aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2011-08-22 20:26:00 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2011-08-22 20:26:00 +0000
commit7ca9bed6c7cae20d1211944354c89bc5ce899f4b (patch)
tree1dc305138af3293c6bae4cb6fd87bbbb4373206a
parentffdd4019b0f4125c0ec1fd0260cdba581631dd5a (diff)
downloadalpine_aports-7ca9bed6c7cae20d1211944354c89bc5ce899f4b.tar.bz2
alpine_aports-7ca9bed6c7cae20d1211944354c89bc5ce899f4b.tar.xz
alpine_aports-7ca9bed6c7cae20d1211944354c89bc5ce899f4b.zip
main/php: upgrade to 5.3.7, remove pear
We will build pear separately
Diffstat
-rw-r--r--main/php/APKBUILD56
-rw-r--r--main/php/php-uclibc.patch11
-rw-r--r--main/php/suhosin-patch-5.3.7-0.9.10.patch (renamed from main/php/suhosin-patch-5.3.6-0.9.10.patch)3111
3 files changed, 1590 insertions, 1588 deletions
diff --git a/main/php/APKBUILD b/main/php/APKBUILD
index 032d5639dd..3acdbf7ce1 100644
--- a/main/php/APKBUILD
+++ b/main/php/APKBUILD
@@ -1,9 +1,9 @@
1# Contributor: Carlo Landmeter <clandmeter@gmail.com> 1# Contributor: Carlo Landmeter <clandmeter@gmail.com>
2# Maintainer: Matt Smith <mcs@darkregion.net> 2# Maintainer: Matt Smith <mcs@darkregion.net>
3pkgname=php 3pkgname=php
4pkgver=5.3.6 4pkgver=5.3.7
5_suhosinver=5.3.6-0.9.10 5_suhosinver=5.3.7-0.9.10
6pkgrel=11 6pkgrel=0
7pkgdesc="The PHP language runtime engine" 7pkgdesc="The PHP language runtime engine"
8url="http://www.php.net/" 8url="http://www.php.net/"
9arch="all" 9arch="all"
@@ -19,7 +19,6 @@ makedepends="pcre-dev libxml2-dev libiconv-dev openssl-dev zlib-dev bzip2-dev
19 readline-dev enchant-dev gdbm-dev freetds-dev" 19 readline-dev enchant-dev gdbm-dev freetds-dev"
20subpackages="$pkgname-dev $pkgname-doc $pkgname-common $pkgname-cgi 20subpackages="$pkgname-dev $pkgname-doc $pkgname-common $pkgname-cgi
21 $pkgname-cli $pkgname-fpm $pkgname-apache2 $pkgname-embed 21 $pkgname-cli $pkgname-fpm $pkgname-apache2 $pkgname-embed
22 $pkgname-pear
23 $pkgname-bcmath 22 $pkgname-bcmath
24 $pkgname-bz2 23 $pkgname-bz2
25 $pkgname-calendar 24 $pkgname-calendar
@@ -73,8 +72,6 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-common $pkgname-cgi
73 72
74# http://download.suhosin.org/suhosin-patch-${_suhosinver}.patch.gz 73# http://download.suhosin.org/suhosin-patch-${_suhosinver}.patch.gz
75source="http://www.php.net/distributions/${pkgname}-${pkgver}.tar.bz2 74source="http://www.php.net/distributions/${pkgname}-${pkgver}.tar.bz2
76 php-install-pear-xml.patch
77 php-uclibc.patch
78 suhosin-patch-${_suhosinver}.patch 75 suhosin-patch-${_suhosinver}.patch
79 php-fpm.initd 76 php-fpm.initd
80 php5-module.conf 77 php5-module.conf
@@ -86,13 +83,11 @@ _srcdir="$srcdir"/$pkgname-$pkgver
86 83
87prepare() { 84prepare() {
88 cd "$_srcdir" 85 cd "$_srcdir"
89 # beat the pear installer into using xml.so 86 for i in $source; do
90 patch -p1 -i "$srcdir"/php-install-pear-xml.patch || return 1 87 case $i in
91 patch -p1 -i "$srcdir"/php-uclibc.patch || return 1 88 *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
92 89 esac
93 # apply suhosin patch 90 done
94 patch -p1 -i "${srcdir}"/suhosin-patch-${_suhosinver}.patch || return 1
95
96 # safty check for api changes 91 # safty check for api changes
97 local vapi=$(sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h) 92 local vapi=$(sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h)
98 if [ "$vapi" != "$_apiver" ]; then 93 if [ "$vapi" != "$_apiver" ]; then
@@ -113,6 +108,10 @@ _do_build() {
113} 108}
114 109
115build() { 110build() {
111 # Set PEAR_INSTALLDIR to ensure that the hard-coded include_path
112 # is properly set even if we install php-pear separately
113 export PEAR_INSTALLDIR=/usr/share/pear
114
116 _phpconfig="--build=${CHOST:-i486-alpine-linux-uclibc} \ 115 _phpconfig="--build=${CHOST:-i486-alpine-linux-uclibc} \
117 --prefix=/usr \ 116 --prefix=/usr \
118 --sysconfdir=/etc/php \ 117 --sysconfdir=/etc/php \
@@ -203,13 +202,12 @@ build() {
203 --enable-mailparse \ 202 --enable-mailparse \
204 " 203 "
205 204
206 # cgi, fcgi, cli, pear and extensions 205 # cgi, fcgi, cli and extensions
207 _do_build cgi \ 206 _do_build cgi \
208 ${_phpconfig} \ 207 ${_phpconfig} \
209 --disable-cli \ 208 --disable-cli \
210 --enable-cgi \ 209 --enable-cgi \
211 --enable-cli \ 210 --enable-cli \
212 --with-pear \
213 ${_phpextensions} \ 211 ${_phpextensions} \
214 || return 1 212 || return 1
215 213
@@ -244,11 +242,8 @@ build() {
244package() { 242package() {
245 cd "$srcdir"/build-cgi 243 cd "$srcdir"/build-cgi
246 244
247 # install php-cgi, cli, pear and modules 245 # install php-cgi, cli and modules
248 make -j1 install install-pear INSTALL_ROOT="$pkgdir" || return 1 246 make -j1 install INSTALL_ROOT="$pkgdir" || return 1
249
250 # cleanup after pear
251 find "$pkgdir" -name '.*' | xargs rm -rf || return 1
252 247
253 # install fpm 248 # install fpm
254 install -D -m755 "$srcdir"/build-fpm/sapi/fpm/php-fpm \ 249 install -D -m755 "$srcdir"/build-fpm/sapi/fpm/php-fpm \
@@ -359,21 +354,6 @@ embed() {
359 mv "$pkgdir"/usr/lib/libphp5.so "$subpkgdir"/usr/lib/ 354 mv "$pkgdir"/usr/lib/libphp5.so "$subpkgdir"/usr/lib/
360} 355}
361 356
362pear() {
363 pkgdesc="PHP Extension and Application Repository (PEAR)"
364 depends="php-cli php-xml"
365 mkdir -p "$subpkgdir"/usr/share "$subpkgdir"/etc/php \
366 "$subpkgdir"/usr/bin
367 mv "$pkgdir"/usr/bin/pecl \
368 "$pkgdir"/usr/bin/pear \
369 "$pkgdir"/usr/bin/peardev \
370 "$subpkgdir"/usr/bin/ || return 1
371 mv "$pkgdir"/etc/php/pear.conf \
372 "$subpkgdir"/etc/php/ || return 1
373 mv "$pkgdir"/usr/share/pear \
374 "$subpkgdir"/usr/share/ || return 1
375}
376
377_mv_ext() { 357_mv_ext() {
378 local ext=$1 358 local ext=$1
379 pkgdesc="${ext} extension for PHP" 359 pkgdesc="${ext} extension for PHP"
@@ -444,9 +424,7 @@ zlib() { _mv_ext zlib; }
444mssql() { _mv_ext mssql; } 424mssql() { _mv_ext mssql; }
445pdo_dblib() { _mv_ext pdo_dblib "php-pdo freetds"; } 425pdo_dblib() { _mv_ext pdo_dblib "php-pdo freetds"; }
446 426
447md5sums="2286f5a82a6e8397955a0025c1c2ad98 php-5.3.6.tar.bz2 427md5sums="2d47d003c96de4e88863ff38da61af33 php-5.3.7.tar.bz2
4485111e3be06d391f8772587c675240fab php-install-pear-xml.patch 4288bd8840465d6bcd8e1e5d2cec80a1bfc suhosin-patch-5.3.7-0.9.10.patch
44931458da0ca6cb4ca2cbdaa2d32ab386d php-uclibc.patch
45054d3a7830c103f0efe94ed44c40dfad5 suhosin-patch-5.3.6-0.9.10.patch
4518f2bb2b744a2de50025842cb51fb6a3a php-fpm.initd 4298f2bb2b744a2de50025842cb51fb6a3a php-fpm.initd
45267719f428f44ec004da18705cbabe2ee php5-module.conf" 43067719f428f44ec004da18705cbabe2ee php5-module.conf"
diff --git a/main/php/php-uclibc.patch b/main/php/php-uclibc.patch
deleted file mode 100644
index ca6890e43d..0000000000
--- a/main/php/php-uclibc.patch
+++ /dev/null
@@ -1,11 +0,0 @@
1--- ./ext/standard/php_crypt_r.c.orig
2+++ ./ext/standard/php_crypt_r.c
3@@ -94,7 +94,7 @@
4 if (!initialized) {
5 #ifdef PHP_WIN32
6 InterlockedIncrement(&initialized);
7-#elif (defined(__GNUC__) && (__GNUC__ >= 4 && __GNUC_MINOR__ >= 2))
8+#elif (defined(__GNUC__) && (__GNUC__ >= 4 && __GNUC_MINOR__ >= 2)) || defined(__UCLIBC__)
9 __sync_fetch_and_add(&initialized, 1);
10 #elif defined(HAVE_ATOMIC_H) /* Solaris 10 defines atomic API within */
11 membar_producer();
diff --git a/main/php/suhosin-patch-5.3.6-0.9.10.patch b/main/php/suhosin-patch-5.3.7-0.9.10.patch
index 55062d8a42..67efa0f32f 100644
--- a/main/php/suhosin-patch-5.3.6-0.9.10.patch
+++ b/main/php/suhosin-patch-5.3.7-0.9.10.patch
@@ -1,1323 +1,173 @@
1diff -Nura php-5.3.6/configure suhosin-patch-5.3.6-0.9.10/configure 1diff -Nura php-5.3.7/Zend/Makefile.am suhosin-patch-5.3.7-0.9.10/Zend/Makefile.am
2--- php-5.3.6/configure 2011-03-17 08:55:56.000000000 +0100 2--- php-5.3.7/Zend/Makefile.am 2009-03-18 11:18:10.000000000 +0100
3+++ suhosin-patch-5.3.6-0.9.10/configure 2011-03-19 10:48:33.810641898 +0100 3+++ suhosin-patch-5.3.7-0.9.10/Zend/Makefile.am 2011-08-19 12:39:28.000000000 +0200
4@@ -18979,6 +18979,9 @@ 4@@ -17,7 +17,7 @@
5 5 zend_objects_API.c zend_ts_hash.c zend_stream.c \
6 fi 6 zend_default_classes.c \
7 7 zend_iterators.c zend_interfaces.c zend_exceptions.c \
8+cat >> confdefs.h <<\EOF 8- zend_strtod.c zend_closures.c zend_float.c
9+#define SUHOSIN_PATCH 1 9+ zend_strtod.c zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c
10+EOF
11
12 echo $ac_n "checking for declared timezone""... $ac_c" 1>&6
13 echo "configure:18985: checking for declared timezone" >&5
14@@ -115340,7 +115343,7 @@
15 php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
16 strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
17 network.c php_open_temporary_file.c php_logos.c \
18- output.c getopt.c; do
19+ output.c getopt.c suhosin_patch.c ; do
20
21 IFS=.
22 set $ac_src
23@@ -115544,7 +115547,7 @@
24 zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
25 zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
26 zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c zend_gc.c \
27- zend_closures.c zend_float.c; do
28+ zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c ; do
29
30 IFS=.
31 set $ac_src
32diff -Nura php-5.3.6/configure.in suhosin-patch-5.3.6-0.9.10/configure.in
33--- php-5.3.6/configure.in 2011-03-17 08:48:29.000000000 +0100
34+++ suhosin-patch-5.3.6-0.9.10/configure.in 2011-03-19 10:48:33.810641898 +0100
35@@ -289,6 +289,7 @@
36 sinclude(TSRM/threads.m4)
37 sinclude(TSRM/tsrm.m4)
38
39+sinclude(main/suhosin_patch.m4)
40
41 divert(2)
42
43@@ -1396,7 +1397,7 @@
44 php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
45 strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
46 network.c php_open_temporary_file.c php_logos.c \
47- output.c getopt.c)
48+ output.c getopt.c suhosin_patch.c )
49
50 PHP_ADD_SOURCES(main/streams, streams.c cast.c memory.c filter.c \
51 plain_wrapper.c userspace.c transports.c xp_socket.c mmap.c \
52@@ -1424,7 +1425,7 @@
53 zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
54 zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
55 zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c zend_gc.c \
56- zend_closures.c zend_float.c)
57+ zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c )
58
59 if test -r "$abs_srcdir/Zend/zend_objects.c"; then
60 PHP_ADD_SOURCES(Zend, zend_objects.c zend_object_handlers.c zend_objects_API.c zend_default_classes.c)
61diff -Nura php-5.3.6/ext/standard/dl.c suhosin-patch-5.3.6-0.9.10/ext/standard/dl.c
62--- php-5.3.6/ext/standard/dl.c 2011-01-01 03:19:59.000000000 +0100
63+++ suhosin-patch-5.3.6-0.9.10/ext/standard/dl.c 2011-03-19 10:48:33.810641898 +0100
64@@ -254,6 +254,23 @@
65 return FAILURE;
66 }
67 }
68+
69+#if SUHOSIN_PATCH
70+ if (strncmp("suhosin", module_entry->name, sizeof("suhosin")-1) == 0) {
71+ void *log_func;
72+ /* sucessfully loaded suhosin extension, now check for logging function replacement */
73+ log_func = (void *) DL_FETCH_SYMBOL(handle, "suhosin_log");
74+ if (log_func == NULL) {
75+ log_func = (void *) DL_FETCH_SYMBOL(handle, "_suhosin_log");
76+ }
77+ if (log_func != NULL) {
78+ zend_suhosin_log = log_func;
79+ } else {
80+ zend_suhosin_log(S_MISC, "could not replace logging function");
81+ }
82+ }
83+#endif
84+
85 return SUCCESS;
86 }
87 /* }}} */
88diff -Nura php-5.3.6/ext/standard/info.c suhosin-patch-5.3.6-0.9.10/ext/standard/info.c
89--- php-5.3.6/ext/standard/info.c 2011-01-01 03:19:59.000000000 +0100
90+++ suhosin-patch-5.3.6-0.9.10/ext/standard/info.c 2011-03-19 10:48:33.810641898 +0100
91@@ -878,6 +878,33 @@
92
93 php_info_print_table_end();
94
95+ /* Suhosin Patch */
96+ php_info_print_box_start(0);
97+ if (expose_php && !sapi_module.phpinfo_as_text) {
98+ PUTS("<a href=\"http://www.suhosin.org\"><img border=\"0\" src=\"");
99+ if (SG(request_info).request_uri) {
100+ char *elem_esc = php_info_html_esc(SG(request_info).request_uri TSRMLS_CC);
101+ PUTS(elem_esc);
102+ efree(elem_esc);
103+ }
104+ PUTS("?="SUHOSIN_LOGO_GUID"\" alt=\"Suhosin logo\" /></a>\n");
105+ }
106+ PUTS("This server is protected with the Suhosin Patch ");
107+ if (sapi_module.phpinfo_as_text) {
108+ PUTS(SUHOSIN_PATCH_VERSION);
109+ } else {
110+ zend_html_puts(SUHOSIN_PATCH_VERSION, strlen(SUHOSIN_PATCH_VERSION) TSRMLS_CC);
111+ }
112+ PUTS(!sapi_module.phpinfo_as_text?"<br />":"\n");
113+ if (sapi_module.phpinfo_as_text) {
114+ PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
115+ PUTS("Copyright (c) 2007-2009 SektionEins GmbH\n");
116+ } else {
117+ PUTS("Copyright (c) 2006-2007 <a href=\"http://www.hardened-php.net/\">Hardened-PHP Project</a>\n");
118+ PUTS("Copyright (c) 2007-2009 <a href=\"http://www.sektioneins.de/\">SektionEins GmbH</a>\n");
119+ }
120+ php_info_print_box_end();
121+
122 /* Zend Engine */
123 php_info_print_box_start(0);
124 if (expose_php && !sapi_module.phpinfo_as_text) {
125diff -Nura php-5.3.6/ext/standard/syslog.c suhosin-patch-5.3.6-0.9.10/ext/standard/syslog.c
126--- php-5.3.6/ext/standard/syslog.c 2011-01-01 03:19:59.000000000 +0100
127+++ suhosin-patch-5.3.6-0.9.10/ext/standard/syslog.c 2011-03-19 10:48:33.810641898 +0100
128@@ -42,6 +42,7 @@
129 */
130 PHP_MINIT_FUNCTION(syslog)
131 {
132+#if !SUHOSIN_PATCH
133 /* error levels */
134 REGISTER_LONG_CONSTANT("LOG_EMERG", LOG_EMERG, CONST_CS | CONST_PERSISTENT); /* system unusable */
135 REGISTER_LONG_CONSTANT("LOG_ALERT", LOG_ALERT, CONST_CS | CONST_PERSISTENT); /* immediate action required */
136@@ -97,6 +98,7 @@
137 /* AIX doesn't have LOG_PERROR */
138 REGISTER_LONG_CONSTANT("LOG_PERROR", LOG_PERROR, CONST_CS | CONST_PERSISTENT); /*log to stderr*/
139 #endif
140+#endif
141 BG(syslog_device)=NULL;
142
143 return SUCCESS;
144diff -Nura php-5.3.6/main/fopen_wrappers.c suhosin-patch-5.3.6-0.9.10/main/fopen_wrappers.c
145--- php-5.3.6/main/fopen_wrappers.c 2011-01-18 23:20:09.000000000 +0100
146+++ suhosin-patch-5.3.6-0.9.10/main/fopen_wrappers.c 2011-03-19 10:48:33.810641898 +0100
147@@ -85,13 +85,8 @@
148 PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
149 {
150 char **p, *pathbuf, *ptr, *end;
151-#ifndef ZTS
152- char *base = (char *) mh_arg2;
153-#else
154- char *base = (char *) ts_resource(*((int *) mh_arg2));
155-#endif
156
157- p = (char **) (base + (size_t) mh_arg1);
158+ p = &PG(open_basedir);
159
160 if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN || stage == PHP_INI_STAGE_ACTIVATE || stage == PHP_INI_STAGE_DEACTIVATE) {
161 /* We're in a PHP_INI_SYSTEM context, no restrictions */
162diff -Nura php-5.3.6/main/main.c suhosin-patch-5.3.6-0.9.10/main/main.c
163--- php-5.3.6/main/main.c 2011-02-08 22:40:51.000000000 +0100
164+++ suhosin-patch-5.3.6-0.9.10/main/main.c 2011-03-19 10:48:33.813975198 +0100
165@@ -90,6 +90,9 @@
166
167 #include "SAPI.h"
168 #include "rfc1867.h"
169+#if SUHOSIN_PATCH
170+#include "suhosin_globals.h"
171+#endif
172
173 #if HAVE_SYS_MMAN_H
174 # include <sys/mman.h>
175@@ -490,7 +493,7 @@
176 STD_PHP_INI_ENTRY("extension_dir", PHP_EXTENSION_DIR, PHP_INI_SYSTEM, OnUpdateStringUnempty, extension_dir, php_core_globals, core_globals)
177 STD_PHP_INI_ENTRY("include_path", PHP_INCLUDE_PATH, PHP_INI_ALL, OnUpdateStringUnempty, include_path, php_core_globals, core_globals)
178 PHP_INI_ENTRY("max_execution_time", "30", PHP_INI_ALL, OnUpdateTimeout)
179- STD_PHP_INI_ENTRY("open_basedir", NULL, PHP_INI_ALL, OnUpdateBaseDir, open_basedir, php_core_globals, core_globals)
180+ PHP_INI_ENTRY("open_basedir", NULL, PHP_INI_ALL, OnUpdateBaseDir)
181 STD_PHP_INI_ENTRY("safe_mode_exec_dir", PHP_SAFE_MODE_EXEC_DIR, PHP_INI_SYSTEM, OnUpdateString, safe_mode_exec_dir, php_core_globals, core_globals)
182
183 STD_PHP_INI_BOOLEAN("file_uploads", "1", PHP_INI_SYSTEM, OnUpdateBool, file_uploads, php_core_globals, core_globals)
184@@ -1781,6 +1784,10 @@
185 }
186 #endif
187
188+#if SUHOSIN_PATCH
189+PHPAPI void suhosin_startup();
190+#endif
191+
192 /* {{{ php_module_startup
193 */
194 int php_module_startup(sapi_module_struct *sf, zend_module_entry *additional_modules, uint num_additional_modules)
195@@ -1825,6 +1832,10 @@
196 tsrm_ls = ts_resource(0);
197 #endif
198
199+#if SUHOSIN_PATCH
200+ suhosin_startup();
201+#endif
202+
203 module_shutdown = 0;
204 module_startup = 1;
205 sapi_initialize_empty_request(TSRMLS_C);
206@@ -1944,7 +1955,11 @@
207 REGISTER_MAIN_STRINGL_CONSTANT("PHP_CONFIG_FILE_SCAN_DIR", PHP_CONFIG_FILE_SCAN_DIR, sizeof(PHP_CONFIG_FILE_SCAN_DIR)-1, CONST_PERSISTENT | CONST_CS);
208 REGISTER_MAIN_STRINGL_CONSTANT("PHP_SHLIB_SUFFIX", PHP_SHLIB_SUFFIX, sizeof(PHP_SHLIB_SUFFIX)-1, CONST_PERSISTENT | CONST_CS);
209 REGISTER_MAIN_STRINGL_CONSTANT("PHP_EOL", PHP_EOL, sizeof(PHP_EOL)-1, CONST_PERSISTENT | CONST_CS);
210- REGISTER_MAIN_LONG_CONSTANT("PHP_MAXPATHLEN", MAXPATHLEN, CONST_PERSISTENT | CONST_CS);
211+#if SUHOSIN_PATCH
212+ REGISTER_MAIN_LONG_CONSTANT("SUHOSIN_PATCH", 1, CONST_PERSISTENT | CONST_CS);
213+ REGISTER_MAIN_STRINGL_CONSTANT("SUHOSIN_PATCH_VERSION", SUHOSIN_PATCH_VERSION, sizeof(SUHOSIN_PATCH_VERSION)-1, CONST_PERSISTENT | CONST_CS);
214+#endif
215+ REGISTER_MAIN_LONG_CONSTANT("PHP_MAXPATHLEN", MAXPATHLEN, CONST_PERSISTENT | CONST_CS);
216 REGISTER_MAIN_LONG_CONSTANT("PHP_INT_MAX", LONG_MAX, CONST_PERSISTENT | CONST_CS);
217 REGISTER_MAIN_LONG_CONSTANT("PHP_INT_SIZE", sizeof(long), CONST_PERSISTENT | CONST_CS);
218 #ifdef ZEND_MULTIBYTE
219diff -Nura php-5.3.6/main/php_config.h.in suhosin-patch-5.3.6-0.9.10/main/php_config.h.in
220--- php-5.3.6/main/php_config.h.in 2011-03-17 08:56:00.000000000 +0100
221+++ suhosin-patch-5.3.6-0.9.10/main/php_config.h.in 2011-03-19 10:48:33.813975198 +0100
222@@ -851,6 +851,9 @@
223 /* Define if the target system has /dev/urandom device */
224 #undef HAVE_DEV_URANDOM
225
226+/* Suhosin-Patch for PHP */
227+#undef SUHOSIN_PATCH
228+
229 /* Whether you have AOLserver */
230 #undef HAVE_AOLSERVER
231 10
232diff -Nura php-5.3.6/main/php.h suhosin-patch-5.3.6-0.9.10/main/php.h 11 libZend_la_LDFLAGS =
233--- php-5.3.6/main/php.h 2011-01-01 03:19:59.000000000 +0100 12 libZend_la_LIBADD = @ZEND_EXTRA_LIBS@
234+++ suhosin-patch-5.3.6-0.9.10/main/php.h 2011-03-19 10:48:33.813975198 +0100 13diff -Nura php-5.3.7/Zend/Zend.dsp suhosin-patch-5.3.7-0.9.10/Zend/Zend.dsp
235@@ -453,6 +453,10 @@ 14--- php-5.3.7/Zend/Zend.dsp 2009-03-18 11:18:10.000000000 +0100
236 #endif 15+++ suhosin-patch-5.3.7-0.9.10/Zend/Zend.dsp 2011-08-19 12:39:28.000000000 +0200
237 #endif /* !XtOffsetOf */ 16@@ -247,6 +247,14 @@
17 # End Source File
18 # Begin Source File
19
20+SOURCE=.\zend_canary.c
21+# End Source File
22+# Begin Source File
23+
24+SOURCE=.\zend_alloc_canary.c
25+# End Source File
26+# Begin Source File
27+
28 SOURCE=.\zend_ts_hash.c
29 # End Source File
30 # Begin Source File
31diff -Nura php-5.3.7/Zend/ZendTS.dsp suhosin-patch-5.3.7-0.9.10/Zend/ZendTS.dsp
32--- php-5.3.7/Zend/ZendTS.dsp 2008-07-14 11:49:03.000000000 +0200
33+++ suhosin-patch-5.3.7-0.9.10/Zend/ZendTS.dsp 2011-08-19 12:39:28.000000000 +0200
34@@ -277,6 +277,14 @@
35 # End Source File
36 # Begin Source File
37
38+SOURCE=.\zend_canary.c
39+# End Source File
40+# Begin Source File
41+
42+SOURCE=.\zend_alloc_canary.c
43+# End Source File
44+# Begin Source File
45+
46 SOURCE=.\zend_ts_hash.c
47 # End Source File
48 # Begin Source File
49diff -Nura php-5.3.7/Zend/zend.c suhosin-patch-5.3.7-0.9.10/Zend/zend.c
50--- php-5.3.7/Zend/zend.c 2011-08-08 05:08:59.000000000 +0200
51+++ suhosin-patch-5.3.7-0.9.10/Zend/zend.c 2011-08-19 12:39:28.000000000 +0200
52@@ -60,6 +60,10 @@
53 ZEND_API char *(*zend_getenv)(char *name, size_t name_len TSRMLS_DC);
54 ZEND_API char *(*zend_resolve_path)(const char *filename, int filename_len TSRMLS_DC);
238 55
239+#if SUHOSIN_PATCH 56+#if SUHOSIN_PATCH
240+#include "suhosin_patch.h" 57+ZEND_API void (*zend_suhosin_log)(int loglevel, char *fmt, ...);
241+#endif 58+#endif
242+ 59+
243 #endif 60 void (*zend_on_timeout)(int seconds TSRMLS_DC);
244
245 /*
246diff -Nura php-5.3.6/main/php_logos.c suhosin-patch-5.3.6-0.9.10/main/php_logos.c
247--- php-5.3.6/main/php_logos.c 2011-01-01 03:19:59.000000000 +0100
248+++ suhosin-patch-5.3.6-0.9.10/main/php_logos.c 2011-03-19 10:48:33.813975198 +0100
249@@ -50,6 +50,10 @@
250 return zend_hash_del(&phpinfo_logo_hash, logo_string, strlen(logo_string));
251 }
252 61
253+#if SUHOSIN_PATCH 62 static void (*zend_message_dispatcher_p)(long message, void *data TSRMLS_DC);
254+#include "suhosin_logo.h" 63@@ -88,6 +92,74 @@
255+#endif
256+
257 int php_init_info_logos(void)
258 {
259 if(zend_hash_init(&phpinfo_logo_hash, 0, NULL, NULL, 1)==FAILURE)
260@@ -58,7 +62,9 @@
261 php_register_info_logo(PHP_LOGO_GUID , "image/gif", php_logo , sizeof(php_logo));
262 php_register_info_logo(PHP_EGG_LOGO_GUID, "image/gif", php_egg_logo, sizeof(php_egg_logo));
263 php_register_info_logo(ZEND_LOGO_GUID , "image/gif", zend_logo , sizeof(zend_logo));
264-
265+#if SUHOSIN_PATCH
266+ php_register_info_logo(SUHOSIN_LOGO_GUID, "image/jpeg", suhosin_logo , sizeof(suhosin_logo));
267+#endif
268 return SUCCESS;
269 } 64 }
65 /* }}} */
270 66
271diff -Nura php-5.3.6/main/snprintf.c suhosin-patch-5.3.6-0.9.10/main/snprintf.c
272--- php-5.3.6/main/snprintf.c 2011-02-21 07:53:24.000000000 +0100
273+++ suhosin-patch-5.3.6-0.9.10/main/snprintf.c 2011-03-19 10:48:33.813975198 +0100
274@@ -780,6 +780,10 @@
275 */
276 switch (*fmt) {
277 case 'Z':
278+#if SUHOSIN_PATCH
279+ zend_suhosin_log(S_MISC, "'Z' specifier within format string");
280+ goto skip_output;
281+#else
282 zvp = (zval*) va_arg(ap, zval*);
283 zend_make_printable_zval(zvp, &zcopy, &free_zcopy);
284 if (free_zcopy) {
285@@ -790,6 +794,7 @@
286 if (adjust_precision && precision < s_len) {
287 s_len = precision;
288 }
289+#endif
290 break;
291 case 'u':
292 switch(modifier) {
293@@ -1091,7 +1096,11 @@
294
295
296 case 'n':
297+#if SUHOSIN_PATCH
298+ zend_suhosin_log(S_MISC, "'n' specifier within format string");
299+#else
300 *(va_arg(ap, int *)) = cc;
301+#endif
302 goto skip_output;
303
304 /*
305diff -Nura php-5.3.6/main/spprintf.c suhosin-patch-5.3.6-0.9.10/main/spprintf.c
306--- php-5.3.6/main/spprintf.c 2011-02-21 07:53:24.000000000 +0100
307+++ suhosin-patch-5.3.6-0.9.10/main/spprintf.c 2011-03-19 10:48:33.813975198 +0100
308@@ -388,6 +388,10 @@
309 */
310 switch (*fmt) {
311 case 'Z':
312+#if SUHOSIN_PATCH
313+ zend_suhosin_log(S_MISC, "'Z' specifier within format string");
314+ goto skip_output;
315+#else
316 zvp = (zval*) va_arg(ap, zval*);
317 zend_make_printable_zval(zvp, &zcopy, &free_zcopy);
318 if (free_zcopy) {
319@@ -398,6 +402,7 @@
320 if (adjust_precision && precision < s_len) {
321 s_len = precision;
322 }
323+#endif
324 break;
325 case 'u':
326 switch(modifier) {
327@@ -698,7 +703,11 @@
328
329
330 case 'n':
331+#if SUHOSIN_PATCH 67+#if SUHOSIN_PATCH
332+ zend_suhosin_log(S_MISC, "'n' specifier within format string"); 68+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog)
333+#else
334 *(va_arg(ap, int *)) = xbuf->len;
335+#endif
336 goto skip_output;
337
338 /*
339diff -Nura php-5.3.6/main/suhosin_globals.h suhosin-patch-5.3.6-0.9.10/main/suhosin_globals.h
340--- php-5.3.6/main/suhosin_globals.h 1970-01-01 01:00:00.000000000 +0100
341+++ suhosin-patch-5.3.6-0.9.10/main/suhosin_globals.h 2011-03-19 10:48:33.813975198 +0100
342@@ -0,0 +1,61 @@
343+/*
344+ +----------------------------------------------------------------------+
345+ | Suhosin-Patch for PHP |
346+ +----------------------------------------------------------------------+
347+ | Copyright (c) 2004-2009 Stefan Esser |
348+ +----------------------------------------------------------------------+
349+ | This source file is subject to version 2.02 of the PHP license, |
350+ | that is bundled with this package in the file LICENSE, and is |
351+ | available at through the world-wide-web at |
352+ | http://www.php.net/license/2_02.txt. |
353+ | If you did not receive a copy of the PHP license and are unable to |
354+ | obtain it through the world-wide-web, please send a note to |
355+ | license@php.net so we can mail you a copy immediately. |
356+ +----------------------------------------------------------------------+
357+ | Author: Stefan Esser <stefan.esser@sektioneins.de> |
358+ +----------------------------------------------------------------------+
359+ */
360+
361+#ifndef SUHOSIN_GLOBALS_H
362+#define SUHOSIN_GLOBALS_H
363+
364+typedef struct _suhosin_patch_globals suhosin_patch_globals_struct;
365+
366+#ifdef ZTS
367+# define SPG(v) TSRMG(suhosin_patch_globals_id, suhosin_patch_globals_struct *, v)
368+extern int suhosin_patch_globals_id;
369+#else
370+# define SPG(v) (suhosin_patch_globals.v)
371+extern struct _suhosin_patch_globals suhosin_patch_globals;
372+#endif
373+
374+
375+struct _suhosin_patch_globals {
376+ /* logging */
377+ int log_syslog;
378+ int log_syslog_facility;
379+ int log_syslog_priority;
380+ int log_sapi;
381+ int log_script;
382+ int log_phpscript;
383+ char *log_scriptname;
384+ char *log_phpscriptname;
385+ zend_bool log_phpscript_is_safe;
386+ zend_bool log_use_x_forwarded_for;
387+
388+ /* memory manager canary protection */
389+ unsigned int canary_1;
390+ unsigned int canary_2;
391+ unsigned int canary_3;
392+ unsigned int dummy;
393+};
394+
395+
396+#endif /* SUHOSIN_GLOBALS_H */
397+
398+/*
399+ * Local variables:
400+ * tab-width: 4
401+ * c-basic-offset: 4
402+ * End:
403+ */
404diff -Nura php-5.3.6/main/suhosin_logo.h suhosin-patch-5.3.6-0.9.10/main/suhosin_logo.h
405--- php-5.3.6/main/suhosin_logo.h 1970-01-01 01:00:00.000000000 +0100
406+++ suhosin-patch-5.3.6-0.9.10/main/suhosin_logo.h 2011-03-19 10:48:33.813975198 +0100
407@@ -0,0 +1,178 @@
408+static unsigned char suhosin_logo[] =
409+ "\xff\xd8\xff\xe0\x00\x10\x4a\x46\x49\x46\x00\x01\x01\x01\x00\x48"
410+ "\x00\x48\x00\x00\xff\xe1\x00\x16\x45\x78\x69\x66\x00\x00\x4d\x4d"
411+ "\x00\x2a\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\xff\xdb\x00\x43"
412+ "\x00\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
413+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
414+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
415+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
416+ "\x01\xff\xc0\x00\x0b\x08\x00\x27\x00\x71\x01\x01\x22\x00\xff\xc4"
417+ "\x00\x1e\x00\x00\x02\x02\x02\x03\x01\x01\x00\x00\x00\x00\x00\x00"
418+ "\x00\x00\x00\x00\x09\x06\x08\x05\x07\x02\x03\x0a\x01\x04\xff\xc4"
419+ "\x00\x32\x10\x00\x01\x04\x03\x00\x02\x00\x05\x01\x05\x09\x01\x00"
420+ "\x00\x00\x00\x05\x02\x03\x04\x06\x01\x07\x08\x00\x09\x11\x12\x13"
421+ "\x14\x21\x15\x0a\x16\x31\x56\x96\x17\x18\x19\x23\x32\x41\x58\x98"
422+ "\xd4\xd6\xff\xda\x00\x08\x01\x01\x00\x00\x3f\x00\xf4\xc1\xe1\xe5"
423+ "\x69\xe9\x3e\xb9\xd1\x7c\x8a\x2e\x9d\x66\xe8\x3b\x29\x4d\x7f\x46"
424+ "\xba\x58\x55\x54\x8d\xb1\x5f\xaa\xd9\x8d\x51\x2b\xb6\x27\x5a\x69"
425+ "\xd1\x43\xaf\x16\x1a\xf0\xb2\xb1\xe9\x6d\x9f\xc2\xa4\x36\x18\xb5"
426+ "\x85\x10\x41\xbe\xfc\x09\xac\x49\x29\x11\xd4\x32\x97\xec\x08\x13"
427+ "\xc1\x2d\x20\xc3\x59\xeb\x26\x05\xd8\x6b\x76\x31\x43\x8f\x57\xcf"
428+ "\x84\x9f\x14\xa8\x53\x81\x0b\xc3\x64\x80\xa3\x02\x0a\x41\x75\xf8"
429+ "\x44\x85\x93\x81\x22\x3c\xd8\x13\xe1\xbe\xf4\x59\x91\x1f\x6a\x44"
430+ "\x77\x5c\x69\xc4\x2f\x39\x5f\x0f\x2a\x8d\xeb\xba\xf8\xc3\x56\x6c"
431+ "\x3b\x36\xa7\xda\xbd\x4d\xa1\xb5\x4e\xc6\xa7\xa4\x3a\xec\x15\x2d"
432+ "\xa5\xb3\xea\x5a\xdc\xac\x46\xac\x01\x60\xd8\x43\xc8\x8e\x8b\xb1"
433+ "\x40\x4c\x95\x8b\x34\x41\x28\x52\x91\x28\x43\xd3\xa3\xb6\xa7\x55"
434+ "\x15\xe7\x5a\x96\xcb\xf1\xda\xe5\x55\xee\xfe\x1e\xbd\xd9\x41\xd3"
435+ "\x28\xfd\x97\xca\x57\x2b\x85\x9c\xa4\x30\x95\xaa\xa5\x57\xa2\x35"
436+ "\x15\x86\xcb\x61\x34\x41\xe4\xc7\x80\x20\x18\x21\x17\x09\x85\x0b"
437+ "\x14\x9d\x21\x68\x62\x1c\x08\x11\x64\x4b\x92\xf2\xd2\xd3\x2d\x2d"
438+ "\x6a\xc2\x73\x6b\x3c\x3c\x8b\x9e\xbc\x52\xaa\xa4\xab\x81\x6c\xf6"
439+ "\xfa\xbd\x70\xc5\xc6\x7b\xc2\xaa\x22\x4f\x58\x04\x87\x25\x6a\x27"
440+ "\x1d\xa4\x3d\x20\x75\x72\x01\x09\x71\xe5\x1c\x9e\xc3\x2e\x36\xf3"
441+ "\xd0\xc6\x35\x2a\x43\x4d\x2d\x0e\x2d\xb4\xa1\x49\xce\x65\x1e\x52"
442+ "\x9e\xa1\xf6\x09\xcc\xdc\x63\x66\xa8\x01\xe9\x3b\x0d\xd7\x5a\x85"
443+ "\xbb\xc5\x65\xc0\x7b\x2e\x46\xa9\xd9\x56\x1d\x4c\x92\x72\x26\x4e"
444+ "\x86\xd5\x68\xae\xc4\xaa\x55\xce\xd7\x83\x59\xb3\x81\xee\xce\x74"
445+ "\x39\x39\x31\x9f\x8a\x25\xe8\xa5\xa5\xe5\x81\xf2\x11\x23\xcb\xa1"
446+ "\x1e\x43\x12\xe3\xb1\x2a\x2b\xcd\xc8\x8d\x25\x96\xa4\x47\x7d\x95"
447+ "\xa5\xc6\x9f\x61\xe4\x25\xc6\x5e\x69\xc4\xe7\x29\x5b\x6e\xb6\xa4"
448+ "\xad\x0b\x4e\x72\x95\x25\x58\x56\x33\x9c\x67\xce\xef\x0f\x17\xbf"
449+ "\x4c\x7b\x2d\xe6\xfe\x76\x35\x27\x5a\x07\x97\x67\xe8\xae\x8d\x71"
450+ "\x0f\xb2\x13\x99\xb9\xbc\x14\xad\xb3\xb7\xe6\x11\x6f\xe0\xda\x58"
451+ "\xb1\x08\xac\xa6\x6c\x2d\x7f\x05\xb7\x56\xd2\xe6\xcf\xbb\x4d\x0c"
452+ "\xe3\x50\xb2\xec\x91\xf0\x4a\xb8\xd6\x22\xb8\xa7\xf6\x67\xaf\xcf"
453+ "\x63\x7e\xd7\xe7\x42\xd8\xbd\xc3\x71\xa1\xf2\x7e\x9b\xa8\x97\x83"
454+ "\x6e\xd1\xdc\x4b\x06\x11\x2d\xae\x26\x61\x98\x72\x10\xf4\x42\x5d"
455+ "\x20\x4a\xa3\x73\xd7\xf2\xcd\x3c\x48\x32\xe4\x03\x9f\x80\x37\x08"
456+ "\x36\x11\xd0\xcb\x97\x6c\x08\xed\x6d\x33\x24\xa2\x1b\xb4\x77\xdf"
457+ "\x61\x5d\x5f\xc1\x43\xc2\x82\xeb\x0f\x5d\x84\x08\x68\xaa\xa4\x01"
458+ "\xe1\x19\xdf\xbc\x31\x65\xfe\xd1\xf5\x7d\x7a\xb2\x2a\x33\x50\x21"
459+ "\x2a\x56\x9d\xb1\x81\xab\xdb\x35\x78\x30\x83\xd9\x89\x1d\x31\xac"
460+ "\x96\x14\x07\x61\xbc\x20\x68\x42\x85\x33\x19\xac\xbe\xdb\x34\x56"
461+ "\xf1\xd5\xfd\x29\xa9\x28\xdb\xcb\x4c\x5a\x23\xdc\xf5\x96\xc5\x10"
462+ "\xa3\x35\x5b\x14\x68\xd3\x61\x62\x64\x76\x26\xcb\x17\x3e\x34\x98"
463+ "\x04\xa3\xc4\x20\x38\x90\x92\xe3\xc8\x07\x2c\x36\x74\x66\x26\x0e"
464+ "\x29\x02\x64\x29\x2d\x21\xe6\x16\x9c\x6b\xce\xa3\x89\xd9\x4f\xd3"
465+ "\xc4\xbd\xc5\x87\x79\x9c\x65\xf6\x39\x45\x60\xe8\xce\x9e\xab\x6d"
466+ "\x13\x15\x22\xe1\x5e\x4b\x38\x42\xc4\x1e\xd5\x76\xe0\xc5\xeb\x85"
467+ "\x07\x2d\x0f\xb8\xb6\xa6\xd6\x6d\x71\x0d\xa2\x43\x4c\x25\xea\xfa"
468+ "\xa1\xae\x4c\xe4\x7d\xbd\x76\xa9\xfb\x06\xc2\x83\x42\xeb\xad\xe7"
469+ "\xe9\x5f\x68\x6f\xba\xfb\x2f\x07\xce\xb8\x13\xc1\x9b\xeb\xb0\x76"
470+ "\x45\x57\x28\x7b\xea\xbe\x0f\xf4\x30\x7b\xa0\xed\xe4\x22\x93\x21"
471+ "\xfc\xbc\xe0\xb9\x75\xc1\x4f\xfc\xef\xb6\xfa\xa1\xfc\x64\xa1\x4a"
472+ "\x82\xc7\x33\xad\x75\xed\x82\xbd\x3d\xdb\xf7\xa8\xbe\x5e\xbb\x36"
473+ "\x62\x04\x9a\x2e\xc5\xd9\x9e\x9c\x3a\x0b\x98\x0b\x57\xac\xf1\x24"
474+ "\x62\x58\x83\x15\x5b\xa6\xf2\xda\x34\x70\x03\xce\x0f\x93\x1b\x12"
475+ "\xc7\xce\x54\x87\x33\x15\xd6\x53\x25\x1f\x2a\x90\x87\x12\xe3\x78"
476+ "\xef\x55\x77\x4d\x4a\xd8\x7e\xef\xd2\xfd\xd1\xaf\x3a\xaf\x55\xdb"
477+ "\x6a\x2d\x3d\x42\xac\x51\x79\xee\x91\xab\xe1\x05\x2d\x3c\x80\xa2"
478+ "\x43\xad\x22\x2e\xd5\x33\x13\xa4\x9e\x00\xe0\x04\x10\x84\xc8\xf2"
479+ "\x19\x30\x92\x1f\xaa\xc3\x28\xc9\x76\x30\x3f\xe9\x10\x61\x5e\x79"
480+ "\xd5\xf7\xdf\xd0\x54\xdb\xae\xb6\xae\xfa\xe8\xa3\x57\xe0\x6c\x2d"
481+ "\xf7\xbd\x49\xd6\x6e\x76\x79\xcc\x54\x0c\x5f\xff\x00\xbb\x06\x98"
482+ "\xa6\x9e\x89\x61\xb4\x6f\xc3\xe3\x6a\xc2\x4f\x59\x03\xc9\x80\x2c"
483+ "\x59\x24\x44\x70\x38\xd5\x96\x6a\x9e\x8b\x81\x64\xe5\xbc\xa0\x3c"
484+ "\x33\xaf\x17\x9d\xff\x00\x71\x1a\xd1\x3a\x80\x66\xb3\xd9\x31\x77"
485+ "\x0d\x12\xbd\xae\x29\xb5\x6a\xd6\xcf\x8d\x68\x87\x75\xcd\xe8\x65"
486+ "\x5a\xbe\x3c\x04\x7b\x34\xdb\x54\x19\xa4\x63\x9c\x2a\x5d\x23\xbe"
487+ "\xf4\xb1\x1c\x4d\x90\xec\x92\x2f\x49\x71\xf7\x14\xf2\x97\x9f\x15"
488+ "\x57\xed\x13\x21\x2a\xf5\x33\xd1\x2a\x52\x52\xac\xb7\x62\xd1\xcb"
489+ "\x46\x73\x8c\x67\x28\x56\x77\x86\xbf\x6f\x2a\x4e\x73\xfe\x95\x65"
490+ "\x0b\x5a\x3e\x38\xfc\xfc\xaa\x56\x3f\x86\x73\xe3\xb9\x4a\x52\x84"
491+ "\xa5\x08\x4e\x12\x94\x27\x09\x4a\x53\x8c\x61\x29\x4a\x71\xf0\x4a"
492+ "\x53\x8c\x7e\x31\x8c\x63\x18\xc6\x31\x8f\xc6\x31\xf8\xc7\x9f\x7c"
493+ "\xd5\xbb\xae\x5e\xe2\x1f\xab\x6e\x24\x34\x00\x8a\x25\x83\x70\x40"
494+ "\x1c\xcc\xda\x45\x7f\x66\x4e\x30\x2e\x94\x7e\x74\x49\xf0\xe4\x4e"
495+ "\x06\x5c\xa8\x2f\x89\x21\x2e\x98\x0e\xd9\x21\xc2\x0b\x21\x0f\xc4"
496+ "\x16\x6e\x48\xd9\xe4\xe3\x4a\x19\x1e\x64\x67\x54\xff\x00\x3a\x6d"
497+ "\x4f\x62\xb5\x00\x4a\xaa\x51\xfd\x2d\xe8\x0e\x6c\xaf\xc6\x7d\x6d"
498+ "\xc8\x88\xc7\x67\xea\x8a\x58\x02\x73\xe3\x65\x4d\xc9\x24\xc0\x3d"
499+ "\x57\xa3\x2e\x53\x16\x99\x4f\xe5\xe7\x19\x97\x3e\x3b\xcf\xc9\x4b"
500+ "\x99\x7f\x33\x25\xa5\xdf\xba\x77\x2b\xd3\x3e\xc2\x7b\x8b\x94\x07"
501+ "\xe9\x52\x5b\x43\x87\x34\x14\x86\x37\xcf\x41\x6b\x8e\x6a\xa5\x22"
502+ "\xab\xdb\x96\xa2\xcf\x46\xd8\x9b\x45\x93\xef\xd6\xdf\x3e\x99\x9c"
503+ "\x7e\x29\x10\x6b\x6c\xa2\xb8\x43\x05\x09\x44\x70\x8c\xb8\xaa\x54"
504+ "\x7c\x30\x36\x5e\x1c\x5e\x5b\x9f\x6c\x0d\x81\xee\xa0\x93\x8d\x67"
505+ "\x55\xf3\x87\xaf\xaa\x6b\x58\xf9\xbe\xb2\x36\x07\x42\x6e\xbd\x96"
506+ "\xe3\x9f\x1f\x8f\xc9\xf4\x9d\xae\x6a\x7d\x4c\x96\xbe\x5f\xc7\xcd"
507+ "\xf3\xb2\xf7\xcd\xf0\xcf\xc3\xe4\xf8\xfe\x37\x4f\x1c\x4d\xf6\x40"
508+ "\xf1\x6b\x7c\x4e\xe0\xa6\x71\xad\x56\xa7\x1c\x5c\x15\x6b\xfc\xf3"
509+ "\x01\x5d\xac\xf1\x75\x9a\x72\x6b\xaa\x28\xc5\x88\x6d\xfb\x33\x85"
510+ "\xe0\x4e\x61\xab\xeb\x31\x2c\x71\x08\x73\x11\x3b\xfc\xb5\xc0\x96"
511+ "\xcc\x87\x24\x44\xb5\x9b\x9e\xb3\x71\xba\xe9\xed\xb1\x4e\xd7\x76"
512+ "\x6c\xd2\xb6\x05\xb7\x5a\xde\xeb\x34\x5b\x96\x16\xfb\x59\xa9\x5c"
513+ "\x4f\x55\xca\x8a\xac\x59\xb0\xe4\x54\x39\x25\xbc\x81\x37\x2a\x09"
514+ "\x5f\x9e\x3b\x6b\x7d\x1f\x69\xf3\x34\x85\x39\x84\xa7\x28\x0b\xd3"
515+ "\xfd\xfb\x4b\x7a\xea\xe7\xd2\x3c\xd3\xda\x15\x68\xbc\x73\xd3\x22"
516+ "\x6f\xd7\x72\x5b\x2b\x66\xee\xa8\x0d\x54\xe8\x5b\xf9\x92\x96\x92"
517+ "\x93\xea\x97\x4a\xc7\x43\x10\x46\x35\xc5\xc0\x60\x8a\xe4\xc1\xb5"
518+ "\x36\xc6\xae\xed\xf7\x70\xa5\x86\x99\x3d\x91\xf8\xfd\x4e\x53\xeb"
519+ "\xbb\xbd\x6d\xec\x8f\xd7\x89\x3d\x31\x7f\xd7\x78\xba\x50\xbb\x74"
520+ "\x9d\xf6\xac\x4e\xb9\x03\x9c\x79\xd5\xe1\xbd\x17\x68\xd9\x13\x0b"
521+ "\x45\x75\x88\x00\x1d\x1f\xae\x73\x6a\x1d\x5c\x6e\x44\x9f\xa6\xfa"
522+ "\x4e\xd8\x25\x8b\xc0\xbc\xb2\x99\xe3\x17\x24\xb3\x23\xe2\x48\x8b"
523+ "\xfa\x22\xe7\x7e\x8f\xe6\x3f\x5f\x55\x0d\x75\xd3\x51\x0b\xd7\xed"
524+ "\xd3\x6f\x97\x3b\x85\x42\x80\x7e\x5f\xdc\x1b\xd6\xba\xee\xc4\x80"
525+ "\xce\x06\xa9\x15\x8c\x97\x5f\x40\x69\xb2\x4d\xc5\xb2\x5c\x1e\x01"
526+ "\x87\x7e\xe0\x36\x6d\x78\x80\x4e\x3c\x02\xec\x90\x1d\x11\x81\x74"
527+ "\xa5\x8b\xa4\xa0\x56\x06\xd5\x79\x72\x85\x57\x3b\xb2\x2e\xae\x90"
528+ "\x18\x8d\x91\xb2\x0e\x44\x19\xaa\xb4\xcc\x08\xed\x46\xfa\xd7\x2b"
529+ "\x78\x58\x72\x5d\xbb\x5e\x49\xe7\xee\xf3\x8a\x9d\x22\xa4\x19\xc8"
530+ "\xe7\x08\xc3\x90\x9b\x35\x9a\xa4\x25\x8c\x4b\x9b\xa7\xf8\xbf\x81"
531+ "\xf5\xdf\x22\x66\xf1\x7e\x9f\x66\x3d\xbb\xfa\x73\x73\x4d\xfd\x67"
532+ "\x7b\xf4\xce\xc3\x62\x2e\x6f\xbb\x0c\xa2\xdc\x69\xfc\x8a\x17\x0e"
533+ "\x3a\x9e\x83\x46\xd7\xe3\x5e\x65\x86\xc0\x51\x00\xbb\x91\xe3\xe1"
534+ "\xc1\x16\xc4\xe9\x65\x5c\x14\x3e\x44\x6a\x6b\xd1\x1e\xb0\x36\xdd"
535+ "\x0b\x7d\x8a\xeb\xaf\x58\x5b\x64\x3f\x38\xed\x52\x76\xe8\x46\xf7"
536+ "\x86\x84\xb3\x93\xb1\x0b\xe5\xfd\xfd\x0d\xe9\x6d\xe4\xf1\x1b\x1d"
537+ "\x56\xb4\x34\xe4\x6a\xf5\xa4\x9c\x2c\xc9\x64\x94\xc1\xf5\x79\x6d"
538+ "\x12\x96\xf3\x47\xc5\x48\xa8\xdb\xd8\x95\x64\x29\xcf\xf6\x88\xf1"
539+ "\x95\x7a\x98\xe8\xbc\x27\x19\xce\x73\x61\xd1\xb8\xc6\x31\x8c\xe7"
540+ "\x39\xce\x77\x9e\xbc\xc6\x31\x8c\x63\xf3\x9c\xe7\x39\xc6\x31\x8f"
541+ "\xf7\xce\x7e\x1e\x3b\x7f\x0f\x0f\x0f\x13\x57\xb9\x0a\xe1\x0b\x64"
542+ "\x5f\x58\x40\xc6\xc7\x7a\x4b\xf2\x3d\xbc\x71\xf4\xa7\xd2\xca\x14"
543+ "\xe2\x98\x1a\x30\x1e\xe0\x26\x5a\x6a\xf0\x9c\x67\x38\x66\x00\xb8"
544+ "\x72\xe6\xbe\xac\xfe\x12\xd3\x0b\x56\x73\x8c\x63\xc7\x2b\xe1\xe2"
545+ "\xe8\xdd\x7b\xff\x00\xd8\xe5\x23\x6c\xce\xa8\x69\xcf\x5e\x3a\xef"
546+ "\x77\xea\xe5\xab\x0e\x82\xdb\xd9\xed\x7a\x9e\xb8\x6d\x51\x32\xdb"
547+ "\x79\xc3\x36\x9a\x2d\xa3\x50\x39\x65\x0a\x63\x0e\xe5\xd4\x39\x12"
548+ "\xbf\x8b\x98\xa4\xa1\x2d\xad\xb3\xcf\x65\x6a\x43\x78\xb3\x3b\x07"
549+ "\xd8\xd5\xea\xae\x76\xad\x6f\xf5\xff\x00\xca\x93\xab\x96\xb0\x64"
550+ "\xeb\xd6\x4a\xd5\x87\xba\xec\x24\x60\x97\x06\x76\x03\xe3\x4c\x07"
551+ "\x29\x11\x8e\x34\x25\x02\x64\x29\xf0\x25\x48\x85\x3a\x33\x8b\x7a"
552+ "\x3c\x86\x1e\x75\xa5\x61\xc6\x97\x9f\x8d\x25\xf5\xc9\xcd\xde\xc9"
553+ "\x7d\x77\xf2\xc8\x7e\x70\xaf\x73\x5f\x2d\xec\xa2\x51\x2d\x96\xfb"
554+ "\x89\xad\x80\x57\xb2\x36\x1d\x7d\x83\x45\xac\xf3\xdb\xcc\x6c\x31"
555+ "\x4f\xcf\x30\x58\xd0\x12\x28\x90\x50\x42\x86\xfb\x48\x16\x3c\xc5"
556+ "\x9c\xf8\xe7\xcc\x29\x88\xb3\x4a\x4b\x4e\x6c\xbc\xdb\xc7\xbb\xe9"
557+ "\xb6\xa0\x8b\x11\xa1\x7d\x73\xd7\xe9\xbf\x7e\xc2\x6c\x10\x8d\xee"
558+ "\x9d\xef\x63\x3a\xe0\xf5\xbe\x8c\x3e\xa1\xc7\xc5\xd1\x00\x44\x1e"
559+ "\xf3\x51\xf2\xe2\xb0\xe3\xb5\x13\x7f\x32\xf1\x8c\xa6\x22\xfe\x1f"
560+ "\x49\x4d\xbb\xcf\x3a\x5d\xed\x4c\xd2\xfc\x85\xed\x23\xd6\xc7\x50"
561+ "\xb6\x5b\x3a\x16\x83\xb8\x6f\xfd\x32\x3f\xaa\x36\x34\xbb\xf5\x96"
562+ "\xa9\xab\xcf\x9f\x8f\xac\xc3\xca\xd5\x8b\xd8\x48\x9e\x79\xaa\x30"
563+ "\x87\xca\x58\x4d\x59\x96\xb9\x4f\xc5\x1b\x1c\xd2\xda\x5b\xe6\x57"
564+ "\x29\xa1\x28\x7a\x2b\x5b\xff\x00\x12\x2f\x5e\x3f\xf3\xbb\x8e\x7f"
565+ "\xec\xc6\x98\xff\x00\xed\x3c\xa6\xdd\xa9\xdc\x7e\xa0\xf7\xd6\x99"
566+ "\x31\xa2\xf7\xaf\x6b\xe9\x82\x74\x4b\x3d\x8f\x5e\x58\x0b\x33\xab"
567+ "\xef\xc3\xaf\x84\x64\xb9\xae\xb6\x25\x5f\x62\x8f\x1c\xe3\xf4\x51"
568+ "\xb7\x96\xe3\x0e\x30\x42\xa9\x18\x39\xbf\x9e\x2a\x1f\x74\x19\x02"
569+ "\x2d\x43\x93\x06\x63\xb1\xa7\x47\x6a\xfa\x9b\x6c\xeb\xbd\xe9\xae"
570+ "\x6a\x7b\x6f\x53\x5a\x60\x5d\xb5\xcd\xe8\x67\xeb\x35\x3b\x48\xc6"
571+ "\xa6\xb3\x04\xc8\xdf\xb8\x7e\x26\x64\xb0\xc9\x18\xb0\xa7\x33\xf2"
572+ "\x4a\x8b\x22\x3b\x8d\x4b\x89\x1d\xf6\x9d\x65\xc4\x38\xd2\x54\x9c"
573+ "\xe3\xcd\x89\xe1\xe1\xe6\x3e\x70\x81\x45\x1d\x18\xf9\x31\x83\xc8"
574+ "\xbe\x14\x82\x4b\x87\x7a\x74\x28\xd2\xdd\x12\x55\x30\xe6\x0e\x49"
575+ "\x31\x8e\x48\x69\xc5\xc0\x20\x91\xe4\x48\x41\x4c\xd8\xb9\x6a\x4e"
576+ "\x21\xce\x99\x1b\x0e\xfd\x09\x4f\xa1\x79\x0f\x0f\x0f\x0f\x0f\x0f"
577+ "\x0f\x3f\x3c\xb8\x71\x27\xc7\x72\x24\xe8\xb1\xa6\xc5\x7b\x18\xc3"
578+ "\xb1\xa5\xb0\xd4\x98\xee\xe3\x19\xc6\x71\x87\x19\x79\x2b\x6d\x78"
579+ "\xc6\x71\x8c\xe3\x0a\x4e\x71\x8c\xe3\x19\xfe\x38\xf2\x3b\xfb\x8b"
580+ "\x48\xfe\x4e\xaa\xff\x00\x4f\x08\xff\x00\xc7\xe1\xfb\x8b\x48\xfe"
581+ "\x4e\xaa\xff\x00\x4f\x08\xff\x00\xc7\xe4\x95\x86\x18\x8a\xcb\x31"
582+ "\xa3\x32\xd4\x78\xf1\xdb\x43\x2c\x47\x61\xb4\x32\xcb\x2c\xb4\x9c"
583+ "\x21\xb6\x99\x69\xbc\x25\xb6\xdb\x6d\x18\xc2\x10\xda\x12\x94\xa1"
584+ "\x38\xc2\x53\x8c\x63\x18\xc7\x9d\xbe\x7f\xff\xd9"
585+ ;
586diff -Nura php-5.3.6/main/suhosin_patch.c suhosin-patch-5.3.6-0.9.10/main/suhosin_patch.c
587--- php-5.3.6/main/suhosin_patch.c 1970-01-01 01:00:00.000000000 +0100
588+++ suhosin-patch-5.3.6-0.9.10/main/suhosin_patch.c 2011-03-19 10:48:33.813975198 +0100
589@@ -0,0 +1,470 @@
590+/*
591+ +----------------------------------------------------------------------+
592+ | Suhosin Patch for PHP |
593+ +----------------------------------------------------------------------+
594+ | Copyright (c) 2004-2010 Stefan Esser |
595+ +----------------------------------------------------------------------+
596+ | This source file is subject to version 2.02 of the PHP license, |
597+ | that is bundled with this package in the file LICENSE, and is |
598+ | available at through the world-wide-web at |
599+ | http://www.php.net/license/2_02.txt. |
600+ | If you did not receive a copy of the PHP license and are unable to |
601+ | obtain it through the world-wide-web, please send a note to |
602+ | license@php.net so we can mail you a copy immediately. |
603+ +----------------------------------------------------------------------+
604+ | Author: Stefan Esser <sesser@hardened-php.net> |
605+ +----------------------------------------------------------------------+
606+ */
607+/* $Id: suhosin_patch.c,v 1.2 2004/11/21 09:38:52 ionic Exp $ */
608+
609+#include "php.h"
610+
611+#include <stdio.h>
612+#include <stdlib.h>
613+#include <sys/mman.h>
614+
615+#if HAVE_UNISTD_H
616+#include <unistd.h>
617+#endif
618+#include "SAPI.h"
619+#include "php_globals.h"
620+
621+#if SUHOSIN_PATCH
622+
623+#ifdef HAVE_SYS_SOCKET_H
624+#include <sys/socket.h>
625+#endif
626+
627+#if defined(PHP_WIN32) || defined(__riscos__) || defined(NETWARE)
628+#undef AF_UNIX
629+#endif
630+
631+#if defined(AF_UNIX)
632+#include <sys/un.h>
633+#endif
634+
635+#define SYSLOG_PATH "/dev/log"
636+
637+#ifdef PHP_WIN32
638+static HANDLE log_source = 0;
639+#endif
640+
641+#include "snprintf.h"
642+
643+#include "suhosin_patch.h"
644+
645+#ifdef ZTS
646+#include "suhosin_globals.h"
647+int suhosin_patch_globals_id;
648+#else
649+struct _suhosin_patch_globals suhosin_patch_globals;
650+#endif
651+
652+static char *suhosin_config = NULL;
653+
654+static zend_intptr_t SUHOSIN_POINTER_GUARD = 0;
655+
656+static void php_security_log(int loglevel, char *fmt, ...);
657+
658+static void suhosin_patch_globals_ctor(suhosin_patch_globals_struct *suhosin_patch_globals TSRMLS_DC)
659+{
660+ memset(suhosin_patch_globals, 0, sizeof(*suhosin_patch_globals));
661+}
662+
663+ZEND_API char suhosin_get_config(int element)
664+{
665+ return ((char *)SUHOSIN_MANGLE_PTR(suhosin_config))[element];
666+}
667+
668+static void suhosin_set_config(int element, char value)
669+{ 69+{
670+ ((char *)SUHOSIN_MANGLE_PTR(suhosin_config))[element] = value; 70+ if (!new_value) {
71+ SPG(log_syslog) = S_ALL & ~S_SQL | S_MEMORY;
72+ } else {
73+ SPG(log_syslog) = atoi(new_value) | S_MEMORY;
74+ }
75+ return SUCCESS;
671+} 76+}
672+ 77+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog_facility)
673+static void suhosin_read_configuration_from_environment()
674+{ 78+{
675+ char *tmp; 79+ if (!new_value) {
676+ 80+ SPG(log_syslog_facility) = LOG_USER;
677+ /* check if canary protection should be activated or not */ 81+ } else {
678+ tmp = getenv("SUHOSIN_MM_USE_CANARY_PROTECTION"); 82+ SPG(log_syslog_facility) = atoi(new_value);
679+ /* default to activated */ 83+ }
680+ suhosin_set_config(SUHOSIN_MM_USE_CANARY_PROTECTION, 1); 84+ return SUCCESS;
681+ if (tmp) {
682+ int flag = zend_atoi(tmp, 0);
683+ suhosin_set_config(SUHOSIN_MM_USE_CANARY_PROTECTION, flag);
684+ }
685+
686+ /* check if free memory should be overwritten with 0xFF or not */
687+ tmp = getenv("SUHOSIN_MM_DESTROY_FREE_MEMORY");
688+ /* default to deactivated */
689+ suhosin_set_config(SUHOSIN_MM_DESTROY_FREE_MEMORY, 0);
690+ if (tmp) {
691+ int flag = zend_atoi(tmp, 0);
692+ suhosin_set_config(SUHOSIN_MM_DESTROY_FREE_MEMORY, flag);
693+ }
694+
695+ /* check if canary violations should be ignored */
696+ tmp = getenv("SUHOSIN_MM_IGNORE_CANARY_VIOLATION");
697+ /* default to NOT ignore */
698+ suhosin_set_config(SUHOSIN_MM_IGNORE_CANARY_VIOLATION, 0);
699+ if (tmp) {
700+ int flag = zend_atoi(tmp, 0);
701+ suhosin_set_config(SUHOSIN_MM_IGNORE_CANARY_VIOLATION, flag);
702+ }
703+
704+ /* check if invalid hashtable destructors should be ignored */
705+ tmp = getenv("SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR");
706+ /* default to NOT ignore */
707+ suhosin_set_config(SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR, 0);
708+ if (tmp) {
709+ int flag = zend_atoi(tmp, 0);
710+ suhosin_set_config(SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR, flag);
711+ }
712+
713+ /* check if invalid linkedlist destructors should be ignored */
714+ tmp = getenv("SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR");
715+ /* default to NOT ignore */
716+ suhosin_set_config(SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR, 0);
717+ if (tmp) {
718+ int flag = zend_atoi(tmp, 0);
719+ suhosin_set_config(SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR, flag);
720+ }
721+
722+ suhosin_set_config(SUHOSIN_CONFIG_SET, 1);
723+} 85+}
724+ 86+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog_priority)
725+static void suhosin_write_protect_configuration()
726+{ 87+{
727+ /* check return value of mprotect() to ensure memory is read only now */ 88+ if (!new_value) {
728+ if (mprotect(SUHOSIN_MANGLE_PTR(suhosin_config), sysconf(_SC_PAGESIZE), PROT_READ) != 0) { 89+ SPG(log_syslog_priority) = LOG_ALERT;
729+ perror("suhosin"); 90+ } else {
730+ _exit(1); 91+ SPG(log_syslog_priority) = atoi(new_value);
731+ } 92+ }
93+ return SUCCESS;
732+} 94+}
733+ 95+static ZEND_INI_MH(OnUpdateSuhosin_log_sapi)
734+PHPAPI void suhosin_startup()
735+{ 96+{
736+#ifdef ZTS 97+ if (!new_value) {
737+ ts_allocate_id(&suhosin_patch_globals_id, sizeof(suhosin_patch_globals_struct), (ts_allocate_ctor) suhosin_patch_globals_ctor, NULL); 98+ SPG(log_sapi) = S_ALL & ~S_SQL;
738+#else 99+ } else {
739+ suhosin_patch_globals_ctor(&suhosin_patch_globals TSRMLS_CC); 100+ SPG(log_sapi) = atoi(new_value);
740+#endif
741+ zend_suhosin_log = php_security_log;
742+
743+ /* get the pointer guardian and ensure low 3 bits are 1 */
744+ if (SUHOSIN_POINTER_GUARD == 0) {
745+ zend_canary(&SUHOSIN_POINTER_GUARD, sizeof(SUHOSIN_POINTER_GUARD));
746+ SUHOSIN_POINTER_GUARD |= 7;
747+ }
748+
749+ if (!suhosin_config) {
750+#ifndef MAP_ANONYMOUS
751+#define MAP_ANONYMOUS MAP_ANON
752+#endif
753+ suhosin_config = mmap(NULL, sysconf(_SC_PAGESIZE), PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
754+ if (suhosin_config == MAP_FAILED) {
755+ perror("suhosin");
756+ _exit(1);
757+ }
758+ suhosin_config = SUHOSIN_MANGLE_PTR(suhosin_config);
759+ } 101+ }
760+ if (!SUHOSIN_CONFIG(SUHOSIN_CONFIG_SET)) { 102+ return SUCCESS;
761+ suhosin_read_configuration_from_environment();
762+ suhosin_write_protect_configuration();
763+ }
764+} 103+}
765+ 104+static ZEND_INI_MH(OnUpdateSuhosin_log_script)
766+static char *loglevel2string(int loglevel)
767+{ 105+{
768+ switch (loglevel) { 106+ if (!new_value) {
769+ case S_FILES: 107+ SPG(log_script) = S_ALL & ~S_MEMORY;
770+ return "FILES"; 108+ } else {
771+ case S_INCLUDE: 109+ SPG(log_script) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);
772+ return "INCLUDE";
773+ case S_MEMORY:
774+ return "MEMORY";
775+ case S_MISC:
776+ return "MISC";
777+ case S_SESSION:
778+ return "SESSION";
779+ case S_SQL:
780+ return "SQL";
781+ case S_EXECUTOR:
782+ return "EXECUTOR";
783+ case S_VARS:
784+ return "VARS";
785+ default:
786+ return "UNKNOWN";
787+ } 110+ }
111+ return SUCCESS;
788+} 112+}
789+ 113+static ZEND_INI_MH(OnUpdateSuhosin_log_scriptname)
790+static void php_security_log(int loglevel, char *fmt, ...)
791+{ 114+{
792+ int s, r, i=0; 115+ if (SPG(log_scriptname)) {
793+#if defined(AF_UNIX) 116+ pefree(SPG(log_scriptname),1);
794+ struct sockaddr_un saun;
795+#endif
796+#ifdef PHP_WIN32
797+ LPTSTR strs[2];
798+ unsigned short etype;
799+ DWORD evid;
800+#endif
801+ char buf[4096+64];
802+ char error[4096+100];
803+ char *ip_address;
804+ char *fname;
805+ char *alertstring;
806+ int lineno;
807+ va_list ap;
808+ TSRMLS_FETCH();
809+
810+ /*SDEBUG("(suhosin_log) loglevel: %d log_syslog: %u - log_sapi: %u - log_script: %u", loglevel, SPG(log_syslog), SPG(log_sapi), SPG(log_script));*/
811+
812+ if (SPG(log_use_x_forwarded_for)) {
813+ ip_address = sapi_getenv("HTTP_X_FORWARDED_FOR", 20 TSRMLS_CC);
814+ if (ip_address == NULL) {
815+ ip_address = "X-FORWARDED-FOR not set";
816+ }
817+ } else {
818+ ip_address = sapi_getenv("REMOTE_ADDR", 11 TSRMLS_CC);
819+ if (ip_address == NULL) {
820+ ip_address = "REMOTE_ADDR not set";
821+ }
822+ } 117+ }
823+ 118+ SPG(log_scriptname) = NULL;
824+ 119+ if (new_value) {
825+ va_start(ap, fmt); 120+ SPG(log_scriptname) = pestrdup(new_value,1);
826+ ap_php_vsnprintf(error, sizeof(error), fmt, ap);
827+ va_end(ap);
828+ while (error[i]) {
829+ if (error[i] < 32) error[i] = '.';
830+ i++;
831+ } 121+ }
832+ 122+ return SUCCESS;
833+/* if (SPG(simulation)) { 123+}
834+ alertstring = "ALERT-SIMULATION"; 124+static ZEND_INI_MH(OnUpdateSuhosin_log_phpscript)
835+ } else { */ 125+{
836+ alertstring = "ALERT"; 126+ if (!new_value) {
837+/* }*/ 127+ SPG(log_phpscript) = S_ALL & ~S_MEMORY;
838+
839+ if (zend_is_executing(TSRMLS_C)) {
840+ if (EG(current_execute_data)) {
841+ lineno = EG(current_execute_data)->opline->lineno;
842+ fname = EG(current_execute_data)->op_array->filename;
843+ } else {
844+ lineno = zend_get_executed_lineno(TSRMLS_C);
845+ fname = zend_get_executed_filename(TSRMLS_C);
846+ }
847+ ap_php_snprintf(buf, sizeof(buf), "%s - %s (attacker '%s', file '%s', line %u)", alertstring, error, ip_address, fname, lineno);
848+ } else { 128+ } else {
849+ fname = sapi_getenv("SCRIPT_FILENAME", 15 TSRMLS_CC); 129+ SPG(log_phpscript) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);
850+ if (fname==NULL) {
851+ fname = "unknown";
852+ }
853+ ap_php_snprintf(buf, sizeof(buf), "%s - %s (attacker '%s', file '%s')", alertstring, error, ip_address, fname);
854+ }
855+
856+ /* Syslog-Logging disabled? */
857+ if (((SPG(log_syslog)|S_INTERNAL) & loglevel)==0) {
858+ goto log_sapi;
859+ }
860+
861+#if defined(AF_UNIX)
862+ ap_php_snprintf(error, sizeof(error), "<%u>suhosin[%u]: %s\n", (unsigned int)(SPG(log_syslog_facility)|SPG(log_syslog_priority)),getpid(),buf);
863+
864+ s = socket(AF_UNIX, SOCK_DGRAM, 0);
865+ if (s == -1) {
866+ goto log_sapi;
867+ }
868+
869+ memset(&saun, 0, sizeof(saun));
870+ saun.sun_family = AF_UNIX;
871+ strcpy(saun.sun_path, SYSLOG_PATH);
872+ /*saun.sun_len = sizeof(saun);*/
873+
874+ r = connect(s, (struct sockaddr *)&saun, sizeof(saun));
875+ if (r) {
876+ close(s);
877+ s = socket(AF_UNIX, SOCK_STREAM, 0);
878+ if (s == -1) {
879+ goto log_sapi;
880+ }
881+
882+ memset(&saun, 0, sizeof(saun));
883+ saun.sun_family = AF_UNIX;
884+ strcpy(saun.sun_path, SYSLOG_PATH);
885+ /*saun.sun_len = sizeof(saun);*/
886+
887+ r = connect(s, (struct sockaddr *)&saun, sizeof(saun));
888+ if (r) {
889+ close(s);
890+ goto log_sapi;
891+ }
892+ }
893+ send(s, error, strlen(error), 0);
894+
895+ close(s);
896+#endif
897+#ifdef PHP_WIN32
898+ ap_php_snprintf(error, sizeof(error), "suhosin[%u]: %s", getpid(),buf);
899+
900+ switch (SPG(log_syslog_priority)) { /* translate UNIX type into NT type */
901+ case 1: /*LOG_ALERT:*/
902+ etype = EVENTLOG_ERROR_TYPE;
903+ break;
904+ case 6: /*LOG_INFO:*/
905+ etype = EVENTLOG_INFORMATION_TYPE;
906+ break;
907+ default:
908+ etype = EVENTLOG_WARNING_TYPE;
909+ }
910+ evid = loglevel;
911+ strs[0] = error;
912+ /* report the event */
913+ if (log_source == NULL) {
914+ log_source = RegisterEventSource(NULL, "Suhosin-Patch-" SUHOSIN_PATCH_VERSION);
915+ }
916+ ReportEvent(log_source, etype, (unsigned short) SPG(log_syslog_priority), evid, NULL, 1, 0, strs, NULL);
917+
918+#endif
919+log_sapi:
920+ /* SAPI Logging activated? */
921+ /*SDEBUG("(suhosin_log) log_syslog: %u - log_sapi: %u - log_script: %u - log_phpscript: %u", SPG(log_syslog), SPG(log_sapi), SPG(log_script), SPG(log_phpscript));*/
922+ if (((SPG(log_sapi)|S_INTERNAL) & loglevel)!=0) {
923+ sapi_module.log_message(buf);
924+ }
925+
926+/*log_script:*/
927+ /* script logging activaed? */
928+ if (((SPG(log_script) & loglevel)!=0) && SPG(log_scriptname)!=NULL) {
929+ char cmd[8192], *cmdpos, *bufpos;
930+ FILE *in;
931+ int space;
932+
933+ ap_php_snprintf(cmd, sizeof(cmd), "%s %s \'", SPG(log_scriptname), loglevel2string(loglevel));
934+ space = sizeof(cmd) - strlen(cmd);
935+ cmdpos = cmd + strlen(cmd);
936+ bufpos = buf;
937+ if (space <= 1) return;
938+ while (space > 2 && *bufpos) {
939+ if (*bufpos == '\'') {
940+ if (space<=5) break;
941+ *cmdpos++ = '\'';
942+ *cmdpos++ = '\\';
943+ *cmdpos++ = '\'';
944+ *cmdpos++ = '\'';
945+ bufpos++;
946+ space-=4;
947+ } else {
948+ *cmdpos++ = *bufpos++;
949+ space--;
950+ }
951+ }
952+ *cmdpos++ = '\'';
953+ *cmdpos = 0;
954+
955+ if ((in=VCWD_POPEN(cmd, "r"))==NULL) {
956+ php_security_log(S_INTERNAL, "Unable to execute logging shell script: %s", SPG(log_scriptname));
957+ return;
958+ }
959+ /* read and forget the result */
960+ while (1) {
961+ int readbytes = fread(cmd, 1, sizeof(cmd), in);
962+ if (readbytes<=0) {
963+ break;
964+ }
965+ }
966+ pclose(in);
967+ }
968+/*log_phpscript:*/
969+ if ((SPG(log_phpscript) & loglevel)!=0 && EG(in_execution) && SPG(log_phpscriptname) && SPG(log_phpscriptname)[0]) {
970+ zend_file_handle file_handle;
971+ zend_op_array *new_op_array;
972+ zval *result = NULL;
973+
974+ /*long orig_execution_depth = SPG(execution_depth);*/
975+ zend_bool orig_safe_mode = PG(safe_mode);
976+ char *orig_basedir = PG(open_basedir);
977+
978+ char *phpscript = SPG(log_phpscriptname);
979+/*SDEBUG("scriptname %s", SPG(log_phpscriptname));`*/
980+#ifdef ZEND_ENGINE_2
981+ if (zend_stream_open(phpscript, &file_handle TSRMLS_CC) == SUCCESS) {
982+#else
983+ if (zend_open(phpscript, &file_handle) == SUCCESS && ZEND_IS_VALID_FILE_HANDLE(&file_handle)) {
984+ file_handle.filename = phpscript;
985+ file_handle.free_filename = 0;
986+#endif
987+ if (!file_handle.opened_path) {
988+ file_handle.opened_path = estrndup(phpscript, strlen(phpscript));
989+ }
990+ new_op_array = zend_compile_file(&file_handle, ZEND_REQUIRE TSRMLS_CC);
991+ zend_destroy_file_handle(&file_handle TSRMLS_CC);
992+ if (new_op_array) {
993+ HashTable *active_symbol_table = EG(active_symbol_table);
994+ zval *zerror, *zerror_class;
995+
996+ if (active_symbol_table == NULL) {
997+ active_symbol_table = &EG(symbol_table);
998+ }
999+ EG(return_value_ptr_ptr) = &result;
1000+ EG(active_op_array) = new_op_array;
1001+
1002+ MAKE_STD_ZVAL(zerror);
1003+ MAKE_STD_ZVAL(zerror_class);
1004+ ZVAL_STRING(zerror, buf, 1);
1005+ ZVAL_LONG(zerror_class, loglevel);
1006+
1007+ zend_hash_update(active_symbol_table, "SUHOSIN_ERROR", sizeof("SUHOSIN_ERROR"), (void **)&zerror, sizeof(zval *), NULL);
1008+ zend_hash_update(active_symbol_table, "SUHOSIN_ERRORCLASS", sizeof("SUHOSIN_ERRORCLASS"), (void **)&zerror_class, sizeof(zval *), NULL);
1009+
1010+ /*SPG(execution_depth) = 0;*/
1011+ if (SPG(log_phpscript_is_safe)) {
1012+ PG(safe_mode) = 0;
1013+ PG(open_basedir) = NULL;
1014+ }
1015+
1016+ zend_execute(new_op_array TSRMLS_CC);
1017+
1018+ /*SPG(execution_depth) = orig_execution_depth;*/
1019+ PG(safe_mode) = orig_safe_mode;
1020+ PG(open_basedir) = orig_basedir;
1021+
1022+#ifdef ZEND_ENGINE_2
1023+ destroy_op_array(new_op_array TSRMLS_CC);
1024+#else
1025+ destroy_op_array(new_op_array);
1026+#endif
1027+ efree(new_op_array);
1028+#ifdef ZEND_ENGINE_2
1029+ if (!EG(exception))
1030+#endif
1031+ {
1032+ if (EG(return_value_ptr_ptr)) {
1033+ zval_ptr_dtor(EG(return_value_ptr_ptr));
1034+ EG(return_value_ptr_ptr) = NULL;
1035+ }
1036+ }
1037+ } else {
1038+ php_security_log(S_INTERNAL, "Unable to execute logging PHP script: %s", SPG(log_phpscriptname));
1039+ return;
1040+ }
1041+ } else {
1042+ php_security_log(S_INTERNAL, "Unable to execute logging PHP script: %s", SPG(log_phpscriptname));
1043+ return;
1044+ }
1045+ } 130+ }
1046+ 131+ return SUCCESS;
1047+} 132+}
1048+
1049+
1050+#endif
1051+
1052+/*
1053+ * Local variables:
1054+ * tab-width: 4
1055+ * c-basic-offset: 4
1056+ * End:
1057+ * vim600: sw=4 ts=4 fdm=marker
1058+ * vim<600: sw=4 ts=4
1059+ */
1060diff -Nura php-5.3.6/main/suhosin_patch.h suhosin-patch-5.3.6-0.9.10/main/suhosin_patch.h
1061--- php-5.3.6/main/suhosin_patch.h 1970-01-01 01:00:00.000000000 +0100
1062+++ suhosin-patch-5.3.6-0.9.10/main/suhosin_patch.h 2011-03-19 10:48:33.813975198 +0100
1063@@ -0,0 +1,59 @@
1064+/*
1065+ +----------------------------------------------------------------------+
1066+ | Suhosin Patch for PHP |
1067+ +----------------------------------------------------------------------+
1068+ | Copyright (c) 2004-2010 Stefan Esser |
1069+ +----------------------------------------------------------------------+
1070+ | This source file is subject to version 2.02 of the PHP license, |
1071+ | that is bundled with this package in the file LICENSE, and is |
1072+ | available at through the world-wide-web at |
1073+ | http://www.php.net/license/2_02.txt. |
1074+ | If you did not receive a copy of the PHP license and are unable to |
1075+ | obtain it through the world-wide-web, please send a note to |
1076+ | license@php.net so we can mail you a copy immediately. |
1077+ +----------------------------------------------------------------------+
1078+ | Author: Stefan Esser <stefan.esser@sektioneins.de> |
1079+ +----------------------------------------------------------------------+
1080+ */
1081+
1082+#ifndef SUHOSIN_PATCH_H
1083+#define SUHOSIN_PATCH_H
1084+
1085+#if SUHOSIN_PATCH
1086+
1087+#include "zend.h"
1088+
1089+#define SUHOSIN_PATCH_VERSION "0.9.10"
1090+
1091+#define SUHOSIN_LOGO_GUID "SUHO8567F54-D428-14d2-A769-00DA302A5F18"
1092+
1093+#define SUHOSIN_CONFIG(idx) (suhosin_get_config(idx))
1094+
1095+#define SUHOSIN_MM_USE_CANARY_PROTECTION 0
1096+#define SUHOSIN_MM_DESTROY_FREE_MEMORY 1
1097+#define SUHOSIN_MM_IGNORE_CANARY_VIOLATION 2
1098+#define SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR 3
1099+#define SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR 4
1100+
1101+#define SUHOSIN_CONFIG_SET 100
1102+
1103+#include <sys/types.h>
1104+#include <sys/stat.h>
1105+#include <sys/mman.h>
1106+
1107+#if defined(DARWIN)
1108+#include <mach/vm_param.h>
1109+#endif 133+#endif
1110+ 134+
1111+#define SUHOSIN_MANGLE_PTR(ptr) (ptr==NULL?NULL:((void *)((zend_intptr_t)(ptr)^SUHOSIN_POINTER_GUARD))) 135 ZEND_INI_BEGIN()
1112+ 136 ZEND_INI_ENTRY("error_reporting", NULL, ZEND_INI_ALL, OnUpdateErrorReporting)
1113+#endif 137 STD_ZEND_INI_BOOLEAN("zend.enable_gc", "1", ZEND_INI_ALL, OnUpdateGCEnabled, gc_enabled, zend_gc_globals, gc_globals)
1114+ 138diff -Nura php-5.3.7/Zend/zend.h suhosin-patch-5.3.7-0.9.10/Zend/zend.h
1115+#endif /* SUHOSIN_PATCH_H */ 139--- php-5.3.7/Zend/zend.h 2011-01-16 21:39:22.000000000 +0100
1116+ 140+++ suhosin-patch-5.3.7-0.9.10/Zend/zend.h 2011-08-19 12:39:28.000000000 +0200
1117+/* 141@@ -627,6 +627,9 @@
1118+ * Local variables: 142 extern int (*zend_vspprintf)(char **pbuf, size_t max_len, const char *format, va_list ap);
1119+ * tab-width: 4 143 extern ZEND_API char *(*zend_getenv)(char *name, size_t name_len TSRMLS_DC);
1120+ * c-basic-offset: 4 144 extern ZEND_API char *(*zend_resolve_path)(const char *filename, int filename_len TSRMLS_DC);
1121+ * End:
1122+ */
1123diff -Nura php-5.3.6/main/suhosin_patch.m4 suhosin-patch-5.3.6-0.9.10/main/suhosin_patch.m4
1124--- php-5.3.6/main/suhosin_patch.m4 1970-01-01 01:00:00.000000000 +0100
1125+++ suhosin-patch-5.3.6-0.9.10/main/suhosin_patch.m4 2011-03-19 10:48:33.813975198 +0100
1126@@ -0,0 +1,8 @@
1127+dnl
1128+dnl $Id: suhosin_patch.m4,v 1.1 2004/11/14 13:24:24 ionic Exp $
1129+dnl
1130+dnl This file contains Suhosin Patch for PHP specific autoconf functions.
1131+dnl
1132+
1133+AC_DEFINE(SUHOSIN_PATCH, 1, [Suhosin Patch])
1134+
1135diff -Nura php-5.3.6/sapi/apache/mod_php5.c suhosin-patch-5.3.6-0.9.10/sapi/apache/mod_php5.c
1136--- php-5.3.6/sapi/apache/mod_php5.c 2011-01-01 03:19:59.000000000 +0100
1137+++ suhosin-patch-5.3.6-0.9.10/sapi/apache/mod_php5.c 2011-03-19 10:48:33.813975198 +0100
1138@@ -969,7 +969,11 @@
1139 {
1140 TSRMLS_FETCH();
1141 if (PG(expose_php)) {
1142+#if SUHOSIN_PATCH
1143+ ap_add_version_component("PHP/" PHP_VERSION " with Suhosin-Patch");
1144+#else
1145 ap_add_version_component("PHP/" PHP_VERSION);
1146+#endif
1147 }
1148 }
1149 #endif
1150diff -Nura php-5.3.6/sapi/apache2filter/sapi_apache2.c suhosin-patch-5.3.6-0.9.10/sapi/apache2filter/sapi_apache2.c
1151--- php-5.3.6/sapi/apache2filter/sapi_apache2.c 2011-01-01 03:19:59.000000000 +0100
1152+++ suhosin-patch-5.3.6-0.9.10/sapi/apache2filter/sapi_apache2.c 2011-03-19 10:48:33.813975198 +0100
1153@@ -583,7 +583,11 @@
1154 {
1155 TSRMLS_FETCH();
1156 if (PG(expose_php)) {
1157+#if SUHOSIN_PATCH 145+#if SUHOSIN_PATCH
1158+ ap_add_version_component(p, "PHP/" PHP_VERSION " with Suhosin-Patch"); 146+extern ZEND_API void (*zend_suhosin_log)(int loglevel, char *fmt, ...);
1159+#else
1160 ap_add_version_component(p, "PHP/" PHP_VERSION);
1161+#endif 147+#endif
1162 }
1163 }
1164 148
1165diff -Nura php-5.3.6/sapi/apache2handler/sapi_apache2.c suhosin-patch-5.3.6-0.9.10/sapi/apache2handler/sapi_apache2.c 149 ZEND_API void zend_error(int type, const char *format, ...) ZEND_ATTRIBUTE_FORMAT(printf, 2, 3);
1166--- php-5.3.6/sapi/apache2handler/sapi_apache2.c 2011-01-01 03:19:59.000000000 +0100
1167+++ suhosin-patch-5.3.6-0.9.10/sapi/apache2handler/sapi_apache2.c 2011-03-19 10:48:33.813975198 +0100
1168@@ -407,7 +407,11 @@
1169 {
1170 TSRMLS_FETCH();
1171 if (PG(expose_php)) {
1172+#if SUHOSIN_PATCH
1173+ ap_add_version_component(p, "PHP/" PHP_VERSION " with Suhosin-Patch");
1174+#else
1175 ap_add_version_component(p, "PHP/" PHP_VERSION);
1176+#endif
1177 }
1178 }
1179 150
1180diff -Nura php-5.3.6/sapi/apache_hooks/mod_php5.c suhosin-patch-5.3.6-0.9.10/sapi/apache_hooks/mod_php5.c 151@@ -774,6 +777,16 @@
1181--- php-5.3.6/sapi/apache_hooks/mod_php5.c 2011-01-01 03:19:59.000000000 +0100 152 #define DEBUG_BACKTRACE_PROVIDE_OBJECT (1<<0)
1182+++ suhosin-patch-5.3.6-0.9.10/sapi/apache_hooks/mod_php5.c 2011-03-19 10:48:33.813975198 +0100 153 #define DEBUG_BACKTRACE_IGNORE_ARGS (1<<1)
1183@@ -1256,7 +1256,11 @@
1184 {
1185 TSRMLS_FETCH();
1186 if (PG(expose_php)) {
1187+#if SUHOSIN_PATCH
1188+ ap_add_version_component("PHP/" PHP_VERSION " with Suhosin-Patch");
1189+#else
1190 ap_add_version_component("PHP/" PHP_VERSION);
1191+#endif
1192 }
1193 }
1194 #endif
1195diff -Nura php-5.3.6/sapi/cgi/cgi_main.c suhosin-patch-5.3.6-0.9.10/sapi/cgi/cgi_main.c
1196--- php-5.3.6/sapi/cgi/cgi_main.c 2011-01-01 03:19:59.000000000 +0100
1197+++ suhosin-patch-5.3.6-0.9.10/sapi/cgi/cgi_main.c 2011-03-19 10:48:33.813975198 +0100
1198@@ -1929,10 +1929,18 @@
1199 SG(headers_sent) = 1;
1200 SG(request_info).no_headers = 1;
1201 }
1202+#if SUHOSIN_PATCH
1203 #if ZEND_DEBUG
1204- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1205+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1206 #else
1207- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1208+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1209+#endif
1210+#else
1211+ #if ZEND_DEBUG
1212+ php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1213+ #else
1214+ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1215+ #endif
1216 #endif
1217 php_request_shutdown((void *) 0);
1218 fcgi_shutdown();
1219diff -Nura php-5.3.6/sapi/cli/php_cli.c suhosin-patch-5.3.6-0.9.10/sapi/cli/php_cli.c
1220--- php-5.3.6/sapi/cli/php_cli.c 2011-01-01 03:19:59.000000000 +0100
1221+++ suhosin-patch-5.3.6-0.9.10/sapi/cli/php_cli.c 2011-03-19 10:48:33.813975198 +0100
1222@@ -832,7 +832,11 @@
1223 }
1224 154
1225 request_started = 1;
1226- php_printf("PHP %s (%s) (built: %s %s) %s\nCopyright (c) 1997-2011 The PHP Group\n%s",
1227+ php_printf("PHP %s "
1228+#if SUHOSIN_PATCH 155+#if SUHOSIN_PATCH
1229+ "with Suhosin-Patch " 156+#include "suhosin_globals.h"
1230+#endif 157+#include "suhosin_patch.h"
1231+ "(%s) (built: %s %s) %s\nCopyright (c) 1997-2011 The PHP Group\n%s", 158+#include "php_syslog.h"
1232 PHP_VERSION, sapi_module.name, __DATE__, __TIME__, 159+
1233 #if ZEND_DEBUG && defined(HAVE_GCOV) 160+ZEND_API void zend_canary(void *buf, int len);
1234 "(DEBUG GCOV)", 161+ZEND_API char suhosin_get_config(int element);
1235diff -Nura php-5.3.6/sapi/litespeed/lsapi_main.c suhosin-patch-5.3.6-0.9.10/sapi/litespeed/lsapi_main.c 162+
1236--- php-5.3.6/sapi/litespeed/lsapi_main.c 2010-12-10 23:51:08.000000000 +0100
1237+++ suhosin-patch-5.3.6-0.9.10/sapi/litespeed/lsapi_main.c 2011-03-19 10:50:41.432696713 +0100
1238@@ -710,11 +710,19 @@
1239 break;
1240 case 'v':
1241 if (php_request_startup(TSRMLS_C) != FAILURE) {
1242+#if SUHOSIN_PATCH
1243+#if ZEND_DEBUG
1244+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2004 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1245+#else
1246+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2004 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1247+#endif
1248+#else
1249 #if ZEND_DEBUG
1250 php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2004 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1251 #else
1252 php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2004 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1253 #endif
1254+#endif
1255 #ifdef PHP_OUTPUT_NEWAPI
1256 php_output_end_all(TSRMLS_C);
1257 #else
1258diff -Nura php-5.3.6/sapi/milter/php_milter.c suhosin-patch-5.3.6-0.9.10/sapi/milter/php_milter.c
1259--- php-5.3.6/sapi/milter/php_milter.c 2011-01-01 03:19:59.000000000 +0100
1260+++ suhosin-patch-5.3.6-0.9.10/sapi/milter/php_milter.c 2011-03-19 10:48:33.817308498 +0100
1261@@ -1111,7 +1111,11 @@
1262 }
1263 SG(headers_sent) = 1;
1264 SG(request_info).no_headers = 1;
1265+#if SUHOSIN_PATCH
1266+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1267+#else
1268 php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
1269+#endif 163+#endif
1270 php_end_ob_buffers(1 TSRMLS_CC);
1271 exit(1);
1272 break;
1273diff -Nura php-5.3.6/win32/build/config.w32 suhosin-patch-5.3.6-0.9.10/win32/build/config.w32
1274--- php-5.3.6/win32/build/config.w32 2011-03-02 19:35:10.000000000 +0100
1275+++ suhosin-patch-5.3.6-0.9.10/win32/build/config.w32 2011-03-19 10:48:33.817308498 +0100
1276@@ -328,7 +328,7 @@
1277 zend_stream.c zend_iterators.c zend_interfaces.c zend_objects.c \
1278 zend_object_handlers.c zend_objects_API.c \
1279 zend_default_classes.c zend_execute.c zend_strtod.c zend_gc.c zend_closures.c \
1280- zend_float.c");
1281+ zend_float.c zend_canary.c zend_alloc_canary.c");
1282
1283 if (VCVERS == 1200) {
1284 AC_DEFINE('ZEND_DVAL_TO_LVAL_CAST_OK', 1);
1285@@ -385,6 +385,7 @@
1286
1287 AC_DEFINE('HAVE_USLEEP', 1);
1288 AC_DEFINE('HAVE_STRCOLL', 1);
1289+AC_DEFINE('SUHOSIN_PATCH', 1);
1290
1291 /* For snapshot builders, where can we find the additional
1292 * files that make up the snapshot template? */
1293diff -Nura php-5.3.6/win32/build/config.w32.h.in suhosin-patch-5.3.6-0.9.10/win32/build/config.w32.h.in
1294--- php-5.3.6/win32/build/config.w32.h.in 2010-11-26 19:25:13.000000000 +0100
1295+++ suhosin-patch-5.3.6-0.9.10/win32/build/config.w32.h.in 2011-03-19 10:48:33.817308498 +0100
1296@@ -152,6 +152,9 @@
1297 /* Win32 supports strcoll */
1298 #define HAVE_STRCOLL 1
1299
1300+/* Suhosin Patch support */
1301+#define SUHOSIN_PATCH 1
1302+ 164+
1303 /* Win32 supports socketpair by the emulation in win32/sockets.c */ 165 #endif /* ZEND_H */
1304 #define HAVE_SOCKETPAIR 1
1305 #define HAVE_SOCKLEN_T 1
1306diff -Nura php-5.3.6/Zend/Makefile.am suhosin-patch-5.3.6-0.9.10/Zend/Makefile.am
1307--- php-5.3.6/Zend/Makefile.am 2009-03-18 11:18:10.000000000 +0100
1308+++ suhosin-patch-5.3.6-0.9.10/Zend/Makefile.am 2011-03-19 10:48:33.790642098 +0100
1309@@ -17,7 +17,7 @@
1310 zend_objects_API.c zend_ts_hash.c zend_stream.c \
1311 zend_default_classes.c \
1312 zend_iterators.c zend_interfaces.c zend_exceptions.c \
1313- zend_strtod.c zend_closures.c zend_float.c
1314+ zend_strtod.c zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c
1315 166
1316 libZend_la_LDFLAGS = 167 /*
1317 libZend_la_LIBADD = @ZEND_EXTRA_LIBS@ 168diff -Nura php-5.3.7/Zend/zend_alloc.c suhosin-patch-5.3.7-0.9.10/Zend/zend_alloc.c
1318diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_alloc.c 169--- php-5.3.7/Zend/zend_alloc.c 2011-02-07 11:25:34.000000000 +0100
1319--- php-5.3.6/Zend/zend_alloc.c 2011-02-07 11:25:34.000000000 +0100 170+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_alloc.c 2011-08-19 12:50:18.000000000 +0200
1320+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_alloc.c 2011-03-19 10:48:33.793975398 +0100
1321@@ -32,6 +32,10 @@ 171@@ -32,6 +32,10 @@
1322 # include <unistd.h> 172 # include <unistd.h>
1323 #endif 173 #endif
@@ -1694,7 +544,15 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1694 if (zend_mm_low_bit(block_size) != zend_mm_high_bit(block_size)) { 544 if (zend_mm_low_bit(block_size) != zend_mm_high_bit(block_size)) {
1695 fprintf(stderr, "'block_size' must be a power of two\n"); 545 fprintf(stderr, "'block_size' must be a power of two\n");
1696 /* See http://support.microsoft.com/kb/190351 */ 546 /* See http://support.microsoft.com/kb/190351 */
1697@@ -1097,12 +1207,12 @@ 547@@ -1077,6 +1187,7 @@
548 #endif
549 exit(255);
550 }
551+
552 heap->storage = storage;
553 heap->block_size = block_size;
554 heap->compact_size = 0;
555@@ -1097,12 +1208,12 @@
1698 heap->reserve = NULL; 556 heap->reserve = NULL;
1699 heap->reserve_size = reserve_size; 557 heap->reserve_size = reserve_size;
1700 if (reserve_size > 0) { 558 if (reserve_size > 0) {
@@ -1709,7 +567,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1709 567
1710 *mm_heap = *heap; 568 *mm_heap = *heap;
1711 569
1712@@ -1110,22 +1220,22 @@ 570@@ -1110,22 +1221,22 @@
1713 orig = ZEND_MM_SMALL_FREE_BUCKET(heap, 0); 571 orig = ZEND_MM_SMALL_FREE_BUCKET(heap, 0);
1714 for (i = 0; i < ZEND_MM_NUM_BUCKETS; i++) { 572 for (i = 0; i < ZEND_MM_NUM_BUCKETS; i++) {
1715 q = p; 573 q = p;
@@ -1739,7 +597,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1739 597
1740 free(heap); 598 free(heap);
1741 heap = mm_heap; 599 heap = mm_heap;
1742@@ -1133,7 +1243,11 @@ 600@@ -1133,7 +1244,11 @@
1743 return heap; 601 return heap;
1744 } 602 }
1745 603
@@ -1752,7 +610,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1752 { 610 {
1753 int i; 611 int i;
1754 size_t seg_size; 612 size_t seg_size;
1755@@ -1203,6 +1317,27 @@ 613@@ -1203,6 +1318,27 @@
1756 return heap; 614 return heap;
1757 } 615 }
1758 616
@@ -1780,7 +638,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1780 #if ZEND_DEBUG 638 #if ZEND_DEBUG
1781 static long zend_mm_find_leaks(zend_mm_segment *segment, zend_mm_block *b) 639 static long zend_mm_find_leaks(zend_mm_segment *segment, zend_mm_block *b)
1782 { 640 {
1783@@ -1571,7 +1706,11 @@ 641@@ -1571,7 +1707,11 @@
1784 } 642 }
1785 #endif 643 #endif
1786 644
@@ -1793,7 +651,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1793 { 651 {
1794 zend_mm_storage *storage; 652 zend_mm_storage *storage;
1795 zend_mm_segment *segment; 653 zend_mm_segment *segment;
1796@@ -1581,7 +1720,7 @@ 654@@ -1581,7 +1721,7 @@
1797 if (heap->reserve) { 655 if (heap->reserve) {
1798 #if ZEND_DEBUG 656 #if ZEND_DEBUG
1799 if (!silent) { 657 if (!silent) {
@@ -1802,7 +660,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1802 } 660 }
1803 #endif 661 #endif
1804 heap->reserve = NULL; 662 heap->reserve = NULL;
1805@@ -1664,12 +1803,23 @@ 663@@ -1664,12 +1804,23 @@
1806 heap->size = 0; 664 heap->size = 0;
1807 heap->peak = 0; 665 heap->peak = 0;
1808 if (heap->reserve_size) { 666 if (heap->reserve_size) {
@@ -1827,7 +685,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1827 static void zend_mm_safe_error(zend_mm_heap *heap, 685 static void zend_mm_safe_error(zend_mm_heap *heap,
1828 const char *format, 686 const char *format,
1829 size_t limit, 687 size_t limit,
1830@@ -1680,7 +1830,11 @@ 688@@ -1680,7 +1831,11 @@
1831 size_t size) 689 size_t size)
1832 { 690 {
1833 if (heap->reserve) { 691 if (heap->reserve) {
@@ -1839,7 +697,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1839 heap->reserve = NULL; 697 heap->reserve = NULL;
1840 } 698 }
1841 if (heap->overflow == 0) { 699 if (heap->overflow == 0) {
1842@@ -1755,7 +1909,7 @@ 700@@ -1755,7 +1910,7 @@
1843 p = heap->large_free_buckets[index]; 701 p = heap->large_free_buckets[index];
1844 for (m = true_size << (ZEND_MM_NUM_BUCKETS - index); ; m <<= 1) { 702 for (m = true_size << (ZEND_MM_NUM_BUCKETS - index); ; m <<= 1) {
1845 if (UNEXPECTED(ZEND_MM_FREE_BLOCK_SIZE(p) == true_size)) { 703 if (UNEXPECTED(ZEND_MM_FREE_BLOCK_SIZE(p) == true_size)) {
@@ -1848,7 +706,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1848 } else if (ZEND_MM_FREE_BLOCK_SIZE(p) >= true_size && 706 } else if (ZEND_MM_FREE_BLOCK_SIZE(p) >= true_size &&
1849 ZEND_MM_FREE_BLOCK_SIZE(p) < best_size) { 707 ZEND_MM_FREE_BLOCK_SIZE(p) < best_size) {
1850 best_size = ZEND_MM_FREE_BLOCK_SIZE(p); 708 best_size = ZEND_MM_FREE_BLOCK_SIZE(p);
1851@@ -1779,7 +1933,7 @@ 709@@ -1779,7 +1934,7 @@
1852 710
1853 for (p = rst; p; p = p->child[p->child[0] != NULL]) { 711 for (p = rst; p; p = p->child[p->child[0] != NULL]) {
1854 if (UNEXPECTED(ZEND_MM_FREE_BLOCK_SIZE(p) == true_size)) { 712 if (UNEXPECTED(ZEND_MM_FREE_BLOCK_SIZE(p) == true_size)) {
@@ -1857,7 +715,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1857 } else if (ZEND_MM_FREE_BLOCK_SIZE(p) > true_size && 715 } else if (ZEND_MM_FREE_BLOCK_SIZE(p) > true_size &&
1858 ZEND_MM_FREE_BLOCK_SIZE(p) < best_size) { 716 ZEND_MM_FREE_BLOCK_SIZE(p) < best_size) {
1859 best_size = ZEND_MM_FREE_BLOCK_SIZE(p); 717 best_size = ZEND_MM_FREE_BLOCK_SIZE(p);
1860@@ -1788,7 +1942,7 @@ 718@@ -1788,7 +1943,7 @@
1861 } 719 }
1862 720
1863 if (best_fit) { 721 if (best_fit) {
@@ -1866,7 +724,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1866 } 724 }
1867 bitmap = bitmap >> 1; 725 bitmap = bitmap >> 1;
1868 if (!bitmap) { 726 if (!bitmap) {
1869@@ -1804,9 +1958,12 @@ 727@@ -1804,9 +1959,12 @@
1870 best_fit = p; 728 best_fit = p;
1871 } 729 }
1872 } 730 }
@@ -1880,7 +738,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1880 static void *_zend_mm_alloc_int(zend_mm_heap *heap, size_t size ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) 738 static void *_zend_mm_alloc_int(zend_mm_heap *heap, size_t size ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
1881 { 739 {
1882 zend_mm_free_block *best_fit; 740 zend_mm_free_block *best_fit;
1883@@ -1816,7 +1973,7 @@ 741@@ -1816,7 +1974,7 @@
1884 size_t segment_size; 742 size_t segment_size;
1885 zend_mm_segment *segment; 743 zend_mm_segment *segment;
1886 int keep_rest = 0; 744 int keep_rest = 0;
@@ -1889,7 +747,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1889 if (EXPECTED(ZEND_MM_SMALL_SIZE(true_size))) { 747 if (EXPECTED(ZEND_MM_SMALL_SIZE(true_size))) {
1890 size_t index = ZEND_MM_BUCKET_INDEX(true_size); 748 size_t index = ZEND_MM_BUCKET_INDEX(true_size);
1891 size_t bitmap; 749 size_t bitmap;
1892@@ -1831,9 +1988,14 @@ 750@@ -1831,9 +1989,14 @@
1893 heap->cache_stat[index].count--; 751 heap->cache_stat[index].count--;
1894 heap->cache_stat[index].hit++; 752 heap->cache_stat[index].hit++;
1895 #endif 753 #endif
@@ -1905,7 +763,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1905 ZEND_MM_CHECK_MAGIC(best_fit, MEM_BLOCK_CACHED); 763 ZEND_MM_CHECK_MAGIC(best_fit, MEM_BLOCK_CACHED);
1906 ZEND_MM_SET_DEBUG_INFO(best_fit, size, 1, 0); 764 ZEND_MM_SET_DEBUG_INFO(best_fit, size, 1, 0);
1907 return ZEND_MM_DATA_OF(best_fit); 765 return ZEND_MM_DATA_OF(best_fit);
1908@@ -1847,7 +2009,7 @@ 766@@ -1847,7 +2010,7 @@
1909 if (bitmap) { 767 if (bitmap) {
1910 /* Found some "small" free block that can be used */ 768 /* Found some "small" free block that can be used */
1911 index += zend_mm_low_bit(bitmap); 769 index += zend_mm_low_bit(bitmap);
@@ -1914,7 +772,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1914 #if ZEND_MM_CACHE_STAT 772 #if ZEND_MM_CACHE_STAT
1915 heap->cache_stat[ZEND_MM_NUM_BUCKETS].hit++; 773 heap->cache_stat[ZEND_MM_NUM_BUCKETS].hit++;
1916 #endif 774 #endif
1917@@ -1862,7 +2024,7 @@ 775@@ -1862,7 +2025,7 @@
1918 best_fit = zend_mm_search_large_block(heap, true_size); 776 best_fit = zend_mm_search_large_block(heap, true_size);
1919 777
1920 if (!best_fit && heap->real_size >= heap->limit - heap->block_size) { 778 if (!best_fit && heap->real_size >= heap->limit - heap->block_size) {
@@ -1923,7 +781,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1923 size_t best_size = -1; 781 size_t best_size = -1;
1924 782
1925 while (p != ZEND_MM_REST_BUCKET(heap)) { 783 while (p != ZEND_MM_REST_BUCKET(heap)) {
1926@@ -1874,7 +2036,7 @@ 784@@ -1874,7 +2037,7 @@
1927 best_size = ZEND_MM_FREE_BLOCK_SIZE(p); 785 best_size = ZEND_MM_FREE_BLOCK_SIZE(p);
1928 best_fit = p; 786 best_fit = p;
1929 } 787 }
@@ -1932,7 +790,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1932 } 790 }
1933 } 791 }
1934 792
1935@@ -1973,13 +2135,19 @@ 793@@ -1973,13 +2136,19 @@
1936 794
1937 ZEND_MM_SET_DEBUG_INFO(best_fit, size, 1, 1); 795 ZEND_MM_SET_DEBUG_INFO(best_fit, size, 1, 1);
1938 796
@@ -1953,7 +811,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1953 return ZEND_MM_DATA_OF(best_fit); 811 return ZEND_MM_DATA_OF(best_fit);
1954 } 812 }
1955 813
1956@@ -1996,19 +2164,26 @@ 814@@ -1996,19 +2165,26 @@
1957 815
1958 mm_block = ZEND_MM_HEADER_OF(p); 816 mm_block = ZEND_MM_HEADER_OF(p);
1959 size = ZEND_MM_BLOCK_SIZE(mm_block); 817 size = ZEND_MM_BLOCK_SIZE(mm_block);
@@ -1982,7 +840,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1982 heap->cached += size; 840 heap->cached += size;
1983 ZEND_MM_SET_MAGIC(mm_block, MEM_BLOCK_CACHED); 841 ZEND_MM_SET_MAGIC(mm_block, MEM_BLOCK_CACHED);
1984 #if ZEND_MM_CACHE_STAT 842 #if ZEND_MM_CACHE_STAT
1985@@ -2044,6 +2219,9 @@ 843@@ -2044,6 +2220,9 @@
1986 HANDLE_UNBLOCK_INTERRUPTIONS(); 844 HANDLE_UNBLOCK_INTERRUPTIONS();
1987 } 845 }
1988 846
@@ -1992,7 +850,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
1992 static void *_zend_mm_realloc_int(zend_mm_heap *heap, void *p, size_t size ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) 850 static void *_zend_mm_realloc_int(zend_mm_heap *heap, void *p, size_t size ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
1993 { 851 {
1994 zend_mm_block *mm_block = ZEND_MM_HEADER_OF(p); 852 zend_mm_block *mm_block = ZEND_MM_HEADER_OF(p);
1995@@ -2053,11 +2231,18 @@ 853@@ -2053,11 +2232,18 @@
1996 void *ptr; 854 void *ptr;
1997 855
1998 if (UNEXPECTED(!p) || !ZEND_MM_VALID_PTR(p)) { 856 if (UNEXPECTED(!p) || !ZEND_MM_VALID_PTR(p)) {
@@ -2011,7 +869,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2011 ZEND_MM_CHECK_PROTECTION(mm_block); 869 ZEND_MM_CHECK_PROTECTION(mm_block);
2012 870
2013 if (UNEXPECTED(true_size < size)) { 871 if (UNEXPECTED(true_size < size)) {
2014@@ -2089,6 +2274,11 @@ 872@@ -2089,6 +2275,11 @@
2015 HANDLE_UNBLOCK_INTERRUPTIONS(); 873 HANDLE_UNBLOCK_INTERRUPTIONS();
2016 } 874 }
2017 ZEND_MM_SET_DEBUG_INFO(mm_block, size, 0, 0); 875 ZEND_MM_SET_DEBUG_INFO(mm_block, size, 0, 0);
@@ -2023,7 +881,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2023 return p; 881 return p;
2024 } 882 }
2025 883
2026@@ -2104,17 +2294,22 @@ 884@@ -2104,17 +2295,22 @@
2027 heap->cache_stat[index].count--; 885 heap->cache_stat[index].count--;
2028 heap->cache_stat[index].hit++; 886 heap->cache_stat[index].hit++;
2029 #endif 887 #endif
@@ -2050,7 +908,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2050 #endif 908 #endif
2051 909
2052 heap->cached -= true_size - orig_size; 910 heap->cached -= true_size - orig_size;
2053@@ -2123,14 +2318,13 @@ 911@@ -2123,14 +2319,13 @@
2054 cache = &heap->cache[index]; 912 cache = &heap->cache[index];
2055 913
2056 ((zend_mm_free_block*)mm_block)->prev_free_block = *cache; 914 ((zend_mm_free_block*)mm_block)->prev_free_block = *cache;
@@ -2066,7 +924,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2066 return ptr; 924 return ptr;
2067 } 925 }
2068 } 926 }
2069@@ -2173,6 +2367,11 @@ 927@@ -2173,6 +2368,11 @@
2070 heap->peak = heap->size; 928 heap->peak = heap->size;
2071 } 929 }
2072 HANDLE_UNBLOCK_INTERRUPTIONS(); 930 HANDLE_UNBLOCK_INTERRUPTIONS();
@@ -2078,7 +936,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2078 return p; 936 return p;
2079 } else if (ZEND_MM_IS_FIRST_BLOCK(mm_block) && 937 } else if (ZEND_MM_IS_FIRST_BLOCK(mm_block) &&
2080 ZEND_MM_IS_GUARD_BLOCK(ZEND_MM_BLOCK_AT(next_block, ZEND_MM_FREE_BLOCK_SIZE(next_block)))) { 938 ZEND_MM_IS_GUARD_BLOCK(ZEND_MM_BLOCK_AT(next_block, ZEND_MM_FREE_BLOCK_SIZE(next_block)))) {
2081@@ -2275,38 +2474,90 @@ 939@@ -2275,38 +2475,74 @@
2082 } 940 }
2083 941
2084 HANDLE_UNBLOCK_INTERRUPTIONS(); 942 HANDLE_UNBLOCK_INTERRUPTIONS();
@@ -2154,6 +1012,18 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2154+ return _zend_mm_block_size_canary((zend_mm_heap_canary *)heap, p ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC); 1012+ return _zend_mm_block_size_canary((zend_mm_heap_canary *)heap, p ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC);
2155+ } 1013+ }
2156+ 1014+
1015 if (!ZEND_MM_VALID_PTR(p)) {
1016 return 0;
1017 }
1018@@ -2318,6 +2554,24 @@
1019 return ZEND_MM_BLOCK_SIZE(mm_block);
1020 #endif
1021 }
1022+#else
1023+ZEND_API size_t _zend_mm_block_size_canary(zend_mm_heap *heap, void *p ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
1024+{
1025+ zend_mm_block *mm_block;
1026+
2157+ if (!ZEND_MM_VALID_PTR(p)) { 1027+ if (!ZEND_MM_VALID_PTR(p)) {
2158+ return 0; 1028+ return 0;
2159+ } 1029+ }
@@ -2165,24 +1035,12 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2165+ return ZEND_MM_BLOCK_SIZE(mm_block); 1035+ return ZEND_MM_BLOCK_SIZE(mm_block);
2166+#endif 1036+#endif
2167+} 1037+}
2168+#else
2169+ZEND_API size_t _zend_mm_block_size_canary(zend_mm_heap *heap, void *p ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
2170+{
2171+ zend_mm_block *mm_block;
2172+ 1038+
2173 if (!ZEND_MM_VALID_PTR(p)) {
2174 return 0;
2175 }
2176@@ -2319,6 +2570,8 @@
2177 #endif
2178 }
2179
2180+#endif 1039+#endif
2181+ 1040
2182 /**********************/ 1041 /**********************/
2183 /* Allocation Manager */ 1042 /* Allocation Manager */
2184 /**********************/ 1043@@ -2335,6 +2589,7 @@
2185@@ -2335,6 +2588,7 @@
2186 static zend_alloc_globals alloc_globals; 1044 static zend_alloc_globals alloc_globals;
2187 #endif 1045 #endif
2188 1046
@@ -2190,7 +1048,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2190 ZEND_API int is_zend_mm(TSRMLS_D) 1048 ZEND_API int is_zend_mm(TSRMLS_D)
2191 { 1049 {
2192 return AG(mm_heap)->use_zend_alloc; 1050 return AG(mm_heap)->use_zend_alloc;
2193@@ -2347,7 +2601,13 @@ 1051@@ -2347,7 +2602,13 @@
2194 if (UNEXPECTED(!AG(mm_heap)->use_zend_alloc)) { 1052 if (UNEXPECTED(!AG(mm_heap)->use_zend_alloc)) {
2195 return AG(mm_heap)->_malloc(size); 1053 return AG(mm_heap)->_malloc(size);
2196 } 1054 }
@@ -2204,7 +1062,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2204 } 1062 }
2205 1063
2206 ZEND_API void _efree(void *ptr ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) 1064 ZEND_API void _efree(void *ptr ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
2207@@ -2358,7 +2618,13 @@ 1065@@ -2358,7 +2619,13 @@
2208 AG(mm_heap)->_free(ptr); 1066 AG(mm_heap)->_free(ptr);
2209 return; 1067 return;
2210 } 1068 }
@@ -2219,7 +1077,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2219 } 1077 }
2220 1078
2221 ZEND_API void *_erealloc(void *ptr, size_t size, int allow_failure ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) 1079 ZEND_API void *_erealloc(void *ptr, size_t size, int allow_failure ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
2222@@ -2368,7 +2634,13 @@ 1080@@ -2368,7 +2635,13 @@
2223 if (UNEXPECTED(!AG(mm_heap)->use_zend_alloc)) { 1081 if (UNEXPECTED(!AG(mm_heap)->use_zend_alloc)) {
2224 return AG(mm_heap)->_realloc(ptr, size); 1082 return AG(mm_heap)->_realloc(ptr, size);
2225 } 1083 }
@@ -2233,7 +1091,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2233 } 1091 }
2234 1092
2235 ZEND_API size_t _zend_mem_block_size(void *ptr TSRMLS_DC ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) 1093 ZEND_API size_t _zend_mem_block_size(void *ptr TSRMLS_DC ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
2236@@ -2376,8 +2648,15 @@ 1094@@ -2376,8 +2649,15 @@
2237 if (UNEXPECTED(!AG(mm_heap)->use_zend_alloc)) { 1095 if (UNEXPECTED(!AG(mm_heap)->use_zend_alloc)) {
2238 return 0; 1096 return 0;
2239 } 1097 }
@@ -2250,7 +1108,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2250 1108
2251 #if defined(__GNUC__) && defined(i386) 1109 #if defined(__GNUC__) && defined(i386)
2252 1110
2253@@ -2448,7 +2727,7 @@ 1111@@ -2448,7 +2728,7 @@
2254 } 1112 }
2255 #endif 1113 #endif
2256 1114
@@ -2259,7 +1117,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2259 ZEND_API void *_safe_emalloc(size_t nmemb, size_t size, size_t offset ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) 1117 ZEND_API void *_safe_emalloc(size_t nmemb, size_t size, size_t offset ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
2260 { 1118 {
2261 return emalloc_rel(safe_address(nmemb, size, offset)); 1119 return emalloc_rel(safe_address(nmemb, size, offset));
2262@@ -2561,6 +2840,7 @@ 1120@@ -2561,6 +2841,7 @@
2263 { 1121 {
2264 zend_mm_shutdown(AG(mm_heap), full_shutdown, silent TSRMLS_CC); 1122 zend_mm_shutdown(AG(mm_heap), full_shutdown, silent TSRMLS_CC);
2265 } 1123 }
@@ -2267,7 +1125,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2267 1125
2268 static void alloc_globals_ctor(zend_alloc_globals *alloc_globals TSRMLS_DC) 1126 static void alloc_globals_ctor(zend_alloc_globals *alloc_globals TSRMLS_DC)
2269 { 1127 {
2270@@ -2585,6 +2865,7 @@ 1128@@ -2585,6 +2866,7 @@
2271 } 1129 }
2272 #endif 1130 #endif
2273 1131
@@ -2275,7 +1133,7 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2275 ZEND_API void start_memory_manager(TSRMLS_D) 1133 ZEND_API void start_memory_manager(TSRMLS_D)
2276 { 1134 {
2277 #ifdef ZTS 1135 #ifdef ZTS
2278@@ -2649,6 +2930,7 @@ 1136@@ -2649,6 +2931,7 @@
2279 zend_debug_alloc_output("------------------------------------------------\n"); 1137 zend_debug_alloc_output("------------------------------------------------\n");
2280 } 1138 }
2281 #endif 1139 #endif
@@ -2283,15 +1141,27 @@ diff -Nura php-5.3.6/Zend/zend_alloc.c suhosin-patch-5.3.6-0.9.10/Zend/zend_allo
2283 1141
2284 /* 1142 /*
2285 * Local variables: 1143 * Local variables:
2286diff -Nura php-5.3.6/Zend/zend_alloc_canary.c suhosin-patch-5.3.6-0.9.10/Zend/zend_alloc_canary.c 1144diff -Nura php-5.3.7/Zend/zend_alloc.h suhosin-patch-5.3.7-0.9.10/Zend/zend_alloc.h
2287--- php-5.3.6/Zend/zend_alloc_canary.c 1970-01-01 01:00:00.000000000 +0100 1145--- php-5.3.7/Zend/zend_alloc.h 2011-01-01 03:19:59.000000000 +0100
2288+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_alloc_canary.c 2011-03-19 10:48:33.797308698 +0100 1146+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_alloc.h 2011-08-19 12:39:29.000000000 +0200
2289@@ -0,0 +1,2498 @@ 1147@@ -203,6 +203,8 @@
1148
1149 /* Heap functions */
1150 typedef struct _zend_mm_heap zend_mm_heap;
1151+typedef struct _zend_mm_heap_canary zend_mm_heap_canary;
1152+
1153
1154 ZEND_API zend_mm_heap *zend_mm_startup(void);
1155 ZEND_API void zend_mm_shutdown(zend_mm_heap *heap, int full_shutdown, int silent TSRMLS_DC);
1156diff -Nura php-5.3.7/Zend/zend_alloc_canary.c suhosin-patch-5.3.7-0.9.10/Zend/zend_alloc_canary.c
1157--- php-5.3.7/Zend/zend_alloc_canary.c 1970-01-01 01:00:00.000000000 +0100
1158+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_alloc_canary.c 2011-08-19 12:52:02.000000000 +0200
1159@@ -0,0 +1,2509 @@
2290+/* 1160+/*
2291+ +----------------------------------------------------------------------+ 1161+ +----------------------------------------------------------------------+
2292+ | Suhosin-Patch for PHP | 1162+ | Suhosin-Patch for PHP |
2293+ +----------------------------------------------------------------------+ 1163+ +----------------------------------------------------------------------+
2294+ | Copyright (c) 2004-2010 Stefan Esser | 1164+ | Copyright (c) 2004-2011 Stefan Esser |
2295+ +----------------------------------------------------------------------+ 1165+ +----------------------------------------------------------------------+
2296+ | This source file is subject to version 2.02 of the PHP license, | 1166+ | This source file is subject to version 2.02 of the PHP license, |
2297+ | that is bundled with this package in the file LICENSE, and is | 1167+ | that is bundled with this package in the file LICENSE, and is |
@@ -2517,6 +1387,10 @@ diff -Nura php-5.3.6/Zend/zend_alloc_canary.c suhosin-patch-5.3.6-0.9.10/Zend/ze
2517+ return NULL; 1387+ return NULL;
2518+ } 1388+ }
2519+ storage = (zend_mm_storage*)malloc(sizeof(zend_mm_storage)); 1389+ storage = (zend_mm_storage*)malloc(sizeof(zend_mm_storage));
1390+ if (storage == NULL) {
1391+ HeapDestroy(heap);
1392+ return NULL;
1393+ }
2520+ storage->data = (void*) heap; 1394+ storage->data = (void*) heap;
2521+ return storage; 1395+ return storage;
2522+} 1396+}
@@ -3441,6 +2315,13 @@ diff -Nura php-5.3.6/Zend/zend_alloc_canary.c suhosin-patch-5.3.6-0.9.10/Zend/ze
3441+ storage->handlers = handlers; 2315+ storage->handlers = handlers;
3442+ 2316+
3443+ heap = malloc(sizeof(struct _zend_mm_heap_canary)); 2317+ heap = malloc(sizeof(struct _zend_mm_heap_canary));
2318+ if (heap == NULL) {
2319+ fprintf(stderr, "Cannot allocate heap for zend_mm storage [%s]\n", handlers->name);
2320+#ifdef PHP_WIN32
2321+ fflush(stderr);
2322+#endif
2323+ exit(255);
2324+ }
3444+ 2325+
3445+ heap->storage = storage; 2326+ heap->storage = storage;
3446+ heap->block_size = block_size; 2327+ heap->block_size = block_size;
@@ -4785,110 +3666,9 @@ diff -Nura php-5.3.6/Zend/zend_alloc_canary.c suhosin-patch-5.3.6-0.9.10/Zend/ze
4785+ * End: 3666+ * End:
4786+ */ 3667+ */
4787+ 3668+
4788diff -Nura php-5.3.6/Zend/zend_alloc.h suhosin-patch-5.3.6-0.9.10/Zend/zend_alloc.h 3669diff -Nura php-5.3.7/Zend/zend_canary.c suhosin-patch-5.3.7-0.9.10/Zend/zend_canary.c
4789--- php-5.3.6/Zend/zend_alloc.h 2011-01-01 03:19:59.000000000 +0100 3670--- php-5.3.7/Zend/zend_canary.c 1970-01-01 01:00:00.000000000 +0100
4790+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_alloc.h 2011-03-19 10:48:33.793975398 +0100 3671+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_canary.c 2011-08-19 12:39:29.000000000 +0200
4791@@ -203,6 +203,8 @@
4792
4793 /* Heap functions */
4794 typedef struct _zend_mm_heap zend_mm_heap;
4795+typedef struct _zend_mm_heap_canary zend_mm_heap_canary;
4796+
4797
4798 ZEND_API zend_mm_heap *zend_mm_startup(void);
4799 ZEND_API void zend_mm_shutdown(zend_mm_heap *heap, int full_shutdown, int silent TSRMLS_DC);
4800diff -Nura php-5.3.6/Zend/zend.c suhosin-patch-5.3.6-0.9.10/Zend/zend.c
4801--- php-5.3.6/Zend/zend.c 2011-01-01 03:19:59.000000000 +0100
4802+++ suhosin-patch-5.3.6-0.9.10/Zend/zend.c 2011-03-19 10:48:33.790642098 +0100
4803@@ -60,6 +60,10 @@
4804 ZEND_API char *(*zend_getenv)(char *name, size_t name_len TSRMLS_DC);
4805 ZEND_API char *(*zend_resolve_path)(const char *filename, int filename_len TSRMLS_DC);
4806
4807+#if SUHOSIN_PATCH
4808+ZEND_API void (*zend_suhosin_log)(int loglevel, char *fmt, ...);
4809+#endif
4810+
4811 void (*zend_on_timeout)(int seconds TSRMLS_DC);
4812
4813 static void (*zend_message_dispatcher_p)(long message, void *data TSRMLS_DC);
4814@@ -88,6 +92,74 @@
4815 }
4816 /* }}} */
4817
4818+#if SUHOSIN_PATCH
4819+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog)
4820+{
4821+ if (!new_value) {
4822+ SPG(log_syslog) = S_ALL & ~S_SQL | S_MEMORY;
4823+ } else {
4824+ SPG(log_syslog) = atoi(new_value) | S_MEMORY;
4825+ }
4826+ return SUCCESS;
4827+}
4828+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog_facility)
4829+{
4830+ if (!new_value) {
4831+ SPG(log_syslog_facility) = LOG_USER;
4832+ } else {
4833+ SPG(log_syslog_facility) = atoi(new_value);
4834+ }
4835+ return SUCCESS;
4836+}
4837+static ZEND_INI_MH(OnUpdateSuhosin_log_syslog_priority)
4838+{
4839+ if (!new_value) {
4840+ SPG(log_syslog_priority) = LOG_ALERT;
4841+ } else {
4842+ SPG(log_syslog_priority) = atoi(new_value);
4843+ }
4844+ return SUCCESS;
4845+}
4846+static ZEND_INI_MH(OnUpdateSuhosin_log_sapi)
4847+{
4848+ if (!new_value) {
4849+ SPG(log_sapi) = S_ALL & ~S_SQL;
4850+ } else {
4851+ SPG(log_sapi) = atoi(new_value);
4852+ }
4853+ return SUCCESS;
4854+}
4855+static ZEND_INI_MH(OnUpdateSuhosin_log_script)
4856+{
4857+ if (!new_value) {
4858+ SPG(log_script) = S_ALL & ~S_MEMORY;
4859+ } else {
4860+ SPG(log_script) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);
4861+ }
4862+ return SUCCESS;
4863+}
4864+static ZEND_INI_MH(OnUpdateSuhosin_log_scriptname)
4865+{
4866+ if (SPG(log_scriptname)) {
4867+ pefree(SPG(log_scriptname),1);
4868+ }
4869+ SPG(log_scriptname) = NULL;
4870+ if (new_value) {
4871+ SPG(log_scriptname) = pestrdup(new_value,1);
4872+ }
4873+ return SUCCESS;
4874+}
4875+static ZEND_INI_MH(OnUpdateSuhosin_log_phpscript)
4876+{
4877+ if (!new_value) {
4878+ SPG(log_phpscript) = S_ALL & ~S_MEMORY;
4879+ } else {
4880+ SPG(log_phpscript) = atoi(new_value) & (~S_MEMORY) & (~S_INTERNAL);
4881+ }
4882+ return SUCCESS;
4883+}
4884+#endif
4885+
4886 ZEND_INI_BEGIN()
4887 ZEND_INI_ENTRY("error_reporting", NULL, ZEND_INI_ALL, OnUpdateErrorReporting)
4888 STD_ZEND_INI_BOOLEAN("zend.enable_gc", "1", ZEND_INI_ALL, OnUpdateGCEnabled, gc_enabled, zend_gc_globals, gc_globals)
4889diff -Nura php-5.3.6/Zend/zend_canary.c suhosin-patch-5.3.6-0.9.10/Zend/zend_canary.c
4890--- php-5.3.6/Zend/zend_canary.c 1970-01-01 01:00:00.000000000 +0100
4891+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_canary.c 2011-03-19 10:48:33.797308698 +0100
4892@@ -0,0 +1,66 @@ 3672@@ -0,0 +1,66 @@
4893+/* 3673+/*
4894+ +----------------------------------------------------------------------+ 3674+ +----------------------------------------------------------------------+
@@ -4956,9 +3736,9 @@ diff -Nura php-5.3.6/Zend/zend_canary.c suhosin-patch-5.3.6-0.9.10/Zend/zend_can
4956+ * vim600: sw=4 ts=4 fdm=marker 3736+ * vim600: sw=4 ts=4 fdm=marker
4957+ * vim<600: sw=4 ts=4 3737+ * vim<600: sw=4 ts=4
4958+ */ 3738+ */
4959diff -Nura php-5.3.6/Zend/zend_compile.c suhosin-patch-5.3.6-0.9.10/Zend/zend_compile.c 3739diff -Nura php-5.3.7/Zend/zend_compile.c suhosin-patch-5.3.7-0.9.10/Zend/zend_compile.c
4960--- php-5.3.6/Zend/zend_compile.c 2011-02-18 00:24:50.000000000 +0100 3740--- php-5.3.7/Zend/zend_compile.c 2011-07-08 18:29:33.000000000 +0200
4961+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_compile.c 2011-03-19 10:48:33.797308698 +0100 3741+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_compile.c 2011-08-19 12:39:29.000000000 +0200
4962@@ -73,6 +73,11 @@ 3742@@ -73,6 +73,11 @@
4963 } 3743 }
4964 /* }}} */ 3744 /* }}} */
@@ -4971,10 +3751,10 @@ diff -Nura php-5.3.6/Zend/zend_compile.c suhosin-patch-5.3.6-0.9.10/Zend/zend_co
4971 static void build_runtime_defined_function_key(zval *result, const char *name, int name_length TSRMLS_DC) /* {{{ */ 3751 static void build_runtime_defined_function_key(zval *result, const char *name, int name_length TSRMLS_DC) /* {{{ */
4972 { 3752 {
4973 char char_pos_buf[32]; 3753 char char_pos_buf[32];
4974diff -Nura php-5.3.6/Zend/zend_compile.h suhosin-patch-5.3.6-0.9.10/Zend/zend_compile.h 3754diff -Nura php-5.3.7/Zend/zend_compile.h suhosin-patch-5.3.7-0.9.10/Zend/zend_compile.h
4975--- php-5.3.6/Zend/zend_compile.h 2011-01-01 03:19:59.000000000 +0100 3755--- php-5.3.7/Zend/zend_compile.h 2011-06-12 03:43:10.000000000 +0200
4976+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_compile.h 2011-03-19 10:48:33.797308698 +0100 3756+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_compile.h 2011-08-19 12:39:29.000000000 +0200
4977@@ -606,6 +606,11 @@ 3757@@ -607,6 +607,11 @@
4978 ZEND_API int zend_auto_global_disable_jit(const char *varname, zend_uint varname_length TSRMLS_DC); 3758 ZEND_API int zend_auto_global_disable_jit(const char *varname, zend_uint varname_length TSRMLS_DC);
4979 ZEND_API size_t zend_dirname(char *path, size_t len); 3759 ZEND_API size_t zend_dirname(char *path, size_t len);
4980 3760
@@ -4986,9 +3766,9 @@ diff -Nura php-5.3.6/Zend/zend_compile.h suhosin-patch-5.3.6-0.9.10/Zend/zend_co
4986 int zendlex(znode *zendlval TSRMLS_DC); 3766 int zendlex(znode *zendlval TSRMLS_DC);
4987 3767
4988 /* BEGIN: OPCODES */ 3768 /* BEGIN: OPCODES */
4989diff -Nura php-5.3.6/Zend/zend_constants.c suhosin-patch-5.3.6-0.9.10/Zend/zend_constants.c 3769diff -Nura php-5.3.7/Zend/zend_constants.c suhosin-patch-5.3.7-0.9.10/Zend/zend_constants.c
4990--- php-5.3.6/Zend/zend_constants.c 2011-01-16 21:39:22.000000000 +0100 3770--- php-5.3.7/Zend/zend_constants.c 2011-01-16 21:39:22.000000000 +0100
4991+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_constants.c 2011-03-19 10:48:33.800641998 +0100 3771+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_constants.c 2011-08-19 12:46:16.000000000 +0200
4992@@ -113,6 +113,76 @@ 3772@@ -113,6 +113,76 @@
4993 3773
4994 REGISTER_MAIN_LONG_CONSTANT("E_ALL", E_ALL, CONST_PERSISTENT | CONST_CS); 3774 REGISTER_MAIN_LONG_CONSTANT("E_ALL", E_ALL, CONST_PERSISTENT | CONST_CS);
@@ -5066,27 +3846,9 @@ diff -Nura php-5.3.6/Zend/zend_constants.c suhosin-patch-5.3.6-0.9.10/Zend/zend_
5066 REGISTER_MAIN_LONG_CONSTANT("DEBUG_BACKTRACE_PROVIDE_OBJECT", DEBUG_BACKTRACE_PROVIDE_OBJECT, CONST_PERSISTENT | CONST_CS); 3846 REGISTER_MAIN_LONG_CONSTANT("DEBUG_BACKTRACE_PROVIDE_OBJECT", DEBUG_BACKTRACE_PROVIDE_OBJECT, CONST_PERSISTENT | CONST_CS);
5067 REGISTER_MAIN_LONG_CONSTANT("DEBUG_BACKTRACE_IGNORE_ARGS", DEBUG_BACKTRACE_IGNORE_ARGS, CONST_PERSISTENT | CONST_CS); 3847 REGISTER_MAIN_LONG_CONSTANT("DEBUG_BACKTRACE_IGNORE_ARGS", DEBUG_BACKTRACE_IGNORE_ARGS, CONST_PERSISTENT | CONST_CS);
5068 /* true/false constants */ 3848 /* true/false constants */
5069diff -Nura php-5.3.6/Zend/Zend.dsp suhosin-patch-5.3.6-0.9.10/Zend/Zend.dsp 3849diff -Nura php-5.3.7/Zend/zend_errors.h suhosin-patch-5.3.7-0.9.10/Zend/zend_errors.h
5070--- php-5.3.6/Zend/Zend.dsp 2009-03-18 11:18:10.000000000 +0100 3850--- php-5.3.7/Zend/zend_errors.h 2011-01-01 03:19:59.000000000 +0100
5071+++ suhosin-patch-5.3.6-0.9.10/Zend/Zend.dsp 2011-03-19 10:48:33.790642098 +0100 3851+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_errors.h 2011-08-19 12:39:29.000000000 +0200
5072@@ -247,6 +247,14 @@
5073 # End Source File
5074 # Begin Source File
5075
5076+SOURCE=.\zend_canary.c
5077+# End Source File
5078+# Begin Source File
5079+
5080+SOURCE=.\zend_alloc_canary.c
5081+# End Source File
5082+# Begin Source File
5083+
5084 SOURCE=.\zend_ts_hash.c
5085 # End Source File
5086 # Begin Source File
5087diff -Nura php-5.3.6/Zend/zend_errors.h suhosin-patch-5.3.6-0.9.10/Zend/zend_errors.h
5088--- php-5.3.6/Zend/zend_errors.h 2011-01-01 03:19:59.000000000 +0100
5089+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_errors.h 2011-03-19 10:48:33.800641998 +0100
5090@@ -41,6 +41,20 @@ 3852@@ -41,6 +41,20 @@
5091 #define E_ALL (E_ERROR | E_WARNING | E_PARSE | E_NOTICE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_USER_ERROR | E_USER_WARNING | E_USER_NOTICE | E_RECOVERABLE_ERROR | E_DEPRECATED | E_USER_DEPRECATED) 3853 #define E_ALL (E_ERROR | E_WARNING | E_PARSE | E_NOTICE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_USER_ERROR | E_USER_WARNING | E_USER_NOTICE | E_RECOVERABLE_ERROR | E_DEPRECATED | E_USER_DEPRECATED)
5092 #define E_CORE (E_CORE_ERROR | E_CORE_WARNING) 3854 #define E_CORE (E_CORE_ERROR | E_CORE_WARNING)
@@ -5108,41 +3870,11 @@ diff -Nura php-5.3.6/Zend/zend_errors.h suhosin-patch-5.3.6-0.9.10/Zend/zend_err
5108 #endif /* ZEND_ERRORS_H */ 3870 #endif /* ZEND_ERRORS_H */
5109 3871
5110 /* 3872 /*
5111diff -Nura php-5.3.6/Zend/zend.h suhosin-patch-5.3.6-0.9.10/Zend/zend.h 3873diff -Nura php-5.3.7/Zend/zend_hash.c suhosin-patch-5.3.7-0.9.10/Zend/zend_hash.c
5112--- php-5.3.6/Zend/zend.h 2011-01-16 21:39:22.000000000 +0100 3874--- php-5.3.7/Zend/zend_hash.c 2011-08-08 13:30:56.000000000 +0200
5113+++ suhosin-patch-5.3.6-0.9.10/Zend/zend.h 2011-03-19 10:48:33.790642098 +0100 3875+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_hash.c 2011-08-19 12:59:42.000000000 +0200
5114@@ -627,6 +627,9 @@
5115 extern int (*zend_vspprintf)(char **pbuf, size_t max_len, const char *format, va_list ap);
5116 extern ZEND_API char *(*zend_getenv)(char *name, size_t name_len TSRMLS_DC);
5117 extern ZEND_API char *(*zend_resolve_path)(const char *filename, int filename_len TSRMLS_DC);
5118+#if SUHOSIN_PATCH
5119+extern ZEND_API void (*zend_suhosin_log)(int loglevel, char *fmt, ...);
5120+#endif
5121
5122 ZEND_API void zend_error(int type, const char *format, ...) ZEND_ATTRIBUTE_FORMAT(printf, 2, 3);
5123
5124@@ -774,6 +777,16 @@
5125 #define DEBUG_BACKTRACE_PROVIDE_OBJECT (1<<0)
5126 #define DEBUG_BACKTRACE_IGNORE_ARGS (1<<1)
5127
5128+#if SUHOSIN_PATCH
5129+#include "suhosin_globals.h"
5130+#include "suhosin_patch.h"
5131+#include "php_syslog.h"
5132+
5133+ZEND_API void zend_canary(void *buf, int len);
5134+ZEND_API char suhosin_get_config(int element);
5135+
5136+#endif
5137+
5138 #endif /* ZEND_H */
5139
5140 /*
5141diff -Nura php-5.3.6/Zend/zend_hash.c suhosin-patch-5.3.6-0.9.10/Zend/zend_hash.c
5142--- php-5.3.6/Zend/zend_hash.c 2011-01-01 03:19:59.000000000 +0100
5143+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_hash.c 2011-03-19 10:48:33.800641998 +0100
5144@@ -20,6 +20,7 @@ 3876@@ -20,6 +20,7 @@
5145 /* $Id: zend_hash.c 306939 2011-01-01 02:19:59Z felipe $ */ 3877 /* $Id: zend_hash.c 314482 2011-08-08 11:30:56Z pierrick $ */
5146 3878
5147 #include "zend.h" 3879 #include "zend.h"
5148+#include "zend_compile.h" 3880+#include "zend_compile.h"
@@ -5369,7 +4101,7 @@ diff -Nura php-5.3.6/Zend/zend_hash.c suhosin-patch-5.3.6-0.9.10/Zend/zend_hash.
5369 return FAILURE; 4101 return FAILURE;
5370 } 4102 }
5371 #endif 4103 #endif
5372+ zend_hash_check_destructor(ht->pDestructor); 4104+ zend_hash_check_destructor(ht->pDestructor);
5373 if (ht->pDestructor) { 4105 if (ht->pDestructor) {
5374 ht->pDestructor(p->pData); 4106 ht->pDestructor(p->pData);
5375 } 4107 }
@@ -5377,7 +4109,7 @@ diff -Nura php-5.3.6/Zend/zend_hash.c suhosin-patch-5.3.6-0.9.10/Zend/zend_hash.
5377 return FAILURE; 4109 return FAILURE;
5378 } 4110 }
5379 #endif 4111 #endif
5380+ zend_hash_check_destructor(ht->pDestructor); 4112+ zend_hash_check_destructor(ht->pDestructor);
5381 if (ht->pDestructor) { 4113 if (ht->pDestructor) {
5382 ht->pDestructor(p->pData); 4114 ht->pDestructor(p->pData);
5383 } 4115 }
@@ -5397,25 +4129,41 @@ diff -Nura php-5.3.6/Zend/zend_hash.c suhosin-patch-5.3.6-0.9.10/Zend/zend_hash.
5397 while (p != NULL) { 4129 while (p != NULL) {
5398 q = p; 4130 q = p;
5399 p = p->pListNext; 4131 p = p->pListNext;
5400@@ -548,6 +748,7 @@ 4132@@ -554,6 +754,7 @@
5401 SET_INCONSISTENT(HT_CLEANING); 4133 ht->nNextFreeElement = 0;
4134 ht->pInternalPointer = NULL;
5402 4135
5403 p = ht->pListHead;
5404+ zend_hash_check_destructor(ht->pDestructor); 4136+ zend_hash_check_destructor(ht->pDestructor);
5405 while (p != NULL) { 4137 while (p != NULL) {
5406 q = p; 4138 q = p;
5407 p = p->pListNext; 4139 p = p->pListNext;
5408@@ -610,6 +811,7 @@ 4140@@ -608,6 +809,7 @@
5409 ht->nNumOfElements--; 4141 ht->nNumOfElements--;
5410 HANDLE_UNBLOCK_INTERRUPTIONS(); 4142 HANDLE_UNBLOCK_INTERRUPTIONS();
5411 4143
5412+ zend_hash_check_destructor(ht->pDestructor); 4144+ zend_hash_check_destructor(ht->pDestructor);
5413 if (ht->pDestructor) { 4145 if (ht->pDestructor) {
5414 ht->pDestructor(p->pData); 4146 ht->pDestructor(p->pData);
5415 } 4147 }
5416diff -Nura php-5.3.6/Zend/zend_llist.c suhosin-patch-5.3.6-0.9.10/Zend/zend_llist.c 4148@@ -628,6 +830,7 @@
5417--- php-5.3.6/Zend/zend_llist.c 2011-01-01 03:19:59.000000000 +0100 4149 IS_CONSISTENT(ht);
5418+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_llist.c 2011-03-19 10:48:33.800641998 +0100 4150
4151 p = ht->pListHead;
4152+ zend_hash_check_destructor(ht->pDestructor);
4153 while (p != NULL) {
4154 p = zend_hash_apply_deleter(ht, p);
4155 }
4156@@ -1180,6 +1383,7 @@
4157
4158 IS_CONSISTENT(ht);
4159
4160+ zend_hash_check_destructor(ht->pDestructor);
4161 if (p) {
4162 if (key_type == HASH_KEY_IS_LONG) {
4163 str_length = 0;
4164diff -Nura php-5.3.7/Zend/zend_llist.c suhosin-patch-5.3.7-0.9.10/Zend/zend_llist.c
4165--- php-5.3.7/Zend/zend_llist.c 2011-01-01 03:19:59.000000000 +0100
4166+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_llist.c 2011-08-19 12:39:29.000000000 +0200
5419@@ -23,6 +23,194 @@ 4167@@ -23,6 +23,194 @@
5420 #include "zend_llist.h" 4168 #include "zend_llist.h"
5421 #include "zend_qsort.h" 4169 #include "zend_qsort.h"
@@ -5643,9 +4391,9 @@ diff -Nura php-5.3.6/Zend/zend_llist.c suhosin-patch-5.3.6-0.9.10/Zend/zend_llis
5643 if ((old_tail = l->tail)) { 4391 if ((old_tail = l->tail)) {
5644 if (old_tail->prev) { 4392 if (old_tail->prev) {
5645 old_tail->prev->next = NULL; 4393 old_tail->prev->next = NULL;
5646diff -Nura php-5.3.6/Zend/zend_operators.c suhosin-patch-5.3.6-0.9.10/Zend/zend_operators.c 4394diff -Nura php-5.3.7/Zend/zend_operators.c suhosin-patch-5.3.7-0.9.10/Zend/zend_operators.c
5647--- php-5.3.6/Zend/zend_operators.c 2011-01-01 03:19:59.000000000 +0100 4395--- php-5.3.7/Zend/zend_operators.c 2011-01-01 03:19:59.000000000 +0100
5648+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_operators.c 2011-03-19 10:48:33.800641998 +0100 4396+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_operators.c 2011-08-19 12:39:29.000000000 +0200
5649@@ -153,9 +153,14 @@ 4397@@ -153,9 +153,14 @@
5650 case IS_STRING: 4398 case IS_STRING:
5651 { 4399 {
@@ -5733,27 +4481,9 @@ diff -Nura php-5.3.6/Zend/zend_operators.c suhosin-patch-5.3.6-0.9.10/Zend/zend_
5733 switch (type) { 4481 switch (type) {
5734 case IS_ARRAY: 4482 case IS_ARRAY:
5735 ALLOC_HASHTABLE(Z_ARRVAL_P(op)); 4483 ALLOC_HASHTABLE(Z_ARRVAL_P(op));
5736diff -Nura php-5.3.6/Zend/ZendTS.dsp suhosin-patch-5.3.6-0.9.10/Zend/ZendTS.dsp 4484diff -Nura php-5.3.7/Zend/zend_variables.c suhosin-patch-5.3.7-0.9.10/Zend/zend_variables.c
5737--- php-5.3.6/Zend/ZendTS.dsp 2008-07-14 11:49:03.000000000 +0200 4485--- php-5.3.7/Zend/zend_variables.c 2011-01-01 03:19:59.000000000 +0100
5738+++ suhosin-patch-5.3.6-0.9.10/Zend/ZendTS.dsp 2011-03-19 10:48:33.790642098 +0100 4486+++ suhosin-patch-5.3.7-0.9.10/Zend/zend_variables.c 2011-08-19 12:39:29.000000000 +0200
5739@@ -277,6 +277,14 @@
5740 # End Source File
5741 # Begin Source File
5742
5743+SOURCE=.\zend_canary.c
5744+# End Source File
5745+# Begin Source File
5746+
5747+SOURCE=.\zend_alloc_canary.c
5748+# End Source File
5749+# Begin Source File
5750+
5751 SOURCE=.\zend_ts_hash.c
5752 # End Source File
5753 # Begin Source File
5754diff -Nura php-5.3.6/Zend/zend_variables.c suhosin-patch-5.3.6-0.9.10/Zend/zend_variables.c
5755--- php-5.3.6/Zend/zend_variables.c 2011-01-01 03:19:59.000000000 +0100
5756+++ suhosin-patch-5.3.6-0.9.10/Zend/zend_variables.c 2011-03-19 10:48:33.800641998 +0100
5757@@ -34,6 +34,9 @@ 4487@@ -34,6 +34,9 @@
5758 case IS_CONSTANT: 4488 case IS_CONSTANT:
5759 CHECK_ZVAL_STRING_REL(zvalue); 4489 CHECK_ZVAL_STRING_REL(zvalue);
@@ -5774,3 +4504,1308 @@ diff -Nura php-5.3.6/Zend/zend_variables.c suhosin-patch-5.3.6-0.9.10/Zend/zend_
5774 break; 4504 break;
5775 case IS_ARRAY: 4505 case IS_ARRAY:
5776 case IS_CONSTANT_ARRAY: 4506 case IS_CONSTANT_ARRAY:
4507diff -Nura php-5.3.7/configure suhosin-patch-5.3.7-0.9.10/configure
4508--- php-5.3.7/configure 2011-08-17 15:32:31.000000000 +0200
4509+++ suhosin-patch-5.3.7-0.9.10/configure 2011-08-19 12:39:29.000000000 +0200
4510@@ -19049,6 +19049,9 @@
4511
4512 fi
4513
4514+cat >> confdefs.h <<\EOF
4515+#define SUHOSIN_PATCH 1
4516+EOF
4517
4518 echo $ac_n "checking for declared timezone""... $ac_c" 1>&6
4519 echo "configure:19055: checking for declared timezone" >&5
4520@@ -115465,7 +115468,7 @@
4521 php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
4522 strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
4523 network.c php_open_temporary_file.c php_logos.c \
4524- output.c getopt.c; do
4525+ output.c getopt.c suhosin_patch.c ; do
4526
4527 IFS=.
4528 set $ac_src
4529@@ -115669,7 +115672,7 @@
4530 zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
4531 zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
4532 zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c zend_gc.c \
4533- zend_closures.c zend_float.c; do
4534+ zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c ; do
4535
4536 IFS=.
4537 set $ac_src
4538diff -Nura php-5.3.7/configure.in suhosin-patch-5.3.7-0.9.10/configure.in
4539--- php-5.3.7/configure.in 2011-08-17 15:30:04.000000000 +0200
4540+++ suhosin-patch-5.3.7-0.9.10/configure.in 2011-08-19 12:39:29.000000000 +0200
4541@@ -289,6 +289,7 @@
4542 sinclude(TSRM/threads.m4)
4543 sinclude(TSRM/tsrm.m4)
4544
4545+sinclude(main/suhosin_patch.m4)
4546
4547 divert(2)
4548
4549@@ -1398,7 +1399,7 @@
4550 php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
4551 strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
4552 network.c php_open_temporary_file.c php_logos.c \
4553- output.c getopt.c)
4554+ output.c getopt.c suhosin_patch.c )
4555
4556 PHP_ADD_SOURCES(main/streams, streams.c cast.c memory.c filter.c \
4557 plain_wrapper.c userspace.c transports.c xp_socket.c mmap.c \
4558@@ -1426,7 +1427,7 @@
4559 zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
4560 zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
4561 zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c zend_gc.c \
4562- zend_closures.c zend_float.c)
4563+ zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c )
4564
4565 if test -r "$abs_srcdir/Zend/zend_objects.c"; then
4566 PHP_ADD_SOURCES(Zend, zend_objects.c zend_object_handlers.c zend_objects_API.c zend_default_classes.c)
4567diff -Nura php-5.3.7/ext/standard/dl.c suhosin-patch-5.3.7-0.9.10/ext/standard/dl.c
4568--- php-5.3.7/ext/standard/dl.c 2011-05-26 16:37:13.000000000 +0200
4569+++ suhosin-patch-5.3.7-0.9.10/ext/standard/dl.c 2011-08-19 12:39:29.000000000 +0200
4570@@ -254,6 +254,23 @@
4571 return FAILURE;
4572 }
4573 }
4574+
4575+#if SUHOSIN_PATCH
4576+ if (strncmp("suhosin", module_entry->name, sizeof("suhosin")-1) == 0) {
4577+ void *log_func;
4578+ /* sucessfully loaded suhosin extension, now check for logging function replacement */
4579+ log_func = (void *) DL_FETCH_SYMBOL(handle, "suhosin_log");
4580+ if (log_func == NULL) {
4581+ log_func = (void *) DL_FETCH_SYMBOL(handle, "_suhosin_log");
4582+ }
4583+ if (log_func != NULL) {
4584+ zend_suhosin_log = log_func;
4585+ } else {
4586+ zend_suhosin_log(S_MISC, "could not replace logging function");
4587+ }
4588+ }
4589+#endif
4590+
4591 return SUCCESS;
4592 }
4593 /* }}} */
4594diff -Nura php-5.3.7/ext/standard/info.c suhosin-patch-5.3.7-0.9.10/ext/standard/info.c
4595--- php-5.3.7/ext/standard/info.c 2011-07-21 16:49:55.000000000 +0200
4596+++ suhosin-patch-5.3.7-0.9.10/ext/standard/info.c 2011-08-19 12:39:29.000000000 +0200
4597@@ -878,6 +878,33 @@
4598
4599 php_info_print_table_end();
4600
4601+ /* Suhosin Patch */
4602+ php_info_print_box_start(0);
4603+ if (expose_php && !sapi_module.phpinfo_as_text) {
4604+ PUTS("<a href=\"http://www.suhosin.org\"><img border=\"0\" src=\"");
4605+ if (SG(request_info).request_uri) {
4606+ char *elem_esc = php_info_html_esc(SG(request_info).request_uri TSRMLS_CC);
4607+ PUTS(elem_esc);
4608+ efree(elem_esc);
4609+ }
4610+ PUTS("?="SUHOSIN_LOGO_GUID"\" alt=\"Suhosin logo\" /></a>\n");
4611+ }
4612+ PUTS("This server is protected with the Suhosin Patch ");
4613+ if (sapi_module.phpinfo_as_text) {
4614+ PUTS(SUHOSIN_PATCH_VERSION);
4615+ } else {
4616+ zend_html_puts(SUHOSIN_PATCH_VERSION, strlen(SUHOSIN_PATCH_VERSION) TSRMLS_CC);
4617+ }
4618+ PUTS(!sapi_module.phpinfo_as_text?"<br />":"\n");
4619+ if (sapi_module.phpinfo_as_text) {
4620+ PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
4621+ PUTS("Copyright (c) 2007-2009 SektionEins GmbH\n");
4622+ } else {
4623+ PUTS("Copyright (c) 2006-2007 <a href=\"http://www.hardened-php.net/\">Hardened-PHP Project</a>\n");
4624+ PUTS("Copyright (c) 2007-2009 <a href=\"http://www.sektioneins.de/\">SektionEins GmbH</a>\n");
4625+ }
4626+ php_info_print_box_end();
4627+
4628 /* Zend Engine */
4629 php_info_print_box_start(0);
4630 if (expose_php && !sapi_module.phpinfo_as_text) {
4631diff -Nura php-5.3.7/ext/standard/syslog.c suhosin-patch-5.3.7-0.9.10/ext/standard/syslog.c
4632--- php-5.3.7/ext/standard/syslog.c 2011-01-01 03:19:59.000000000 +0100
4633+++ suhosin-patch-5.3.7-0.9.10/ext/standard/syslog.c 2011-08-19 12:39:29.000000000 +0200
4634@@ -42,6 +42,7 @@
4635 */
4636 PHP_MINIT_FUNCTION(syslog)
4637 {
4638+#if !SUHOSIN_PATCH
4639 /* error levels */
4640 REGISTER_LONG_CONSTANT("LOG_EMERG", LOG_EMERG, CONST_CS | CONST_PERSISTENT); /* system unusable */
4641 REGISTER_LONG_CONSTANT("LOG_ALERT", LOG_ALERT, CONST_CS | CONST_PERSISTENT); /* immediate action required */
4642@@ -97,6 +98,7 @@
4643 /* AIX doesn't have LOG_PERROR */
4644 REGISTER_LONG_CONSTANT("LOG_PERROR", LOG_PERROR, CONST_CS | CONST_PERSISTENT); /*log to stderr*/
4645 #endif
4646+#endif
4647 BG(syslog_device)=NULL;
4648
4649 return SUCCESS;
4650diff -Nura php-5.3.7/main/fopen_wrappers.c suhosin-patch-5.3.7-0.9.10/main/fopen_wrappers.c
4651--- php-5.3.7/main/fopen_wrappers.c 2011-08-09 15:04:35.000000000 +0200
4652+++ suhosin-patch-5.3.7-0.9.10/main/fopen_wrappers.c 2011-08-19 12:39:30.000000000 +0200
4653@@ -85,13 +85,8 @@
4654 PHPAPI ZEND_INI_MH(OnUpdateBaseDir)
4655 {
4656 char **p, *pathbuf, *ptr, *end;
4657-#ifndef ZTS
4658- char *base = (char *) mh_arg2;
4659-#else
4660- char *base = (char *) ts_resource(*((int *) mh_arg2));
4661-#endif
4662
4663- p = (char **) (base + (size_t) mh_arg1);
4664+ p = &PG(open_basedir);
4665
4666 if (stage == PHP_INI_STAGE_STARTUP || stage == PHP_INI_STAGE_SHUTDOWN || stage == PHP_INI_STAGE_ACTIVATE || stage == PHP_INI_STAGE_DEACTIVATE) {
4667 /* We're in a PHP_INI_SYSTEM context, no restrictions */
4668diff -Nura php-5.3.7/main/main.c suhosin-patch-5.3.7-0.9.10/main/main.c
4669--- php-5.3.7/main/main.c 2011-06-16 03:31:10.000000000 +0200
4670+++ suhosin-patch-5.3.7-0.9.10/main/main.c 2011-08-19 12:39:30.000000000 +0200
4671@@ -91,6 +91,9 @@
4672
4673 #include "SAPI.h"
4674 #include "rfc1867.h"
4675+#if SUHOSIN_PATCH
4676+#include "suhosin_globals.h"
4677+#endif
4678
4679 #if HAVE_SYS_MMAN_H
4680 # include <sys/mman.h>
4681@@ -493,7 +496,7 @@
4682 STD_PHP_INI_ENTRY("extension_dir", PHP_EXTENSION_DIR, PHP_INI_SYSTEM, OnUpdateStringUnempty, extension_dir, php_core_globals, core_globals)
4683 STD_PHP_INI_ENTRY("include_path", PHP_INCLUDE_PATH, PHP_INI_ALL, OnUpdateStringUnempty, include_path, php_core_globals, core_globals)
4684 PHP_INI_ENTRY("max_execution_time", "30", PHP_INI_ALL, OnUpdateTimeout)
4685- STD_PHP_INI_ENTRY("open_basedir", NULL, PHP_INI_ALL, OnUpdateBaseDir, open_basedir, php_core_globals, core_globals)
4686+ PHP_INI_ENTRY("open_basedir", NULL, PHP_INI_ALL, OnUpdateBaseDir)
4687 STD_PHP_INI_ENTRY("safe_mode_exec_dir", PHP_SAFE_MODE_EXEC_DIR, PHP_INI_SYSTEM, OnUpdateString, safe_mode_exec_dir, php_core_globals, core_globals)
4688
4689 STD_PHP_INI_BOOLEAN("file_uploads", "1", PHP_INI_SYSTEM, OnUpdateBool, file_uploads, php_core_globals, core_globals)
4690@@ -1786,6 +1789,10 @@
4691 }
4692 #endif
4693
4694+#if SUHOSIN_PATCH
4695+PHPAPI void suhosin_startup();
4696+#endif
4697+
4698 /* {{{ php_module_startup
4699 */
4700 int php_module_startup(sapi_module_struct *sf, zend_module_entry *additional_modules, uint num_additional_modules)
4701@@ -1834,6 +1841,10 @@
4702 php_win32_init_rng_lock();
4703 #endif
4704
4705+#if SUHOSIN_PATCH
4706+ suhosin_startup();
4707+#endif
4708+
4709 module_shutdown = 0;
4710 module_startup = 1;
4711 sapi_initialize_empty_request(TSRMLS_C);
4712@@ -1956,7 +1967,11 @@
4713 REGISTER_MAIN_STRINGL_CONSTANT("PHP_CONFIG_FILE_SCAN_DIR", PHP_CONFIG_FILE_SCAN_DIR, sizeof(PHP_CONFIG_FILE_SCAN_DIR)-1, CONST_PERSISTENT | CONST_CS);
4714 REGISTER_MAIN_STRINGL_CONSTANT("PHP_SHLIB_SUFFIX", PHP_SHLIB_SUFFIX, sizeof(PHP_SHLIB_SUFFIX)-1, CONST_PERSISTENT | CONST_CS);
4715 REGISTER_MAIN_STRINGL_CONSTANT("PHP_EOL", PHP_EOL, sizeof(PHP_EOL)-1, CONST_PERSISTENT | CONST_CS);
4716- REGISTER_MAIN_LONG_CONSTANT("PHP_MAXPATHLEN", MAXPATHLEN, CONST_PERSISTENT | CONST_CS);
4717+#if SUHOSIN_PATCH
4718+ REGISTER_MAIN_LONG_CONSTANT("SUHOSIN_PATCH", 1, CONST_PERSISTENT | CONST_CS);
4719+ REGISTER_MAIN_STRINGL_CONSTANT("SUHOSIN_PATCH_VERSION", SUHOSIN_PATCH_VERSION, sizeof(SUHOSIN_PATCH_VERSION)-1, CONST_PERSISTENT | CONST_CS);
4720+#endif
4721+ REGISTER_MAIN_LONG_CONSTANT("PHP_MAXPATHLEN", MAXPATHLEN, CONST_PERSISTENT | CONST_CS);
4722 REGISTER_MAIN_LONG_CONSTANT("PHP_INT_MAX", LONG_MAX, CONST_PERSISTENT | CONST_CS);
4723 REGISTER_MAIN_LONG_CONSTANT("PHP_INT_SIZE", sizeof(long), CONST_PERSISTENT | CONST_CS);
4724 #ifdef ZEND_MULTIBYTE
4725diff -Nura php-5.3.7/main/php.h suhosin-patch-5.3.7-0.9.10/main/php.h
4726--- php-5.3.7/main/php.h 2011-07-25 13:30:53.000000000 +0200
4727+++ suhosin-patch-5.3.7-0.9.10/main/php.h 2011-08-19 12:39:30.000000000 +0200
4728@@ -454,6 +454,10 @@
4729 #endif
4730 #endif /* !XtOffsetOf */
4731
4732+#if SUHOSIN_PATCH
4733+#include "suhosin_patch.h"
4734+#endif
4735+
4736 #endif
4737
4738 /*
4739diff -Nura php-5.3.7/main/php_config.h.in suhosin-patch-5.3.7-0.9.10/main/php_config.h.in
4740--- php-5.3.7/main/php_config.h.in 2011-08-17 15:32:34.000000000 +0200
4741+++ suhosin-patch-5.3.7-0.9.10/main/php_config.h.in 2011-08-19 12:39:30.000000000 +0200
4742@@ -851,6 +851,9 @@
4743 /* Define if the target system has /dev/urandom device */
4744 #undef HAVE_DEV_URANDOM
4745
4746+/* Suhosin-Patch for PHP */
4747+#undef SUHOSIN_PATCH
4748+
4749 /* Whether you have AOLserver */
4750 #undef HAVE_AOLSERVER
4751
4752diff -Nura php-5.3.7/main/php_logos.c suhosin-patch-5.3.7-0.9.10/main/php_logos.c
4753--- php-5.3.7/main/php_logos.c 2011-01-01 03:19:59.000000000 +0100
4754+++ suhosin-patch-5.3.7-0.9.10/main/php_logos.c 2011-08-19 12:39:30.000000000 +0200
4755@@ -50,6 +50,10 @@
4756 return zend_hash_del(&phpinfo_logo_hash, logo_string, strlen(logo_string));
4757 }
4758
4759+#if SUHOSIN_PATCH
4760+#include "suhosin_logo.h"
4761+#endif
4762+
4763 int php_init_info_logos(void)
4764 {
4765 if(zend_hash_init(&phpinfo_logo_hash, 0, NULL, NULL, 1)==FAILURE)
4766@@ -58,7 +62,9 @@
4767 php_register_info_logo(PHP_LOGO_GUID , "image/gif", php_logo , sizeof(php_logo));
4768 php_register_info_logo(PHP_EGG_LOGO_GUID, "image/gif", php_egg_logo, sizeof(php_egg_logo));
4769 php_register_info_logo(ZEND_LOGO_GUID , "image/gif", zend_logo , sizeof(zend_logo));
4770-
4771+#if SUHOSIN_PATCH
4772+ php_register_info_logo(SUHOSIN_LOGO_GUID, "image/jpeg", suhosin_logo , sizeof(suhosin_logo));
4773+#endif
4774 return SUCCESS;
4775 }
4776
4777diff -Nura php-5.3.7/main/snprintf.c suhosin-patch-5.3.7-0.9.10/main/snprintf.c
4778--- php-5.3.7/main/snprintf.c 2011-08-09 04:42:25.000000000 +0200
4779+++ suhosin-patch-5.3.7-0.9.10/main/snprintf.c 2011-08-19 12:39:30.000000000 +0200
4780@@ -782,6 +782,10 @@
4781 */
4782 switch (*fmt) {
4783 case 'Z':
4784+#if SUHOSIN_PATCH
4785+ zend_suhosin_log(S_MISC, "'Z' specifier within format string");
4786+ goto skip_output;
4787+#else
4788 zvp = (zval*) va_arg(ap, zval*);
4789 zend_make_printable_zval(zvp, &zcopy, &free_zcopy);
4790 if (free_zcopy) {
4791@@ -792,6 +796,7 @@
4792 if (adjust_precision && precision < s_len) {
4793 s_len = precision;
4794 }
4795+#endif
4796 break;
4797 case 'u':
4798 switch(modifier) {
4799@@ -1093,7 +1098,11 @@
4800
4801
4802 case 'n':
4803+#if SUHOSIN_PATCH
4804+ zend_suhosin_log(S_MISC, "'n' specifier within format string");
4805+#else
4806 *(va_arg(ap, int *)) = cc;
4807+#endif
4808 goto skip_output;
4809
4810 /*
4811diff -Nura php-5.3.7/main/spprintf.c suhosin-patch-5.3.7-0.9.10/main/spprintf.c
4812--- php-5.3.7/main/spprintf.c 2011-08-09 04:37:02.000000000 +0200
4813+++ suhosin-patch-5.3.7-0.9.10/main/spprintf.c 2011-08-19 12:39:30.000000000 +0200
4814@@ -390,6 +390,10 @@
4815 */
4816 switch (*fmt) {
4817 case 'Z':
4818+#if SUHOSIN_PATCH
4819+ zend_suhosin_log(S_MISC, "'Z' specifier within format string");
4820+ goto skip_output;
4821+#else
4822 zvp = (zval*) va_arg(ap, zval*);
4823 zend_make_printable_zval(zvp, &zcopy, &free_zcopy);
4824 if (free_zcopy) {
4825@@ -400,6 +404,7 @@
4826 if (adjust_precision && precision < s_len) {
4827 s_len = precision;
4828 }
4829+#endif
4830 break;
4831 case 'u':
4832 switch(modifier) {
4833@@ -700,7 +705,11 @@
4834
4835
4836 case 'n':
4837+#if SUHOSIN_PATCH
4838+ zend_suhosin_log(S_MISC, "'n' specifier within format string");
4839+#else
4840 *(va_arg(ap, int *)) = xbuf->len;
4841+#endif
4842 goto skip_output;
4843
4844 /*
4845diff -Nura php-5.3.7/main/suhosin_globals.h suhosin-patch-5.3.7-0.9.10/main/suhosin_globals.h
4846--- php-5.3.7/main/suhosin_globals.h 1970-01-01 01:00:00.000000000 +0100
4847+++ suhosin-patch-5.3.7-0.9.10/main/suhosin_globals.h 2011-08-19 12:39:30.000000000 +0200
4848@@ -0,0 +1,61 @@
4849+/*
4850+ +----------------------------------------------------------------------+
4851+ | Suhosin-Patch for PHP |
4852+ +----------------------------------------------------------------------+
4853+ | Copyright (c) 2004-2009 Stefan Esser |
4854+ +----------------------------------------------------------------------+
4855+ | This source file is subject to version 2.02 of the PHP license, |
4856+ | that is bundled with this package in the file LICENSE, and is |
4857+ | available at through the world-wide-web at |
4858+ | http://www.php.net/license/2_02.txt. |
4859+ | If you did not receive a copy of the PHP license and are unable to |
4860+ | obtain it through the world-wide-web, please send a note to |
4861+ | license@php.net so we can mail you a copy immediately. |
4862+ +----------------------------------------------------------------------+
4863+ | Author: Stefan Esser <stefan.esser@sektioneins.de> |
4864+ +----------------------------------------------------------------------+
4865+ */
4866+
4867+#ifndef SUHOSIN_GLOBALS_H
4868+#define SUHOSIN_GLOBALS_H
4869+
4870+typedef struct _suhosin_patch_globals suhosin_patch_globals_struct;
4871+
4872+#ifdef ZTS
4873+# define SPG(v) TSRMG(suhosin_patch_globals_id, suhosin_patch_globals_struct *, v)
4874+extern int suhosin_patch_globals_id;
4875+#else
4876+# define SPG(v) (suhosin_patch_globals.v)
4877+extern struct _suhosin_patch_globals suhosin_patch_globals;
4878+#endif
4879+
4880+
4881+struct _suhosin_patch_globals {
4882+ /* logging */
4883+ int log_syslog;
4884+ int log_syslog_facility;
4885+ int log_syslog_priority;
4886+ int log_sapi;
4887+ int log_script;
4888+ int log_phpscript;
4889+ char *log_scriptname;
4890+ char *log_phpscriptname;
4891+ zend_bool log_phpscript_is_safe;
4892+ zend_bool log_use_x_forwarded_for;
4893+
4894+ /* memory manager canary protection */
4895+ unsigned int canary_1;
4896+ unsigned int canary_2;
4897+ unsigned int canary_3;
4898+ unsigned int dummy;
4899+};
4900+
4901+
4902+#endif /* SUHOSIN_GLOBALS_H */
4903+
4904+/*
4905+ * Local variables:
4906+ * tab-width: 4
4907+ * c-basic-offset: 4
4908+ * End:
4909+ */
4910diff -Nura php-5.3.7/main/suhosin_logo.h suhosin-patch-5.3.7-0.9.10/main/suhosin_logo.h
4911--- php-5.3.7/main/suhosin_logo.h 1970-01-01 01:00:00.000000000 +0100
4912+++ suhosin-patch-5.3.7-0.9.10/main/suhosin_logo.h 2011-08-19 12:39:30.000000000 +0200
4913@@ -0,0 +1,178 @@
4914+static unsigned char suhosin_logo[] =
4915+ "\xff\xd8\xff\xe0\x00\x10\x4a\x46\x49\x46\x00\x01\x01\x01\x00\x48"
4916+ "\x00\x48\x00\x00\xff\xe1\x00\x16\x45\x78\x69\x66\x00\x00\x4d\x4d"
4917+ "\x00\x2a\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\xff\xdb\x00\x43"
4918+ "\x00\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
4919+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
4920+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
4921+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01"
4922+ "\x01\xff\xc0\x00\x0b\x08\x00\x27\x00\x71\x01\x01\x22\x00\xff\xc4"
4923+ "\x00\x1e\x00\x00\x02\x02\x02\x03\x01\x01\x00\x00\x00\x00\x00\x00"
4924+ "\x00\x00\x00\x00\x09\x06\x08\x05\x07\x02\x03\x0a\x01\x04\xff\xc4"
4925+ "\x00\x32\x10\x00\x01\x04\x03\x00\x02\x00\x05\x01\x05\x09\x01\x00"
4926+ "\x00\x00\x00\x05\x02\x03\x04\x06\x01\x07\x08\x00\x09\x11\x12\x13"
4927+ "\x14\x21\x15\x0a\x16\x31\x56\x96\x17\x18\x19\x23\x32\x41\x58\x98"
4928+ "\xd4\xd6\xff\xda\x00\x08\x01\x01\x00\x00\x3f\x00\xf4\xc1\xe1\xe5"
4929+ "\x69\xe9\x3e\xb9\xd1\x7c\x8a\x2e\x9d\x66\xe8\x3b\x29\x4d\x7f\x46"
4930+ "\xba\x58\x55\x54\x8d\xb1\x5f\xaa\xd9\x8d\x51\x2b\xb6\x27\x5a\x69"
4931+ "\xd1\x43\xaf\x16\x1a\xf0\xb2\xb1\xe9\x6d\x9f\xc2\xa4\x36\x18\xb5"
4932+ "\x85\x10\x41\xbe\xfc\x09\xac\x49\x29\x11\xd4\x32\x97\xec\x08\x13"
4933+ "\xc1\x2d\x20\xc3\x59\xeb\x26\x05\xd8\x6b\x76\x31\x43\x8f\x57\xcf"
4934+ "\x84\x9f\x14\xa8\x53\x81\x0b\xc3\x64\x80\xa3\x02\x0a\x41\x75\xf8"
4935+ "\x44\x85\x93\x81\x22\x3c\xd8\x13\xe1\xbe\xf4\x59\x91\x1f\x6a\x44"
4936+ "\x77\x5c\x69\xc4\x2f\x39\x5f\x0f\x2a\x8d\xeb\xba\xf8\xc3\x56\x6c"
4937+ "\x3b\x36\xa7\xda\xbd\x4d\xa1\xb5\x4e\xc6\xa7\xa4\x3a\xec\x15\x2d"
4938+ "\xa5\xb3\xea\x5a\xdc\xac\x46\xac\x01\x60\xd8\x43\xc8\x8e\x8b\xb1"
4939+ "\x40\x4c\x95\x8b\x34\x41\x28\x52\x91\x28\x43\xd3\xa3\xb6\xa7\x55"
4940+ "\x15\xe7\x5a\x96\xcb\xf1\xda\xe5\x55\xee\xfe\x1e\xbd\xd9\x41\xd3"
4941+ "\x28\xfd\x97\xca\x57\x2b\x85\x9c\xa4\x30\x95\xaa\xa5\x57\xa2\x35"
4942+ "\x15\x86\xcb\x61\x34\x41\xe4\xc7\x80\x20\x18\x21\x17\x09\x85\x0b"
4943+ "\x14\x9d\x21\x68\x62\x1c\x08\x11\x64\x4b\x92\xf2\xd2\xd3\x2d\x2d"
4944+ "\x6a\xc2\x73\x6b\x3c\x3c\x8b\x9e\xbc\x52\xaa\xa4\xab\x81\x6c\xf6"
4945+ "\xfa\xbd\x70\xc5\xc6\x7b\xc2\xaa\x22\x4f\x58\x04\x87\x25\x6a\x27"
4946+ "\x1d\xa4\x3d\x20\x75\x72\x01\x09\x71\xe5\x1c\x9e\xc3\x2e\x36\xf3"
4947+ "\xd0\xc6\x35\x2a\x43\x4d\x2d\x0e\x2d\xb4\xa1\x49\xce\x65\x1e\x52"
4948+ "\x9e\xa1\xf6\x09\xcc\xdc\x63\x66\xa8\x01\xe9\x3b\x0d\xd7\x5a\x85"
4949+ "\xbb\xc5\x65\xc0\x7b\x2e\x46\xa9\xd9\x56\x1d\x4c\x92\x72\x26\x4e"
4950+ "\x86\xd5\x68\xae\xc4\xaa\x55\xce\xd7\x83\x59\xb3\x81\xee\xce\x74"
4951+ "\x39\x39\x31\x9f\x8a\x25\xe8\xa5\xa5\xe5\x81\xf2\x11\x23\xcb\xa1"
4952+ "\x1e\x43\x12\xe3\xb1\x2a\x2b\xcd\xc8\x8d\x25\x96\xa4\x47\x7d\x95"
4953+ "\xa5\xc6\x9f\x61\xe4\x25\xc6\x5e\x69\xc4\xe7\x29\x5b\x6e\xb6\xa4"
4954+ "\xad\x0b\x4e\x72\x95\x25\x58\x56\x33\x9c\x67\xce\xef\x0f\x17\xbf"
4955+ "\x4c\x7b\x2d\xe6\xfe\x76\x35\x27\x5a\x07\x97\x67\xe8\xae\x8d\x71"
4956+ "\x0f\xb2\x13\x99\xb9\xbc\x14\xad\xb3\xb7\xe6\x11\x6f\xe0\xda\x58"
4957+ "\xb1\x08\xac\xa6\x6c\x2d\x7f\x05\xb7\x56\xd2\xe6\xcf\xbb\x4d\x0c"
4958+ "\xe3\x50\xb2\xec\x91\xf0\x4a\xb8\xd6\x22\xb8\xa7\xf6\x67\xaf\xcf"
4959+ "\x63\x7e\xd7\xe7\x42\xd8\xbd\xc3\x71\xa1\xf2\x7e\x9b\xa8\x97\x83"
4960+ "\x6e\xd1\xdc\x4b\x06\x11\x2d\xae\x26\x61\x98\x72\x10\xf4\x42\x5d"
4961+ "\x20\x4a\xa3\x73\xd7\xf2\xcd\x3c\x48\x32\xe4\x03\x9f\x80\x37\x08"
4962+ "\x36\x11\xd0\xcb\x97\x6c\x08\xed\x6d\x33\x24\xa2\x1b\xb4\x77\xdf"
4963+ "\x61\x5d\x5f\xc1\x43\xc2\x82\xeb\x0f\x5d\x84\x08\x68\xaa\xa4\x01"
4964+ "\xe1\x19\xdf\xbc\x31\x65\xfe\xd1\xf5\x7d\x7a\xb2\x2a\x33\x50\x21"
4965+ "\x2a\x56\x9d\xb1\x81\xab\xdb\x35\x78\x30\x83\xd9\x89\x1d\x31\xac"
4966+ "\x96\x14\x07\x61\xbc\x20\x68\x42\x85\x33\x19\xac\xbe\xdb\x34\x56"
4967+ "\xf1\xd5\xfd\x29\xa9\x28\xdb\xcb\x4c\x5a\x23\xdc\xf5\x96\xc5\x10"
4968+ "\xa3\x35\x5b\x14\x68\xd3\x61\x62\x64\x76\x26\xcb\x17\x3e\x34\x98"
4969+ "\x04\xa3\xc4\x20\x38\x90\x92\xe3\xc8\x07\x2c\x36\x74\x66\x26\x0e"
4970+ "\x29\x02\x64\x29\x2d\x21\xe6\x16\x9c\x6b\xce\xa3\x89\xd9\x4f\xd3"
4971+ "\xc4\xbd\xc5\x87\x79\x9c\x65\xf6\x39\x45\x60\xe8\xce\x9e\xab\x6d"
4972+ "\x13\x15\x22\xe1\x5e\x4b\x38\x42\xc4\x1e\xd5\x76\xe0\xc5\xeb\x85"
4973+ "\x07\x2d\x0f\xb8\xb6\xa6\xd6\x6d\x71\x0d\xa2\x43\x4c\x25\xea\xfa"
4974+ "\xa1\xae\x4c\xe4\x7d\xbd\x76\xa9\xfb\x06\xc2\x83\x42\xeb\xad\xe7"
4975+ "\xe9\x5f\x68\x6f\xba\xfb\x2f\x07\xce\xb8\x13\xc1\x9b\xeb\xb0\x76"
4976+ "\x45\x57\x28\x7b\xea\xbe\x0f\xf4\x30\x7b\xa0\xed\xe4\x22\x93\x21"
4977+ "\xfc\xbc\xe0\xb9\x75\xc1\x4f\xfc\xef\xb6\xfa\xa1\xfc\x64\xa1\x4a"
4978+ "\x82\xc7\x33\xad\x75\xed\x82\xbd\x3d\xdb\xf7\xa8\xbe\x5e\xbb\x36"
4979+ "\x62\x04\x9a\x2e\xc5\xd9\x9e\x9c\x3a\x0b\x98\x0b\x57\xac\xf1\x24"
4980+ "\x62\x58\x83\x15\x5b\xa6\xf2\xda\x34\x70\x03\xce\x0f\x93\x1b\x12"
4981+ "\xc7\xce\x54\x87\x33\x15\xd6\x53\x25\x1f\x2a\x90\x87\x12\xe3\x78"
4982+ "\xef\x55\x77\x4d\x4a\xd8\x7e\xef\xd2\xfd\xd1\xaf\x3a\xaf\x55\xdb"
4983+ "\x6a\x2d\x3d\x42\xac\x51\x79\xee\x91\xab\xe1\x05\x2d\x3c\x80\xa2"
4984+ "\x43\xad\x22\x2e\xd5\x33\x13\xa4\x9e\x00\xe0\x04\x10\x84\xc8\xf2"
4985+ "\x19\x30\x92\x1f\xaa\xc3\x28\xc9\x76\x30\x3f\xe9\x10\x61\x5e\x79"
4986+ "\xd5\xf7\xdf\xd0\x54\xdb\xae\xb6\xae\xfa\xe8\xa3\x57\xe0\x6c\x2d"
4987+ "\xf7\xbd\x49\xd6\x6e\x76\x79\xcc\x54\x0c\x5f\xff\x00\xbb\x06\x98"
4988+ "\xa6\x9e\x89\x61\xb4\x6f\xc3\xe3\x6a\xc2\x4f\x59\x03\xc9\x80\x2c"
4989+ "\x59\x24\x44\x70\x38\xd5\x96\x6a\x9e\x8b\x81\x64\xe5\xbc\xa0\x3c"
4990+ "\x33\xaf\x17\x9d\xff\x00\x71\x1a\xd1\x3a\x80\x66\xb3\xd9\x31\x77"
4991+ "\x0d\x12\xbd\xae\x29\xb5\x6a\xd6\xcf\x8d\x68\x87\x75\xcd\xe8\x65"
4992+ "\x5a\xbe\x3c\x04\x7b\x34\xdb\x54\x19\xa4\x63\x9c\x2a\x5d\x23\xbe"
4993+ "\xf4\xb1\x1c\x4d\x90\xec\x92\x2f\x49\x71\xf7\x14\xf2\x97\x9f\x15"
4994+ "\x57\xed\x13\x21\x2a\xf5\x33\xd1\x2a\x52\x52\xac\xb7\x62\xd1\xcb"
4995+ "\x46\x73\x8c\x67\x28\x56\x77\x86\xbf\x6f\x2a\x4e\x73\xfe\x95\x65"
4996+ "\x0b\x5a\x3e\x38\xfc\xfc\xaa\x56\x3f\x86\x73\xe3\xb9\x4a\x52\x84"
4997+ "\xa5\x08\x4e\x12\x94\x27\x09\x4a\x53\x8c\x61\x29\x4a\x71\xf0\x4a"
4998+ "\x53\x8c\x7e\x31\x8c\x63\x18\xc6\x31\x8f\xc6\x31\xf8\xc7\x9f\x7c"
4999+ "\xd5\xbb\xae\x5e\xe2\x1f\xab\x6e\x24\x34\x00\x8a\x25\x83\x70\x40"
5000+ "\x1c\xcc\xda\x45\x7f\x66\x4e\x30\x2e\x94\x7e\x74\x49\xf0\xe4\x4e"
5001+ "\x06\x5c\xa8\x2f\x89\x21\x2e\x98\x0e\xd9\x21\xc2\x0b\x21\x0f\xc4"
5002+ "\x16\x6e\x48\xd9\xe4\xe3\x4a\x19\x1e\x64\x67\x54\xff\x00\x3a\x6d"
5003+ "\x4f\x62\xb5\x00\x4a\xaa\x51\xfd\x2d\xe8\x0e\x6c\xaf\xc6\x7d\x6d"
5004+ "\xc8\x88\xc7\x67\xea\x8a\x58\x02\x73\xe3\x65\x4d\xc9\x24\xc0\x3d"
5005+ "\x57\xa3\x2e\x53\x16\x99\x4f\xe5\xe7\x19\x97\x3e\x3b\xcf\xc9\x4b"
5006+ "\x99\x7f\x33\x25\xa5\xdf\xba\x77\x2b\xd3\x3e\xc2\x7b\x8b\x94\x07"
5007+ "\xe9\x52\x5b\x43\x87\x34\x14\x86\x37\xcf\x41\x6b\x8e\x6a\xa5\x22"
5008+ "\xab\xdb\x96\xa2\xcf\x46\xd8\x9b\x45\x93\xef\xd6\xdf\x3e\x99\x9c"
5009+ "\x7e\x29\x10\x6b\x6c\xa2\xb8\x43\x05\x09\x44\x70\x8c\xb8\xaa\x54"
5010+ "\x7c\x30\x36\x5e\x1c\x5e\x5b\x9f\x6c\x0d\x81\xee\xa0\x93\x8d\x67"
5011+ "\x55\xf3\x87\xaf\xaa\x6b\x58\xf9\xbe\xb2\x36\x07\x42\x6e\xbd\x96"
5012+ "\xe3\x9f\x1f\x8f\xc9\xf4\x9d\xae\x6a\x7d\x4c\x96\xbe\x5f\xc7\xcd"
5013+ "\xf3\xb2\xf7\xcd\xf0\xcf\xc3\xe4\xf8\xfe\x37\x4f\x1c\x4d\xf6\x40"
5014+ "\xf1\x6b\x7c\x4e\xe0\xa6\x71\xad\x56\xa7\x1c\x5c\x15\x6b\xfc\xf3"
5015+ "\x01\x5d\xac\xf1\x75\x9a\x72\x6b\xaa\x28\xc5\x88\x6d\xfb\x33\x85"
5016+ "\xe0\x4e\x61\xab\xeb\x31\x2c\x71\x08\x73\x11\x3b\xfc\xb5\xc0\x96"
5017+ "\xcc\x87\x24\x44\xb5\x9b\x9e\xb3\x71\xba\xe9\xed\xb1\x4e\xd7\x76"
5018+ "\x6c\xd2\xb6\x05\xb7\x5a\xde\xeb\x34\x5b\x96\x16\xfb\x59\xa9\x5c"
5019+ "\x4f\x55\xca\x8a\xac\x59\xb0\xe4\x54\x39\x25\xbc\x81\x37\x2a\x09"
5020+ "\x5f\x9e\x3b\x6b\x7d\x1f\x69\xf3\x34\x85\x39\x84\xa7\x28\x0b\xd3"
5021+ "\xfd\xfb\x4b\x7a\xea\xe7\xd2\x3c\xd3\xda\x15\x68\xbc\x73\xd3\x22"
5022+ "\x6f\xd7\x72\x5b\x2b\x66\xee\xa8\x0d\x54\xe8\x5b\xf9\x92\x96\x92"
5023+ "\x93\xea\x97\x4a\xc7\x43\x10\x46\x35\xc5\xc0\x60\x8a\xe4\xc1\xb5"
5024+ "\x36\xc6\xae\xed\xf7\x70\xa5\x86\x99\x3d\x91\xf8\xfd\x4e\x53\xeb"
5025+ "\xbb\xbd\x6d\xec\x8f\xd7\x89\x3d\x31\x7f\xd7\x78\xba\x50\xbb\x74"
5026+ "\x9d\xf6\xac\x4e\xb9\x03\x9c\x79\xd5\xe1\xbd\x17\x68\xd9\x13\x0b"
5027+ "\x45\x75\x88\x00\x1d\x1f\xae\x73\x6a\x1d\x5c\x6e\x44\x9f\xa6\xfa"
5028+ "\x4e\xd8\x25\x8b\xc0\xbc\xb2\x99\xe3\x17\x24\xb3\x23\xe2\x48\x8b"
5029+ "\xfa\x22\xe7\x7e\x8f\xe6\x3f\x5f\x55\x0d\x75\xd3\x51\x0b\xd7\xed"
5030+ "\xd3\x6f\x97\x3b\x85\x42\x80\x7e\x5f\xdc\x1b\xd6\xba\xee\xc4\x80"
5031+ "\xce\x06\xa9\x15\x8c\x97\x5f\x40\x69\xb2\x4d\xc5\xb2\x5c\x1e\x01"
5032+ "\x87\x7e\xe0\x36\x6d\x78\x80\x4e\x3c\x02\xec\x90\x1d\x11\x81\x74"
5033+ "\xa5\x8b\xa4\xa0\x56\x06\xd5\x79\x72\x85\x57\x3b\xb2\x2e\xae\x90"
5034+ "\x18\x8d\x91\xb2\x0e\x44\x19\xaa\xb4\xcc\x08\xed\x46\xfa\xd7\x2b"
5035+ "\x78\x58\x72\x5d\xbb\x5e\x49\xe7\xee\xf3\x8a\x9d\x22\xa4\x19\xc8"
5036+ "\xe7\x08\xc3\x90\x9b\x35\x9a\xa4\x25\x8c\x4b\x9b\xa7\xf8\xbf\x81"
5037+ "\xf5\xdf\x22\x66\xf1\x7e\x9f\x66\x3d\xbb\xfa\x73\x73\x4d\xfd\x67"
5038+ "\x7b\xf4\xce\xc3\x62\x2e\x6f\xbb\x0c\xa2\xdc\x69\xfc\x8a\x17\x0e"
5039+ "\x3a\x9e\x83\x46\xd7\xe3\x5e\x65\x86\xc0\x51\x00\xbb\x91\xe3\xe1"
5040+ "\xc1\x16\xc4\xe9\x65\x5c\x14\x3e\x44\x6a\x6b\xd1\x1e\xb0\x36\xdd"
5041+ "\x0b\x7d\x8a\xeb\xaf\x58\x5b\x64\x3f\x38\xed\x52\x76\xe8\x46\xf7"
5042+ "\x86\x84\xb3\x93\xb1\x0b\xe5\xfd\xfd\x0d\xe9\x6d\xe4\xf1\x1b\x1d"
5043+ "\x56\xb4\x34\xe4\x6a\xf5\xa4\x9c\x2c\xc9\x64\x94\xc1\xf5\x79\x6d"
5044+ "\x12\x96\xf3\x47\xc5\x48\xa8\xdb\xd8\x95\x64\x29\xcf\xf6\x88\xf1"
5045+ "\x95\x7a\x98\xe8\xbc\x27\x19\xce\x73\x61\xd1\xb8\xc6\x31\x8c\xe7"
5046+ "\x39\xce\x77\x9e\xbc\xc6\x31\x8c\x63\xf3\x9c\xe7\x39\xc6\x31\x8f"
5047+ "\xf7\xce\x7e\x1e\x3b\x7f\x0f\x0f\x0f\x13\x57\xb9\x0a\xe1\x0b\x64"
5048+ "\x5f\x58\x40\xc6\xc7\x7a\x4b\xf2\x3d\xbc\x71\xf4\xa7\xd2\xca\x14"
5049+ "\xe2\x98\x1a\x30\x1e\xe0\x26\x5a\x6a\xf0\x9c\x67\x38\x66\x00\xb8"
5050+ "\x72\xe6\xbe\xac\xfe\x12\xd3\x0b\x56\x73\x8c\x63\xc7\x2b\xe1\xe2"
5051+ "\xe8\xdd\x7b\xff\x00\xd8\xe5\x23\x6c\xce\xa8\x69\xcf\x5e\x3a\xef"
5052+ "\x77\xea\xe5\xab\x0e\x82\xdb\xd9\xed\x7a\x9e\xb8\x6d\x51\x32\xdb"
5053+ "\x79\xc3\x36\x9a\x2d\xa3\x50\x39\x65\x0a\x63\x0e\xe5\xd4\x39\x12"
5054+ "\xbf\x8b\x98\xa4\xa1\x2d\xad\xb3\xcf\x65\x6a\x43\x78\xb3\x3b\x07"
5055+ "\xd8\xd5\xea\xae\x76\xad\x6f\xf5\xff\x00\xca\x93\xab\x96\xb0\x64"
5056+ "\xeb\xd6\x4a\xd5\x87\xba\xec\x24\x60\x97\x06\x76\x03\xe3\x4c\x07"
5057+ "\x29\x11\x8e\x34\x25\x02\x64\x29\xf0\x25\x48\x85\x3a\x33\x8b\x7a"
5058+ "\x3c\x86\x1e\x75\xa5\x61\xc6\x97\x9f\x8d\x25\xf5\xc9\xcd\xde\xc9"
5059+ "\x7d\x77\xf2\xc8\x7e\x70\xaf\x73\x5f\x2d\xec\xa2\x51\x2d\x96\xfb"
5060+ "\x89\xad\x80\x57\xb2\x36\x1d\x7d\x83\x45\xac\xf3\xdb\xcc\x6c\x31"
5061+ "\x4f\xcf\x30\x58\xd0\x12\x28\x90\x50\x42\x86\xfb\x48\x16\x3c\xc5"
5062+ "\x9c\xf8\xe7\xcc\x29\x88\xb3\x4a\x4b\x4e\x6c\xbc\xdb\xc7\xbb\xe9"
5063+ "\xb6\xa0\x8b\x11\xa1\x7d\x73\xd7\xe9\xbf\x7e\xc2\x6c\x10\x8d\xee"
5064+ "\x9d\xef\x63\x3a\xe0\xf5\xbe\x8c\x3e\xa1\xc7\xc5\xd1\x00\x44\x1e"
5065+ "\xf3\x51\xf2\xe2\xb0\xe3\xb5\x13\x7f\x32\xf1\x8c\xa6\x22\xfe\x1f"
5066+ "\x49\x4d\xbb\xcf\x3a\x5d\xed\x4c\xd2\xfc\x85\xed\x23\xd6\xc7\x50"
5067+ "\xb6\x5b\x3a\x16\x83\xb8\x6f\xfd\x32\x3f\xaa\x36\x34\xbb\xf5\x96"
5068+ "\xa9\xab\xcf\x9f\x8f\xac\xc3\xca\xd5\x8b\xd8\x48\x9e\x79\xaa\x30"
5069+ "\x87\xca\x58\x4d\x59\x96\xb9\x4f\xc5\x1b\x1c\xd2\xda\x5b\xe6\x57"
5070+ "\x29\xa1\x28\x7a\x2b\x5b\xff\x00\x12\x2f\x5e\x3f\xf3\xbb\x8e\x7f"
5071+ "\xec\xc6\x98\xff\x00\xed\x3c\xa6\xdd\xa9\xdc\x7e\xa0\xf7\xd6\x99"
5072+ "\x31\xa2\xf7\xaf\x6b\xe9\x82\x74\x4b\x3d\x8f\x5e\x58\x0b\x33\xab"
5073+ "\xef\xc3\xaf\x84\x64\xb9\xae\xb6\x25\x5f\x62\x8f\x1c\xe3\xf4\x51"
5074+ "\xb7\x96\xe3\x0e\x30\x42\xa9\x18\x39\xbf\x9e\x2a\x1f\x74\x19\x02"
5075+ "\x2d\x43\x93\x06\x63\xb1\xa7\x47\x6a\xfa\x9b\x6c\xeb\xbd\xe9\xae"
5076+ "\x6a\x7b\x6f\x53\x5a\x60\x5d\xb5\xcd\xe8\x67\xeb\x35\x3b\x48\xc6"
5077+ "\xa6\xb3\x04\xc8\xdf\xb8\x7e\x26\x64\xb0\xc9\x18\xb0\xa7\x33\xf2"
5078+ "\x4a\x8b\x22\x3b\x8d\x4b\x89\x1d\xf6\x9d\x65\xc4\x38\xd2\x54\x9c"
5079+ "\xe3\xcd\x89\xe1\xe1\xe6\x3e\x70\x81\x45\x1d\x18\xf9\x31\x83\xc8"
5080+ "\xbe\x14\x82\x4b\x87\x7a\x74\x28\xd2\xdd\x12\x55\x30\xe6\x0e\x49"
5081+ "\x31\x8e\x48\x69\xc5\xc0\x20\x91\xe4\x48\x41\x4c\xd8\xb9\x6a\x4e"
5082+ "\x21\xce\x99\x1b\x0e\xfd\x09\x4f\xa1\x79\x0f\x0f\x0f\x0f\x0f\x0f"
5083+ "\x0f\x3f\x3c\xb8\x71\x27\xc7\x72\x24\xe8\xb1\xa6\xc5\x7b\x18\xc3"
5084+ "\xb1\xa5\xb0\xd4\x98\xee\xe3\x19\xc6\x71\x87\x19\x79\x2b\x6d\x78"
5085+ "\xc6\x71\x8c\xe3\x0a\x4e\x71\x8c\xe3\x19\xfe\x38\xf2\x3b\xfb\x8b"
5086+ "\x48\xfe\x4e\xaa\xff\x00\x4f\x08\xff\x00\xc7\xe1\xfb\x8b\x48\xfe"
5087+ "\x4e\xaa\xff\x00\x4f\x08\xff\x00\xc7\xe4\x95\x86\x18\x8a\xcb\x31"
5088+ "\xa3\x32\xd4\x78\xf1\xdb\x43\x2c\x47\x61\xb4\x32\xcb\x2c\xb4\x9c"
5089+ "\x21\xb6\x99\x69\xbc\x25\xb6\xdb\x6d\x18\xc2\x10\xda\x12\x94\xa1"
5090+ "\x38\xc2\x53\x8c\x63\x18\xc7\x9d\xbe\x7f\xff\xd9"
5091+ ;
5092diff -Nura php-5.3.7/main/suhosin_patch.c suhosin-patch-5.3.7-0.9.10/main/suhosin_patch.c
5093--- php-5.3.7/main/suhosin_patch.c 1970-01-01 01:00:00.000000000 +0100
5094+++ suhosin-patch-5.3.7-0.9.10/main/suhosin_patch.c 2011-08-19 12:39:30.000000000 +0200
5095@@ -0,0 +1,470 @@
5096+/*
5097+ +----------------------------------------------------------------------+
5098+ | Suhosin Patch for PHP |
5099+ +----------------------------------------------------------------------+
5100+ | Copyright (c) 2004-2010 Stefan Esser |
5101+ +----------------------------------------------------------------------+
5102+ | This source file is subject to version 2.02 of the PHP license, |
5103+ | that is bundled with this package in the file LICENSE, and is |
5104+ | available at through the world-wide-web at |
5105+ | http://www.php.net/license/2_02.txt. |
5106+ | If you did not receive a copy of the PHP license and are unable to |
5107+ | obtain it through the world-wide-web, please send a note to |
5108+ | license@php.net so we can mail you a copy immediately. |
5109+ +----------------------------------------------------------------------+
5110+ | Author: Stefan Esser <sesser@hardened-php.net> |
5111+ +----------------------------------------------------------------------+
5112+ */
5113+/* $Id: suhosin_patch.c,v 1.2 2004/11/21 09:38:52 ionic Exp $ */
5114+
5115+#include "php.h"
5116+
5117+#include <stdio.h>
5118+#include <stdlib.h>
5119+#include <sys/mman.h>
5120+
5121+#if HAVE_UNISTD_H
5122+#include <unistd.h>
5123+#endif
5124+#include "SAPI.h"
5125+#include "php_globals.h"
5126+
5127+#if SUHOSIN_PATCH
5128+
5129+#ifdef HAVE_SYS_SOCKET_H
5130+#include <sys/socket.h>
5131+#endif
5132+
5133+#if defined(PHP_WIN32) || defined(__riscos__) || defined(NETWARE)
5134+#undef AF_UNIX
5135+#endif
5136+
5137+#if defined(AF_UNIX)
5138+#include <sys/un.h>
5139+#endif
5140+
5141+#define SYSLOG_PATH "/dev/log"
5142+
5143+#ifdef PHP_WIN32
5144+static HANDLE log_source = 0;
5145+#endif
5146+
5147+#include "snprintf.h"
5148+
5149+#include "suhosin_patch.h"
5150+
5151+#ifdef ZTS
5152+#include "suhosin_globals.h"
5153+int suhosin_patch_globals_id;
5154+#else
5155+struct _suhosin_patch_globals suhosin_patch_globals;
5156+#endif
5157+
5158+static char *suhosin_config = NULL;
5159+
5160+static zend_intptr_t SUHOSIN_POINTER_GUARD = 0;
5161+
5162+static void php_security_log(int loglevel, char *fmt, ...);
5163+
5164+static void suhosin_patch_globals_ctor(suhosin_patch_globals_struct *suhosin_patch_globals TSRMLS_DC)
5165+{
5166+ memset(suhosin_patch_globals, 0, sizeof(*suhosin_patch_globals));
5167+}
5168+
5169+ZEND_API char suhosin_get_config(int element)
5170+{
5171+ return ((char *)SUHOSIN_MANGLE_PTR(suhosin_config))[element];
5172+}
5173+
5174+static void suhosin_set_config(int element, char value)
5175+{
5176+ ((char *)SUHOSIN_MANGLE_PTR(suhosin_config))[element] = value;
5177+}
5178+
5179+static void suhosin_read_configuration_from_environment()
5180+{
5181+ char *tmp;
5182+
5183+ /* check if canary protection should be activated or not */
5184+ tmp = getenv("SUHOSIN_MM_USE_CANARY_PROTECTION");
5185+ /* default to activated */
5186+ suhosin_set_config(SUHOSIN_MM_USE_CANARY_PROTECTION, 1);
5187+ if (tmp) {
5188+ int flag = zend_atoi(tmp, 0);
5189+ suhosin_set_config(SUHOSIN_MM_USE_CANARY_PROTECTION, flag);
5190+ }
5191+
5192+ /* check if free memory should be overwritten with 0xFF or not */
5193+ tmp = getenv("SUHOSIN_MM_DESTROY_FREE_MEMORY");
5194+ /* default to deactivated */
5195+ suhosin_set_config(SUHOSIN_MM_DESTROY_FREE_MEMORY, 0);
5196+ if (tmp) {
5197+ int flag = zend_atoi(tmp, 0);
5198+ suhosin_set_config(SUHOSIN_MM_DESTROY_FREE_MEMORY, flag);
5199+ }
5200+
5201+ /* check if canary violations should be ignored */
5202+ tmp = getenv("SUHOSIN_MM_IGNORE_CANARY_VIOLATION");
5203+ /* default to NOT ignore */
5204+ suhosin_set_config(SUHOSIN_MM_IGNORE_CANARY_VIOLATION, 0);
5205+ if (tmp) {
5206+ int flag = zend_atoi(tmp, 0);
5207+ suhosin_set_config(SUHOSIN_MM_IGNORE_CANARY_VIOLATION, flag);
5208+ }
5209+
5210+ /* check if invalid hashtable destructors should be ignored */
5211+ tmp = getenv("SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR");
5212+ /* default to NOT ignore */
5213+ suhosin_set_config(SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR, 0);
5214+ if (tmp) {
5215+ int flag = zend_atoi(tmp, 0);
5216+ suhosin_set_config(SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR, flag);
5217+ }
5218+
5219+ /* check if invalid linkedlist destructors should be ignored */
5220+ tmp = getenv("SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR");
5221+ /* default to NOT ignore */
5222+ suhosin_set_config(SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR, 0);
5223+ if (tmp) {
5224+ int flag = zend_atoi(tmp, 0);
5225+ suhosin_set_config(SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR, flag);
5226+ }
5227+
5228+ suhosin_set_config(SUHOSIN_CONFIG_SET, 1);
5229+}
5230+
5231+static void suhosin_write_protect_configuration()
5232+{
5233+ /* check return value of mprotect() to ensure memory is read only now */
5234+ if (mprotect(SUHOSIN_MANGLE_PTR(suhosin_config), sysconf(_SC_PAGESIZE), PROT_READ) != 0) {
5235+ perror("suhosin");
5236+ _exit(1);
5237+ }
5238+}
5239+
5240+PHPAPI void suhosin_startup()
5241+{
5242+#ifdef ZTS
5243+ ts_allocate_id(&suhosin_patch_globals_id, sizeof(suhosin_patch_globals_struct), (ts_allocate_ctor) suhosin_patch_globals_ctor, NULL);
5244+#else
5245+ suhosin_patch_globals_ctor(&suhosin_patch_globals TSRMLS_CC);
5246+#endif
5247+ zend_suhosin_log = php_security_log;
5248+
5249+ /* get the pointer guardian and ensure low 3 bits are 1 */
5250+ if (SUHOSIN_POINTER_GUARD == 0) {
5251+ zend_canary(&SUHOSIN_POINTER_GUARD, sizeof(SUHOSIN_POINTER_GUARD));
5252+ SUHOSIN_POINTER_GUARD |= 7;
5253+ }
5254+
5255+ if (!suhosin_config) {
5256+#ifndef MAP_ANONYMOUS
5257+#define MAP_ANONYMOUS MAP_ANON
5258+#endif
5259+ suhosin_config = mmap(NULL, sysconf(_SC_PAGESIZE), PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
5260+ if (suhosin_config == MAP_FAILED) {
5261+ perror("suhosin");
5262+ _exit(1);
5263+ }
5264+ suhosin_config = SUHOSIN_MANGLE_PTR(suhosin_config);
5265+ }
5266+ if (!SUHOSIN_CONFIG(SUHOSIN_CONFIG_SET)) {
5267+ suhosin_read_configuration_from_environment();
5268+ suhosin_write_protect_configuration();
5269+ }
5270+}
5271+
5272+static char *loglevel2string(int loglevel)
5273+{
5274+ switch (loglevel) {
5275+ case S_FILES:
5276+ return "FILES";
5277+ case S_INCLUDE:
5278+ return "INCLUDE";
5279+ case S_MEMORY:
5280+ return "MEMORY";
5281+ case S_MISC:
5282+ return "MISC";
5283+ case S_SESSION:
5284+ return "SESSION";
5285+ case S_SQL:
5286+ return "SQL";
5287+ case S_EXECUTOR:
5288+ return "EXECUTOR";
5289+ case S_VARS:
5290+ return "VARS";
5291+ default:
5292+ return "UNKNOWN";
5293+ }
5294+}
5295+
5296+static void php_security_log(int loglevel, char *fmt, ...)
5297+{
5298+ int s, r, i=0;
5299+#if defined(AF_UNIX)
5300+ struct sockaddr_un saun;
5301+#endif
5302+#ifdef PHP_WIN32
5303+ LPTSTR strs[2];
5304+ unsigned short etype;
5305+ DWORD evid;
5306+#endif
5307+ char buf[4096+64];
5308+ char error[4096+100];
5309+ char *ip_address;
5310+ char *fname;
5311+ char *alertstring;
5312+ int lineno;
5313+ va_list ap;
5314+ TSRMLS_FETCH();
5315+
5316+ /*SDEBUG("(suhosin_log) loglevel: %d log_syslog: %u - log_sapi: %u - log_script: %u", loglevel, SPG(log_syslog), SPG(log_sapi), SPG(log_script));*/
5317+
5318+ if (SPG(log_use_x_forwarded_for)) {
5319+ ip_address = sapi_getenv("HTTP_X_FORWARDED_FOR", 20 TSRMLS_CC);
5320+ if (ip_address == NULL) {
5321+ ip_address = "X-FORWARDED-FOR not set";
5322+ }
5323+ } else {
5324+ ip_address = sapi_getenv("REMOTE_ADDR", 11 TSRMLS_CC);
5325+ if (ip_address == NULL) {
5326+ ip_address = "REMOTE_ADDR not set";
5327+ }
5328+ }
5329+
5330+
5331+ va_start(ap, fmt);
5332+ ap_php_vsnprintf(error, sizeof(error), fmt, ap);
5333+ va_end(ap);
5334+ while (error[i]) {
5335+ if (error[i] < 32) error[i] = '.';
5336+ i++;
5337+ }
5338+
5339+/* if (SPG(simulation)) {
5340+ alertstring = "ALERT-SIMULATION";
5341+ } else { */
5342+ alertstring = "ALERT";
5343+/* }*/
5344+
5345+ if (zend_is_executing(TSRMLS_C)) {
5346+ if (EG(current_execute_data)) {
5347+ lineno = EG(current_execute_data)->opline->lineno;
5348+ fname = EG(current_execute_data)->op_array->filename;
5349+ } else {
5350+ lineno = zend_get_executed_lineno(TSRMLS_C);
5351+ fname = zend_get_executed_filename(TSRMLS_C);
5352+ }
5353+ ap_php_snprintf(buf, sizeof(buf), "%s - %s (attacker '%s', file '%s', line %u)", alertstring, error, ip_address, fname, lineno);
5354+ } else {
5355+ fname = sapi_getenv("SCRIPT_FILENAME", 15 TSRMLS_CC);
5356+ if (fname==NULL) {
5357+ fname = "unknown";
5358+ }
5359+ ap_php_snprintf(buf, sizeof(buf), "%s - %s (attacker '%s', file '%s')", alertstring, error, ip_address, fname);
5360+ }
5361+
5362+ /* Syslog-Logging disabled? */
5363+ if (((SPG(log_syslog)|S_INTERNAL) & loglevel)==0) {
5364+ goto log_sapi;
5365+ }
5366+
5367+#if defined(AF_UNIX)
5368+ ap_php_snprintf(error, sizeof(error), "<%u>suhosin[%u]: %s\n", (unsigned int)(SPG(log_syslog_facility)|SPG(log_syslog_priority)),getpid(),buf);
5369+
5370+ s = socket(AF_UNIX, SOCK_DGRAM, 0);
5371+ if (s == -1) {
5372+ goto log_sapi;
5373+ }
5374+
5375+ memset(&saun, 0, sizeof(saun));
5376+ saun.sun_family = AF_UNIX;
5377+ strcpy(saun.sun_path, SYSLOG_PATH);
5378+ /*saun.sun_len = sizeof(saun);*/
5379+
5380+ r = connect(s, (struct sockaddr *)&saun, sizeof(saun));
5381+ if (r) {
5382+ close(s);
5383+ s = socket(AF_UNIX, SOCK_STREAM, 0);
5384+ if (s == -1) {
5385+ goto log_sapi;
5386+ }
5387+
5388+ memset(&saun, 0, sizeof(saun));
5389+ saun.sun_family = AF_UNIX;
5390+ strcpy(saun.sun_path, SYSLOG_PATH);
5391+ /*saun.sun_len = sizeof(saun);*/
5392+
5393+ r = connect(s, (struct sockaddr *)&saun, sizeof(saun));
5394+ if (r) {
5395+ close(s);
5396+ goto log_sapi;
5397+ }
5398+ }
5399+ send(s, error, strlen(error), 0);
5400+
5401+ close(s);
5402+#endif
5403+#ifdef PHP_WIN32
5404+ ap_php_snprintf(error, sizeof(error), "suhosin[%u]: %s", getpid(),buf);
5405+
5406+ switch (SPG(log_syslog_priority)) { /* translate UNIX type into NT type */
5407+ case 1: /*LOG_ALERT:*/
5408+ etype = EVENTLOG_ERROR_TYPE;
5409+ break;
5410+ case 6: /*LOG_INFO:*/
5411+ etype = EVENTLOG_INFORMATION_TYPE;
5412+ break;
5413+ default:
5414+ etype = EVENTLOG_WARNING_TYPE;
5415+ }
5416+ evid = loglevel;
5417+ strs[0] = error;
5418+ /* report the event */
5419+ if (log_source == NULL) {
5420+ log_source = RegisterEventSource(NULL, "Suhosin-Patch-" SUHOSIN_PATCH_VERSION);
5421+ }
5422+ ReportEvent(log_source, etype, (unsigned short) SPG(log_syslog_priority), evid, NULL, 1, 0, strs, NULL);
5423+
5424+#endif
5425+log_sapi:
5426+ /* SAPI Logging activated? */
5427+ /*SDEBUG("(suhosin_log) log_syslog: %u - log_sapi: %u - log_script: %u - log_phpscript: %u", SPG(log_syslog), SPG(log_sapi), SPG(log_script), SPG(log_phpscript));*/
5428+ if (((SPG(log_sapi)|S_INTERNAL) & loglevel)!=0) {
5429+ sapi_module.log_message(buf);
5430+ }
5431+
5432+/*log_script:*/
5433+ /* script logging activaed? */
5434+ if (((SPG(log_script) & loglevel)!=0) && SPG(log_scriptname)!=NULL) {
5435+ char cmd[8192], *cmdpos, *bufpos;
5436+ FILE *in;
5437+ int space;
5438+
5439+ ap_php_snprintf(cmd, sizeof(cmd), "%s %s \'", SPG(log_scriptname), loglevel2string(loglevel));
5440+ space = sizeof(cmd) - strlen(cmd);
5441+ cmdpos = cmd + strlen(cmd);
5442+ bufpos = buf;
5443+ if (space <= 1) return;
5444+ while (space > 2 && *bufpos) {
5445+ if (*bufpos == '\'') {
5446+ if (space<=5) break;
5447+ *cmdpos++ = '\'';
5448+ *cmdpos++ = '\\';
5449+ *cmdpos++ = '\'';
5450+ *cmdpos++ = '\'';
5451+ bufpos++;
5452+ space-=4;
5453+ } else {
5454+ *cmdpos++ = *bufpos++;
5455+ space--;
5456+ }
5457+ }
5458+ *cmdpos++ = '\'';
5459+ *cmdpos = 0;
5460+
5461+ if ((in=VCWD_POPEN(cmd, "r"))==NULL) {
5462+ php_security_log(S_INTERNAL, "Unable to execute logging shell script: %s", SPG(log_scriptname));
5463+ return;
5464+ }
5465+ /* read and forget the result */
5466+ while (1) {
5467+ int readbytes = fread(cmd, 1, sizeof(cmd), in);
5468+ if (readbytes<=0) {
5469+ break;
5470+ }
5471+ }
5472+ pclose(in);
5473+ }
5474+/*log_phpscript:*/
5475+ if ((SPG(log_phpscript) & loglevel)!=0 && EG(in_execution) && SPG(log_phpscriptname) && SPG(log_phpscriptname)[0]) {
5476+ zend_file_handle file_handle;
5477+ zend_op_array *new_op_array;
5478+ zval *result = NULL;
5479+
5480+ /*long orig_execution_depth = SPG(execution_depth);*/
5481+ zend_bool orig_safe_mode = PG(safe_mode);
5482+ char *orig_basedir = PG(open_basedir);
5483+
5484+ char *phpscript = SPG(log_phpscriptname);
5485+/*SDEBUG("scriptname %s", SPG(log_phpscriptname));`*/
5486+#ifdef ZEND_ENGINE_2
5487+ if (zend_stream_open(phpscript, &file_handle TSRMLS_CC) == SUCCESS) {
5488+#else
5489+ if (zend_open(phpscript, &file_handle) == SUCCESS && ZEND_IS_VALID_FILE_HANDLE(&file_handle)) {
5490+ file_handle.filename = phpscript;
5491+ file_handle.free_filename = 0;
5492+#endif
5493+ if (!file_handle.opened_path) {
5494+ file_handle.opened_path = estrndup(phpscript, strlen(phpscript));
5495+ }
5496+ new_op_array = zend_compile_file(&file_handle, ZEND_REQUIRE TSRMLS_CC);
5497+ zend_destroy_file_handle(&file_handle TSRMLS_CC);
5498+ if (new_op_array) {
5499+ HashTable *active_symbol_table = EG(active_symbol_table);
5500+ zval *zerror, *zerror_class;
5501+
5502+ if (active_symbol_table == NULL) {
5503+ active_symbol_table = &EG(symbol_table);
5504+ }
5505+ EG(return_value_ptr_ptr) = &result;
5506+ EG(active_op_array) = new_op_array;
5507+
5508+ MAKE_STD_ZVAL(zerror);
5509+ MAKE_STD_ZVAL(zerror_class);
5510+ ZVAL_STRING(zerror, buf, 1);
5511+ ZVAL_LONG(zerror_class, loglevel);
5512+
5513+ zend_hash_update(active_symbol_table, "SUHOSIN_ERROR", sizeof("SUHOSIN_ERROR"), (void **)&zerror, sizeof(zval *), NULL);
5514+ zend_hash_update(active_symbol_table, "SUHOSIN_ERRORCLASS", sizeof("SUHOSIN_ERRORCLASS"), (void **)&zerror_class, sizeof(zval *), NULL);
5515+
5516+ /*SPG(execution_depth) = 0;*/
5517+ if (SPG(log_phpscript_is_safe)) {
5518+ PG(safe_mode) = 0;
5519+ PG(open_basedir) = NULL;
5520+ }
5521+
5522+ zend_execute(new_op_array TSRMLS_CC);
5523+
5524+ /*SPG(execution_depth) = orig_execution_depth;*/
5525+ PG(safe_mode) = orig_safe_mode;
5526+ PG(open_basedir) = orig_basedir;
5527+
5528+#ifdef ZEND_ENGINE_2
5529+ destroy_op_array(new_op_array TSRMLS_CC);
5530+#else
5531+ destroy_op_array(new_op_array);
5532+#endif
5533+ efree(new_op_array);
5534+#ifdef ZEND_ENGINE_2
5535+ if (!EG(exception))
5536+#endif
5537+ {
5538+ if (EG(return_value_ptr_ptr)) {
5539+ zval_ptr_dtor(EG(return_value_ptr_ptr));
5540+ EG(return_value_ptr_ptr) = NULL;
5541+ }
5542+ }
5543+ } else {
5544+ php_security_log(S_INTERNAL, "Unable to execute logging PHP script: %s", SPG(log_phpscriptname));
5545+ return;
5546+ }
5547+ } else {
5548+ php_security_log(S_INTERNAL, "Unable to execute logging PHP script: %s", SPG(log_phpscriptname));
5549+ return;
5550+ }
5551+ }
5552+
5553+}
5554+
5555+
5556+#endif
5557+
5558+/*
5559+ * Local variables:
5560+ * tab-width: 4
5561+ * c-basic-offset: 4
5562+ * End:
5563+ * vim600: sw=4 ts=4 fdm=marker
5564+ * vim<600: sw=4 ts=4
5565+ */
5566diff -Nura php-5.3.7/main/suhosin_patch.h suhosin-patch-5.3.7-0.9.10/main/suhosin_patch.h
5567--- php-5.3.7/main/suhosin_patch.h 1970-01-01 01:00:00.000000000 +0100
5568+++ suhosin-patch-5.3.7-0.9.10/main/suhosin_patch.h 2011-08-19 12:39:30.000000000 +0200
5569@@ -0,0 +1,59 @@
5570+/*
5571+ +----------------------------------------------------------------------+
5572+ | Suhosin Patch for PHP |
5573+ +----------------------------------------------------------------------+
5574+ | Copyright (c) 2004-2010 Stefan Esser |
5575+ +----------------------------------------------------------------------+
5576+ | This source file is subject to version 2.02 of the PHP license, |
5577+ | that is bundled with this package in the file LICENSE, and is |
5578+ | available at through the world-wide-web at |
5579+ | http://www.php.net/license/2_02.txt. |
5580+ | If you did not receive a copy of the PHP license and are unable to |
5581+ | obtain it through the world-wide-web, please send a note to |
5582+ | license@php.net so we can mail you a copy immediately. |
5583+ +----------------------------------------------------------------------+
5584+ | Author: Stefan Esser <stefan.esser@sektioneins.de> |
5585+ +----------------------------------------------------------------------+
5586+ */
5587+
5588+#ifndef SUHOSIN_PATCH_H
5589+#define SUHOSIN_PATCH_H
5590+
5591+#if SUHOSIN_PATCH
5592+
5593+#include "zend.h"
5594+
5595+#define SUHOSIN_PATCH_VERSION "0.9.10"
5596+
5597+#define SUHOSIN_LOGO_GUID "SUHO8567F54-D428-14d2-A769-00DA302A5F18"
5598+
5599+#define SUHOSIN_CONFIG(idx) (suhosin_get_config(idx))
5600+
5601+#define SUHOSIN_MM_USE_CANARY_PROTECTION 0
5602+#define SUHOSIN_MM_DESTROY_FREE_MEMORY 1
5603+#define SUHOSIN_MM_IGNORE_CANARY_VIOLATION 2
5604+#define SUHOSIN_HT_IGNORE_INVALID_DESTRUCTOR 3
5605+#define SUHOSIN_LL_IGNORE_INVALID_DESTRUCTOR 4
5606+
5607+#define SUHOSIN_CONFIG_SET 100
5608+
5609+#include <sys/types.h>
5610+#include <sys/stat.h>
5611+#include <sys/mman.h>
5612+
5613+#if defined(DARWIN)
5614+#include <mach/vm_param.h>
5615+#endif
5616+
5617+#define SUHOSIN_MANGLE_PTR(ptr) (ptr==NULL?NULL:((void *)((zend_intptr_t)(ptr)^SUHOSIN_POINTER_GUARD)))
5618+
5619+#endif
5620+
5621+#endif /* SUHOSIN_PATCH_H */
5622+
5623+/*
5624+ * Local variables:
5625+ * tab-width: 4
5626+ * c-basic-offset: 4
5627+ * End:
5628+ */
5629diff -Nura php-5.3.7/main/suhosin_patch.m4 suhosin-patch-5.3.7-0.9.10/main/suhosin_patch.m4
5630--- php-5.3.7/main/suhosin_patch.m4 1970-01-01 01:00:00.000000000 +0100
5631+++ suhosin-patch-5.3.7-0.9.10/main/suhosin_patch.m4 2011-08-19 12:39:30.000000000 +0200
5632@@ -0,0 +1,8 @@
5633+dnl
5634+dnl $Id: suhosin_patch.m4,v 1.1 2004/11/14 13:24:24 ionic Exp $
5635+dnl
5636+dnl This file contains Suhosin Patch for PHP specific autoconf functions.
5637+dnl
5638+
5639+AC_DEFINE(SUHOSIN_PATCH, 1, [Suhosin Patch])
5640+
5641diff -Nura php-5.3.7/sapi/apache/mod_php5.c suhosin-patch-5.3.7-0.9.10/sapi/apache/mod_php5.c
5642--- php-5.3.7/sapi/apache/mod_php5.c 2011-01-01 03:19:59.000000000 +0100
5643+++ suhosin-patch-5.3.7-0.9.10/sapi/apache/mod_php5.c 2011-08-19 12:39:30.000000000 +0200
5644@@ -969,7 +969,11 @@
5645 {
5646 TSRMLS_FETCH();
5647 if (PG(expose_php)) {
5648+#if SUHOSIN_PATCH
5649+ ap_add_version_component("PHP/" PHP_VERSION " with Suhosin-Patch");
5650+#else
5651 ap_add_version_component("PHP/" PHP_VERSION);
5652+#endif
5653 }
5654 }
5655 #endif
5656diff -Nura php-5.3.7/sapi/apache2filter/sapi_apache2.c suhosin-patch-5.3.7-0.9.10/sapi/apache2filter/sapi_apache2.c
5657--- php-5.3.7/sapi/apache2filter/sapi_apache2.c 2011-01-01 03:19:59.000000000 +0100
5658+++ suhosin-patch-5.3.7-0.9.10/sapi/apache2filter/sapi_apache2.c 2011-08-19 12:39:30.000000000 +0200
5659@@ -583,7 +583,11 @@
5660 {
5661 TSRMLS_FETCH();
5662 if (PG(expose_php)) {
5663+#if SUHOSIN_PATCH
5664+ ap_add_version_component(p, "PHP/" PHP_VERSION " with Suhosin-Patch");
5665+#else
5666 ap_add_version_component(p, "PHP/" PHP_VERSION);
5667+#endif
5668 }
5669 }
5670
5671diff -Nura php-5.3.7/sapi/apache2handler/sapi_apache2.c suhosin-patch-5.3.7-0.9.10/sapi/apache2handler/sapi_apache2.c
5672--- php-5.3.7/sapi/apache2handler/sapi_apache2.c 2011-01-01 03:19:59.000000000 +0100
5673+++ suhosin-patch-5.3.7-0.9.10/sapi/apache2handler/sapi_apache2.c 2011-08-19 12:39:30.000000000 +0200
5674@@ -407,7 +407,11 @@
5675 {
5676 TSRMLS_FETCH();
5677 if (PG(expose_php)) {
5678+#if SUHOSIN_PATCH
5679+ ap_add_version_component(p, "PHP/" PHP_VERSION " with Suhosin-Patch");
5680+#else
5681 ap_add_version_component(p, "PHP/" PHP_VERSION);
5682+#endif
5683 }
5684 }
5685
5686diff -Nura php-5.3.7/sapi/apache_hooks/mod_php5.c suhosin-patch-5.3.7-0.9.10/sapi/apache_hooks/mod_php5.c
5687--- php-5.3.7/sapi/apache_hooks/mod_php5.c 2011-01-01 03:19:59.000000000 +0100
5688+++ suhosin-patch-5.3.7-0.9.10/sapi/apache_hooks/mod_php5.c 2011-08-19 12:39:30.000000000 +0200
5689@@ -1256,7 +1256,11 @@
5690 {
5691 TSRMLS_FETCH();
5692 if (PG(expose_php)) {
5693+#if SUHOSIN_PATCH
5694+ ap_add_version_component("PHP/" PHP_VERSION " with Suhosin-Patch");
5695+#else
5696 ap_add_version_component("PHP/" PHP_VERSION);
5697+#endif
5698 }
5699 }
5700 #endif
5701diff -Nura php-5.3.7/sapi/cgi/cgi_main.c suhosin-patch-5.3.7-0.9.10/sapi/cgi/cgi_main.c
5702--- php-5.3.7/sapi/cgi/cgi_main.c 2011-08-11 08:38:42.000000000 +0200
5703+++ suhosin-patch-5.3.7-0.9.10/sapi/cgi/cgi_main.c 2011-08-19 14:45:32.000000000 +0200
5704@@ -1932,10 +1932,18 @@
5705 SG(headers_sent) = 1;
5706 SG(request_info).no_headers = 1;
5707 }
5708+#if SUHOSIN_PATCH
5709 #if ZEND_DEBUG
5710- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5711+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5712 #else
5713- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5714+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5715+#endif
5716+#else
5717+ #if ZEND_DEBUG
5718+ php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5719+ #else
5720+ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5721+ #endif
5722 #endif
5723 php_request_shutdown((void *) 0);
5724 fcgi_shutdown();
5725diff -Nura php-5.3.7/sapi/cli/php_cli.c suhosin-patch-5.3.7-0.9.10/sapi/cli/php_cli.c
5726--- php-5.3.7/sapi/cli/php_cli.c 2011-08-08 09:12:12.000000000 +0200
5727+++ suhosin-patch-5.3.7-0.9.10/sapi/cli/php_cli.c 2011-08-19 14:50:33.000000000 +0200
5728@@ -826,7 +826,11 @@
5729 }
5730
5731 request_started = 1;
5732- php_printf("PHP %s (%s) (built: %s %s) %s\nCopyright (c) 1997-2011 The PHP Group\n%s",
5733+ php_printf("PHP %s "
5734+#if SUHOSIN_PATCH
5735+ "with Suhosin-Patch "
5736+#endif
5737+ "(%s) (built: %s %s) %s\nCopyright (c) 1997-2011 The PHP Group\n%s",
5738 PHP_VERSION, sapi_module.name, __DATE__, __TIME__,
5739 #if ZEND_DEBUG && defined(HAVE_GCOV)
5740 "(DEBUG GCOV)",
5741diff -Nura php-5.3.7/sapi/litespeed/lsapi_main.c suhosin-patch-5.3.7-0.9.10/sapi/litespeed/lsapi_main.c
5742--- php-5.3.7/sapi/litespeed/lsapi_main.c 2011-06-01 00:40:42.000000000 +0200
5743+++ suhosin-patch-5.3.7-0.9.10/sapi/litespeed/lsapi_main.c 2011-08-19 14:53:42.000000000 +0200
5744@@ -711,11 +711,19 @@
5745 break;
5746 case 'v':
5747 if (php_request_startup(TSRMLS_C) != FAILURE) {
5748+#if SUHOSIN_PATCH
5749+ #if ZEND_DEBUG
5750+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5751+ #else
5752+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5753+ #endif
5754+#else
5755 #if ZEND_DEBUG
5756 php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2004 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5757 #else
5758 php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2004 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5759 #endif
5760+#endif
5761 #ifdef PHP_OUTPUT_NEWAPI
5762 php_output_end_all(TSRMLS_C);
5763 #else
5764diff -Nura php-5.3.7/sapi/milter/php_milter.c suhosin-patch-5.3.7-0.9.10/sapi/milter/php_milter.c
5765--- php-5.3.7/sapi/milter/php_milter.c 2011-08-06 03:22:27.000000000 +0200
5766+++ suhosin-patch-5.3.7-0.9.10/sapi/milter/php_milter.c 2011-08-19 14:48:35.000000000 +0200
5767@@ -1111,7 +1111,11 @@
5768 }
5769 SG(headers_sent) = 1;
5770 SG(request_info).no_headers = 1;
5771+#if SUHOSIN_PATCH
5772+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5773+#else
5774 php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
5775+#endif
5776 php_end_ob_buffers(1 TSRMLS_CC);
5777 exit(1);
5778 break;
5779diff -Nura php-5.3.7/win32/build/config.w32 suhosin-patch-5.3.7-0.9.10/win32/build/config.w32
5780--- php-5.3.7/win32/build/config.w32 2011-03-28 12:55:34.000000000 +0200
5781+++ suhosin-patch-5.3.7-0.9.10/win32/build/config.w32 2011-08-19 12:39:30.000000000 +0200
5782@@ -328,7 +328,7 @@
5783 zend_stream.c zend_iterators.c zend_interfaces.c zend_objects.c \
5784 zend_object_handlers.c zend_objects_API.c \
5785 zend_default_classes.c zend_execute.c zend_strtod.c zend_gc.c zend_closures.c \
5786- zend_float.c");
5787+ zend_float.c zend_canary.c zend_alloc_canary.c");
5788
5789 if (VCVERS == 1200) {
5790 AC_DEFINE('ZEND_DVAL_TO_LVAL_CAST_OK', 1);
5791@@ -385,6 +385,7 @@
5792
5793 AC_DEFINE('HAVE_USLEEP', 1);
5794 AC_DEFINE('HAVE_STRCOLL', 1);
5795+AC_DEFINE('SUHOSIN_PATCH', 1);
5796
5797 /* For snapshot builders, where can we find the additional
5798 * files that make up the snapshot template? */
5799diff -Nura php-5.3.7/win32/build/config.w32.h.in suhosin-patch-5.3.7-0.9.10/win32/build/config.w32.h.in
5800--- php-5.3.7/win32/build/config.w32.h.in 2010-11-26 19:25:13.000000000 +0100
5801+++ suhosin-patch-5.3.7-0.9.10/win32/build/config.w32.h.in 2011-08-19 12:39:30.000000000 +0200
5802@@ -152,6 +152,9 @@
5803 /* Win32 supports strcoll */
5804 #define HAVE_STRCOLL 1
5805
5806+/* Suhosin Patch support */
5807+#define SUHOSIN_PATCH 1
5808+
5809 /* Win32 supports socketpair by the emulation in win32/sockets.c */
5810 #define HAVE_SOCKETPAIR 1
5811 #define HAVE_SOCKLEN_T 1
© 2015 Mike Crute