Commit 9e8bb702 authored by Ondrej Sury's avatar Ondrej Sury

Imported Upstream version 5.4.2

parent e6aeb324
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
03 Mar 2012, PHP 5.4.2
- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)
26 Apr 2012, PHP 5.4.1
- CLI Server:
......
This diff is collapsed.
/* A Bison parser, made by GNU Bison 2.3. */
/* A Bison parser, made by GNU Bison 2.5. */
/* Skeleton interface for Bison's Yacc-like parsers in C
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006
Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2011 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301, USA. */
along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
......@@ -29,10 +26,11 @@
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
This special exception was added by the Free Software Foundation in
version 2.2 of Bison. */
/* Tokens. */
#ifndef YYTOKENTYPE
# define YYTOKENTYPE
......@@ -76,10 +74,11 @@
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
typedef int YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
# define YYSTYPE_IS_TRIVIAL 1
#endif
Terminals which are not used
Terminals unused in grammar
':'
','
'.'
'''
'\''
'^'
'+'
'-'
......@@ -90,7 +90,7 @@ $end (0) 0
'$' (36)
'%' (37)
'&' (38) 33
''' (39)
'\'' (39)
'(' (40) 36
')' (41) 36
'*' (42)
......
This diff is collapsed.
/* A Bison parser, made by GNU Bison 2.3. */
/* A Bison parser, made by GNU Bison 2.5. */
/* Skeleton interface for Bison's Yacc-like parsers in C
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006
Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2011 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor,
Boston, MA 02110-1301, USA. */
along with this program. If not, see <http://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
......@@ -29,10 +26,11 @@
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
This special exception was added by the Free Software Foundation in
version 2.2 of Bison. */
/* Tokens. */
#ifndef YYTOKENTYPE
# define YYTOKENTYPE
......@@ -304,10 +302,11 @@
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
typedef int YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
# define YYSTYPE_IS_TRIVIAL 1
#endif
This diff is collapsed.
This diff is collapsed.
......@@ -119,7 +119,7 @@ int zend_sprintf(char *buffer, const char *format, ...);
PHP_MAJOR_VERSION=5
PHP_MINOR_VERSION=4
PHP_RELEASE_VERSION=1
PHP_RELEASE_VERSION=2
PHP_EXTRA_VERSION=""
PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION"
PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 10000 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION`
......
makefile_am_files = Zend/Makefile.am TSRM/Makefile.am
config_m4_files = Zend/Zend.m4 TSRM/tsrm.m4 TSRM/threads.m4 Zend/acinclude.m4 ext/bcmath/config.m4 ext/bz2/config.m4 ext/calendar/config.m4 ext/ctype/config.m4 ext/curl/config.m4 ext/date/config0.m4 ext/dba/config.m4 ext/dom/config.m4 ext/enchant/config.m4 ext/ereg/config0.m4 ext/exif/config.m4 ext/fileinfo/config.m4 ext/filter/config.m4 ext/ftp/config.m4 ext/gd/config.m4 ext/gettext/config.m4 ext/gmp/config.m4 ext/hash/config.m4 ext/iconv/config.m4 ext/imap/config.m4 ext/interbase/config.m4 ext/intl/config.m4 ext/json/config.m4 ext/ldap/config.m4 ext/libxml/config0.m4 ext/mbstring/config.m4 ext/mcrypt/config.m4 ext/mssql/config.m4 ext/mysql/config.m4 ext/mysqli/config.m4 ext/mysqlnd/config9.m4 ext/oci8/config.m4 ext/odbc/config.m4 ext/openssl/config0.m4 ext/pcntl/config.m4 ext/pcre/config0.m4 ext/pdo/config.m4 ext/pdo_dblib/config.m4 ext/pdo_firebird/config.m4 ext/pdo_mysql/config.m4 ext/pdo_oci/config.m4 ext/pdo_odbc/config.m4 ext/pdo_pgsql/config.m4 ext/pdo_sqlite/config.m4 ext/pgsql/config.m4 ext/phar/config.m4 ext/posix/config.m4 ext/pspell/config.m4 ext/readline/config.m4 ext/recode/config.m4 ext/recode/config9.m4 ext/reflection/config.m4 ext/session/config.m4 ext/shmop/config.m4 ext/simplexml/config.m4 ext/snmp/config.m4 ext/soap/config.m4 ext/sockets/config.m4 ext/spl/config.m4 ext/sqlite3/config0.m4 ext/standard/config.m4 ext/sybase_ct/config.m4 ext/sysvmsg/config.m4 ext/sysvsem/config.m4 ext/sysvshm/config.m4 ext/tidy/config.m4 ext/tokenizer/config.m4 ext/wddx/config.m4 ext/xml/config.m4 ext/xmlreader/config.m4 ext/xmlrpc/config.m4 ext/xmlwriter/config.m4 ext/xsl/config.m4 ext/zip/config.m4 ext/zlib/config0.m4 sapi/aolserver/config.m4 sapi/apache/config.m4 sapi/apache2filter/config.m4 sapi/apache2handler/config.m4 sapi/apache_hooks/config.m4 sapi/caudium/config.m4 sapi/cli/config.m4 sapi/continuity/config.m4 sapi/embed/config.m4 sapi/fpm/config.m4 sapi/isapi/config.m4 sapi/litespeed/config.m4 sapi/milter/config.m4 sapi/nsapi/config.m4 sapi/phttpd/config.m4 sapi/pi3web/config.m4 sapi/roxen/config.m4 sapi/thttpd/config.m4 sapi/tux/config.m4 sapi/webjames/config.m4
config_m4_files = Zend/Zend.m4 TSRM/tsrm.m4 TSRM/threads.m4 Zend/acinclude.m4 ext/bcmath/config.m4 ext/bz2/config.m4 ext/calendar/config.m4 ext/ctype/config.m4 ext/curl/config.m4 ext/date/config0.m4 ext/dba/config.m4 ext/dom/config.m4 ext/enchant/config.m4 ext/ereg/config0.m4 ext/exif/config.m4 ext/fileinfo/config.m4 ext/filter/config.m4 ext/ftp/config.m4 ext/gd/config.m4 ext/gettext/config.m4 ext/gmp/config.m4 ext/hash/config.m4 ext/iconv/config.m4 ext/imap/config.m4 ext/interbase/config.m4 ext/intl/config.m4 ext/json/config.m4 ext/ldap/config.m4 ext/libxml/config0.m4 ext/mbstring/config.m4 ext/mcrypt/config.m4 ext/mssql/config.m4 ext/mysql/config.m4 ext/mysqli/config.m4 ext/mysqlnd/config9.m4 ext/oci8/config.m4 ext/odbc/config.m4 ext/openssl/config0.m4 ext/pcntl/config.m4 ext/pcre/config0.m4 ext/pdo/config.m4 ext/pdo_dblib/config.m4 ext/pdo_firebird/config.m4 ext/pdo_mysql/config.m4 ext/pdo_oci/config.m4 ext/pdo_odbc/config.m4 ext/pdo_pgsql/config.m4 ext/pdo_sqlite/config.m4 ext/pgsql/config.m4 ext/phar/config.m4 ext/posix/config.m4 ext/pspell/config.m4 ext/readline/config.m4 ext/recode/config9.m4 ext/recode/config.m4 ext/reflection/config.m4 ext/session/config.m4 ext/shmop/config.m4 ext/simplexml/config.m4 ext/snmp/config.m4 ext/soap/config.m4 ext/sockets/config.m4 ext/spl/config.m4 ext/sqlite3/config0.m4 ext/standard/config.m4 ext/sybase_ct/config.m4 ext/sysvmsg/config.m4 ext/sysvsem/config.m4 ext/sysvshm/config.m4 ext/tidy/config.m4 ext/tokenizer/config.m4 ext/wddx/config.m4 ext/xml/config.m4 ext/xmlreader/config.m4 ext/xmlrpc/config.m4 ext/xmlwriter/config.m4 ext/xsl/config.m4 ext/zip/config.m4 ext/zlib/config0.m4 sapi/aolserver/config.m4 sapi/apache2filter/config.m4 sapi/apache2handler/config.m4 sapi/apache/config.m4 sapi/apache_hooks/config.m4 sapi/caudium/config.m4 sapi/cli/config.m4 sapi/continuity/config.m4 sapi/embed/config.m4 sapi/fpm/config.m4 sapi/isapi/config.m4 sapi/litespeed/config.m4 sapi/milter/config.m4 sapi/nsapi/config.m4 sapi/phttpd/config.m4 sapi/pi3web/config.m4 sapi/roxen/config.m4 sapi/thttpd/config.m4 sapi/tux/config.m4 sapi/webjames/config.m4
......@@ -2,7 +2,7 @@
/* edit configure.in to change version number */
#define PHP_MAJOR_VERSION 5
#define PHP_MINOR_VERSION 4
#define PHP_RELEASE_VERSION 1
#define PHP_RELEASE_VERSION 2
#define PHP_EXTRA_VERSION ""
#define PHP_VERSION "5.4.1"
#define PHP_VERSION_ID 50401
#define PHP_VERSION "5.4.2"
#define PHP_VERSION_ID 50402
......@@ -70,6 +70,7 @@
#include "php_main.h"
#include "fopen_wrappers.h"
#include "ext/standard/php_standard.h"
#include "ext/standard/url.h"
#ifdef PHP_WIN32
# include <io.h>
......@@ -1752,6 +1753,9 @@ int main(int argc, char *argv[])
#ifndef PHP_WIN32
int status = 0;
#endif
char *query_string;
char *decoded_query_string;
int skip_getopt = 0;
#if 0 && defined(PHP_DEBUG)
/* IIS is always making things more difficult. This allows
......@@ -1802,7 +1806,16 @@ int main(int argc, char *argv[])
}
}
while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) {
if(query_string = getenv("QUERY_STRING")) {
decoded_query_string = strdup(query_string);
php_url_decode(decoded_query_string, strlen(decoded_query_string));
if(*decoded_query_string == '-' && strchr(decoded_query_string, '=') == NULL) {
skip_getopt = 1;
}
free(decoded_query_string);
}
while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) {
switch (c) {
case 'c':
if (cgi_sapi_module.php_ini_path_override) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment