[pkgsrc/trunk]: pkgsrc/lang/php5 - Add patches to fix CVE-2007-3806 referring...

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/5bab4b123266
branches:  trunk
changeset: 531505:5bab4b123266
user:      taca <taca%pkgsrc.org@localhost>
date:      Wed Aug 01 01:40:07 2007 +0000

description:
- Add patches to fix CVE-2007-3806 referring CVS repository.
- Fix compile problem on NetBSD with mremap(2).

Bump PKGREVISION.

diffstat:

 lang/php5/Makefile         |   4 ++--
 lang/php5/distinfo         |   4 +++-
 lang/php5/patches/patch-ad |  18 ++++++++++++++++++
 lang/php5/patches/patch-ae |  14 ++++++++++++++
 4 files changed, 37 insertions(+), 3 deletions(-)

diffs (69 lines):

diff -r 0a7893a49641 -r 5bab4b123266 lang/php5/Makefile
--- a/lang/php5/Makefile        Wed Aug 01 00:55:48 2007 +0000
+++ b/lang/php5/Makefile        Wed Aug 01 01:40:07 2007 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.55 2007/06/11 17:45:30 heinz Exp $
+# $NetBSD: Makefile,v 1.56 2007/08/01 01:40:07 taca Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
-PKGREVISION=           2
+PKGREVISION=           3
 CATEGORIES=            lang
 
 HOMEPAGE=              http://www.php.net/
diff -r 0a7893a49641 -r 5bab4b123266 lang/php5/distinfo
--- a/lang/php5/distinfo        Wed Aug 01 00:55:48 2007 +0000
+++ b/lang/php5/distinfo        Wed Aug 01 01:40:07 2007 +0000
@@ -1,9 +1,11 @@
-$NetBSD: distinfo,v 1.44 2007/06/11 17:45:30 heinz Exp $
+$NetBSD: distinfo,v 1.45 2007/08/01 01:40:07 taca Exp $
 
 SHA1 (php-5.2.3/php-5.2.3.tar.bz2) = 0a02e05e1c663c0d4ee0b253917c0e140e606261
 RMD160 (php-5.2.3/php-5.2.3.tar.bz2) = 3c895cf7e513e5a3d7d9f742a9d56102cbb3a79b
 Size (php-5.2.3/php-5.2.3.tar.bz2) = 7417635 bytes
 SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
+SHA1 (patch-ad) = b324c33b1e70adee5b89dcecdd7690dcadcc18ec
+SHA1 (patch-ae) = b137b8527c42ed73dd3589a9e7cbc4a47267f21c
 SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e
 SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587
 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc
diff -r 0a7893a49641 -r 5bab4b123266 lang/php5/patches/patch-ad
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-ad        Wed Aug 01 01:40:07 2007 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-ad,v 1.1 2007/08/01 01:40:08 taca Exp $
+
+Adapt NetBSD's remap(2).
+
+--- Zend/zend_alloc.c.orig     2007-05-28 19:07:50.000000000 +0900
++++ Zend/zend_alloc.c
+@@ -148,7 +148,11 @@ static zend_mm_segment* zend_mm_mem_mmap
+ {
+       zend_mm_segment *ret;
+ #ifdef HAVE_MREMAP
++#if defined(__NetBSD__)
++      ret = (zend_mm_segment*)mremap(segment, segment->size, segment, size, MREMAP_MAYMOVE);
++#else
+       ret = (zend_mm_segment*)mremap(segment, segment->size, size, MREMAP_MAYMOVE);
++#endif
+       if (ret == MAP_FAILED) {
+ #endif
+               ret = storage->handlers->_alloc(storage, size);
diff -r 0a7893a49641 -r 5bab4b123266 lang/php5/patches/patch-ae
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-ae        Wed Aug 01 01:40:07 2007 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-ae,v 1.1 2007/08/01 01:40:08 taca Exp $
+
+Fix for CVE-2007-3806.
+
+--- ext/standard/dir.c.orig    2007-02-25 02:16:23.000000000 +0900
++++ ext/standard/dir.c
+@@ -395,6 +395,7 @@ PHP_FUNCTION(glob)
+       } 
+ #endif
+ 
++      memset(&globbuf, 0, sizeof(glob_t));
+       globbuf.gl_offs = 0;
+       if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) {
+ #ifdef GLOB_NOMATCH