svn commit: r381839 - in head: archivers/php53-phar/files lang/php53 lang/php53/files

Florian Smeets flo at FreeBSD.org
Sat Mar 21 19:41:31 UTC 2015 

Author: flo
Date: Sat Mar 21 19:41:29 2015
New Revision: 381839
URL: https://svnweb.freebsd.org/changeset/ports/381839
QAT: https://qat.redports.org/buildarchive/r381839/

Log:
  Add patches for the following CVEs
  
  CVE-2015-2301
  CVE-2014-9705
  CVE-2015-0273
  
  MFH:		2015Q1

Added:
  head/archivers/php53-phar/files/patch-CVE-2015-2301   (contents, props changed)
  head/lang/php53/files/patch-CVE-2014-9705   (contents, props changed)
  head/lang/php53/files/patch-CVE-2015-0273   (contents, props changed)
Modified:
  head/lang/php53/Makefile

Added: head/archivers/php53-phar/files/patch-CVE-2015-2301
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/archivers/php53-phar/files/patch-CVE-2015-2301	Sat Mar 21 19:41:29 2015	(r381839)
@@ -0,0 +1,12 @@
+--- phar_object.c	2015-03-16 13:56:47.878348393 -0400
++++ phar_object.c	2015-03-16 13:56:47.826347993 -0400
+@@ -2320,8 +2320,8 @@
+ 	}
+ its_ok:
+ 	if (SUCCESS == php_stream_stat_path(newpath, &ssb)) {
+-		efree(oldpath);
+ 		zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "phar \"%s\" exists and must be unlinked prior to conversion", newpath);
++		efree(oldpath);
+ 		return NULL;
+ 	}
+ 	if (!phar->is_data) {

Modified: head/lang/php53/Makefile
==============================================================================
--- head/lang/php53/Makefile	Sat Mar 21 19:40:35 2015	(r381838)
+++ head/lang/php53/Makefile	Sat Mar 21 19:41:29 2015	(r381839)
@@ -3,7 +3,7 @@
 
 PORTNAME=	php53
 PORTVERSION=	5.3.29
-PORTREVISION?=	4
+PORTREVISION?=	5
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}
 MASTER_SITE_SUBDIR=	distributions

Added: head/lang/php53/files/patch-CVE-2014-9705
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/lang/php53/files/patch-CVE-2014-9705	Sat Mar 21 19:41:29 2015	(r381839)
@@ -0,0 +1,34 @@
+--- ext/enchant/enchant.c	2015-03-16 13:42:36.063819735 -0400
++++ ext/enchant/enchant.c	2015-03-16 13:42:36.059819705 -0400
+@@ -545,13 +545,12 @@
+ 
+ 	d = enchant_broker_request_dict(pbroker->pbroker, (const char *)tag);
+ 	if (d) {
++		pos = pbroker->dictcnt++;
+ 		if (pbroker->dictcnt) {
+ 			pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
+-			pos = pbroker->dictcnt++;
+ 		} else {
+ 			pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
+ 			pos = 0;
+-			pbroker->dictcnt++;
+ 		}
+ 
+ 		dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
+@@ -606,14 +605,14 @@
+ 
+ 	d = enchant_broker_request_pwl_dict(pbroker->pbroker, (const char *)pwl);
+ 	if (d) {
++		pos = pbroker->dictcnt++;
+ 		if (pbroker->dictcnt) {
+-			pos = pbroker->dictcnt++;
+ 			pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
+ 		} else {
+ 			pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
+ 			pos = 0;
+-			pbroker->dictcnt++;
+ 		}
++
+ 		dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
+ 		dict->id = pos;
+ 		dict->pbroker = pbroker;

Added: head/lang/php53/files/patch-CVE-2015-0273
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/lang/php53/files/patch-CVE-2015-0273	Sat Mar 21 19:41:29 2015	(r381839)
@@ -0,0 +1,18 @@
+--- ext/date/php_date.c.orig	2015-03-21 18:31:58.092700000 +0100
++++ ext/date/php_date.c	2015-03-21 18:33:51.148505000 +0100
+@@ -2573,12 +2573,9 @@
+ 	timelib_tzinfo   *tzi;
+ 	php_timezone_obj *tzobj;
+ 
+-	if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS) {
+-		convert_to_string(*z_date);
+-		if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS) {
+-			convert_to_long(*z_timezone_type);
+-			if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS) {
+-				convert_to_string(*z_timezone);
++	if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS && Z_TYPE_PP(z_date) == IS_STRING) {
++		if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS && Z_TYPE_PP(z_timezone_type) == IS_LONG) {
++			if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS && Z_TYPE_PP(z_timezone) == IS_STRING) {
+ 
+ 				switch (Z_LVAL_PP(z_timezone_type)) {
+ 					case TIMELIB_ZONETYPE_OFFSET:

More information about the svn-ports-head mailing list