Changelog: http://www.php.net/ChangeLog-7.php#7.2.12
Rebased patch 0004 and updated license hash after white space removal:
902d39a3a7
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Needed for example for phppgadmin.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add missing BR2_USE_WCHAR dependency.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream removed support for non-wchar toolchains:
85feb77aa0
Propagate the new dependency to other packages.
Fixes
http://autobuild.buildroot.net/results/b73/b73342a39167ed7f293224d4e3b23dde691b9abf/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: also propagate to the php, qt and qt5base packages.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes autobuild failures like
http://autobuild.buildroot.net/results/3288b742cee650ee47a41c5b4d6aaef1fe67bff1
php compile breaks with:
ext/mysqlnd/mysqlnd_auth.o: In function `php_mysqlnd_scramble_sha2':
mysqlnd_auth.c:(.text+0x1054): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1064): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1070): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x1078): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1088): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1094): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x109c): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x10ac): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10bc): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10c8): undefined reference to `PHP_SHA256Final'
It looks like the php mysqli extension needs the hash extension to work. This
seems to be a php Make dependany bug. This patch works around it until the
upstream maintainers can fix it.
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
zend_alloc.h defines some macros such as:
Where _estrdup is the actual function implemented by the PHP core. If
this header file is not included, and some code uses estrdup, one ends
up with an undefined reference. This happens when libexpat support is
enabled. This commit adds a PHP patch that fixes this issue. The patch
has been submitted upstream through a Github pull request.
Fixes:
http://autobuild.buildroot.net/results/889d2c1f509c035cd506e36061939bfddc8f1500/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When the internal PCRE library of PHP is used, it tries to use a JIT
engine, which is only available on some architectures.
However, the mechanism used to disable JIT has changed in recent PHP
versions, and it now has a proper --without-pcre-jit option. Switch
over to that to properly disable JIT on unsupported platforms.
It has been tested to fix the build of PHP on ARC and Microblaze.
Fixes:
http://autobuild.buildroot.net/results/e1359fcad7bc57e3c5a7ecc37abaa2cf6a6a9ffa/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
... to follow the convention: type, default, depends on, select, help.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_BINFMT_FLAT configurations require the use of elf2flt. However,
PHP uses -export-dynamic which breaks badly with elf2flt. Even a
simple program fails to build:
$ ./output/host/bin/arm-linux-gcc -Wl,-export-dynamic -o toto toto.c
/home/thomas/projets/buildroot/output/host/opt/ext-toolchain/arm-buildroot-uclinux-uclibcgnueabi/bin/ld.real: section .junk LMA [0000000000000000,0000000000000027] overlaps section .text LMA [0000000000000000,0000000000006d07]
-export-dynamic is clearly not useful for FLAT configurations, which
are always statically linked, but it's quite a bit of work to change
the PHP build system to use it only conditionall.
It looks more like an interaction bug between gcc (which wants to put
the .text section at address 0x0 in its linker script) and elf2flt,
which wants to put its .junk section (containing the .rel.text stuff)
also at address 0x0.
Fixes (works around) the "section overlap" part of:
http://autobuild.buildroot.net/results/35cbed8927bb10500ecf2816aa728ea240a0be21/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The PHP sockets module now provides access to AI_IDN functionality (by
simply declaring a bunch of constants available from PHP code). AI_IDN
(internationalized domain names) is not supported in uClibc or musl,
which breaks the build.
This commit adds a patch to PHP which makes the use of AI_IDN
conditional, in a way that is identical to what is already done for
AI_ALL. The patch has been submitted upstream.
Fixes:
http://autobuild.buildroot.net/results/ef040cc45bb2789ead82a8c445db3376e36b5ac7/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Introduced in PHP7.2, if a host has valgrind headers installed, PHP will detect
them and set HAVE_VALGRIND to 1.
Disable this entry after configuring.
fixes:
http://autobuild.buildroot.net/results/d59/d59b5961890aeddcd6d59ed52243be6554d1fe21
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also update 0003-configure-disable-the-phar-tool.patch as configure.in is no
longer provided in the tarballs. Instead, configure.ac is patched.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes the following security issues:
CVE-2017-7890 - Buffer over-read into uninitialized memory. The GIF
decoding function gdImageCreateFromGifCtx in gd_gif_in.c (which can be
reached with a call to the imagecreatefromstring() function) uses
constant-sized color tables of size 3 * 256, but does not zero-out these
arrays before use.
CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229 -
Out-of-bonds access in oniguruma regexp library.
CVE-2017-11144 - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before
7.1.7, the openssl extension PEM sealing code did not check the return value
of the OpenSSL sealing function, which could lead to a crash of the PHP
interpreter, related to an interpretation conflict for a negative number in
ext/openssl/openssl.c, and an OpenSSL documentation omission.
CVE-2017-11145 - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before
7.1.7, lack of a bounds check in the date extension's timelib_meridian
parsing code could be used by attackers able to supply date strings to leak
information from the interpreter, related to an ext/date/lib/parse_date.c
out-of-bounds read affecting the php_parse_date function.
CVE-2017-11146 - In PHP through 5.6.31, 7.x through 7.0.21, and 7.1.x
through 7.1.7, lack of bounds checks in the date extension's
timelib_meridian parsing code could be used by attackers able to supply date
strings to leak information from the interpreter, related to
ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date
function. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2017-11145.
While we're at it, add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit switches to use the new gettext logic, which involves:
- using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
on gettext/host-gettext
- dropping BR2_PACKAGE_GETTEXT selection. Thanks to this, we can drop
the BR2_USE_WCHAR dependency
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Propagate icu reverse dependencies.
Php lacks "-std=c++11", provided by icu-config, when compiling icu
support leading to a build failure:
/home/peko/autobuild/instance-1/output/host/usr/sh4-buildroot-linux-uclibc/sysroot/usr/include/unicode/umachine.h:347:13:
error: 'char16_t' does not name a type
typedef char16_t UChar;
Fixes
http://autobuild.buildroot.net/results/238/238d0e4bb205c0e7288903c6498e6c1787d86a1b/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The check-package script when ran gives warnings on ordering issues
on all of these Config files. This patch cleans up all warnings
related to the ordering in the Config files for packages starting with
the letter p in the package directory.
The appropriate ordering is: type, default, depends on, select, help
See http://nightly.buildroot.org/#_config_files for more information.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As per LICENSE file, php uses PHP license version 3.01.
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Continue work started by Bernd Kuhls in
https://patchwork.ozlabs.org/patch/437544/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add a patch from a PHP Github pull request that fixes the build at -O0
on AArch64.
Signed-off-by: Tatsuyuki Ishi <ishitatsuyuki@gmail.com>
[Thomas: improved patch commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The comments in the Buildroot-provided php-fpm.conf would produce the
following error when starting php-fpm:
ERROR: [/etc/php-fpm.conf:2] value is NULL for a ZEND_INI_PARSER_ENTRY
Removing the comments fixes the problem.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit c457213fbc reworked the selection
of PHP interfaces, moving from a choice..endchoice to a three
independent sub-options.
Thanks to how choices are handled by kconfig, an option suitable for
noMMU platforms was automatically chosen by default. When the
choice...endchoice got removed in
c457213fbc, we introduced a "select" for
one of the interfaces, to make sure at least one interface is
selected.
Unfortunately, the selected interface does not build on noMMU
platforms. In order to preserve the previous behavior (CGI interface
is selected by default on MMU capable platforms), this commit makes
the select logic a bit more complicated:
- CGI is selected on MMU-capable platforms if neither CLI or FPM are
selected
- CLI is selected on MMU-less platforms, since this is anyway the
only available interface.
Fixes:
http://autobuild.buildroot.net/results/85ea09188f1e996cb14b4b83a17736c096c569a8/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Following suggestion of Yann Morin, rework selection of php
interfaces: use booleans instead of choice to be able to select
multiple interfaces as they are not exclusive. We make sure at least
one of the options is selected.
It should be noted that previously CGI and FPM could not be selected
at the same time. This is now possible. Bug that prevented compilation
of CGI and FPM binaries at the same time has been fixed since PHP 5.4
(https://github.com/php-build/php-build/issues/101).
Legacy handling is added for the two options that are removed, and the
appropriate new options are selected.
Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
See http://www.php.net/ChangeLog-7.php#7.0.12 since there are no CVEs
out yet.
And drop upstream patch.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
