[pkgsrc/trunk]: pkgsrc/www/php4 Fix for CVE-2006-1990

[adrianp <adrianp%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/bc5aae2f7088
branches:  trunk
changeset: 516307:bc5aae2f7088
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Tue Jul 18 21:21:19 2006 +0000

description:
Fix for CVE-2006-1990
Fix for CVE-2006-3011
Include our own pear.sh from the tarball but slightly hacked to get around
memory isses on installation.

diffstat:

 www/php4/Makefile         |  15 +++++++++++++--
 www/php4/distinfo         |   4 +++-
 www/php4/files/pear.sh    |  28 ++++++++++++++++++++++++++++
 www/php4/patches/patch-au |  24 ++++++++++++++++++++++++
 www/php4/patches/patch-av |  15 +++++++++++++++
 5 files changed, 83 insertions(+), 3 deletions(-)

diffs (131 lines):

diff -r 7c5ac54e4607 -r bc5aae2f7088 www/php4/Makefile
--- a/www/php4/Makefile Tue Jul 18 21:13:22 2006 +0000
+++ b/www/php4/Makefile Tue Jul 18 21:21:19 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.67 2006/07/07 15:49:34 jlam Exp $
+# $NetBSD: Makefile,v 1.68 2006/07/18 21:21:19 adrianp Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
-PKGREVISION=           2
+PKGREVISION=           3
 CATEGORIES+=           lang
 COMMENT=               HTML-embedded scripting language
 
@@ -50,6 +50,16 @@
 
 USE_TOOLS+=    gzcat
 
+SUBST_CLASSES=         pear
+SUBST_STAGE.pear=      pre-install
+SUBST_FILES.pear=      ${WRKDIR}/pear.sh
+SUBST_SED.pear=                -e "s|@php_bin@|${PREFIX}/bin/php|g"
+SUBST_SED.pear+=       -e "s|@php_dir@|${PREFIX}/lib/php|g"
+SUBST_MESSAGE.pear=    Fixing pear installation script.
+
+post-extract:
+       ${CP} ${FILESDIR}/pear.sh ${WRKDIR}
+
 post-install:
        ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php ${PREFIX}/bin/php
        ${INSTALL_DATA} ${WRKSRC}/sapi/cli/php.1 ${PREFIX}/man/man1/php.1
@@ -59,5 +69,6 @@
        cd ${WRKSRC}; ${INSTALL_DATA} php.ini-dist php.ini-recommended ${EGDIR}
        ${INSTALL_DATA_DIR} ${PREFIX}/share/php
        ${INSTALL_DATA} ${WRKSRC}/php.gif ${PREFIX}/share/php
+       ${INSTALL_SCRIPT} ${WRKDIR}/pear.sh ${PREFIX}/bin/pear
 
 .include "../../mk/bsd.pkg.mk"
diff -r 7c5ac54e4607 -r bc5aae2f7088 www/php4/distinfo
--- a/www/php4/distinfo Tue Jul 18 21:13:22 2006 +0000
+++ b/www/php4/distinfo Tue Jul 18 21:21:19 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.54 2006/05/11 06:50:39 minskim Exp $
+$NetBSD: distinfo,v 1.55 2006/07/18 21:21:19 adrianp Exp $
 
 SHA1 (php-4.4.2.tar.bz2) = 88f2e9efff0add8d8e3034d4ce3a948429b88756
 RMD160 (php-4.4.2.tar.bz2) = cbef0fa4e233529422bc0944dcfb79d866013f5e
@@ -18,3 +18,5 @@
 SHA1 (patch-ar) = 5606c1ec5a7afaeda2e3cc7879cc0caa4f86ca68
 SHA1 (patch-as) = 7987c293d2290aa5e68fba87d0aa759797ace40d
 SHA1 (patch-at) = f8b3aebd61fe2d5b5a994e1d973424a1ed397f63
+SHA1 (patch-au) = b5fa682fa6b03cc91e68db7e7ed6985897a3288f
+SHA1 (patch-av) = fc105360bccbff5a5eae119f24a8aa12b4e08139
diff -r 7c5ac54e4607 -r bc5aae2f7088 www/php4/files/pear.sh
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/php4/files/pear.sh    Tue Jul 18 21:21:19 2006 +0000
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+# first find which PHP binary to use
+if test "x$PHP_PEAR_PHP_BIN" != "x"; then
+  PHP="$PHP_PEAR_PHP_BIN"
+else
+  if test "@php_bin@" = '@'php_bin'@'; then
+    PHP=php 
+  else
+    PHP="@php_bin@"
+  fi
+fi
+
+# then look for the right pear include dir
+if test "x$PHP_PEAR_INSTALL_DIR" != "x"; then
+  INCDIR=$PHP_PEAR_INSTALL_DIR
+  INCARG="-d include_path=$PHP_PEAR_INSTALL_DIR"
+else
+  if test "@php_dir@" = '@'php_dir'@'; then
+    INCDIR=`dirname $0`
+    INCARG=""  
+  else
+    INCDIR="@php_dir@"
+    INCARG="-d include_path=@php_dir@"
+  fi
+fi
+
+exec $PHP -C -q $INCARG -d output_buffering=1 -dmemory_limit=12M $INCDIR/pearcmd.php "$@"
diff -r 7c5ac54e4607 -r bc5aae2f7088 www/php4/patches/patch-au
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/php4/patches/patch-au Tue Jul 18 21:21:19 2006 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-au,v 1.1 2006/07/18 21:21:19 adrianp Exp $
+
+# This is CVE-2006-1990
+
+--- ext/standard/string.c.orig 2006-01-01 13:46:58.000000000 +0000
++++ ext/standard/string.c
+@@ -672,15 +672,13 @@ PHP_FUNCTION(wordwrap)
+               /* Multiple character line break or forced cut */
+               if (linelength > 0) {
+                       chk = (int)(textlen/linelength + 1);
++                      newtext = safe_emalloc(chk, breakcharlen, textlen + 1);
+                       alloced = textlen + chk * breakcharlen + 1;
+               } else {
+                       chk = textlen;
++                      newtext = safe_emalloc(textlen, (breakcharlen + 1), 1);
+                       alloced = textlen * (breakcharlen + 1) + 1;
+               }
+-              if (alloced <= 0) {
+-                      RETURN_FALSE;
+-              }
+-              newtext = emalloc(alloced);
+ 
+               /* now keep track of the actual new text length */
+               newtextlen = 0;
diff -r 7c5ac54e4607 -r bc5aae2f7088 www/php4/patches/patch-av
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/php4/patches/patch-av Tue Jul 18 21:21:19 2006 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-av,v 1.1 2006/07/18 21:21:19 adrianp Exp $
+
+# This is CVE-2006-3011
+
+--- ext/standard/basic_functions.c.orig        2006-01-01 13:46:57.000000000 +0000
++++ ext/standard/basic_functions.c
+@@ -1866,7 +1866,7 @@ PHPAPI int _php_error_log(int opt_err, c
+                       break;
+ 
+               case 3:         /*save to a file */
+-                      stream = php_stream_open_wrapper(opt, "a", IGNORE_URL | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL);
++                      stream = php_stream_open_wrapper(opt, "a", IGNORE_URL_WIN | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL);
+                       if (!stream)
+                               return FAILURE;
+                       php_stream_write(stream, message, strlen(message));