba752f72d98644b9a214633db9ccb16d137d3242d145acfe0 getsockopt.patch
951fa8445c20513aa48bf7c7d773c6b4012322e7e7592c13d965758e761b9898c484f0dbc5ae565c05787e6ab868769c97c71504624b10c9570e1d4214f75b10 install-pear.patch
-5fd358dfd660901c8ffdaffe0bce398ab020f8c1beb89e26ba1b21646212fe132927d52ae088220d0b9c53017cfc67f4c9b88f7602df61d36eba5768ce94e355 no-max-ent-size.patch
+441305a96329bf8442a6b633c0a8b8e53af0e6cd5fc673057cbb6b5aeb687542894a7a068073dad0a8d8dc75aa8ca42e6b0a32e29d2a7a69c115714a75127e97 libgd-unused-constants.patch
+0e88f432d273103bff203b439cc3464d34613092007c88ec8806d82c3e317ba267d70c84e5ebc3c8b2c739fa498816e0e102a22b191ee387a42146f4ecc60481 no-max-ent-size.patch
9160e5c6b8bf2d87299f38421caf498519eb42243118570754a5764b5e682c546309548e76df6163df49e841ff51fb07e50fadeed1687da5d73dec1810c393ee test-fixes.patch
-0cd6b8739533511c0d1edcb1ecff4d8d21a6b51d21f77c382645cf31d1645eeb2ebd80e2720557ceefa58f538385e097402bdc50e613dc7699bd8f033aefa543 zend_bool.patch
-1b22dfa547bd1e14e065966f5268adda771c4ad039b83acee30772cd95f0f0b1a320d75fc6ab71a0bc6ca5ce04d58d9f410767c4fae4d5e16537393c78439f21 zip-glob-pathc.patch"
+0cd6b8739533511c0d1edcb1ecff4d8d21a6b51d21f77c382645cf31d1645eeb2ebd80e2720557ceefa58f538385e097402bdc50e613dc7699bd8f033aefa543 zend_bool.patch"
diff --git a/user/php7/getsockopt.patch b/user/php7/getsockopt.patch
deleted file mode 100644
index 81f2bc232..000000000
--- a/user/php7/getsockopt.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-Socket options with level IPPROTO_IP and IPPROTO_IPV6 cannot be handled
-in the same switch statement as options with level SOL_SOCKET since
-there may be collisions in their numerical values.
-
-For example, on ppc64:
-
-* IPV6_MULTICAST_HOPS and SO_RCVTIMEO are both 18
-* IPV6_MULTICAST_LOOP and SO_SNDTIMEO are both 19
-
-etc.
-
---- php-7.4.4/ext/sockets/sockets.c 2020-03-17 06:40:21.000000000 -0400
-+++ php-7.4.4/ext/sockets/sockets.c 2020-03-29 22:39:57.506751737 -0400
-@@ -2008,6 +2008,7 @@ PHP_FUNCTION(socket_get_option)
- }
- }
- }
-+ goto handle_default;
- }
- #if HAVE_IPV6
- else if (level == IPPROTO_IPV6) {
-@@ -2017,6 +2018,7 @@ PHP_FUNCTION(socket_get_option)
- } else if (ret == FAILURE) {
- RETURN_FALSE;
- } /* else continue */
-+ goto handle_default;
- }
- #endif
-
-@@ -2063,6 +2065,7 @@ PHP_FUNCTION(socket_get_option)
- break;
-
- default:
-+ handle_default:
- optlen = sizeof(other_val);
-
- if (getsockopt(php_sock->bsd_socket, level, optname, (char*)&other_val, &optlen) != 0) {
diff --git a/user/php7/libgd-unused-constants.patch b/user/php7/libgd-unused-constants.patch
new file mode 100644
index 000000000..2b5ef2f83
--- /dev/null
+++ b/user/php7/libgd-unused-constants.patch
@@ -0,0 +1,51 @@
+Backport of https://github.com/php/php-src/commit/b3646440b1808abf0874b6f89027ce53ec5da03f
+
+Affects libgd <= 2.3.3
+
+See also https://github.com/libgd/libgd/commit/f4bc1f5c26925548662946ed7cfa473c190a104a
+
+--- php-7.4.29/ext/gd/gd.c 2022-04-12 10:55:40.000000000 +0000
++++ php-7.4.29/ext/gd/gd.c 2022-05-27 16:40:42.048499508 +0000
+@@ -90,6 +90,10 @@ static int le_gd, le_gd_font;
+ #ifndef M_PI
+ #define M_PI 3.14159265358979323846
+ #endif
++/* don't used libgd constants, not used, so going to be removed */
++#define PHP_GD_FLIP_HORIZONTAL 1
++#define PHP_GD_FLIP_VERTICAL 2
++#define PHP_GD_FLIP_BOTH 3
+
+ #ifdef HAVE_GD_FREETYPE
+ static void php_imagettftext_common(INTERNAL_FUNCTION_PARAMETERS, int, int);
+@@ -1137,9 +1141,9 @@ PHP_MINIT_FUNCTION(gd)
+ /* GD2 image format types */
+ REGISTER_LONG_CONSTANT("IMG_GD2_RAW", GD2_FMT_RAW, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("IMG_GD2_COMPRESSED", GD2_FMT_COMPRESSED, CONST_CS | CONST_PERSISTENT);
+- REGISTER_LONG_CONSTANT("IMG_FLIP_HORIZONTAL", GD_FLIP_HORINZONTAL, CONST_CS | CONST_PERSISTENT);
+- REGISTER_LONG_CONSTANT("IMG_FLIP_VERTICAL", GD_FLIP_VERTICAL, CONST_CS | CONST_PERSISTENT);
+- REGISTER_LONG_CONSTANT("IMG_FLIP_BOTH", GD_FLIP_BOTH, CONST_CS | CONST_PERSISTENT);
++ REGISTER_LONG_CONSTANT("IMG_FLIP_HORIZONTAL", PHP_GD_FLIP_HORIZONTAL, CONST_CS | CONST_PERSISTENT);
++ REGISTER_LONG_CONSTANT("IMG_FLIP_VERTICAL", PHP_GD_FLIP_VERTICAL, CONST_CS | CONST_PERSISTENT);
++ REGISTER_LONG_CONSTANT("IMG_FLIP_BOTH", PHP_GD_FLIP_BOTH, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("IMG_EFFECT_REPLACE", gdEffectReplace, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("IMG_EFFECT_ALPHABLEND", gdEffectAlphaBlend, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("IMG_EFFECT_NORMAL", gdEffectNormal, CONST_CS | CONST_PERSISTENT);
+@@ -4696,15 +4700,15 @@ PHP_FUNCTION(imageflip)
+ }
+
+ switch (mode) {
+- case GD_FLIP_VERTICAL:
++ case PHP_GD_FLIP_VERTICAL:
+ gdImageFlipVertical(im);
+ break;
+
+- case GD_FLIP_HORINZONTAL:
++ case PHP_GD_FLIP_HORIZONTAL:
+ gdImageFlipHorizontal(im);
+ break;
+
+- case GD_FLIP_BOTH:
++ case PHP_GD_FLIP_BOTH:
+ gdImageFlipBoth(im);
+ break;
+
diff --git a/user/php7/no-max-ent-size.patch b/user/php7/no-max-ent-size.patch
index 7f28ba3f1..d6552cf1c 100644
--- a/user/php7/no-max-ent-size.patch
+++ b/user/php7/no-max-ent-size.patch
@@ -1,6 +1,6 @@
---- php-7.4.4/ext/posix/posix.c 2020-03-17 10:40:22.000000000 +0000
-+++ php-7.4.4/ext/posix/posix.c 2020-03-27 03:19:13.133440186 +0000
-@@ -1084,8 +1084,11 @@ PHP_FUNCTION(posix_getgrnam)
+--- php-7.4.29/ext/posix/posix.c 2022-04-12 10:55:39.000000000 +0000
++++ php-7.4.29/ext/posix/posix.c 2022-05-27 16:10:31.374379930 +0000
+@@ -1094,8 +1094,11 @@ PHP_FUNCTION(posix_getgrnam)
ZEND_PARSE_PARAMETERS_END_EX(RETURN_FALSE);
#if defined(ZTS) && defined(HAVE_GETGRNAM_R) && defined(_SC_GETGR_R_SIZE_MAX)
@@ -13,17 +13,7 @@
RETURN_FALSE;
}
buf = emalloc(buflen);
-@@ -1127,9 +1130,7 @@ PHP_FUNCTION(posix_getgrgid)
- {
- zend_long gid;
- #if defined(ZTS) && defined(HAVE_GETGRGID_R) && defined(_SC_GETGR_R_SIZE_MAX)
-- int ret;
- struct group _g;
-- struct group *retgrptr = NULL;
- long grbuflen;
- char *grbuf;
- #endif
-@@ -1141,20 +1142,27 @@ PHP_FUNCTION(posix_getgrgid)
+@@ -1151,8 +1154,11 @@ PHP_FUNCTION(posix_getgrgid)
#if defined(ZTS) && defined(HAVE_GETGRGID_R) && defined(_SC_GETGR_R_SIZE_MAX)
@@ -35,29 +25,8 @@
+ } else if (grbuflen < 1) {
RETURN_FALSE;
}
--
- grbuf = emalloc(grbuflen);
-+try_again:
-+ g = &_g;
-- ret = getgrgid_r(gid, &_g, grbuf, grbuflen, &retgrptr);
-- if (ret || retgrptr == NULL) {
-- POSIX_G(last_error) = ret;
-+ if (getgrgid_r(gid, g, grbuf, grbuflen, &g) || g == NULL) {
-+ if (errno == ERANGE) {
-+ grbuflen *= 2;
-+ grbuf = erealloc(grbuf, grbuflen);
-+ goto try_again;
-+ }
-+ POSIX_G(last_error) = errno;
- efree(grbuf);
- RETURN_FALSE;
- }
-- g = &_g;
- #else
- if (NULL == (g = getgrgid(gid))) {
- POSIX_G(last_error) = errno;
-@@ -1210,14 +1218,23 @@ PHP_FUNCTION(posix_getpwnam)
+@@ -1226,8 +1232,11 @@ PHP_FUNCTION(posix_getpwnam)
ZEND_PARSE_PARAMETERS_END_EX(RETURN_FALSE);
#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R)
@@ -70,30 +39,7 @@
RETURN_FALSE;
}
buf = emalloc(buflen);
-+try_again:
- pw = &pwbuf;
-
- if (getpwnam_r(name, pw, buf, buflen, &pw) || pw == NULL) {
-+ if (errno == ERANGE) {
-+ buflen *= 2;
-+ buf = erealloc(buf, buflen);
-+ goto try_again;
-+ }
- efree(buf);
- POSIX_G(last_error) = errno;
- RETURN_FALSE;
-@@ -1248,10 +1265,8 @@ PHP_FUNCTION(posix_getpwuid)
- zend_long uid;
- #if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R)
- struct passwd _pw;
-- struct passwd *retpwptr = NULL;
- long pwbuflen;
- char *pwbuf;
-- int ret;
- #endif
- struct passwd *pw;
-
-@@ -1260,19 +1275,27 @@ PHP_FUNCTION(posix_getpwuid)
+@@ -1282,8 +1291,11 @@ PHP_FUNCTION(posix_getpwuid)
ZEND_PARSE_PARAMETERS_END_EX(RETURN_FALSE);
#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R)
@@ -106,29 +52,9 @@
RETURN_FALSE;
}
pwbuf = emalloc(pwbuflen);
-+try_again:
-+ pw = &_pw;
-
-- ret = getpwuid_r(uid, &_pw, pwbuf, pwbuflen, &retpwptr);
-- if (ret || retpwptr == NULL) {
-- POSIX_G(last_error) = ret;
-+ if (getpwuid_r(uid, pw, pwbuf, pwbuflen, &pw) || pw == NULL) {
-+ if (errno == ERANGE) {
-+ pwbuflen *= 2;
-+ pwbuf = erealloc(pwbuf, pwbuflen);
-+ goto try_again;
-+ }
-+ POSIX_G(last_error) = errno;
- efree(pwbuf);
- RETURN_FALSE;
- }
-- pw = &_pw;
- #else
- if (NULL == (pw = getpwuid(uid))) {
- POSIX_G(last_error) = errno;
---- php-7.4.4/ext/standard/filestat.c 2020-03-17 10:40:30.000000000 +0000
-+++ php-7.4.4/ext/standard/filestat.c 2020-03-27 04:00:18.333479165 +0000
-@@ -302,15 +302,25 @@ PHPAPI int php_get_gid_by_name(const cha
+--- php-7.4.29/ext/standard/filestat.c 2022-04-12 10:55:45.000000000 +0000
++++ php-7.4.29/ext/standard/filestat.c 2022-05-27 16:12:23.176939839 +0000
+@@ -310,15 +310,25 @@ PHPAPI int php_get_gid_by_name(const cha
#if defined(ZTS) && defined(HAVE_GETGRNAM_R) && defined(_SC_GETGR_R_SIZE_MAX)
struct group gr;
struct group *retgrptr;
@@ -156,7 +82,7 @@
efree(grbuf);
return FAILURE;
}
-@@ -438,15 +448,25 @@ PHPAPI uid_t php_get_uid_by_name(const c
+@@ -446,15 +456,25 @@ PHPAPI uid_t php_get_uid_by_name(const c
#if defined(ZTS) && defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R)
struct passwd pw;
struct passwd *retpwptr = NULL;
@@ -184,9 +110,9 @@
efree(pwbuf);
return FAILURE;
}
---- php-7.4.4/main/fopen_wrappers.c 2020-03-17 10:40:21.000000000 +0000
-+++ php-7.4.4/main/fopen_wrappers.c 2020-03-27 04:08:46.553487201 +0000
-@@ -366,10 +366,13 @@ PHPAPI int php_fopen_primary_script(zend
+--- php-7.4.29/main/fopen_wrappers.c 2022-04-12 10:55:38.000000000 +0000
++++ php-7.4.29/main/fopen_wrappers.c 2022-05-27 16:13:13.063261295 +0000
+@@ -375,10 +375,13 @@ PHPAPI int php_fopen_primary_script(zend
struct passwd *pw;
#if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
struct passwd pwstruc;
@@ -201,7 +127,7 @@
return FAILURE;
}
-@@ -382,7 +385,14 @@ PHPAPI int php_fopen_primary_script(zend
+@@ -391,7 +394,14 @@ PHPAPI int php_fopen_primary_script(zend
memcpy(user, path_info + 2, length);
user[length] = '\0';
#if defined(ZTS) && defined(HAVE_GETPWNAM_R) && defined(_SC_GETPW_R_SIZE_MAX)
@@ -217,9 +143,9 @@
efree(pwbuf);
return FAILURE;
}
---- php-7.4.4/main/main.c 2020-03-17 10:40:21.000000000 +0000
-+++ php-7.4.4/main/main.c 2020-03-27 03:33:22.663453619 +0000
-@@ -1487,23 +1487,27 @@ PHPAPI char *php_get_current_user(void)
+--- php-7.4.29/main/main.c 2022-04-12 10:55:38.000000000 +0000
++++ php-7.4.29/main/main.c 2022-05-27 16:14:26.862749793 +0000
+@@ -1534,23 +1534,27 @@ PHPAPI char *php_get_current_user(void)
struct passwd *pwd;
#if defined(ZTS) && defined(HAVE_GETPWUID_R) && defined(_SC_GETPW_R_SIZE_MAX)
struct passwd _pw;
diff --git a/user/php7/zip-glob-pathc.patch b/user/php7/zip-glob-pathc.patch
deleted file mode 100644
index 74b81754a..000000000
--- a/user/php7/zip-glob-pathc.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream: https://github.com/php/php-src/pull/5311
-
---- php-7.4.4/ext/zip/php_zip.c 2020-03-17 10:40:30.000000000 +0000
-+++ php-7.4.4/ext/zip/php_zip.c 2020-03-27 15:28:13.259857804 -0500
-@@ -606,8 +606,9 @@ int php_zip_glob(char *pattern, int pattern_len, zend_long flags, zval *return_v
- add_next_index_string(return_value, globbuf.gl_pathv[n]+cwd_skip);
- }
-
-+ ret = globbuf.gl_pathc;
- globfree(&globbuf);
-- return globbuf.gl_pathc;
-+ return ret;
- #else
- zend_throw_error(NULL, "Glob support is not available");
- return 0;