Update pear pacakge to 1.9.3.
* Include XML_Util 1.2.1 which should be included from 1.9.0. Release date: 2011-06-04 23:46 UTC Release state: stable Changelog: * Fixed Bug #17744: Empty changelog causes fatal error in setChangelogentry [dufuz] * Fixed Bug #18340: raiseErro typo [doconnor] * Fixed Bug #18349: package.xml version not recognized when single quoted [dufuz] * Fixed Bug #18364: date.timezone errors for sh/bat files when TZ is not set in php.ini [dufuz] * Fixed Bug #18388: Parenteses error in REST.php line 232 [dufuz] * Fixed Bug #18428: invalid preg_match patterns [glen] * Fixed Bug #18486: REST/10.php does not check error condition [dufuz] * Fixed a problem in RunTest and code coverage. Correctly register the code coverage shutdown function in case we are inside a namespace. [sebastian] * Fixed a bug with extensions not providing their config.m4 and co in the root directory of their pecl package but rather in a sub directory, such as xhprof. [dufuz]
This commit is contained in:
parent
750deaec33
commit
8870f87223
5 changed files with 44 additions and 157 deletions
|
@ -1,9 +1,8 @@
|
|||
# $NetBSD: Makefile,v 1.17 2011/05/16 13:05:01 taca Exp $
|
||||
# $NetBSD: Makefile,v 1.18 2011/06/19 15:40:21 taca Exp $
|
||||
#
|
||||
|
||||
DISTNAME= PEAR-1.9.2
|
||||
DISTNAME= PEAR-1.9.3
|
||||
PKGNAME= ${PHP_PKG_PREFIX}-${DISTNAME:S/PEAR/pear/}
|
||||
PKGREVISION= 2
|
||||
CATEGORIES= lang
|
||||
MASTER_SITES= http://download.pear.php.net/package/
|
||||
EXTRACT_SUFX= .tgz
|
||||
|
@ -46,6 +45,11 @@ EXTRACT_ONLY+= ${CONSOLE_SRCS}
|
|||
|
||||
STRUCTURES_SRCS= Structures_Graph-1.0.4${EXTRACT_SUFX}
|
||||
DISTFILES+= ${STRUCTURES_SRCS}
|
||||
|
||||
XMLUTIL_SRCS= XML_Util-1.2.1${EXTRACT_SUFX}
|
||||
XMLUTIL_WRKSRC= ${WRKDIR}/${XMLUTIL_SRCS:S/${EXTRACT_SUFX}//}
|
||||
DISTFILES+= ${XMLUTIL_SRCS}
|
||||
EXTRACT_ONLY+= ${XMLUTIL_SRCS}
|
||||
#
|
||||
# end of base components
|
||||
|
||||
|
@ -76,6 +80,8 @@ do-build:
|
|||
${BUNDLE}/${PEAR_SRCS:S/${EXTRACT_SUFX}/.tar/}
|
||||
${GZCAT} ${DISTDIR}/${STRUCTURES_SRCS} > \
|
||||
${BUNDLE}/${STRUCTURES_SRCS:S/${EXTRACT_SUFX}/.tar/}
|
||||
${GZCAT} ${DISTDIR}/${XMLUTIL_SRCS} > \
|
||||
${BUNDLE}/${XMLUTIL_SRCS:S/${EXTRACT_SUFX}/.tar/}
|
||||
|
||||
${CP} ${ARCHIVE_WRKSRC}/Archive/Tar.php ${BUNDLE}
|
||||
${CP} ${CONSOLE_WRKSRC}/Console/Getopt.php ${BUNDLE}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST,v 1.5 2009/10/29 08:29:03 seb Exp $
|
||||
@comment $NetBSD: PLIST,v 1.6 2011/06/19 15:40:21 taca Exp $
|
||||
bin/pear
|
||||
bin/peardev
|
||||
bin/pecl
|
||||
|
@ -17,6 +17,7 @@ lib/php/.registry/archive_tar.reg
|
|||
lib/php/.registry/console_getopt.reg
|
||||
lib/php/.registry/pear.reg
|
||||
lib/php/.registry/structures_graph.reg
|
||||
lib/php/.registry/xml_util.reg
|
||||
lib/php/Archive/Tar.php
|
||||
lib/php/Console/Getopt.php
|
||||
lib/php/OS/Guess.php
|
||||
|
@ -115,6 +116,7 @@ lib/php/Structures/Graph/Manipulator/AcyclicTest.php
|
|||
lib/php/Structures/Graph/Manipulator/TopologicalSorter.php
|
||||
lib/php/Structures/Graph/Node.php
|
||||
lib/php/System.php
|
||||
lib/php/XML/Util.php
|
||||
lib/php/data/PEAR/package.dtd
|
||||
lib/php/data/PEAR/template.spec
|
||||
lib/php/data/Structures_Graph/LICENSE
|
||||
|
@ -143,10 +145,31 @@ lib/php/doc/Structures_Graph/docs/html/media/stylesheet.css
|
|||
lib/php/doc/Structures_Graph/docs/html/packages.html
|
||||
lib/php/doc/Structures_Graph/docs/html/todolist.html
|
||||
lib/php/doc/Structures_Graph/docs/tutorials/Structures_Graph/Structures_Graph.pkg
|
||||
lib/php/doc/XML_Util/examples/example.php
|
||||
lib/php/doc/XML_Util/examples/example2.php
|
||||
lib/php/pearcmd.php
|
||||
lib/php/peclcmd.php
|
||||
lib/php/test/Structures_Graph/tests/AllTests.php
|
||||
lib/php/test/Structures_Graph/tests/testCase/BasicGraph.php
|
||||
lib/php/test/XML_Util/tests/AllTests.php
|
||||
lib/php/test/XML_Util/tests/testBasic_apiVersion.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_attributesToString.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_collapseEmptyTags.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_createCDataSection.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_createComment.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_createEndElement.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_createStartElement.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_createTag.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_createTagFromArray.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_getDocTypeDeclaration.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_getXmlDeclaration.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_isValidName.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_raiseError.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_replaceEntities.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_reverseEntities.phpt
|
||||
lib/php/test/XML_Util/tests/testBasic_splitQualifiedName.phpt
|
||||
lib/php/test/XML_Util/tests/testBug_4950.phpt
|
||||
lib/php/test/XML_Util/tests/testBug_5392.phpt
|
||||
share/examples/pear/pear.conf
|
||||
@pkgdir lib/php/.registry/.channel.pecl.php.net
|
||||
@pkgdir lib/php/.registry/.channel.doc.php.net
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: distinfo,v 1.9 2011/05/16 13:05:01 taca Exp $
|
||||
$NetBSD: distinfo,v 1.10 2011/06/19 15:40:21 taca Exp $
|
||||
|
||||
SHA1 (Archive_Tar-1.3.7.tgz) = 5b35a8c3bfa34ba8b29c5208f8f37504d0ce280c
|
||||
RMD160 (Archive_Tar-1.3.7.tgz) = 0b018556bf4d916440e0e661e714986edd728de2
|
||||
|
@ -6,11 +6,13 @@ Size (Archive_Tar-1.3.7.tgz) = 17610 bytes
|
|||
SHA1 (Console_Getopt-1.3.1.tgz) = 8f9ac495728ee9ba87edd109c3946f11ee72bc08
|
||||
RMD160 (Console_Getopt-1.3.1.tgz) = aae10ad272bf2a66bc80d899f60cb8e630f90d16
|
||||
Size (Console_Getopt-1.3.1.tgz) = 4471 bytes
|
||||
SHA1 (PEAR-1.9.2.tgz) = 1dda2c7c1c87532f6a45a54b98521a2e9efa02b3
|
||||
RMD160 (PEAR-1.9.2.tgz) = f12b6a0a4600b0b227a88687c124b515621ca803
|
||||
Size (PEAR-1.9.2.tgz) = 295120 bytes
|
||||
SHA1 (PEAR-1.9.3.tgz) = c214bb9d5e1fb9e3c5b99d2af9ae9501ccd55206
|
||||
RMD160 (PEAR-1.9.3.tgz) = eb227ec284d63e9df3d78863d2b9cf2952befe93
|
||||
Size (PEAR-1.9.3.tgz) = 295774 bytes
|
||||
SHA1 (Structures_Graph-1.0.4.tgz) = 00f5c2aefad0c3f6490e5ca95da87828e64ebc57
|
||||
RMD160 (Structures_Graph-1.0.4.tgz) = d236ddff4a31cafa6fa750b4ec4a0849c48ad3f6
|
||||
Size (Structures_Graph-1.0.4.tgz) = 30318 bytes
|
||||
SHA1 (patch-PEAR_REST.php) = 996afa4ed9ca2d041dab2cb5dbf4bfdeb3fc9ec6
|
||||
SHA1 (XML_Util-1.2.1.tgz) = 8072216577fb9ad684f15e0388ab0b1c0b57e2d4
|
||||
RMD160 (XML_Util-1.2.1.tgz) = 9d9dd43889312f46f39c9a43a800a8f2d8f6e9b2
|
||||
Size (XML_Util-1.2.1.tgz) = 17729 bytes
|
||||
SHA1 (patch-aa) = 6de18a37aa927f7c84f31bdad9ce7f813ea3ee4e
|
||||
|
|
|
@ -35,7 +35,7 @@
|
|||
* @author Tias Guns <tias@ulyssis.org>
|
||||
*/
|
||||
|
||||
/* $NetBSD: go-pear.php,v 1.2 2009/10/29 08:29:03 seb Exp $ */
|
||||
/* $NetBSD: go-pear.php,v 1.3 2011/06/19 15:40:21 taca Exp $ */
|
||||
|
||||
$sapi_name = php_sapi_name();
|
||||
|
||||
|
@ -113,7 +113,8 @@ $bootstrap_files = array(
|
|||
|
||||
$bootstrap_pkgs = array( // uses URL like http://pear.php.net/get/%s
|
||||
'PEAR',
|
||||
'Structures_Graph'
|
||||
'Structures_Graph',
|
||||
'XML_Util',
|
||||
);
|
||||
|
||||
$installer_packages = array(
|
||||
|
@ -121,6 +122,7 @@ $installer_packages = array(
|
|||
'Structures_Graph-stable',
|
||||
'Archive_Tar-stable',
|
||||
'Console_Getopt-stable',
|
||||
'XML_Util-stable',
|
||||
);
|
||||
|
||||
$pfc_packages = array(
|
||||
|
|
|
@ -1,146 +0,0 @@
|
|||
$NetBSD: patch-PEAR_REST.php,v 1.1 2011/05/16 13:05:01 taca Exp $
|
||||
|
||||
* Update to r309592 in PEAR's repository, fixing CVE-2011-1144.
|
||||
|
||||
--- PEAR/REST.php.orig 2011-02-28 17:48:36.000000000 +0000
|
||||
+++ PEAR/REST.php
|
||||
@@ -102,7 +102,7 @@ class PEAR_REST
|
||||
// reset the age of the cache if the server says it was unmodified
|
||||
$result = $this->saveCache($url, $ret, null, true, $cacheId);
|
||||
if (PEAR::isError($result)) {
|
||||
- return PEAR::raiseErro($result->getMessage());
|
||||
+ return PEAR::raiseError($result->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -122,7 +122,7 @@ class PEAR_REST
|
||||
if ($forcestring) {
|
||||
$result = $this->saveCache($url, $content, $lastmodified, false, $cacheId);
|
||||
if (PEAR::isError($result)) {
|
||||
- return PEAR::raiseErro($result->getMessage());
|
||||
+ return PEAR::raiseError($result->getMessage());
|
||||
}
|
||||
|
||||
return $content;
|
||||
@@ -162,7 +162,7 @@ class PEAR_REST
|
||||
|
||||
$result = $this->saveCache($url, $content, $lastmodified, false, $cacheId);
|
||||
if (PEAR::isError($result)) {
|
||||
- return PEAR::raiseErro($result->getMessage());
|
||||
+ return PEAR::raiseError($result->getMessage());
|
||||
}
|
||||
|
||||
return $content;
|
||||
@@ -228,59 +228,75 @@ class PEAR_REST
|
||||
$cacheidfile = $d . 'rest.cacheid';
|
||||
$cachefile = $d . 'rest.cachefile';
|
||||
|
||||
+ if (!is_dir($cache_dir)) {
|
||||
+ if (System::mkdir(array('-p', $cache_dir)) === false) {
|
||||
+ return PEAR::raiseError("The value of config option cache_dir ($cache_dir) is not a directory and attempts to create the directory failed.");
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
if ($cacheid === null && $nochange) {
|
||||
$cacheid = unserialize(implode('', file($cacheidfile)));
|
||||
}
|
||||
|
||||
- if (is_link($cacheidfile)) {
|
||||
- return PEAR::raiseError('SECURITY ERROR: Will not write to ' . $cacheidfile . ' as it is symlinked to ' . readlink($cacheidfile) . ' - Possible symlink attack');
|
||||
- }
|
||||
+ $idData = serialize(array(
|
||||
+ 'age' => time(),
|
||||
+ 'lastChange' => ($nochange ? $cacheid['lastChange'] : $lastmodified),
|
||||
+ ));
|
||||
|
||||
- if (is_link($cachefile)) {
|
||||
- return PEAR::raiseError('SECURITY ERROR: Will not write to ' . $cacheidfile . ' as it is symlinked to ' . readlink($cacheidfile) . ' - Possible symlink attack');
|
||||
+ $result = $this->saveCacheFile($cacheidfile, $idData);
|
||||
+ if (PEAR::isError($result)) {
|
||||
+ return $result;
|
||||
+ } elseif ($nochange) {
|
||||
+ return true;
|
||||
}
|
||||
|
||||
- $cacheidfile_fp = @fopen($cacheidfile, 'wb');
|
||||
- if (!$cacheidfile_fp) {
|
||||
- if (is_dir($cache_dir)) {
|
||||
- return PEAR::raiseError("The value of config option cache_dir ($cache_dir) is not a directory. ");
|
||||
+ $result = $this->saveCacheFile($cachefile, serialize($contents));
|
||||
+ if (PEAR::isError($result)) {
|
||||
+ if (file_exists($cacheidfile)) {
|
||||
+ @unlink($cacheidfile);
|
||||
}
|
||||
|
||||
- System::mkdir(array('-p', $cache_dir));
|
||||
- $cacheidfile_fp = @fopen($cacheidfile, 'wb');
|
||||
- if (!$cacheidfile_fp) {
|
||||
- return PEAR::raiseError("Could not open $cacheidfile for writing.");
|
||||
- }
|
||||
+ return $result;
|
||||
}
|
||||
|
||||
- if ($nochange) {
|
||||
- fwrite($cacheidfile_fp, serialize(array(
|
||||
- 'age' => time(),
|
||||
- 'lastChange' => $cacheid['lastChange'],
|
||||
- ))
|
||||
- );
|
||||
-
|
||||
- fclose($cacheidfile_fp);
|
||||
- return true;
|
||||
- }
|
||||
+ return true;
|
||||
+ }
|
||||
|
||||
- fwrite($cacheidfile_fp, serialize(array(
|
||||
- 'age' => time(),
|
||||
- 'lastChange' => $lastmodified,
|
||||
- ))
|
||||
- );
|
||||
- fclose($cacheidfile_fp);
|
||||
+ function saveCacheFile($file, $contents)
|
||||
+ {
|
||||
+ $len = strlen($contents);
|
||||
|
||||
- $cachefile_fp = @fopen($cachefile, 'wb');
|
||||
- if (!$cachefile_fp) {
|
||||
- if (file_exists($cacheidfile)) {
|
||||
- @unlink($cacheidfile);
|
||||
+ $cachefile_fp = @fopen($file, 'xb'); // x is the O_CREAT|O_EXCL mode
|
||||
+ if ($cachefile_fp !== false) { // create file
|
||||
+ if (fwrite($cachefile_fp, $contents, $len) < $len) {
|
||||
+ fclose($cachefile_fp);
|
||||
+ return PEAR::raiseError("Could not write $file.");
|
||||
+ }
|
||||
+ } else { // update file
|
||||
+ $cachefile_lstat = lstat($file);
|
||||
+ $cachefile_fp = @fopen($file, 'wb');
|
||||
+ if (!$cachefile_fp) {
|
||||
+ return PEAR::raiseError("Could not open $file for writing.");
|
||||
+ }
|
||||
+
|
||||
+ $cachefile_fstat = fstat($cachefile_fp);
|
||||
+ if (
|
||||
+ $cachefile_lstat['mode'] == $cachefile_fstat['mode'] &&
|
||||
+ $cachefile_lstat['ino'] == $cachefile_fstat['ino'] &&
|
||||
+ $cachefile_lstat['dev'] == $cachefile_fstat['dev'] &&
|
||||
+ $cachefile_fstat['nlink'] === 1
|
||||
+ ) {
|
||||
+ if (fwrite($cachefile_fp, $contents, $len) < $len) {
|
||||
+ fclose($cachefile_fp);
|
||||
+ return PEAR::raiseError("Could not write $file.");
|
||||
+ }
|
||||
+ } else {
|
||||
+ fclose($cachefile_fp);
|
||||
+ $link = function_exists('readlink') ? readlink($file) : $file;
|
||||
+ return PEAR::raiseError('SECURITY ERROR: Will not write to ' . $file . ' as it is symlinked to ' . $link . ' - Possible symlink attack');
|
||||
}
|
||||
-
|
||||
- return PEAR::raiseError("Could not open $cacheidfile for writing.");
|
||||
}
|
||||
|
||||
- fwrite($cachefile_fp, serialize($contents));
|
||||
fclose($cachefile_fp);
|
||||
return true;
|
||||
}
|
Loading…
Reference in a new issue