[arch-commits] Commit in php-apc/trunk (CVE-2008-1488.patch apc.ini apc_add.patch)

Pierre Schmitz pierre at archlinux.org
Thu May 15 15:52:47 EDT 2008


    Date: Thursday, May 15, 2008 @ 15:52:46
  Author: pierre
Revision: 1748

removing garbage

Deleted:
  php-apc/trunk/CVE-2008-1488.patch
  php-apc/trunk/apc.ini
  php-apc/trunk/apc_add.patch

---------------------+
 CVE-2008-1488.patch |   96 ---------------------------
 apc.ini             |  177 --------------------------------------------------
 apc_add.patch       |   10 --
 3 files changed, 283 deletions(-)

Deleted: CVE-2008-1488.patch
===================================================================
--- CVE-2008-1488.patch	2008-05-15 19:49:56 UTC (rev 1747)
+++ CVE-2008-1488.patch	2008-05-15 19:52:46 UTC (rev 1748)
@@ -1,96 +0,0 @@
---- apc.c	2007/11/29 22:15:53	3.18
-+++ apc.c	2008/03/25 18:04:53	3.18.2.1
-@@ -270,26 +270,13 @@
- 
- /* }}} */
- 
--/* {{{ filesystem functions */
--
--#ifdef PHP_WIN32
--int apc_win32_stat(const char *path, struct stat *buf TSRMLS_DC)
--{
--    char rpath[MAXPATHLEN];
--    BY_HANDLE_FILE_INFORMATION fi;
--    HANDLE f;
--    
--    if (VCWD_STAT(path, buf)) {
--        return -1;
--    }
--
--    VCWD_REALPATH(path, rpath);
--    f = CreateFile(rpath, 0, 0, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS | FILE_ATTRIBUTE_READONLY, NULL);
--    GetFileInformationByHandle(f, &fi);
--    buf->st_ino = (ino_t)fi.nFileIndexLow;
--    CloseHandle (f);
--    return 0;
--}
-+/* similar to php_stream_stat_path */
-+#ifdef ZEND_ENGINE_2
-+#define APC_URL_STAT(wrapper, filename, pstatbuf) \
-+    ((wrapper)->wops->url_stat((wrapper), (filename), 0, (pstatbuf), NULL TSRMLS_CC))
-+#else
-+#define APC_URL_STAT(wrapper, filename, pstatbuf) \
-+    ((wrapper)->wops->url_stat((wrapper), (filename), (pstatbuf) TSRMLS_CC))
- #endif
- 
- int apc_search_paths(const char* filename, const char* path, apc_fileinfo_t* fileinfo)
-@@ -299,12 +286,33 @@
-     int exec_fname_length;
-     int found = 0;
-     int i;
-+    php_stream_wrapper *wrapper = NULL;
-+    char *path_for_open = NULL;
-+
-     TSRMLS_FETCH();
- 
-     assert(filename && fileinfo);
- 
--    if (IS_ABSOLUTE_PATH(filename, strlen(filename)) && apc_stat(filename, &fileinfo->st_buf) == 0) {
--        strncpy(fileinfo->fullpath, filename, MAXPATHLEN);
-+
-+    wrapper = php_stream_locate_url_wrapper(filename, &path_for_open, 0 TSRMLS_CC);
-+
-+    if(!wrapper || !wrapper->wops || !wrapper->wops->url_stat) {
-+        return -1;
-+    }
-+
-+#ifdef ZEND_ENGINE_2
-+    if(wrapper != &php_plain_files_wrapper) {
-+        if(APC_URL_STAT(wrapper, path_for_open, &fileinfo->st_buf) == 0) {
-+            strncpy(fileinfo->fullpath, path_for_open, MAXPATHLEN);
-+            return 0;
-+        }
-+		return -1; /* cannot stat */
-+    }
-+#endif
-+
-+    if (IS_ABSOLUTE_PATH(path_for_open, strlen(path_for_open)) && 
-+            APC_URL_STAT(wrapper, path_for_open, &fileinfo->st_buf) == 0) {
-+        strncpy(fileinfo->fullpath, path_for_open, MAXPATHLEN);
-         return 0;
-     }
- 
-@@ -314,8 +322,8 @@
- 
-     /* for each directory in paths, look for filename inside */
-     for (i = 0; paths[i]; i++) {
--        snprintf(fileinfo->fullpath, sizeof(fileinfo->fullpath), "%s%c%s", paths[i], DEFAULT_SLASH, filename);
--        if (apc_stat(fileinfo->fullpath, &fileinfo->st_buf) == 0) {
-+        snprintf(fileinfo->fullpath, sizeof(fileinfo->fullpath), "%s%c%s", paths[i], DEFAULT_SLASH, path_for_open);
-+        if (APC_URL_STAT(wrapper, fileinfo->fullpath, &fileinfo->st_buf) == 0) {
-             found = 1;
-             break;
-         }
-@@ -331,9 +339,9 @@
-             /* not: [no active file] or no path */
-             memcpy(fileinfo->fullpath, exec_fname, exec_fname_length);
-             fileinfo->fullpath[exec_fname_length] = DEFAULT_SLASH;
--            strcpy(fileinfo->fullpath +exec_fname_length +1, filename);
--            /* apc_wprint("filename: %s, exec_fname: %s, fileinfo->fullpath: %s", filename, exec_fname, fileinfo->fullpath); */
--            if (apc_stat(fileinfo->fullpath, &fileinfo->st_buf) == 0) {
-+            strlcpy(fileinfo->fullpath +exec_fname_length +1, path_for_open,sizeof(fileinfo->fullpath)-exec_fname_length-1);
-+            /* apc_wprint("filename: %s, exec_fname: %s, fileinfo->fullpath: %s", path_for_open, exec_fname, fileinfo->fullpath); */
-+            if (APC_URL_STAT(wrapper, fileinfo->fullpath, &fileinfo->st_buf) == 0) {
-                 found = 1;
-             }
-         }

Deleted: apc.ini
===================================================================
--- apc.ini	2008-05-15 19:49:56 UTC (rev 1747)
+++ apc.ini	2008-05-15 19:52:46 UTC (rev 1748)
@@ -1,177 +0,0 @@
-;extension=apc.so
-
-; This can be set to 0 to disable APC. This is
-; primarily useful when APC is statically compiled
-; into PHP, since there is no other way to disable
-; it (when compiled as a DSO, the zend_extension
-; line can just be commented-out).
-; (Default: 1)
-; apc.enabled
-
-; The number of shared memory segments to allocate
-; for the compiler cache. If APC is running out of
-; shared memory but you have already set
-; apc.shm_size as high as your system allows, you
-; can try raising this value.  Setting this to a
-; value other than 1 has no effect in mmap mode
-; since mmap'ed shm segments don't have size limits.
-; (Default: 1)
-; apc.shm_segments
-
-; The size of each shared memory segment in MB.
-; By default, some systems (including most BSD
-; variants) have very low limits on the size of a
-; shared memory segment.
-; (Default: 30)
-; apc.shm_size
-
-; A "hint" about the number of distinct source files
-; that will be included or requested on your web
-; server. Set to zero or omit if you're not sure;
-; this setting is mainly useful for sites that have
-; many thousands of source files.
-; (Default: 1000)
-; apc.num_files_hint
-
-; Just like num_files_hint, a "hint" about the number
-; of distinct user cache variables to store. 
-; Set to zero or omit if you're not sure;
-; (Default: 4096)
-; apc.user_entries_hint
-
-; The number of seconds a cache entry is allowed to
-; idle in a slot in case this cache entry slot is 
-; needed by another entry.  Leaving this at zero
-; means that your cache could potentially fill up
-; with stale entries while newer entries won't be
-; cached.  
-; (Default: 0)
-; apc.ttl
-
-; The number of seconds a user cache entry is allowed 
-; to idle in a slot in case this cache entry slot is 
-; needed by another entry.  Leaving this at zero
-; means that your cache could potentially fill up
-; with stale entries while newer entries won't be
-; cached.  
-; (Default: 0)
-; apc.user_ttl 
-
-; The number of seconds that a cache entry may
-; remain on the garbage-collection list. This value
-; provides a failsafe in the event that a server
-; process dies while executing a cached source file;
-; if that source file is modified, the memory
-; allocated for the old version will not be
-; reclaimed until this TTL reached. Set to zero to
-; disable this feature.
-; (Default: 3600)
-; apc.gc_ttl
-
-; On by default, but can be set to off and used in
-; conjunction with positive apc.filters so that files
-; are only cached if matched by a positive filter.
-; (Default: On)
-; apc.cache_by_default
-
-; A comma-separated list of POSIX extended regular
-; expressions. If any pattern matches the source
-; filename, the file will not be cached. Note that
-; the filename used for matching is the one passed
-; to include/require, not the absolute path.  If the
-; first character of the expression is a + then the
-; expression will be additive in the sense that any
-; files matched by the expression will be cached, and
-; if the first character is a - then anything matched
-; will not be cached.  The - case is the default, so
-; it can be left off.
-; (Default: "")
-; apc.filters
-
-; If compiled with MMAP support by using --enable-mmap
-; this is the mktemp-style file_mask to pass to the
-; mmap module for determing whether your mmap'ed memory
-; region is going to be file-backed or shared memory
-; backed.  For straight file-backed mmap, set it to
-; something like /tmp/apc.XXXXXX (exactly 6 X's).
-; To use POSIX-style shm_open/mmap put a ".shm"
-; somewhere in your mask.  eg.  "/apc.shm.XXXXXX"
-; You can also set it to "/dev/zero" to use your 
-; kernel's /dev/zero interface to anonymous mmap'ed 
-; memory.  Leaving it undefined will force an 
-; anonymous mmap.
-; (Default: "")
-; apc.mmap_file_mask
-
-; When you modify a file on a live web server you really
-; should do so in an atomic manner.  That is, write to a
-; temporary file and rename (mv) the file into its permanent
-; position when it is ready.  Many text editors, cp, tar and
-; other such programs don't do this.  This means that there
-; is a chance that a file is accessed (and cached) while it
-; is still being written to.  This file_update_protection
-; setting puts a delay on caching brand new files.  The
-; default is 2 seconds which means that if the modification
-; timestamp (mtime) on a file shows that it is less than 2
-; seconds old when it is accessed, it will not be cached.  
-; The unfortunate person who accessed this half-written file
-; will still see weirdness, but at least it won't persist.
-; If you are certain you always atomically update your files
-; by using something like rsync which does this correctly, you
-; can turn this protection off by setting it to 0.  If you
-; have a system that is flooded with io causing some update
-; procedure to take longer than 2 seconds, you may want to
-; increase this a bit.
-; (Default: 2)
-; apc.file_update_protection
-
-; Mostly for testing and debugging.  Setting this enables APC
-; for the CLI version of PHP.  Normally you wouldn't want to
-; create, populate and tear down the APC cache on every CLI
-; request, but for various test scenarios it is handy to be
-; able to enable APC for the CLI version of APC easily.
-; (Default: 0)
-; apc.enable_cli
-
-; Prevents large files from being cached.  
-; (Default: 1M)
-; apc.max_file_size
-
-; Whether to stat the main script file and the fullpath
-; includes.  If you turn this off you will need to restart
-; your server in order to update scripts.
-; (Default: 1)
-; apc.stat
-
-; On busy servers when you first start up the server, or when
-; many files are modified, you can end up with all your processes
-; trying to compile and cache the same files.  With write_lock 
-; enabled, only one process at a time will try to compile an
-; uncached script while the other processes will run uncached
-; instead of sitting around waiting on a lock.
-; (Default: 1)
-; apc.write_lock
-
-; Logs any scripts that were automatically excluded from being
-; cached due to early/late binding issues.
-; (Default: 0)
-; apc.report_autofilter
-
-; RFC1867 File Upload Progress hook handler is only available
-; if you compiled APC against PHP 5.2.0 or later.  When enabled
-; any file uploads which includes a field called 
-; APC_UPLOAD_PROGRESS before the file field in an upload form
-; will cause APC to automatically create an upload_<key>
-; user cache entry where <key> is the value of the 
-; APC_UPLOAD_PROGRESS form entry.
-
-; Note that the file upload tracking is not threadsafe at this
-; point, so new uploads that happen while a previous one is 
-; still going will disable the tracking for the previous.
-; (Default: 0)
-; apc.rfc1867
-
-; Optimize include_once and require_once calls and avoid the 
-; expensive system calls used.
-; (Default: 0)
-; apc.include_once_override
\ No newline at end of file

Deleted: apc_add.patch
===================================================================
--- apc_add.patch	2008-05-15 19:49:56 UTC (rev 1747)
+++ apc_add.patch	2008-05-15 19:52:46 UTC (rev 1748)
@@ -1,10 +0,0 @@
---- php_apc.c~	2007-04-03 01:05:30.000000000 +0200
-+++ php_apc.c	2007-06-29 19:15:51.000000000 +0200
-@@ -914,6 +914,7 @@
- 
- /* {{{ apc_functions[] */
- function_entry apc_functions[] = {
-+	PHP_FE(apc_add,                 NULL)
- 	PHP_FE(apc_cache_info,          NULL)
- 	PHP_FE(apc_clear_cache,         NULL)
- 	PHP_FE(apc_sma_info,            NULL)





More information about the arch-commits mailing list