coderchina
diff --git a/‎Makefile.gcov
Lines changed: 1 addition & 1 deletion b/‎Makefile.gcov
Lines changed: 1 addition & 1 deletion
diff --git a/‎NEWS
Lines changed: 13 additions & 1 deletion b/‎NEWS
Lines changed: 13 additions & 1 deletion
diff --git a/‎README.namespaces
100755100644 b/‎README.namespaces
100755100644
diff --git a/‎UPGRADING
100755100644 b/‎UPGRADING
100755100644
diff --git a/‎ext/date/php_date.c
Lines changed: 3 additions & 3 deletions b/‎ext/date/php_date.c
Lines changed: 3 additions & 3 deletions
diff --git a/‎ext/date/tests/bug67118.phpt
Lines changed: 9 additions & 9 deletions b/‎ext/date/tests/bug67118.phpt
Lines changed: 9 additions & 9 deletions
diff --git a/‎ext/date/tests/bug67118_2.phpt
Lines changed: 35 additions & 0 deletions b/‎ext/date/tests/bug67118_2.phpt
Lines changed: 35 additions & 0 deletions
diff --git a/‎ext/fileinfo/libmagic/cdf.c
Lines changed: 7 additions & 4 deletions b/‎ext/fileinfo/libmagic/cdf.c
Lines changed: 7 additions & 4 deletions
diff --git a/‎ext/fileinfo/libmagic/cdf.h
Lines changed: 2 additions & 1 deletion b/‎ext/fileinfo/libmagic/cdf.h
Lines changed: 2 additions & 1 deletion
diff --git a/‎ext/fileinfo/libmagic/readcdf.c
Lines changed: 61 additions & 16 deletions b/‎ext/fileinfo/libmagic/readcdf.c
Lines changed: 61 additions & 16 deletions
@@ -14,7 +14,7 @@ php_lcov.info: lcov-test
 	@rm -rf lcov_data/
 	@$(mkinstalldirs) lcov_data/
 	@echo
-	-@files=`find . -name \*.gcda -o -name \*.gcno -o -name \*.da -o -name \*.c -o -name \*.h | sed -e 's/^\.\///' | sed -e 's/\.gcda//g' -e 's/\.gcno//g' -e 's/\.da//g' | $(EGREP) $(LCOV_INCLUDE) | sed -e 's/.libs/ZZZZ/g' | sort -h | sed -e 's/ZZZZ/.libs/g' | uniq` ;\
+	-@files=`find . -name \*.gcda -o -name \*.gcno -o -name \*.da -o -name \*.c -o -name \*.h | sed -e 's/^\.\///' | sed -e 's/\.gcda//g' -e 's/\.gcno//g' -e 's/\.da//g' | $(EGREP) $(LCOV_INCLUDE) | sed -e 's/.libs/zzzz/g' | sort | sed -e 's/zzzz/.libs/g' | uniq` ;\
 	for x in $$files; do \
 		echo -n . ;\
 		y=`echo $$x | sed -e 's!\.libs/!!'`; \
 
@@ -1,22 +1,34 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? 2014, PHP 5.6.0 Beta 4
+?? ??? 2014, PHP 5.6.0 Release Candidate 1
+
+05 Jun 2014, PHP 5.6.0 Beta 4
 
 - Core:
   . Fixed bug #67249 (printf out-of-bounds read). (Stas)
 
 - Date:
   . Fixed bug #67308 (Serialize of DateTime truncates fractions of second).
     (Adam)
+  . Fixed regression in fix for bug #67118 (constructor can't be called twice).
+    (Remi)
+
 
 - Fileinfo:
   . Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS).
   . Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in
     performance degradation).
+  . Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check).
+  . Fixed bug #67329 (fileinfo: NULL pointer deference flaw by processing certain
+    CDF files).
 
 - SPL:
   . Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence)
 
+- phpdbg:
+  . Fixed bug which caused phpdbg to fail immediately on startup in non-debug
+    builds. (Bob)
+
 15 May 2014, PHP 5.6.0 Beta 3
 
 - Core:
 
@@ -2569,6 +2569,8 @@ PHPAPI int php_date_initialize(php_date_obj *dateobj, /*const*/ char *time_str,
 			err->error_messages[0].position, err->error_messages[0].character, err->error_messages[0].message);
 	}
 	if (err && err->error_count) {
+		timelib_time_dtor(dateobj->time);
+		dateobj->time = 0;
 		return 0;
 	}
 
@@ -2716,9 +2718,7 @@ PHP_METHOD(DateTime, __construct)
 
 	zend_replace_error_handling(EH_THROW, NULL, &error_handling TSRMLS_CC);
 	if (SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|SO!", &time_str, &time_str_len, &timezone_object, date_ce_timezone)) {
-		if (!php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC)) {
-			ZVAL_NULL(getThis());
-		}
+		php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC);
 	}
 	zend_restore_error_handling(&error_handling TSRMLS_CC);
 }
 
@@ -1,5 +1,5 @@
 --TEST--
-Bug #67118 php-cgi crashes regularly on IIS 7
+Bug #67118 crashes in DateTime when this used after failed __construct
 --INI--
 date.timezone=Europe/Berlin
 --FILE--
@@ -11,17 +11,17 @@ class mydt extends datetime
 		if (!empty($tz) && !is_object($tz)) {
 			$tz = new DateTimeZone($tz);
 		}
-
-		@parent::__construct($time, $tz);
+		try {
+			@parent::__construct($time, $tz);
+		} catch (Exception $e) {
+			echo "Bad date" . $this->format("Y") . "\n";
+		}
 	}
 
 };
 
 new mydt("Funktionsansvarig rådgivning och juridik", "UTC");
+?>
 --EXPECTF--
-Fatal error: Uncaught exception 'Exception' with message 'DateTime::__construct(): Failed to parse time string (Funktionsansvarig rådgivning och juridik) at position 0 (F): The timezone could not be found in the database' in %sbug67118.php:%d
-Stack trace:
-#0 %sbug67118.php(%d): DateTime->__construct('Funktionsansvar...', Object(DateTimeZone))
-#1 %sbug67118.php(%d): mydt->__construct('Funktionsansvar...', 'UTC')
-#2 {main}
-  thrown in %sbug67118.php on line %d
+Warning: DateTime::format(): The DateTime object has not been correctly initialized by its constructor in %sbug67118.php on line %d
+Bad date
@@ -0,0 +1,35 @@
+--TEST--
+Regression introduce in fix for Bug #67118
+--INI--
+date.timezone=Europe/Paris
+--FILE--
+<?php
+class Foo extends DateTime {
+    public function __construct($time = null) {
+        $tz = new DateTimeZone('UTC');
+        try {
+            echo "First try\n";
+            parent::__construct($time, $tz);
+            return;
+        } catch (Exception $e) {
+            echo "Second try\n";
+            parent::__construct($time.'C', $tz);
+        }
+    }
+}
+$date = '12 Sep 2007 15:49:12 UT';
+var_dump(new Foo($date));
+?>
+Done
+--EXPECTF--
+First try
+Second try
+object(Foo)#1 (3) {
+  ["date"]=>
+  string(%d) "2007-09-12 15:49:%s"
+  ["timezone_type"]=>
+  int(3)
+  ["timezone"]=>
+  string(3) "UTC"
+}
+Done
@@ -35,7 +35,7 @@
 #include "file.h"
 
 #ifndef lint
-FILE_RCSID("@(#)$File: cdf.c,v 1.53 2013/02/26 16:20:42 christos Exp $")
+FILE_RCSID("@(#)$File: cdf.c,v 1.55 2014/02/27 23:26:17 christos Exp $")
 #endif
 
 #include <assert.h>
@@ -365,10 +365,10 @@ cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs,
 	size_t ss = CDF_SHORT_SEC_SIZE(h);
 	size_t pos = CDF_SHORT_SEC_POS(h, id);
 	assert(ss == len);
-	if (pos > CDF_SEC_SIZE(h) * sst->sst_len) {
+	if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) {
 		DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %"
 		    SIZE_T_FORMAT "u\n",
-		    pos, CDF_SEC_SIZE(h) * sst->sst_len));
+		    pos + len, CDF_SEC_SIZE(h) * sst->sst_len));
 		return -1;
 	}
 	(void)memcpy(((char *)buf) + offs,
@@ -688,11 +688,13 @@ cdf_read_ssat(const cdf_info_t *info, const cdf_header_t *h,
 
 int
 cdf_read_short_stream(const cdf_info_t *info, const cdf_header_t *h,
-    const cdf_sat_t *sat, const cdf_dir_t *dir, cdf_stream_t *scn)
+    const cdf_sat_t *sat, const cdf_dir_t *dir, cdf_stream_t *scn,
+    const cdf_directory_t **root)
 {
 	size_t i;
 	const cdf_directory_t *d;
 
+	*root = NULL;
 	for (i = 0; i < dir->dir_len; i++)
 		if (dir->dir_tab[i].d_type == CDF_DIR_TYPE_ROOT_STORAGE)
 			break;
@@ -701,6 +703,7 @@ cdf_read_short_stream(const cdf_info_t *info, const cdf_header_t *h,
 	if (i == dir->dir_len)
 		goto out;
 	d = &dir->dir_tab[i];
+	*root = d;
 
 	/* If the it is not there, just fake it; some docs don't have it */
 	if (d->d_stream_first_sector < 0)
 
@@ -300,7 +300,8 @@ int cdf_read_dir(const cdf_info_t *, const cdf_header_t *, const cdf_sat_t *,
 int cdf_read_ssat(const cdf_info_t *, const cdf_header_t *, const cdf_sat_t *,
     cdf_sat_t *);
 int cdf_read_short_stream(const cdf_info_t *, const cdf_header_t *,
-    const cdf_sat_t *, const cdf_dir_t *, cdf_stream_t *);
+    const cdf_sat_t *, const cdf_dir_t *, cdf_stream_t *,
+    const cdf_directory_t **);
 int cdf_read_property_info(const cdf_stream_t *, const cdf_header_t *, uint32_t,
     cdf_property_info_t **, size_t *, size_t *);
 int cdf_read_summary_info(const cdf_info_t *, const cdf_header_t *,
 
@@ -26,7 +26,7 @@
 #include "file.h"
 
 #ifndef lint
-FILE_RCSID("@(#)$File: readcdf.c,v 1.37 2014/01/06 13:41:18 rrt Exp $")
+FILE_RCSID("@(#)$File: readcdf.c,v 1.40 2014/03/06 15:23:33 christos Exp $")
 #endif
 
 #include <stdlib.h>
@@ -77,6 +77,40 @@ static const struct nv {
 # define strcasestr strstr
 #endif
 
+static const struct cv {
+	uint64_t clsid[2];
+	const char *mime;
+} clsid2mime[] = {
+	{
+#ifdef PHP_WIN32
+		{ 0x00000000000c1084ui64, 0x46000000000000c0ui64 },
+#else
+		{ 0x00000000000c1084LLU, 0x46000000000000c0LLU },
+#endif
+		"x-msi",
+	}
+}, clsid2desc[] = {
+	{
+#ifdef PHP_WIN32
+		{ 0x00000000000c1084ui64, 0x46000000000000c0ui64 },
+#else
+		{ 0x00000000000c1084LLU, 0x46000000000000c0LLU },
+#endif
+		"MSI Installer",
+	},
+};
+
+private const char *
+cdf_clsid_to_mime(const uint64_t clsid[2], const struct cv *cv)
+{
+	size_t i;
+	for (i = 0; cv[i].mime != NULL; i++) {
+		if (clsid[0] == cv[i].clsid[0] && clsid[1] == cv[i].clsid[1])
+			return cv[i].mime;
+	}
+	return NULL;
+}
+
 private const char *
 cdf_app_to_mime(const char *vbuf, const struct nv *nv)
 {
@@ -95,7 +129,7 @@ cdf_app_to_mime(const char *vbuf, const struct nv *nv)
 
 private int
 cdf_file_property_info(struct magic_set *ms, const cdf_property_info_t *info,
-    size_t count)
+    size_t count, const cdf_directory_t *root_storage)
 {
         size_t i;
         cdf_timestamp_t tp;
@@ -107,6 +141,9 @@ cdf_file_property_info(struct magic_set *ms, const cdf_property_info_t *info,
 
 	memset(&ts, 0, sizeof(ts));
 
+        if (!NOTMIME(ms) && root_storage)
+		str = cdf_clsid_to_mime(root_storage->d_storage_uuid, clsid2mime);
+
         for (i = 0; i < count; i++) {
                 cdf_print_property_name(buf, sizeof(buf), info[i].pi_id);
                 switch (info[i].pi_type) {
@@ -163,7 +200,7 @@ cdf_file_property_info(struct magic_set *ms, const cdf_property_info_t *info,
                                                     buf, vbuf) == -1)
                                                         return -1;
                                         }
-                                } else if (info[i].pi_id ==
+                                } else if (str == NULL && info[i].pi_id ==
 				    CDF_PROPERTY_NAME_OF_APPLICATION) {
 					str = cdf_app_to_mime(vbuf, app2mime);
 				}
@@ -217,7 +254,7 @@ cdf_file_property_info(struct magic_set *ms, const cdf_property_info_t *info,
 
 private int
 cdf_file_summary_info(struct magic_set *ms, const cdf_header_t *h,
-    const cdf_stream_t *sst)
+    const cdf_stream_t *sst, const cdf_directory_t *root_storage)
 {
         cdf_summary_info_header_t si;
         cdf_property_info_t *info;
@@ -228,6 +265,8 @@ cdf_file_summary_info(struct magic_set *ms, const cdf_header_t *h,
                 return -1;
 
         if (NOTMIME(ms)) {
+		const char *str;
+
                 if (file_printf(ms, "Composite Document File V2 Document")
 		    == -1)
                         return -1;
@@ -255,9 +294,15 @@ cdf_file_summary_info(struct magic_set *ms, const cdf_header_t *h,
                                 return -2;
                         break;
                 }
-        }
+		if (root_storage) {
+			str = cdf_clsid_to_mime(root_storage->d_storage_uuid, clsid2desc);
+			if (str)
+				if (file_printf(ms, ", %s", str) == -1)
+					return -2;
+			}
+		}
 
-        m = cdf_file_property_info(ms, info, count);
+        m = cdf_file_property_info(ms, info, count, root_storage);
         free(info);
 
         return m == -1 ? -2 : m;
@@ -275,6 +320,7 @@ file_trycdf(struct magic_set *ms, int fd, const unsigned char *buf,
         int i;
         const char *expn = "";
         const char *corrupt = "corrupt: ";
+        const cdf_directory_t *root_storage;
 
         info.i_fd = fd;
         info.i_buf = buf;
@@ -308,7 +354,8 @@ file_trycdf(struct magic_set *ms, int fd, const unsigned char *buf,
                 goto out2;
         }
 
-        if ((i = cdf_read_short_stream(&info, &h, &sat, &dir, &sst)) == -1) {
+        if ((i = cdf_read_short_stream(&info, &h, &sat, &dir, &sst,
+	    &root_storage)) == -1) {
                 expn = "Cannot read short stream";
                 goto out3;
         }
@@ -329,23 +376,21 @@ file_trycdf(struct magic_set *ms, int fd, const unsigned char *buf,
 #ifdef CDF_DEBUG
         cdf_dump_summary_info(&h, &scn);
 #endif
-        if ((i = cdf_file_summary_info(ms, &h, &scn)) < 0)
-                expn = "Can't expand summary_info";
+        if ((i = cdf_file_summary_info(ms, &h, &scn, root_storage)) < 0)
+            expn = "Can't expand summary_info";
+
 	if (i == 0) {
 		const char *str = NULL;
 		cdf_directory_t *d;
 		char name[__arraycount(d->d_name)];
 		size_t j, k;
-		for (j = 0; j < dir.dir_len; j++) {
+
+		for (j = 0; str == NULL && j < dir.dir_len; j++) {
 			d = &dir.dir_tab[j];
 			for (k = 0; k < sizeof(name); k++)
 				name[k] = (char)cdf_tole2(d->d_name[k]);
-			if (NOTMIME(ms))
-				str = cdf_app_to_mime(name, name2desc);
-			else
-				str = cdf_app_to_mime(name, name2mime);
-			if (str != NULL)
-				break;
+			str = cdf_app_to_mime(name,
+			    NOTMIME(ms) ? name2desc : name2mime);
 		}
 		if (NOTMIME(ms)) {
 			if (str != NULL) {
Original file line number	Diff line number	Diff line change
`@@ -2569,6 +2569,8 @@ PHPAPI int php_date_initialize(php_date_obj dateobj, /const/ char time_str,`
`2569`	`2569`	`err->error_messages[0].position, err->error_messages[0].character, err->error_messages[0].message);`
`2570`	`2570`	`}`
`2571`	`2571`	`if (err && err->error_count) {`
	`2572`	`+ timelib_time_dtor(dateobj->time);`
	`2573`	`+ dateobj->time = 0;`
`2572`	`2574`	`return 0;`
`2573`	`2575`	`}`
`2574`	`2576`
`@@ -2716,9 +2718,7 @@ PHP_METHOD(DateTime, __construct)`
`2716`	`2718`
`2717`	`2719`	`zend_replace_error_handling(EH_THROW, NULL, &error_handling TSRMLS_CC);`
`2718`	`2720`	`if (SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "\|SO!", &time_str, &time_str_len, &timezone_object, date_ce_timezone)) {`
`2719`		`- if (!php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC)) {`
`2720`		`- ZVAL_NULL(getThis());`
`2721`		`- }`
	`2721`	`+ php_date_initialize(zend_object_store_get_object(getThis() TSRMLS_CC), time_str, time_str_len, NULL, timezone_object, 1 TSRMLS_CC);`
`2722`	`2722`	`}`
`2723`	`2723`	`zend_restore_error_handling(&error_handling TSRMLS_CC);`
`2724`	`2724`	`}`