[arch-commits] Commit in php-apc/trunk (CVE-2008-1488.patch apc.ini apc_add.patch)
Pierre Schmitz
pierre at archlinux.org
Thu May 15 19:52:47 UTC 2008
Date: Thursday, May 15, 2008 @ 15:52:46
Author: pierre
Revision: 1748
removing garbage
Deleted:
php-apc/trunk/CVE-2008-1488.patch
php-apc/trunk/apc.ini
php-apc/trunk/apc_add.patch
---------------------+
CVE-2008-1488.patch | 96 ---------------------------
apc.ini | 177 --------------------------------------------------
apc_add.patch | 10 --
3 files changed, 283 deletions(-)
Deleted: CVE-2008-1488.patch
===================================================================
--- CVE-2008-1488.patch 2008-05-15 19:49:56 UTC (rev 1747)
+++ CVE-2008-1488.patch 2008-05-15 19:52:46 UTC (rev 1748)
@@ -1,96 +0,0 @@
---- apc.c 2007/11/29 22:15:53 3.18
-+++ apc.c 2008/03/25 18:04:53 3.18.2.1
-@@ -270,26 +270,13 @@
-
- /* }}} */
-
--/* {{{ filesystem functions */
--
--#ifdef PHP_WIN32
--int apc_win32_stat(const char *path, struct stat *buf TSRMLS_DC)
--{
-- char rpath[MAXPATHLEN];
-- BY_HANDLE_FILE_INFORMATION fi;
-- HANDLE f;
--
-- if (VCWD_STAT(path, buf)) {
-- return -1;
-- }
--
-- VCWD_REALPATH(path, rpath);
-- f = CreateFile(rpath, 0, 0, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS | FILE_ATTRIBUTE_READONLY, NULL);
-- GetFileInformationByHandle(f, &fi);
-- buf->st_ino = (ino_t)fi.nFileIndexLow;
-- CloseHandle (f);
-- return 0;
--}
-+/* similar to php_stream_stat_path */
-+#ifdef ZEND_ENGINE_2
-+#define APC_URL_STAT(wrapper, filename, pstatbuf) \
-+ ((wrapper)->wops->url_stat((wrapper), (filename), 0, (pstatbuf), NULL TSRMLS_CC))
-+#else
-+#define APC_URL_STAT(wrapper, filename, pstatbuf) \
-+ ((wrapper)->wops->url_stat((wrapper), (filename), (pstatbuf) TSRMLS_CC))
- #endif
-
- int apc_search_paths(const char* filename, const char* path, apc_fileinfo_t* fileinfo)
-@@ -299,12 +286,33 @@
- int exec_fname_length;
- int found = 0;
- int i;
-+ php_stream_wrapper *wrapper = NULL;
-+ char *path_for_open = NULL;
-+
- TSRMLS_FETCH();
-
- assert(filename && fileinfo);
-
-- if (IS_ABSOLUTE_PATH(filename, strlen(filename)) && apc_stat(filename, &fileinfo->st_buf) == 0) {
-- strncpy(fileinfo->fullpath, filename, MAXPATHLEN);
-+
-+ wrapper = php_stream_locate_url_wrapper(filename, &path_for_open, 0 TSRMLS_CC);
-+
-+ if(!wrapper || !wrapper->wops || !wrapper->wops->url_stat) {
-+ return -1;
-+ }
-+
-+#ifdef ZEND_ENGINE_2
-+ if(wrapper != &php_plain_files_wrapper) {
-+ if(APC_URL_STAT(wrapper, path_for_open, &fileinfo->st_buf) == 0) {
-+ strncpy(fileinfo->fullpath, path_for_open, MAXPATHLEN);
-+ return 0;
-+ }
-+ return -1; /* cannot stat */
-+ }
-+#endif
-+
-+ if (IS_ABSOLUTE_PATH(path_for_open, strlen(path_for_open)) &&
-+ APC_URL_STAT(wrapper, path_for_open, &fileinfo->st_buf) == 0) {
-+ strncpy(fileinfo->fullpath, path_for_open, MAXPATHLEN);
- return 0;
- }
-
-@@ -314,8 +322,8 @@
-
- /* for each directory in paths, look for filename inside */
- for (i = 0; paths[i]; i++) {
-- snprintf(fileinfo->fullpath, sizeof(fileinfo->fullpath), "%s%c%s", paths[i], DEFAULT_SLASH, filename);
-- if (apc_stat(fileinfo->fullpath, &fileinfo->st_buf) == 0) {
-+ snprintf(fileinfo->fullpath, sizeof(fileinfo->fullpath), "%s%c%s", paths[i], DEFAULT_SLASH, path_for_open);
-+ if (APC_URL_STAT(wrapper, fileinfo->fullpath, &fileinfo->st_buf) == 0) {
- found = 1;
- break;
- }
-@@ -331,9 +339,9 @@
- /* not: [no active file] or no path */
- memcpy(fileinfo->fullpath, exec_fname, exec_fname_length);
- fileinfo->fullpath[exec_fname_length] = DEFAULT_SLASH;
-- strcpy(fileinfo->fullpath +exec_fname_length +1, filename);
-- /* apc_wprint("filename: %s, exec_fname: %s, fileinfo->fullpath: %s", filename, exec_fname, fileinfo->fullpath); */
-- if (apc_stat(fileinfo->fullpath, &fileinfo->st_buf) == 0) {
-+ strlcpy(fileinfo->fullpath +exec_fname_length +1, path_for_open,sizeof(fileinfo->fullpath)-exec_fname_length-1);
-+ /* apc_wprint("filename: %s, exec_fname: %s, fileinfo->fullpath: %s", path_for_open, exec_fname, fileinfo->fullpath); */
-+ if (APC_URL_STAT(wrapper, fileinfo->fullpath, &fileinfo->st_buf) == 0) {
- found = 1;
- }
- }
Deleted: apc.ini
===================================================================
--- apc.ini 2008-05-15 19:49:56 UTC (rev 1747)
+++ apc.ini 2008-05-15 19:52:46 UTC (rev 1748)
@@ -1,177 +0,0 @@
-;extension=apc.so
-
-; This can be set to 0 to disable APC. This is
-; primarily useful when APC is statically compiled
-; into PHP, since there is no other way to disable
-; it (when compiled as a DSO, the zend_extension
-; line can just be commented-out).
-; (Default: 1)
-; apc.enabled
-
-; The number of shared memory segments to allocate
-; for the compiler cache. If APC is running out of
-; shared memory but you have already set
-; apc.shm_size as high as your system allows, you
-; can try raising this value. Setting this to a
-; value other than 1 has no effect in mmap mode
-; since mmap'ed shm segments don't have size limits.
-; (Default: 1)
-; apc.shm_segments
-
-; The size of each shared memory segment in MB.
-; By default, some systems (including most BSD
-; variants) have very low limits on the size of a
-; shared memory segment.
-; (Default: 30)
-; apc.shm_size
-
-; A "hint" about the number of distinct source files
-; that will be included or requested on your web
-; server. Set to zero or omit if you're not sure;
-; this setting is mainly useful for sites that have
-; many thousands of source files.
-; (Default: 1000)
-; apc.num_files_hint
-
-; Just like num_files_hint, a "hint" about the number
-; of distinct user cache variables to store.
-; Set to zero or omit if you're not sure;
-; (Default: 4096)
-; apc.user_entries_hint
-
-; The number of seconds a cache entry is allowed to
-; idle in a slot in case this cache entry slot is
-; needed by another entry. Leaving this at zero
-; means that your cache could potentially fill up
-; with stale entries while newer entries won't be
-; cached.
-; (Default: 0)
-; apc.ttl
-
-; The number of seconds a user cache entry is allowed
-; to idle in a slot in case this cache entry slot is
-; needed by another entry. Leaving this at zero
-; means that your cache could potentially fill up
-; with stale entries while newer entries won't be
-; cached.
-; (Default: 0)
-; apc.user_ttl
-
-; The number of seconds that a cache entry may
-; remain on the garbage-collection list. This value
-; provides a failsafe in the event that a server
-; process dies while executing a cached source file;
-; if that source file is modified, the memory
-; allocated for the old version will not be
-; reclaimed until this TTL reached. Set to zero to
-; disable this feature.
-; (Default: 3600)
-; apc.gc_ttl
-
-; On by default, but can be set to off and used in
-; conjunction with positive apc.filters so that files
-; are only cached if matched by a positive filter.
-; (Default: On)
-; apc.cache_by_default
-
-; A comma-separated list of POSIX extended regular
-; expressions. If any pattern matches the source
-; filename, the file will not be cached. Note that
-; the filename used for matching is the one passed
-; to include/require, not the absolute path. If the
-; first character of the expression is a + then the
-; expression will be additive in the sense that any
-; files matched by the expression will be cached, and
-; if the first character is a - then anything matched
-; will not be cached. The - case is the default, so
-; it can be left off.
-; (Default: "")
-; apc.filters
-
-; If compiled with MMAP support by using --enable-mmap
-; this is the mktemp-style file_mask to pass to the
-; mmap module for determing whether your mmap'ed memory
-; region is going to be file-backed or shared memory
-; backed. For straight file-backed mmap, set it to
-; something like /tmp/apc.XXXXXX (exactly 6 X's).
-; To use POSIX-style shm_open/mmap put a ".shm"
-; somewhere in your mask. eg. "/apc.shm.XXXXXX"
-; You can also set it to "/dev/zero" to use your
-; kernel's /dev/zero interface to anonymous mmap'ed
-; memory. Leaving it undefined will force an
-; anonymous mmap.
-; (Default: "")
-; apc.mmap_file_mask
-
-; When you modify a file on a live web server you really
-; should do so in an atomic manner. That is, write to a
-; temporary file and rename (mv) the file into its permanent
-; position when it is ready. Many text editors, cp, tar and
-; other such programs don't do this. This means that there
-; is a chance that a file is accessed (and cached) while it
-; is still being written to. This file_update_protection
-; setting puts a delay on caching brand new files. The
-; default is 2 seconds which means that if the modification
-; timestamp (mtime) on a file shows that it is less than 2
-; seconds old when it is accessed, it will not be cached.
-; The unfortunate person who accessed this half-written file
-; will still see weirdness, but at least it won't persist.
-; If you are certain you always atomically update your files
-; by using something like rsync which does this correctly, you
-; can turn this protection off by setting it to 0. If you
-; have a system that is flooded with io causing some update
-; procedure to take longer than 2 seconds, you may want to
-; increase this a bit.
-; (Default: 2)
-; apc.file_update_protection
-
-; Mostly for testing and debugging. Setting this enables APC
-; for the CLI version of PHP. Normally you wouldn't want to
-; create, populate and tear down the APC cache on every CLI
-; request, but for various test scenarios it is handy to be
-; able to enable APC for the CLI version of APC easily.
-; (Default: 0)
-; apc.enable_cli
-
-; Prevents large files from being cached.
-; (Default: 1M)
-; apc.max_file_size
-
-; Whether to stat the main script file and the fullpath
-; includes. If you turn this off you will need to restart
-; your server in order to update scripts.
-; (Default: 1)
-; apc.stat
-
-; On busy servers when you first start up the server, or when
-; many files are modified, you can end up with all your processes
-; trying to compile and cache the same files. With write_lock
-; enabled, only one process at a time will try to compile an
-; uncached script while the other processes will run uncached
-; instead of sitting around waiting on a lock.
-; (Default: 1)
-; apc.write_lock
-
-; Logs any scripts that were automatically excluded from being
-; cached due to early/late binding issues.
-; (Default: 0)
-; apc.report_autofilter
-
-; RFC1867 File Upload Progress hook handler is only available
-; if you compiled APC against PHP 5.2.0 or later. When enabled
-; any file uploads which includes a field called
-; APC_UPLOAD_PROGRESS before the file field in an upload form
-; will cause APC to automatically create an upload_<key>
-; user cache entry where <key> is the value of the
-; APC_UPLOAD_PROGRESS form entry.
-
-; Note that the file upload tracking is not threadsafe at this
-; point, so new uploads that happen while a previous one is
-; still going will disable the tracking for the previous.
-; (Default: 0)
-; apc.rfc1867
-
-; Optimize include_once and require_once calls and avoid the
-; expensive system calls used.
-; (Default: 0)
-; apc.include_once_override
\ No newline at end of file
Deleted: apc_add.patch
===================================================================
--- apc_add.patch 2008-05-15 19:49:56 UTC (rev 1747)
+++ apc_add.patch 2008-05-15 19:52:46 UTC (rev 1748)
@@ -1,10 +0,0 @@
---- php_apc.c~ 2007-04-03 01:05:30.000000000 +0200
-+++ php_apc.c 2007-06-29 19:15:51.000000000 +0200
-@@ -914,6 +914,7 @@
-
- /* {{{ apc_functions[] */
- function_entry apc_functions[] = {
-+ PHP_FE(apc_add, NULL)
- PHP_FE(apc_cache_info, NULL)
- PHP_FE(apc_clear_cache, NULL)
- PHP_FE(apc_sma_info, NULL)
More information about the arch-commits
mailing list