Bug#698915: unblock: php5/5.4.4-12

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#698915: unblock: php5/5.4.4-12
From: Ondřej Surý <ondrej@debian.org>
Date: Fri, 25 Jan 2013 10:04:53 +0100
Message-id: <20130125090453.12804.28235.reportbug@localhost6.localdomain6>
Reply-to: OndÅ™ej SurÃ½ <ondrej@debian.org>, 698915@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package php5

Fixes grave bug.

Infinite recursion in session handling when using
fusionforge/mediawiki after apache2 reload.

Pulled patch from upstream and from sf@debian.org.

Confirmed by the reporter that 5.4.4-12 fixes the issue.

$ diffstat php5_5.4.4-12.debdiff
 debian/patches/session.c_rfc1867_crashes_php_even_though_turned_off.patch |   33 ++++++++++
 php5-5.4.4/debian/changelog                                               |    7 ++
 php5-5.4.4/debian/patches/series                                          |    1 
 3 files changed, 41 insertions(+)

unblock php5/5.4.4-12

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -u php5-5.4.4/debian/changelog php5-5.4.4/debian/changelog
--- php5-5.4.4/debian/changelog
+++ php5-5.4.4/debian/changelog
@@ -1,3 +1,10 @@
+php5 (5.4.4-12) unstable; urgency=low
+
+  * Apply two workaround patches for crashes caused by infinite recursion
+    in php_rfc1867_callback (Closes: #694473, #691318)
+
+ -- Ondřej Surý <ondrej@debian.org>  Mon, 21 Jan 2013 11:02:25 +0100
+
 php5 (5.4.4-11) unstable; urgency=low
 
   * Install logrotate script in php5-fpm package (Closes: #673558)
diff -u php5-5.4.4/debian/patches/series php5-5.4.4/debian/patches/series
--- php5-5.4.4/debian/patches/series
+++ php5-5.4.4/debian/patches/series
@@ -77,0 +78 @@
+session.c_rfc1867_crashes_php_even_though_turned_off.patch
only in patch2:
unchanged:
--- php5-5.4.4.orig/debian/patches/session.c_rfc1867_crashes_php_even_though_turned_off.patch
+++ php5-5.4.4/debian/patches/session.c_rfc1867_crashes_php_even_though_turned_off.patch
@@ -0,0 +1,33 @@
+--- a/ext/session/session.c
++++ b/ext/session/session.c
+@@ -2192,8 +2192,10 @@ static PHP_MINIT_FUNCTION(session) /* {{
+ #ifdef HAVE_LIBMM
+ 	PHP_MINIT(ps_mm) (INIT_FUNC_ARGS_PASSTHRU);
+ #endif
+-	php_session_rfc1867_orig_callback = php_rfc1867_callback;
+-	php_rfc1867_callback = php_session_rfc1867_callback;
++	if (php_rfc1867_callback != php_session_rfc1867_callback) {
++		php_session_rfc1867_orig_callback = php_rfc1867_callback;
++		php_rfc1867_callback = php_session_rfc1867_callback;
++	}
+ 
+ 	/* Register interface */
+ 	INIT_CLASS_ENTRY(ce, PS_IFACE_NAME, php_session_iface_functions);
+@@ -2384,13 +2386,14 @@ static int php_session_rfc1867_callback(
+ 	php_session_rfc1867_progress *progress;
+ 	int retval = SUCCESS;
+ 
+-	if (php_session_rfc1867_orig_callback) {
+-		retval = php_session_rfc1867_orig_callback(event, event_data, extra TSRMLS_CC);
+-	}
+ 	if (!PS(rfc1867_enabled)) {
+ 		return retval;
+ 	}
+ 
++	if (php_session_rfc1867_orig_callback) {
++		retval = php_session_rfc1867_orig_callback(event, event_data, extra TSRMLS_CC);
++	}
++
+ 	progress = PS(rfc1867_progress);
+ 
+ 	switch(event) {

Reply to:

Follow-Ups:
- Bug#698915: unblock: php5/5.4.4-12
  - From: Jonathan Wiltshire <jmw@debian.org>

Prev by Date: Re: Update virinst via wheezy-proposed-updates
Next by Date: Re: Candidates for removal from testing (2013-01-24)
Previous by thread: Bug#681022: unblock: openacs/5.7.0+dfsg-2
Next by thread: Bug#698915: unblock: php5/5.4.4-12
Index(es):
- Date
- Thread