diff options
40 files changed, 319 insertions, 160 deletions
@@ -44,6 +44,9 @@ . Removed dl() function on fpm-fcgi. (Nikita) . Removed support for hexadecimal numeric strings. (Nikita) +- Curl: + . Fixed bug #68937 (Segfault in curl_multi_exec). (Laruence) + - Date: . Fixed day_of_week function as it could sometimes return negative values internally. (Derick) @@ -66,6 +69,7 @@ . New FILTER_VALIDATE_DOMAIN and better RFC conformance for FILTER_VALIDATE_URL. (Kevin Dunglas) - FPM: + . Fixed bug #68945 (Unknown admin values segfault pools) (Laruence) . Fixed bug #65933 (Cannot specify config lines longer than 1024 bytes). (Chris Wright) . Implement request #67106 (Split main fpm config). (Elan Ruusamäe, Remi) diff --git a/build/build.mk b/build/build.mk index 007f081f19..6e2668287e 100644 --- a/build/build.mk +++ b/build/build.mk @@ -22,17 +22,16 @@ SUBDIRS = Zend TSRM STAMP = buildmk.stamp -ALWAYS = generated_lists - - -all: $(STAMP) $(ALWAYS) +all: $(STAMP) generated_lists @$(MAKE) -s -f build/build2.mk -generated_lists: +generated_lists: ALWAYS @echo makefile_am_files = Zend/Makefile.am TSRM/Makefile.am > $@ @echo config_m4_files = Zend/Zend.m4 TSRM/tsrm.m4 TSRM/threads.m4 \ Zend/acinclude.m4 ext/*/config*.m4 sapi/*/config.m4 >> $@ +ALWAYS: + $(STAMP): build/buildcheck.sh @build/buildcheck.sh $(STAMP) diff --git a/build/build2.mk b/build/build2.mk index 2d9e684ec0..08f144f8b6 100644 --- a/build/build2.mk +++ b/build/build2.mk @@ -50,5 +50,6 @@ aclocal.m4: configure.in acinclude.m4 configure: aclocal.m4 configure.in $(config_m4_files) @echo rebuilding $@ + @rm -f $@ $(PHP_AUTOCONF) $(SUPPRESS_WARNINGS) diff --git a/ext/curl/interface.c b/ext/curl/interface.c index 043e14fdab..dc9071f352 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -1486,8 +1486,12 @@ static size_t curl_read(char *data, size_t size, size_t nmemb, void *ctx) ZVAL_RES(&argv[0], ch->res); Z_ADDREF(argv[0]); - ZVAL_RES(&argv[1], t->res); - Z_ADDREF(argv[1]); + if (t->res) { + ZVAL_RES(&argv[1], t->res); + Z_ADDREF(argv[1]); + } else { + ZVAL_NULL(&argv[1]); + } ZVAL_LONG(&argv[2], (int)size * nmemb); fci.size = sizeof(fci); diff --git a/ext/curl/tests/bug68937.phpt b/ext/curl/tests/bug68937.phpt new file mode 100644 index 0000000000..a661ec01ce --- /dev/null +++ b/ext/curl/tests/bug68937.phpt @@ -0,0 +1,32 @@ +--TEST-- +Bug # #68937 (Segfault in curl_multi_exec) +--SKIPIF-- +<?php +if (getenv("SKIP_ONLINE_TESTS")) die("skip online test"); +include 'skipif.inc'; +?> +--FILE-- +<?php + +$ch = curl_init('http://www.google.com/'); +curl_setopt_array($ch, array( + CURLOPT_HEADER => false, + CURLOPT_RETURNTRANSFER => true, + CURLOPT_POST => true, + CURLOPT_INFILESIZE => 1, + CURLOPT_HTTPHEADER => array( + 'Content-Length: 1', + ), + CURLOPT_READFUNCTION => 'curl_read' +)); + +function curl_read($ch, $fp, $len) { + var_dump($fp); + exit; +} + +curl_exec($ch); +curl_close($ch); +?> +--EXPECTF-- +NULL diff --git a/ext/curl/tests/bug68937_2.phpt b/ext/curl/tests/bug68937_2.phpt new file mode 100644 index 0000000000..418a96dc8d --- /dev/null +++ b/ext/curl/tests/bug68937_2.phpt @@ -0,0 +1,33 @@ +--TEST-- +Bug # #68937 (Segfault in curl_multi_exec) +--SKIPIF-- +<?php +if (getenv("SKIP_ONLINE_TESTS")) die("skip online test"); +include 'skipif.inc'; +?> +--FILE-- +<?php + +$ch = curl_init('http://www.google.com/'); +curl_setopt_array($ch, array( + CURLOPT_HEADER => false, + CURLOPT_RETURNTRANSFER => true, + CURLOPT_POST => true, + CURLOPT_INFILESIZE => filesize(__FILE__), + CURLOPT_INFILE => fopen(__FILE__, 'r'), + CURLOPT_HTTPHEADER => array( + 'Content-Length: 1', + ), + CURLOPT_READFUNCTION => 'curl_read' +)); + +function curl_read($ch, $fp, $len) { + var_dump($fp); + exit; +} + +curl_exec($ch); +curl_close($ch); +?> +--EXPECTF-- +resource(%d) of type (stream) diff --git a/ext/date/php_date.c b/ext/date/php_date.c index c6db35b709..a00c4c5a94 100644 --- a/ext/date/php_date.c +++ b/ext/date/php_date.c @@ -1441,7 +1441,7 @@ PHPAPI zend_long php_parse_date(char *string, zend_long *now) Convert string representation of date and time to a timestamp */ PHP_FUNCTION(strtotime) { - char *times, *initial_ts; + char *times; size_t time_len; int error1, error2; struct timelib_error_container *error; diff --git a/ext/dom/documenttype.c b/ext/dom/documenttype.c index 8b40d51065..c65902e759 100644 --- a/ext/dom/documenttype.c +++ b/ext/dom/documenttype.c @@ -191,7 +191,7 @@ int dom_documenttype_internal_subset_read(dom_object *obj, zval *retval) xmlOutputBufferFlush(buff); #ifdef LIBXML2_NEW_BUFFER - smart_str_appendl(&ret_buf, xmlOutputBufferGetContent(buff), xmlOutputBufferGetSize(buff)); + smart_str_appendl(&ret_buf, (const char *) xmlOutputBufferGetContent(buff), xmlOutputBufferGetSize(buff)); #else smart_str_appendl(&ret_buf, buff->buffer->content, buff->buffer->use); #endif diff --git a/ext/dom/nodelist.c b/ext/dom/nodelist.c index f9ecb17ca4..a5f6c63f7d 100644 --- a/ext/dom/nodelist.c +++ b/ext/dom/nodelist.c @@ -153,7 +153,7 @@ PHP_FUNCTION(dom_nodelist_item) } else { nodep = nodep->children; } - itemnode = dom_get_elements_by_tag_name_ns_raw(nodep, objmap->ns, objmap->local, &count, index); + itemnode = dom_get_elements_by_tag_name_ns_raw(nodep, (char *) objmap->ns, (char *) objmap->local, &count, index); } } } diff --git a/ext/filter/logical_filters.c b/ext/filter/logical_filters.c index 91ab756e97..ab13ce52f9 100644 --- a/ext/filter/logical_filters.c +++ b/ext/filter/logical_filters.c @@ -427,8 +427,7 @@ void php_filter_validate_regexp(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ { zval *option_val; zend_string *regexp; - zend_long option_flags; - int regexp_set, option_flags_set; + int regexp_set; pcre *re = NULL; pcre_extra *pcre_extra = NULL; int preg_options = 0; @@ -437,7 +436,6 @@ void php_filter_validate_regexp(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ /* Parse options */ FETCH_STR_OPTION(regexp, "regexp"); - FETCH_LONG_OPTION(option_flags, "flags"); if (!regexp_set) { php_error_docref(NULL, E_WARNING, "'regexp' option missing"); diff --git a/ext/filter/sanitizing_filters.c b/ext/filter/sanitizing_filters.c index d9cb7baeb7..f786f29ce7 100644 --- a/ext/filter/sanitizing_filters.c +++ b/ext/filter/sanitizing_filters.c @@ -88,8 +88,8 @@ static void php_filter_encode_url(zval *value, const unsigned char* chars, const } */ str = zend_string_alloc(3 * Z_STRLEN_P(value), 0); - p = str->val; - s = Z_STRVAL_P(value); + p = (unsigned char *) str->val; + s = (unsigned char *) Z_STRVAL_P(value); e = s + Z_STRLEN_P(value); while (s < e) { @@ -264,7 +264,7 @@ void php_filter_full_special_chars(PHP_INPUT_FILTER_PARAM_DECL) } else { quotes = ENT_NOQUOTES; } - buf = php_escape_html_entities_ex(Z_STRVAL_P(value), Z_STRLEN_P(value), 1, quotes, SG(default_charset), 0); + buf = php_escape_html_entities_ex((unsigned char *) Z_STRVAL_P(value), Z_STRLEN_P(value), 1, quotes, SG(default_charset), 0); zval_ptr_dtor(value); ZVAL_STR(value, buf); } diff --git a/ext/iconv/iconv.c b/ext/iconv/iconv.c index 486f65d622..b9fb10bdec 100644 --- a/ext/iconv/iconv.c +++ b/ext/iconv/iconv.c @@ -1338,7 +1338,9 @@ static php_iconv_err_t _php_iconv_mime_encode(smart_str *pretval, const char *fn ini_in_p = in_p; for (out_size = (char_cnt - 2) / 3; out_size > 0;) { +#if !ICONV_SUPPORTS_ERRNO size_t prev_out_left; +#endif nbytes_required = 0; @@ -1374,8 +1376,9 @@ static php_iconv_err_t _php_iconv_mime_encode(smart_str *pretval, const char *fn } #endif } - +#if !ICONV_SUPPORTS_ERRNO prev_out_left = out_left; +#endif if (iconv(cd, NULL, NULL, (char **) &out_p, &out_left) == (size_t)-1) { #if ICONV_SUPPORTS_ERRNO if (errno != E2BIG) { diff --git a/ext/interbase/interbase.c b/ext/interbase/interbase.c index 8f88d6017a..c12e045dc3 100644 --- a/ext/interbase/interbase.c +++ b/ext/interbase/interbase.c @@ -523,11 +523,7 @@ void _php_ibase_module_error(char *msg, ...) /* {{{ */ { va_list ap; -#ifdef ZTS - va_start(ap, ); -#else va_start(ap, msg); -#endif /* vsnprintf NUL terminates the buf and writes at most n-1 chars+NUL */ vsnprintf(IBG(errmsg), MAX_ERRMSG, msg, ap); diff --git a/ext/intl/calendar/calendar_methods.cpp b/ext/intl/calendar/calendar_methods.cpp index 40f1ff2f01..0b5b0c134d 100644 --- a/ext/intl/calendar/calendar_methods.cpp +++ b/ext/intl/calendar/calendar_methods.cpp @@ -1246,7 +1246,7 @@ U_CFUNC PHP_FUNCTION(intlcal_to_date_time) int64_t ts; char ts_str[sizeof("@-9223372036854775808")]; int ts_str_len; - zval ts_tmp, ts_zval, tmp; + zval ts_zval, tmp; INTL_METHOD_CHECK_STATUS(co, "Call to ICU method has failed"); diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 1a4c1c3052..58f1cb5316 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -845,13 +845,30 @@ static int add_oid_section(struct php_x509_request * req) /* {{{ */ #define SET_OPTIONAL_LONG_ARG(key, varname, defval) \ if (optional_args && (item = zend_hash_str_find(Z_ARRVAL_P(optional_args), key, sizeof(key)-1)) != NULL && Z_TYPE_P(item) == IS_LONG) \ - varname = Z_LVAL_P(item); \ + varname = (int)Z_LVAL_P(item); \ else \ varname = defval static const EVP_CIPHER * php_openssl_get_evp_cipher_from_algo(zend_long algo); -int openssl_spki_cleanup(const char *src, char *dest); +/* {{{ strip line endings from spkac */ +static int openssl_spki_cleanup(const char *src, char *dest) +{ + int removed=0; + + while (*src) { + if (*src!='\n'&&*src!='\r') { + *dest++=*src; + } else { + ++removed; + } + ++src; + } + *dest=0; + return removed; +} +/* }}} */ + static int php_openssl_parse_config(struct php_x509_request * req, zval * optional_args) /* {{{ */ { @@ -1377,7 +1394,7 @@ static X509 * php_openssl_x509_from_zval(zval * val, int makeresource, zend_reso } else { BIO *in; - in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val)); + in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val)); if (in == NULL) { return NULL; } @@ -1493,7 +1510,10 @@ PHP_FUNCTION(openssl_spki_new) } if (challenge) { - ASN1_STRING_set(spki->spkac->challenge, challenge, challenge_len); + if (!ASN1_STRING_set(spki->spkac->challenge, challenge, (int)challenge_len)) { + php_error_docref(NULL, E_WARNING, "Unable to set challenge data"); + goto cleanup; + } } if (!NETSCAPE_SPKI_set_pubkey(spki, pkey)) { @@ -1546,7 +1566,7 @@ cleanup: PHP_FUNCTION(openssl_spki_verify) { size_t spkstr_len; - int i = 0; + int i = 0, spkstr_cleaned_len = 0; char *spkstr = NULL, * spkstr_cleaned = NULL; EVP_PKEY *pkey = NULL; @@ -1563,14 +1583,14 @@ PHP_FUNCTION(openssl_spki_verify) } spkstr_cleaned = emalloc(spkstr_len + 1); - openssl_spki_cleanup(spkstr, spkstr_cleaned); + spkstr_cleaned_len = (int)(spkstr_len - openssl_spki_cleanup(spkstr, spkstr_cleaned)); - if (strlen(spkstr_cleaned)<=0) { + if (spkstr_cleaned_len == 0) { php_error_docref(NULL, E_WARNING, "Invalid SPKAC"); goto cleanup; } - spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned)); + spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, spkstr_cleaned_len); if (spki == NULL) { php_error_docref(NULL, E_WARNING, "Unable to decode supplied SPKAC"); goto cleanup; @@ -1608,6 +1628,7 @@ PHP_FUNCTION(openssl_spki_export) { size_t spkstr_len; char *spkstr = NULL, * spkstr_cleaned = NULL, * s = NULL; + int spkstr_cleaned_len; EVP_PKEY *pkey = NULL; NETSCAPE_SPKI *spki = NULL; @@ -1624,9 +1645,14 @@ PHP_FUNCTION(openssl_spki_export) } spkstr_cleaned = emalloc(spkstr_len + 1); - openssl_spki_cleanup(spkstr, spkstr_cleaned); + spkstr_cleaned_len = (int)(spkstr_len - openssl_spki_cleanup(spkstr, spkstr_cleaned)); - spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned)); + if (spkstr_cleaned_len == 0) { + php_error_docref(NULL, E_WARNING, "Invalid SPKAC"); + goto cleanup; + } + + spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, spkstr_cleaned_len); if (spki == NULL) { php_error_docref(NULL, E_WARNING, "Unable to decode supplied SPKAC"); goto cleanup; @@ -1668,6 +1694,7 @@ PHP_FUNCTION(openssl_spki_export_challenge) { size_t spkstr_len; char *spkstr = NULL, * spkstr_cleaned = NULL; + int spkstr_cleaned_len; NETSCAPE_SPKI *spki = NULL; @@ -1682,9 +1709,14 @@ PHP_FUNCTION(openssl_spki_export_challenge) } spkstr_cleaned = emalloc(spkstr_len + 1); - openssl_spki_cleanup(spkstr, spkstr_cleaned); + spkstr_cleaned_len = (int)(spkstr_len - openssl_spki_cleanup(spkstr, spkstr_cleaned)); + + if (spkstr_cleaned_len == 0) { + php_error_docref(NULL, E_WARNING, "Invalid SPKAC"); + goto cleanup; + } - spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned)); + spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, spkstr_cleaned_len); if (spki == NULL) { php_error_docref(NULL, E_WARNING, "Unable to decode SPKAC"); goto cleanup; @@ -1700,24 +1732,6 @@ cleanup: } /* }}} */ -/* {{{ strip line endings from spkac */ -int openssl_spki_cleanup(const char *src, char *dest) -{ - int removed=0; - - while (*src) { - if (*src!='\n'&&*src!='\r') { - *dest++=*src; - } else { - ++removed; - } - ++src; - } - *dest=0; - return removed; -} -/* }}} */ - /* {{{ proto bool openssl_x509_export(mixed x509, string &out [, bool notext = true]) Exports a CERT to file or a var */ PHP_FUNCTION(openssl_x509_export) @@ -2162,7 +2176,7 @@ PHP_FUNCTION(openssl_x509_checkpurpose) goto clean_exit; } - ret = check_cert(cainfo, cert, untrustedchain, purpose); + ret = check_cert(cainfo, cert, untrustedchain, (int)purpose); if (ret != 0 && ret != 1) { RETVAL_LONG(ret); } else { @@ -2519,7 +2533,7 @@ PHP_FUNCTION(openssl_pkcs12_read) bio_in = BIO_new(BIO_s_mem()); - if(!BIO_write(bio_in, zp12, zp12_len)) + if(0 >= BIO_write(bio_in, zp12, (int)zp12_len)) goto cleanup; if(d2i_PKCS12_bio(bio_in, &p12)) { @@ -2660,7 +2674,7 @@ static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, z v = sk_CONF_VALUE_value(dn_sk, i); type = v->name; - len = strlen(type); + len = (int)strlen(type); if (len < sizeof("_default")) { continue; } @@ -2776,7 +2790,7 @@ static X509_REQ * php_openssl_csr_from_zval(zval * val, int makeresource, zend_r } in = BIO_new_file(filename, "r"); } else { - in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val)); + in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val)); } csr = PEM_read_bio_X509_REQ(in, NULL,NULL,NULL); BIO_free(in); @@ -2950,7 +2964,7 @@ PHP_FUNCTION(openssl_csr_sign) goto cleanup; - ASN1_INTEGER_set(X509_get_serialNumber(new_cert), serial); + ASN1_INTEGER_set(X509_get_serialNumber(new_cert), (long)serial); X509_set_subject_name(new_cert, X509_REQ_get_subject_name(csr)); @@ -2961,7 +2975,7 @@ PHP_FUNCTION(openssl_csr_sign) goto cleanup; } X509_gmtime_adj(X509_get_notBefore(new_cert), 0); - X509_gmtime_adj(X509_get_notAfter(new_cert), (long)60*60*24*num_days); + X509_gmtime_adj(X509_get_notAfter(new_cert), 60*60*24*(long)num_days); i = X509_set_pubkey(new_cert, key); if (!i) { goto cleanup; @@ -3274,7 +3288,7 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval * val, int public_key, char * p if (filename) { in = BIO_new_file(filename, "r"); } else { - in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val)); + in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val)); } if (in == NULL) { TMP_CLEAN; @@ -3292,7 +3306,7 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval * val, int public_key, char * p } in = BIO_new_file(filename, "r"); } else { - in = BIO_new_mem_buf(Z_STRVAL_P(val), Z_STRLEN_P(val)); + in = BIO_new_mem_buf(Z_STRVAL_P(val), (int)Z_STRLEN_P(val)); } if (in == NULL) { @@ -3468,7 +3482,7 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey) Z_TYPE_P(bn) == IS_STRING) { \ _type->_name = BN_bin2bn( \ (unsigned char*)Z_STRVAL_P(bn), \ - Z_STRLEN_P(bn), NULL); \ + (int)Z_STRLEN_P(bn), NULL); \ } \ } while (0); @@ -3631,11 +3645,11 @@ PHP_FUNCTION(openssl_pkey_export_to_file) switch (EVP_PKEY_type(key->type)) { #ifdef HAVE_EVP_PKEY_EC case EVP_PKEY_EC: - pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL); + pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL); break; #endif default: - pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL); + pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL); break; } @@ -3699,11 +3713,11 @@ PHP_FUNCTION(openssl_pkey_export) switch (EVP_PKEY_type(key->type)) { #ifdef HAVE_EVP_PKEY_EC case EVP_PKEY_EC: - pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL); + pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL); break; #endif default: - pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL); + pem_write = PEM_write_bio_PrivateKey(bio_out, key, cipher, (unsigned char *)passphrase, (int)passphrase_len, NULL, NULL); break; } @@ -3965,7 +3979,7 @@ PHP_FUNCTION(openssl_pbkdf2) out_buffer = zend_string_alloc(key_length, 0); - if (PKCS5_PBKDF2_HMAC(password, password_len, (unsigned char *)salt, salt_len, iterations, digest, key_length, (unsigned char*)out_buffer->val) == 1) { + if (PKCS5_PBKDF2_HMAC(password, (int)password_len, (unsigned char *)salt, (int)salt_len, (int)iterations, digest, (int)key_length, (unsigned char*)out_buffer->val) == 1) { out_buffer->val[key_length] = 0; RETURN_STR(out_buffer); } else { @@ -4052,7 +4066,7 @@ PHP_FUNCTION(openssl_pkcs7_verify) zend_printf("Calling PKCS7 verify\n"); #endif - if (PKCS7_verify(p7, others, store, datain, dataout, flags)) { + if (PKCS7_verify(p7, others, store, datain, dataout, (int)flags)) { RETVAL_TRUE; @@ -4066,7 +4080,7 @@ PHP_FUNCTION(openssl_pkcs7_verify) certout = BIO_new_file(signersfilename, "w"); if (certout) { int i; - signers = PKCS7_get0_signers(p7, NULL, flags); + signers = PKCS7_get0_signers(p7, NULL, (int)flags); for(i = 0; i < sk_X509_num(signers); i++) { PEM_write_bio_X509(certout, sk_X509_value(signers, i)); @@ -4182,7 +4196,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt) goto clean_exit; } - p7 = PKCS7_encrypt(recipcerts, infile, (EVP_CIPHER*)cipher, flags); + p7 = PKCS7_encrypt(recipcerts, infile, (EVP_CIPHER*)cipher, (int)flags); if (p7 == NULL) { goto clean_exit; @@ -4204,7 +4218,7 @@ PHP_FUNCTION(openssl_pkcs7_encrypt) (void)BIO_reset(infile); /* write the encrypted data */ - SMIME_write_PKCS7(outfile, p7, infile, flags); + SMIME_write_PKCS7(outfile, p7, infile, (int)flags); RETVAL_TRUE; @@ -4284,7 +4298,7 @@ PHP_FUNCTION(openssl_pkcs7_sign) goto clean_exit; } - p7 = PKCS7_sign(cert, privkey, others, infile, flags); + p7 = PKCS7_sign(cert, privkey, others, infile, (int)flags); if (p7 == NULL) { php_error_docref(NULL, E_WARNING, "error creating PKCS7 structure!"); goto clean_exit; @@ -4305,7 +4319,7 @@ PHP_FUNCTION(openssl_pkcs7_sign) } ZEND_HASH_FOREACH_END(); } /* write the signed data */ - SMIME_write_PKCS7(outfile, p7, infile, flags); + SMIME_write_PKCS7(outfile, p7, infile, (int)flags); RETVAL_TRUE; @@ -4421,6 +4435,9 @@ PHP_FUNCTION(openssl_private_encrypt) if (pkey == NULL) { php_error_docref(NULL, E_WARNING, "key param is not a valid private key"); RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } cryptedlen = EVP_PKEY_size(pkey); @@ -4429,11 +4446,11 @@ PHP_FUNCTION(openssl_private_encrypt) switch (pkey->type) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: - successful = (RSA_private_encrypt(data_len, + successful = (RSA_private_encrypt((int)data_len, (unsigned char *)data, (unsigned char *)cryptedbuf->val, pkey->pkey.rsa, - padding) == cryptedlen); + (int)padding) == cryptedlen); break; default: php_error_docref(NULL, E_WARNING, "key type not supported in this PHP build!"); @@ -4479,6 +4496,9 @@ PHP_FUNCTION(openssl_private_decrypt) if (pkey == NULL) { php_error_docref(NULL, E_WARNING, "key parameter is not a valid private key"); RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } cryptedlen = EVP_PKEY_size(pkey); @@ -4487,11 +4507,11 @@ PHP_FUNCTION(openssl_private_decrypt) switch (pkey->type) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: - cryptedlen = RSA_private_decrypt(data_len, + cryptedlen = RSA_private_decrypt((int)data_len, (unsigned char *)data, crypttemp, pkey->pkey.rsa, - padding); + (int)padding); if (cryptedlen != -1) { cryptedbuf = zend_string_alloc(cryptedlen, 0); memcpy(cryptedbuf->val, crypttemp, cryptedlen); @@ -4543,6 +4563,9 @@ PHP_FUNCTION(openssl_public_encrypt) if (pkey == NULL) { php_error_docref(NULL, E_WARNING, "key parameter is not a valid public key"); RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } cryptedlen = EVP_PKEY_size(pkey); @@ -4551,11 +4574,11 @@ PHP_FUNCTION(openssl_public_encrypt) switch (pkey->type) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: - successful = (RSA_public_encrypt(data_len, + successful = (RSA_public_encrypt((int)data_len, (unsigned char *)data, (unsigned char *)cryptedbuf->val, pkey->pkey.rsa, - padding) == cryptedlen); + (int)padding) == cryptedlen); break; default: php_error_docref(NULL, E_WARNING, "key type not supported in this PHP build!"); @@ -4602,6 +4625,9 @@ PHP_FUNCTION(openssl_public_decrypt) if (pkey == NULL) { php_error_docref(NULL, E_WARNING, "key parameter is not a valid public key"); RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } cryptedlen = EVP_PKEY_size(pkey); @@ -4610,11 +4636,11 @@ PHP_FUNCTION(openssl_public_decrypt) switch (pkey->type) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: - cryptedlen = RSA_public_decrypt(data_len, + cryptedlen = RSA_public_decrypt((int)data_len, (unsigned char *)data, crypttemp, pkey->pkey.rsa, - padding); + (int)padding); if (cryptedlen != -1) { cryptedbuf = zend_string_alloc(cryptedlen, 0); memcpy(cryptedbuf->val, crypttemp, cryptedlen); @@ -4774,7 +4800,7 @@ PHP_FUNCTION(openssl_verify) EVP_VerifyInit (&md_ctx, mdtype); EVP_VerifyUpdate (&md_ctx, data, data_len); - err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey); + err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, (int)signature_len, pkey); EVP_MD_CTX_cleanup(&md_ctx); if (keyresource == NULL) { @@ -4809,6 +4835,9 @@ PHP_FUNCTION(openssl_seal) if (!nkeys) { php_error_docref(NULL, E_WARNING, "Fourth argument to openssl_seal() must be a non-empty array"); RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } if (method) { @@ -4856,7 +4885,7 @@ PHP_FUNCTION(openssl_seal) buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx)); EVP_CIPHER_CTX_cleanup(&ctx); - if (!EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) || !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) { + if (!EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) || !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, (int)data_len)) { RETVAL_FALSE; efree(buf); EVP_CIPHER_CTX_cleanup(&ctx); @@ -4938,6 +4967,12 @@ PHP_FUNCTION(openssl_open) if (pkey == NULL) { php_error_docref(NULL, E_WARNING, "unable to coerce parameter 4 into a private key"); RETURN_FALSE; + } else if (INT_MAX < ekey_len) { + php_error_docref(NULL, E_WARNING, "ekey is too long"); + RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } if (method) { @@ -4952,7 +4987,7 @@ PHP_FUNCTION(openssl_open) buf = emalloc(data_len + 1); - if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) { + if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, (int)ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, (int)data_len)) { if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || (len1 + len2 == 0)) { efree(buf); RETVAL_FALSE; @@ -5122,6 +5157,9 @@ PHP_FUNCTION(openssl_encrypt) if (!cipher_type) { php_error_docref(NULL, E_WARNING, "Unknown cipher algorithm"); RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } keylen = EVP_CIPHER_key_length(cipher_type); @@ -5139,19 +5177,19 @@ PHP_FUNCTION(openssl_encrypt) } free_iv = php_openssl_validate_iv(&iv, &iv_len, max_iv_len); - outlen = data_len + EVP_CIPHER_block_size(cipher_type); + outlen = (int)data_len + EVP_CIPHER_block_size(cipher_type); outbuf = zend_string_alloc(outlen, 0); EVP_EncryptInit(&cipher_ctx, cipher_type, NULL, NULL); if (password_len > keylen) { - EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len); + EVP_CIPHER_CTX_set_key_length(&cipher_ctx, (int)password_len); } EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv); if (options & OPENSSL_ZERO_PADDING) { EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0); } if (data_len > 0) { - EVP_EncryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, data_len); + EVP_EncryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, (int)data_len); } outlen = i; if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf->val + i, &i)) { @@ -5203,6 +5241,9 @@ PHP_FUNCTION(openssl_decrypt) if (!method_len) { php_error_docref(NULL, E_WARNING, "Unknown cipher algorithm"); RETURN_FALSE; + } else if (INT_MAX < data_len) { + php_error_docref(NULL, E_WARNING, "data is too long"); + RETURN_FALSE; } cipher_type = EVP_get_cipherbyname(method); @@ -5212,7 +5253,7 @@ PHP_FUNCTION(openssl_decrypt) } if (!(options & OPENSSL_RAW_DATA)) { - base64_str = php_base64_decode((unsigned char*)data, data_len); + base64_str = php_base64_decode((unsigned char*)data, (int)data_len); if (!base64_str) { php_error_docref(NULL, E_WARNING, "Failed to base64 decode the input"); RETURN_FALSE; @@ -5232,18 +5273,18 @@ PHP_FUNCTION(openssl_decrypt) free_iv = php_openssl_validate_iv(&iv, &iv_len, EVP_CIPHER_iv_length(cipher_type)); - outlen = data_len + EVP_CIPHER_block_size(cipher_type); + outlen = (int)data_len + EVP_CIPHER_block_size(cipher_type); outbuf = zend_string_alloc(outlen, 0); EVP_DecryptInit(&cipher_ctx, cipher_type, NULL, NULL); if (password_len > keylen) { - EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len); + EVP_CIPHER_CTX_set_key_length(&cipher_ctx, (int)password_len); } EVP_DecryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv); if (options & OPENSSL_ZERO_PADDING) { EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0); } - EVP_DecryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, data_len); + EVP_DecryptUpdate(&cipher_ctx, (unsigned char*)outbuf->val, &i, (unsigned char *)data, (int)data_len); outlen = i; if (EVP_DecryptFinal(&cipher_ctx, (unsigned char *)outbuf->val + i, &i)) { outlen += i; @@ -5314,7 +5355,7 @@ PHP_FUNCTION(openssl_dh_compute_key) RETURN_FALSE; } - pub = BN_bin2bn((unsigned char*)pub_str, pub_len, NULL); + pub = BN_bin2bn((unsigned char*)pub_str, (int)pub_len, NULL); data = zend_string_alloc(DH_size(pkey->pkey.dh), 0); len = DH_compute_key((unsigned char*)data->val, pub, pkey->pkey.dh); diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c index fb37b03b8f..c9a46a8c20 100644 --- a/ext/openssl/xp_ssl.c +++ b/ext/openssl/xp_ssl.c @@ -149,7 +149,7 @@ static int handle_ssl_error(php_stream *stream, int nr_bytes, zend_bool is_init) int err = SSL_get_error(sslsock->ssl_handle, nr_bytes); char esbuf[512]; smart_str ebuf = {0}; - zend_ulong ecode; + unsigned long ecode; int retry = 1; switch(err) { @@ -314,7 +314,8 @@ static zend_bool php_x509_fingerprint_match(X509 *peer, zval *val) static zend_bool matches_wildcard_name(const char *subjectname, const char *certname) /* {{{ */ { char *wildcard = NULL; - int prefix_len, suffix_len, subject_len; + ptrdiff_t prefix_len; + size_t suffix_len, subject_len; if (strcasecmp(subjectname, certname) == 0) { return 1; @@ -517,7 +518,7 @@ static int passwd_callback(char *buf, int num, int verify, void *data) /* {{{ */ if (passphrase) { if (Z_STRLEN_P(val) < num - 1) { memcpy(buf, Z_STRVAL_P(val), Z_STRLEN_P(val)+1); - return Z_STRLEN_P(val); + return (int)Z_STRLEN_P(val); } } return 0; @@ -925,9 +926,9 @@ static const SSL_METHOD *php_select_crypto_method(zend_long method_value, int is } /* }}} */ -static zend_long php_get_crypto_method_ctx_flags(zend_long method_flags) /* {{{ */ +static int php_get_crypto_method_ctx_flags(int method_flags) /* {{{ */ { - zend_long ssl_ctx_options = SSL_OP_ALL; + int ssl_ctx_options = SSL_OP_ALL; #ifndef OPENSSL_NO_SSL2 if (!(method_flags & STREAM_CRYPTO_METHOD_SSLv2)) { @@ -1296,7 +1297,9 @@ static int enable_server_sni(php_stream *stream, php_openssl_netstream_data_t *s sizeof(php_openssl_sni_cert_t), 0, php_stream_is_persistent(stream) ); - ZEND_HASH_FOREACH_KEY_VAL(Z_ARRVAL_P(val), key_index,key, current) { + ZEND_HASH_FOREACH_KEY_VAL(Z_ARRVAL_P(val), key_index, key, current) { + (void) key_index; + if (!key) { php_error_docref(NULL, E_WARNING, "SNI_server_certs array requires string host name keys" @@ -1376,8 +1379,8 @@ int php_openssl_setup_crypto(php_stream *stream, ) /* {{{ */ { const SSL_METHOD *method; - long ssl_ctx_options; - long method_flags; + int ssl_ctx_options; + int method_flags; char *cipherlist = NULL; zval *val; @@ -1755,7 +1758,6 @@ static size_t php_openssl_sockop_read(php_stream *stream, char *buf, size_t coun static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, size_t count) /* {{{ */ { php_openssl_netstream_data_t *sslsock = (php_openssl_netstream_data_t*)stream->abstract; - int nr_bytes = 0; /* Only do this if SSL is active. */ if (sslsock->ssl_active) { @@ -1764,6 +1766,12 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz *timeout; int blocked = sslsock->s.is_blocked, has_timeout = 0; + int nr_bytes = 0; + + /* prevent overflow in openssl */ + if (count > INT_MAX) { + count = INT_MAX; + } /* Begin by making the socket non-blocking. This allows us to check the timeout. */ if (SUCCESS == php_set_sock_blocking(sslsock->s.socket, 0)) { @@ -1803,7 +1811,7 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz /* Now, do the IO operation. Don't block if we can't complete... */ if (read) { - nr_bytes = SSL_read(sslsock->ssl_handle, buf, count); + nr_bytes = SSL_read(sslsock->ssl_handle, buf, (int)count); if (sslsock->reneg && sslsock->reneg->should_close) { /* renegotiation rate limiting triggered */ @@ -1813,7 +1821,7 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz break; } } else { - nr_bytes = SSL_write(sslsock->ssl_handle, buf, count); + nr_bytes = SSL_write(sslsock->ssl_handle, buf, (int)count); } /* Now, how much time until we time out? */ @@ -1858,11 +1866,12 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz int err = SSL_get_error(sslsock->ssl_handle, nr_bytes ); /* If we didn't get any error, then let's return it to PHP. */ - if (err == SSL_ERROR_NONE) + if (err == SSL_ERROR_NONE) { break; + } /* Otherwise, we need to wait again (up to time_left or we get an error) */ - if (blocked) + if (blocked) { if (read) { php_pollfd_for(sslsock->s.socket, (err == SSL_ERROR_WANT_WRITE) ? (POLLOUT|POLLPRI) : (POLLIN|POLLPRI), has_timeout ? &left_time : NULL); @@ -1870,6 +1879,7 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz php_pollfd_for(sslsock->s.socket, (err == SSL_ERROR_WANT_READ) ? (POLLIN|POLLPRI) : (POLLOUT|POLLPRI), has_timeout ? &left_time : NULL); } + } } /* Finally, we keep going until we got data, and an SSL_ERROR_NONE, unless we had an error. */ @@ -1885,7 +1895,11 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz php_set_sock_blocking(sslsock->s.socket, 1); sslsock->s.is_blocked = 1; } + + return 0 > nr_bytes ? 0 : nr_bytes; } else { + size_t nr_bytes = 0; + /* * This block is if we had no timeout... We will just sit and wait forever on the IO operation. */ @@ -1894,14 +1908,9 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz } else { nr_bytes = php_stream_socket_ops.write(stream, buf, count); } - } - /* PHP doesn't expect a negative return. */ - if (nr_bytes < 0) { - nr_bytes = 0; + return nr_bytes; } - - return nr_bytes; } /* }}} */ @@ -2089,7 +2098,11 @@ static int php_openssl_sockop_set_option(php_stream *stream, int option, int val if (value == -1) { if (sslsock->s.timeout.tv_sec == -1) { - tv.tv_sec = FG(default_socket_timeout); +#ifdef _WIN32 + tv.tv_sec = (long)FG(default_socket_timeout); +#else + tv.tv_sec = (time_t)FG(default_socket_timeout); +#endif tv.tv_usec = 0; } else { tv = sslsock->connect_timeout; @@ -2302,7 +2315,11 @@ php_stream *php_openssl_ssl_socket_factory(const char *proto, size_t protolen, sslsock->s.is_blocked = 1; /* this timeout is used by standard stream funcs, therefor it should use the default value */ - sslsock->s.timeout.tv_sec = FG(default_socket_timeout); +#ifdef _WIN32 + sslsock->s.timeout.tv_sec = (long)FG(default_socket_timeout); +#else + sslsock->s.timeout.tv_sec = (time_t)FG(default_socket_timeout); +#endif sslsock->s.timeout.tv_usec = 0; /* use separate timeout for our private funcs */ diff --git a/ext/pdo/pdo_stmt.c b/ext/pdo/pdo_stmt.c index 7ae888cfe1..dc1201ccda 100644 --- a/ext/pdo/pdo_stmt.c +++ b/ext/pdo/pdo_stmt.c @@ -1543,7 +1543,7 @@ static PHP_METHOD(PDOStatement, fetchAll) static int register_bound_param(INTERNAL_FUNCTION_PARAMETERS, pdo_stmt_t *stmt, int is_param) /* {{{ */ { - struct pdo_bound_param_data param = {0}; + struct pdo_bound_param_data param = {{{0}}}; zend_long param_type = PDO_PARAM_STR; zval *parameter; @@ -1582,7 +1582,7 @@ static int register_bound_param(INTERNAL_FUNCTION_PARAMETERS, pdo_stmt_t *stmt, bind an input parameter to the value of a PHP variable. $paramno is the 1-based position of the placeholder in the SQL statement (but can be the parameter name for drivers that support named placeholders). It should be called prior to execute(). */ static PHP_METHOD(PDOStatement, bindValue) { - struct pdo_bound_param_data param = {0}; + struct pdo_bound_param_data param = {{{0}}}; zend_long param_type = PDO_PARAM_STR; zval *parameter; PHP_STMT_GET_OBJ; diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c index 36c9a3354e..1e13d67e58 100644 --- a/ext/session/mod_files.c +++ b/ext/session/mod_files.c @@ -220,7 +220,6 @@ static void ps_files_open(ps_files *data, const char *key) static int ps_files_write(ps_files *data, zend_string *key, zend_string *val) { zend_long n; - zend_stat_t sbuf; /* PS(id) may be changed by calling session_regenerate_id(). Re-initialization should be tried here. ps_files_open() checks diff --git a/ext/session/session.c b/ext/session/session.c index 0f81945481..966e0a6896 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -2230,6 +2230,7 @@ static PHP_FUNCTION(session_start) break; } } + (void) num_idx; } ZEND_HASH_FOREACH_END(); } diff --git a/ext/simplexml/simplexml.c b/ext/simplexml/simplexml.c index 96182816fc..ceba129560 100644 --- a/ext/simplexml/simplexml.c +++ b/ext/simplexml/simplexml.c @@ -789,7 +789,7 @@ static int sxe_prop_dim_exists(zval *object, zval *member, int check_empty, zend } } if (exists && check_empty == 1 && - (!attr->children || !attr->children->content || !attr->children->content[0] || !xmlStrcmp(attr->children->content, "0")) ) { + (!attr->children || !attr->children->content || !attr->children->content[0] || !xmlStrcmp(attr->children->content, (const xmlChar *) "0")) ) { /* Attribute with no content in it's text node */ exists = 0; } @@ -817,7 +817,7 @@ static int sxe_prop_dim_exists(zval *object, zval *member, int check_empty, zend exists = 1; if (check_empty == 1 && (!node->children || (node->children->type == XML_TEXT_NODE && !node->children->next && - (!node->children->content || !node->children->content[0] || !xmlStrcmp(node->children->content, "0")))) ) { + (!node->children->content || !node->children->content[0] || !xmlStrcmp(node->children->content, (const xmlChar *) "0")))) ) { exists = 0; } } @@ -1388,7 +1388,7 @@ SXE_METHOD(asXML) if (node) { if (node->parent && (XML_DOCUMENT_NODE == node->parent->type)) { - xmlDocDumpMemoryEnc((xmlDocPtr) sxe->document->ptr, &strval, &strval_len, ((xmlDocPtr) sxe->document->ptr)->encoding); + xmlDocDumpMemoryEnc((xmlDocPtr) sxe->document->ptr, &strval, &strval_len, (const char *) ((xmlDocPtr) sxe->document->ptr)->encoding); RETVAL_STRINGL((char *)strval, strval_len); xmlFree(strval); } else { @@ -1399,7 +1399,7 @@ SXE_METHOD(asXML) RETURN_FALSE; } - xmlNodeDumpOutput(outbuf, (xmlDocPtr) sxe->document->ptr, node, 0, 0, ((xmlDocPtr) sxe->document->ptr)->encoding); + xmlNodeDumpOutput(outbuf, (xmlDocPtr) sxe->document->ptr, node, 0, 0, (const char *) ((xmlDocPtr) sxe->document->ptr)->encoding); xmlOutputBufferFlush(outbuf); #ifdef LIBXML2_NEW_BUFFER RETVAL_STRINGL((char *)xmlOutputBufferGetContent(outbuf), xmlOutputBufferGetSize(outbuf)); diff --git a/ext/sockets/config.w32 b/ext/sockets/config.w32 index d3455b05dd..e6c4cfea68 100644 --- a/ext/sockets/config.w32 +++ b/ext/sockets/config.w32 @@ -9,7 +9,7 @@ if (PHP_SOCKETS != "no") { && CHECK_HEADER_ADD_INCLUDE("winsock.h", "CFLAGS_SOCKETS")) { EXTENSION('sockets', 'sockets.c multicast.c conversions.c sockaddr_conv.c sendrecvmsg.c', PHP_SOCKETS_SHARED, "/DZEND_ENABLE_STATIC_TSRMLS_CACHE=1"); AC_DEFINE('HAVE_SOCKETS', 1); - PHP_INSTALL_HEADERS("ext/sockets", "php_sockets.h"); + PHP_INSTALL_HEADERS("ext/sockets", "php_sockets.h windows_common.h"); } else { WARNING("sockets not enabled; libraries and headers not found"); } diff --git a/ext/standard/dns.c b/ext/standard/dns.c index b5cfb1d3e4..6507aa46e9 100644 --- a/ext/standard/dns.c +++ b/ext/standard/dns.c @@ -457,6 +457,7 @@ static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_t add_assoc_string(subarray, "host", name); add_assoc_string(subarray, "class", "IN"); add_assoc_long(subarray, "ttl", ttl); + (void) class; if (raw) { add_assoc_long(subarray, "type", type); diff --git a/ext/standard/ftp_fopen_wrapper.c b/ext/standard/ftp_fopen_wrapper.c index 923ba6642e..1c83a9434c 100644 --- a/ext/standard/ftp_fopen_wrapper.c +++ b/ext/standard/ftp_fopen_wrapper.c @@ -233,7 +233,7 @@ static php_stream *php_ftp_fopen_connect(php_stream_wrapper *wrapper, const char } #define PHP_FTP_CNTRL_CHK(val, val_len, err_msg) { \ - unsigned char *s = val, *e = s + val_len; \ + unsigned char *s = (unsigned char *) val, *e = (unsigned char *) s + val_len; \ while (s < e) { \ if (iscntrl(*s)) { \ php_stream_wrapper_log_error(wrapper, options, err_msg, val); \ diff --git a/ext/standard/html.c b/ext/standard/html.c index 16abac0b08..c8e36b8d45 100644 --- a/ext/standard/html.c +++ b/ext/standard/html.c @@ -1187,7 +1187,7 @@ static inline void find_entity_for_char( * at most two entries... */ for ( ; s <= e; s++) { if (s->normal_entry.second_cp == next_char) { - *entity = s->normal_entry.entity; + *entity = (const unsigned char *) s->normal_entry.entity; *entity_len = s->normal_entry.entity_len; return; } @@ -1215,7 +1215,7 @@ static inline void find_entity_for_char_basic( return; } - *entity = table[k].data.ent.entity; + *entity = (const unsigned char *) table[k].data.ent.entity; *entity_len = table[k].data.ent.entity_len; } /* }}} */ @@ -1400,7 +1400,7 @@ encode_amp: ent_len = pos - (char*)&old[cursor]; } else { /* named entity */ /* check for vality of named entity */ - const char *start = &old[cursor], + const char *start = (const char *) &old[cursor], *next = start; unsigned dummy1, dummy2; diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c index 7c48c45bc0..454cd04d5b 100644 --- a/ext/standard/http_fopen_wrapper.c +++ b/ext/standard/http_fopen_wrapper.c @@ -751,7 +751,7 @@ finish: if (!strncasecmp(http_header_line, "Location: ", 10)) { if (context && (tmpzval = php_stream_context_get_option(context, "http", "follow_location")) != NULL) { follow_location = zval_is_true(tmpzval); - } else if (!(response_code >= 300 && response_code < 304 || 307 == response_code || 308 == response_code)) { + } else if (!((response_code >= 300 && response_code < 304) || 307 == response_code || 308 == response_code)) { /* we shouldn't redirect automatically if follow_location isn't set and response_code not in (300, 301, 302, 303 and 307) see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.1 diff --git a/ext/standard/image.c b/ext/standard/image.c index d5ab529071..e1fa27e41b 100644 --- a/ext/standard/image.c +++ b/ext/standard/image.c @@ -367,7 +367,7 @@ static unsigned short php_read2(php_stream * stream) unsigned char a[2]; /* return 0 if we couldn't read enough data */ - if((php_stream_read(stream, a, sizeof(a))) < sizeof(a)) return 0; + if((php_stream_read(stream, (char *) a, sizeof(a))) < sizeof(a)) return 0; return (((unsigned short)a[0]) << 8) + ((unsigned short)a[1]); } @@ -604,7 +604,6 @@ static unsigned int php_read4(php_stream * stream) static struct gfxinfo *php_handle_jpc(php_stream * stream) { struct gfxinfo *result = NULL; - unsigned short dummy_short; int highest_bit_depth, bit_depth; unsigned char first_marker_id; unsigned int i; @@ -627,8 +626,8 @@ static struct gfxinfo *php_handle_jpc(php_stream * stream) result = (struct gfxinfo *)ecalloc(1, sizeof(struct gfxinfo)); - dummy_short = php_read2(stream); /* Lsiz */ - dummy_short = php_read2(stream); /* Rsiz */ + php_read2(stream); /* Lsiz */ + php_read2(stream); /* Rsiz */ result->width = php_read4(stream); /* Xsiz */ result->height = php_read4(stream); /* Ysiz */ @@ -647,7 +646,7 @@ static struct gfxinfo *php_handle_jpc(php_stream * stream) #endif result->channels = php_read2(stream); /* Csiz */ - if (result->channels == 0 && php_stream_eof(stream) || result->channels > 256) { + if ((result->channels == 0 && php_stream_eof(stream)) || result->channels > 256) { efree(result); return NULL; } @@ -831,7 +830,7 @@ static struct gfxinfo *php_handle_tiff (php_stream * stream, zval *info, int mot /* now we have the directory we can look how long it should be */ ifd_size = dir_size; for(i=0;i<num_entries;i++) { - dir_entry = ifd_data+2+i*12; + dir_entry = (unsigned char *) ifd_data+2+i*12; entry_tag = php_ifd_get16u(dir_entry+0, motorola_intel); entry_type = php_ifd_get16u(dir_entry+2, motorola_intel); switch(entry_type) { @@ -889,10 +888,10 @@ static struct gfxinfo *php_handle_iff(php_stream * stream) int size; short width, height, bits; - if (php_stream_read(stream, a, 8) != 8) { + if (php_stream_read(stream, (char *) a, 8) != 8) { return NULL; } - if (strncmp(a+4, "ILBM", 4) && strncmp(a+4, "PBM ", 4)) { + if (strncmp((char *) a+4, "ILBM", 4) && strncmp((char *) a+4, "PBM ", 4)) { return NULL; } @@ -1088,7 +1087,7 @@ static struct gfxinfo *php_handle_ico(php_stream * stream) unsigned char dim[16]; int num_icons = 0; - if (php_stream_read(stream, dim, 2) != 2) + if (php_stream_read(stream, (char *) dim, 2) != 2) return NULL; num_icons = (((unsigned int)dim[1]) << 8) + ((unsigned int) dim[0]); @@ -1100,7 +1099,7 @@ static struct gfxinfo *php_handle_ico(php_stream * stream) while (num_icons > 0) { - if (php_stream_read(stream, dim, sizeof(dim)) != sizeof(dim)) + if (php_stream_read(stream, (char *) dim, sizeof(dim)) != sizeof(dim)) break; if ((((unsigned int)dim[7]) << 8) + ((unsigned int)dim[6]) >= result->bits) diff --git a/ext/standard/iptc.c b/ext/standard/iptc.c index 0e01acbe26..929d495023 100644 --- a/ext/standard/iptc.c +++ b/ext/standard/iptc.c @@ -286,7 +286,7 @@ PHP_FUNCTION(iptcembed) if (spool < 2) { // TODO: avoid reallocation ??? - RETVAL_STRINGL(spoolbuf, poi - spoolbuf); + RETVAL_STRINGL((char *) spoolbuf, poi - spoolbuf); efree(spoolbuf); } else { RETURN_TRUE; @@ -358,7 +358,7 @@ PHP_FUNCTION(iptcparse) element = zend_hash_str_update(Z_ARRVAL_P(return_value), key, strlen(key), &values); } - add_next_index_stringl(element, buffer+inx, len); + add_next_index_stringl(element, (char *) buffer+inx, len); inx += len; tagsfound++; } diff --git a/ext/standard/link.c b/ext/standard/link.c index a80e48f6a0..b7fe1ae495 100644 --- a/ext/standard/link.c +++ b/ext/standard/link.c @@ -86,7 +86,7 @@ PHP_FUNCTION(linkinfo) { char *link; char *dirname; - size_t link_len, dir_len; + size_t link_len; zend_stat_t sb; int ret; @@ -95,7 +95,7 @@ PHP_FUNCTION(linkinfo) } dirname = estrndup(link, link_len); - dir_len = php_dirname(dirname, link_len); + php_dirname(dirname, link_len); if (php_check_open_basedir(dirname)) { efree(dirname); diff --git a/ext/standard/metaphone.c b/ext/standard/metaphone.c index 59ef78baf6..cc94b0372f 100644 --- a/ext/standard/metaphone.c +++ b/ext/standard/metaphone.c @@ -117,7 +117,7 @@ char _codes[26] = /* Look two letters down. It makes sure you don't walk off the string. */ #define After_Next_Letter (Next_Letter != '\0' ? toupper(word[w_idx+2]) \ : '\0') -#define Look_Ahead_Letter(n) (toupper(Lookahead(word+w_idx, n))) +#define Look_Ahead_Letter(n) (toupper(Lookahead((char *) word+w_idx, n))) /* Allows us to safely look ahead an arbitrary # of letters */ diff --git a/ext/standard/string.c b/ext/standard/string.c index 0e4ef4c9cd..65f80fd38c 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -4055,6 +4055,7 @@ static zend_long php_str_replace_in_subject(zval *search, zval *replace, zval *s if (replace_entry_str) { zend_string_release(replace_entry_str); + replace_entry_str = NULL; } zend_string_release(Z_STR_P(result)); ZVAL_STR(result, tmp_result); diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index dede0efe18..9414ebdf36 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -638,6 +638,9 @@ PHPAPI FILE *php_fopen_with_path(const char *filename, const char *mode, const c } filename_length = (int)strlen(filename); +#ifndef PHP_WIN32 + (void) filename_length; +#endif /* Relative path open */ if ((*filename == '.') diff --git a/main/php_ini.c b/main/php_ini.c index c8c5ad88f5..5703d1fc0d 100644 --- a/main/php_ini.c +++ b/main/php_ini.c @@ -357,6 +357,10 @@ static void php_load_zend_extension_cb(void *arg) char *filename = *((char **) arg); const int length = (int)strlen(filename); +#ifndef PHP_WIN32 + (void) length; +#endif + if (IS_ABSOLUTE_PATH(filename, length)) { zend_load_extension(filename); } else { diff --git a/main/php_output.h b/main/php_output.h index 76a7ecd416..34c344534c 100644 --- a/main/php_output.h +++ b/main/php_output.h @@ -162,8 +162,8 @@ PHPAPI ZEND_EXTERN_MODULE_GLOBALS(output); #define PHPWRITE(str, str_len) php_output_write((str), (str_len)) #define PHPWRITE_H(str, str_len) php_output_write_unbuffered((str), (str_len)) -#define PUTC(c) (php_output_write(&(c), 1), (c)) -#define PUTC_H(c) (php_output_write_unbuffered(&(c), 1), (c)) +#define PUTC(c) (php_output_write((const char *) &(c), 1), (c)) +#define PUTC_H(c) (php_output_write_unbuffered((const char *) &(c), 1), (c)) #define PUTS(str) do { \ const char *__str = (str); \ diff --git a/main/rfc1867.c b/main/rfc1867.c index a1ba99f08c..a1d8232dd9 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -425,7 +425,7 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header) char *value = NULL; if (php_rfc1867_encoding_translation()) { - self->input_encoding = zend_multibyte_encoding_detector(line, strlen(line), self->detect_order, self->detect_order_size); + self->input_encoding = zend_multibyte_encoding_detector((const unsigned char *) line, strlen(line), self->detect_order, self->detect_order_size); } /* space in the beginning means same header */ diff --git a/main/streams/plain_wrapper.c b/main/streams/plain_wrapper.c index 284ba05ea8..5e328fbdca 100644 --- a/main/streams/plain_wrapper.c +++ b/main/streams/plain_wrapper.c @@ -1411,6 +1411,9 @@ PHPAPI php_stream *_php_stream_fopen_with_path(const char *filename, const char } filename_length = (int)strlen(filename); +#ifndef PHP_WIN32 + (void) filename_length; +#endif /* Relative path open */ if (*filename == '.' && (IS_SLASH(filename[1]) || filename[1] == '.')) { diff --git a/run-tests.php b/run-tests.php index 9d1a78c1e4..72781e9559 100755 --- a/run-tests.php +++ b/run-tests.php @@ -1125,7 +1125,10 @@ function system_with_timeout($commandline, $env = null, $stdin = null) $stat = proc_get_status($proc); if ($stat['signaled']) { - $data .= "\nTermsig=" . $stat['stopsig']; + $data .= "\nTermsig=" . $stat['stopsig'] . "\n"; + } + if ($stat["exitcode"] > 128 && $stat["exitcode"] < 160) { + $data .= "\nTermsig=" . ($stat["exitcode"] - 128) . "\n"; } $code = proc_close($proc); diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c index 4259ef1554..a0bba17f06 100644 --- a/sapi/cgi/cgi_main.c +++ b/sapi/cgi/cgi_main.c @@ -2414,7 +2414,7 @@ consult the installation file that came with this distribution, or visit \n\ break; case ZEND_HANDLE_MAPPED: if (file_handle.handle.stream.mmap.buf[0] == '#') { - int i = 1; + size_t i = 1; c = file_handle.handle.stream.mmap.buf[i++]; while (c != '\n' && c != '\r' && i < file_handle.handle.stream.mmap.len) { diff --git a/sapi/cgi/fastcgi.c b/sapi/cgi/fastcgi.c index 90123db0fa..bd4821ab62 100644 --- a/sapi/cgi/fastcgi.c +++ b/sapi/cgi/fastcgi.c @@ -774,12 +774,21 @@ static inline ssize_t safe_write(fcgi_request *req, const void *buf, size_t coun size_t n = 0; do { +#ifdef _WIN32 + size_t tmp; +#endif errno = 0; #ifdef _WIN32 + tmp = count - n; + if (!req->tcp) { - ret = write(req->fd, ((char*)buf)+n, count-n); + unsigned int out_len = tmp > UINT_MAX ? UINT_MAX : (unsigned int)tmp; + + ret = write(req->fd, ((char*)buf)+n, out_len); } else { - ret = send(req->fd, ((char*)buf)+n, count-n, 0); + int out_len = tmp > INT_MAX ? INT_MAX : (int)tmp; + + ret = send(req->fd, ((char*)buf)+n, out_len, 0); if (ret <= 0) { errno = WSAGetLastError(); } @@ -802,12 +811,21 @@ static inline ssize_t safe_read(fcgi_request *req, const void *buf, size_t count size_t n = 0; do { +#ifdef _WIN32 + size_t tmp; +#endif errno = 0; #ifdef _WIN32 + tmp = count - n; + if (!req->tcp) { - ret = read(req->fd, ((char*)buf)+n, count-n); + unsigned int in_len = tmp > UINT_MAX ? UINT_MAX : (unsigned int)tmp; + + ret = read(req->fd, ((char*)buf)+n, in_len); } else { - ret = recv(req->fd, ((char*)buf)+n, count-n, 0); + int in_len = tmp > INT_MAX ? INT_MAX : (int)tmp; + + ret = recv(req->fd, ((char*)buf)+n, in_len, 0); if (ret <= 0) { errno = WSAGetLastError(); } @@ -997,7 +1015,7 @@ static int fcgi_read_request(fcgi_request *req) if ((value = zend_hash_str_find(&fcgi_mgmt_vars, q->var, q->var_len)) == NULL) { continue; } - zlen = Z_STRLEN_P(value); + zlen = (unsigned int)Z_STRLEN_P(value); if ((p + 4 + 4 + q->var_len + zlen) >= (buf + sizeof(buf))) { break; } @@ -1022,7 +1040,7 @@ static int fcgi_read_request(fcgi_request *req) memcpy(p, Z_STRVAL_P(value), zlen); p += zlen; } - len = p - buf - sizeof(fcgi_header); + len = (int)(p - buf - sizeof(fcgi_header)); len += fcgi_make_header((fcgi_header*)buf, FCGI_GET_VALUES_RESULT, 0, len); if (safe_write(req, buf, sizeof(fcgi_header)+len) != (int)sizeof(fcgi_header)+len) { req->keep = 0; @@ -1060,9 +1078,9 @@ int fcgi_read(fcgi_request *req, char *str, int len) } if (req->in_len >= rest) { - ret = safe_read(req, str, rest); + ret = (int)safe_read(req, str, rest); } else { - ret = safe_read(req, str, req->in_len); + ret = (int)safe_read(req, str, req->in_len); } if (ret < 0) { req->keep = 0; @@ -1297,7 +1315,7 @@ static inline fcgi_header* open_packet(fcgi_request *req, fcgi_request_type type static inline void close_packet(fcgi_request *req) { if (req->out_hdr) { - int len = req->out_pos - ((unsigned char*)req->out_hdr + sizeof(fcgi_header)); + int len = (int)(req->out_pos - ((unsigned char*)req->out_hdr + sizeof(fcgi_header))); req->out_pos += fcgi_make_header(req->out_hdr, (fcgi_request_type)req->out_hdr->type, req->id, len); req->out_hdr = NULL; @@ -1310,7 +1328,7 @@ int fcgi_flush(fcgi_request *req, int close) close_packet(req); - len = req->out_pos - req->out_buf; + len = (int)(req->out_pos - req->out_buf); if (close) { fcgi_end_request_rec *rec = (fcgi_end_request_rec*)(req->out_pos); @@ -1376,7 +1394,7 @@ int fcgi_write(fcgi_request *req, fcgi_request_type type, const char *str, int l } #else /* Optimized version */ - limit = sizeof(req->out_buf) - (req->out_pos - req->out_buf); + limit = (int)(sizeof(req->out_buf) - (req->out_pos - req->out_buf)); if (!req->out_hdr) { limit -= sizeof(fcgi_header); if (limit < 0) limit = 0; @@ -1483,7 +1501,7 @@ char* fcgi_putenv(fcgi_request *req, char* var, int var_len, char* val) fcgi_hash_del(&req->env, FCGI_HASH_FUNC(var, var_len), var, var_len); return NULL; } else { - return fcgi_hash_set(&req->env, FCGI_HASH_FUNC(var, var_len), var, var_len, val, strlen(val)); + return fcgi_hash_set(&req->env, FCGI_HASH_FUNC(var, var_len), var, var_len, val, (unsigned int)strlen(val)); } } @@ -1493,7 +1511,7 @@ char* fcgi_quick_putenv(fcgi_request *req, char* var, int var_len, unsigned int fcgi_hash_del(&req->env, hash_value, var, var_len); return NULL; } else { - return fcgi_hash_set(&req->env, hash_value, var, var_len, val, strlen(val)); + return fcgi_hash_set(&req->env, hash_value, var, var_len, val, (unsigned int)strlen(val)); } } diff --git a/sapi/fpm/fpm/fpm_request.c b/sapi/fpm/fpm/fpm_request.c index de3caf7daf..1e8016005a 100644 --- a/sapi/fpm/fpm/fpm_request.c +++ b/sapi/fpm/fpm/fpm_request.c @@ -92,7 +92,6 @@ void fpm_request_reading_headers() /* {{{ */ proc->request_method[0] = '\0'; proc->script_filename[0] = '\0'; proc->query_string[0] = '\0'; - proc->query_string[0] = '\0'; proc->auth_user[0] = '\0'; proc->content_length = 0; fpm_scoreboard_proc_release(proc); diff --git a/sapi/phpdbg/phpdbg_prompt.c b/sapi/phpdbg/phpdbg_prompt.c index 198020d365..cb03b1a287 100644 --- a/sapi/phpdbg/phpdbg_prompt.c +++ b/sapi/phpdbg/phpdbg_prompt.c @@ -876,7 +876,7 @@ PHPDBG_COMMAND(sh) /* {{{ */ FILE *fd = NULL; if ((fd=VCWD_POPEN((char*)param->str, "w"))) { /* TODO: do something perhaps ?? do we want input ?? */ - fclose(fd); + pclose(fd); } else { phpdbg_error("sh", "type=\"failure\" smd=\"%s\"", "Failed to execute %s", param->str); } |