Merge branch 'PHP-5.4' into PHP-5.4.42

smalyshev · smalyshev · commit 7537e639e2b4 · 2015-06-09T16:23:45.000-07:00
* PHP-5.4:
  update NEWS
  Fix bug #69646	OS command injection vulnerability in escapeshellarg
  Fix #69719 - more checks for nulls in paths
  fix test description
  Fixed Buf #68812 Unchecked return value.
diff --git a/NEWS b/NEWS
@@ -5,6 +5,12 @@ PHP                                                                        NEWS
 - Core:
   . Imroved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in
     heap overflow). (Max Spelsberg)
+  . Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
+    (Anatol Belski)
+  . Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)
+
+- Litespeed SAPI:
+  . Fixed bug #68812 (Unchecked return value). (George Wang)
 
 - Postgres:
   . Fixed bug #69667 (segfault in php_pgsql_meta_data). (Remi)
diff --git a/ext/pgsql/tests/pg_insert_002.phpt b/ext/pgsql/tests/pg_insert_002.phpt
@@ -1,5 +1,5 @@
 --TEST--
-PostgreSQL pg_select() - basic test using schema
+PostgreSQL pg_insert() - test for CVE-2015-1532
 --SKIPIF--
 <?php include("skipif.inc"); ?>
 --FILE--
diff --git a/sapi/litespeed/lsapilib.c b/sapi/litespeed/lsapilib.c
@@ -3131,10 +3131,20 @@ static int lsapi_initSuEXEC()
     if ( !s_defaultUid || !s_defaultGid )
     {
         pw = getpwnam( "nobody" );
-        if ( !s_defaultUid )
-            s_defaultUid = pw->pw_uid;
-        if ( !s_defaultGid )
-            s_defaultGid = pw->pw_gid;
+        if ( pw )
+        {
+            if ( !s_defaultUid )
+                s_defaultUid = pw->pw_uid;
+            if ( !s_defaultGid )
+                s_defaultGid = pw->pw_gid;
+        }
+        else
+        {
+            if ( !s_defaultUid )
+                s_defaultUid = 10000;
+            if ( !s_defaultGid )
+                s_defaultGid = 10000;
+        }
     }
     return 0;
 }
