Merge branch 'PHP-5.5' of git.php.net:php-src into PHP-5.5

* 'PHP-5.5' of git.php.net:php-src: (30 commits)
  Fix duplicated 5.5.2 NEWS in my tree
  fix typo
  merge news for 5.5.2
  Update NEWS
  Update NEWS
  With --enable-dtrace, the correct PIC/non-PIC .o files on Solaris and Linux are now used.  DTrace is part of Oracle Linux.  See https://oss.oracle.com/projects/DTrace/
  fix cve number
  New news section
  Prepare news for PHP-5.5.2
  Reduce compiler noise by removing unused variables and labels
  Fixed #65431 in zend_exception.c by Sixd
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.
  Skip test if SKIP_ONLINE_TESTS set
  Fix CVE-2013-4073 - handling of certs with null bytes
  Fix CVE-2013-4073 - handling of certs with null bytes
  Fixed #65431 (Discarded qualifiers from pointer target warnings when using --enable-dtrace) by Sixd
  removed unused vars
  fixed strndup usage in the pgsql ext
  use mysqlnd, some tests fail otherwise
  ensure notices are not ignored when tests need them
  ...

Author: Yasuo Ohgaki

NEWS

@@ -3,19 +3,9 @@ PHP                                                                        NEWS
 ?? ??? 2013, PHP 5.5.3
 
 - Core:
-  . Fixed bug #62691 (solaris sed has no -i switch). (Chris Jones)
-  . Fixed bug #61268 (--enable-dtrace leads make to clobber
-    Zend/zend_dtrace.d) (Chris Jones)
-
-- Sessions:
-  . Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions)
-    which protects against session fixation attacks and session collisions.    
-    (Yasuo Ohgaki)
-- Pgsql:
-  . Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update()
-    /pg_delete()/pg_insert()). (Yasuo)
+  . Fixed bug #62692 (PHP fails to build with DTrace). (Chris Jones, Kris Van Hees)
 
-?? ??? 2013, PHP 5.5.2
+15 Aug 2013, PHP 5.5.2
 
 - Core:
   . Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference
@@ -26,22 +16,47 @@ PHP                                                                        NEWS
   . Fixed bug #65304 (Use of max int in array_sum). (Laruence)
   . Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very
     limited case). (Arpad)
+  . Fixed bug #62691 (solaris sed has no -i switch). (Chris Jones)
+  . Fixed bug #61345 (CGI mode - make install don't work). (Michael Heimpold)
+  . Fixed bug #61268 (--enable-dtrace leads make to clobber
+    Zend/zend_dtrace.d) (Chris Jones)
+
+- DOM:
+  . Added flags option to DOMDocument::schemaValidate() and 
+    DOMDocument::schemaValidateSource(). Added LIBXML_SCHEMA_CREATE flag. 
+    (Chris Wright)
 
 - OPcache:
   . Added opcache.restrict_api configuration directive that may limit
-    usage of OPcahce API functions only to patricular script(s). (Dmitry)
+    usage of OPcache API functions only to particular script(s). (Dmitry)
   . Added support for glob symbols in blacklist entries (?, *, **).
     (Terry Elison, Dmitry)
   . Fixed bug #65338 (Enabling both php_opcache and php_wincache AVs on
     shutdown). (Dmitry)
 
+- Openssl:
+  . Fixed handling null bytes in subjectAltName (CVE-2013-4248).
+    (Christian Heimes)
+
 - PDO_mysql:
   . Fixed bug #65299 (pdo mysql parsing errors). (Johannes)
 
+- Pgsql:
+  . Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update()
+    /pg_delete()/pg_insert()). (Yasuo)
+
 - Phar:
   . Fixed bug #65028 (Phar::buildFromDirectory creates corrupt archives for 
     some specific contents). (Stas)
 
+- Sessions:
+  . Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions)
+    which protects against session fixation attacks and session collisions.    
+    (Yasuo Ohgaki)
+  . Fixed possible buffer overflow under Windows. Note: Not a security fix.
+    (Yasuo)
+  . Changed session.auto_start to PHP_INI_PERDIR. (Yasuo)
+
 - SOAP:
   . Fixed bug #65018 (SoapHeader problems with SoapServer). (Dmitry)
 

UPGRADING

@@ -182,6 +182,10 @@ PHP 5.5 UPGRADE NOTES
 - Since 5.5.2, spl_autoload_functions() returns different names for 
   different lambda functions registered via spl_autoload_register().
 
+- Since 5.5.3, DOMDocument::schemaValidateSource() and 
+  DOMDocument::schemaValidate() accept flag parameter. Only flag 
+  available now is LIBXML_SCHEMA_CREATE. Default is 0.
+
 ========================================
 5. New Functions
 ========================================

Zend/zend.c

@@ -1098,7 +1098,7 @@ ZEND_API void zend_error(int type, const char *format, ...) /* {{{ */
 	if(DTRACE_ERROR_ENABLED()) {
 		char *dtrace_error_buffer;
 		zend_vspprintf(&dtrace_error_buffer, 0, format, args);
-		DTRACE_ERROR(dtrace_error_buffer, error_filename, error_lineno);
+		DTRACE_ERROR(dtrace_error_buffer, (char *)error_filename, error_lineno);
 		efree(dtrace_error_buffer);
 	}
 #endif /* HAVE_DTRACE */

Zend/zend_dtrace.c

@@ -24,7 +24,7 @@
 
 #ifdef HAVE_DTRACE
 /* PHP DTrace probes {{{ */
-static inline char *dtrace_get_executed_filename(TSRMLS_D)
+static inline const char *dtrace_get_executed_filename(TSRMLS_D)
 {
 	if (EG(current_execute_data) && EG(current_execute_data)->op_array) {
 		return EG(current_execute_data)->op_array->filename;
@@ -36,9 +36,9 @@ static inline char *dtrace_get_executed_filename(TSRMLS_D)
 ZEND_API zend_op_array *dtrace_compile_file(zend_file_handle *file_handle, int type TSRMLS_DC)
 {
 	zend_op_array *res;
-	DTRACE_COMPILE_FILE_ENTRY(file_handle->opened_path, file_handle->filename);
+	DTRACE_COMPILE_FILE_ENTRY(file_handle->opened_path, (char *)file_handle->filename);
 	res = compile_file(file_handle, type TSRMLS_CC);
-	DTRACE_COMPILE_FILE_RETURN(file_handle->opened_path, file_handle->filename);
+	DTRACE_COMPILE_FILE_RETURN(file_handle->opened_path, (char *)file_handle->filename);
 
 	return res;
 }
@@ -47,7 +47,7 @@ ZEND_API zend_op_array *dtrace_compile_file(zend_file_handle *file_handle, int t
 ZEND_API void dtrace_execute_ex(zend_execute_data *execute_data TSRMLS_DC)
 {
 	int lineno;
-	char *scope, *filename, *funcname, *classname;
+	const char *scope, *filename, *funcname, *classname;
 	scope = filename = funcname = classname = NULL;
 
 	/* we need filename and lineno for both execute and function probes */
@@ -65,41 +65,41 @@ ZEND_API void dtrace_execute_ex(zend_execute_data *execute_data TSRMLS_DC)
 	}
 
 	if (DTRACE_EXECUTE_ENTRY_ENABLED()) {
-		DTRACE_EXECUTE_ENTRY(filename, lineno);
+		DTRACE_EXECUTE_ENTRY((char *)filename, lineno);
 	}
 
 	if (DTRACE_FUNCTION_ENTRY_ENABLED() && funcname != NULL) {
-		DTRACE_FUNCTION_ENTRY(funcname, filename, lineno, classname, scope);
+		DTRACE_FUNCTION_ENTRY((char *)funcname, (char *)filename, lineno, (char *)classname, (char *)scope);
 	}
 
 	execute_ex(execute_data TSRMLS_CC);
 
 	if (DTRACE_FUNCTION_RETURN_ENABLED() && funcname != NULL) {
-		DTRACE_FUNCTION_RETURN(funcname, filename, lineno, classname, scope);
+		DTRACE_FUNCTION_RETURN((char *)funcname, (char *)filename, lineno, (char *)classname, (char *)scope);
 	}
 
 	if (DTRACE_EXECUTE_RETURN_ENABLED()) {
-		DTRACE_EXECUTE_RETURN(filename, lineno);
+		DTRACE_EXECUTE_RETURN((char *)filename, lineno);
 	}
 }
 
 ZEND_API void dtrace_execute_internal(zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC)
 {
 	int lineno;
-	char *filename;
+	const char *filename;
 	if (DTRACE_EXECUTE_ENTRY_ENABLED() || DTRACE_EXECUTE_RETURN_ENABLED()) {
 		filename = dtrace_get_executed_filename(TSRMLS_C);
 		lineno = zend_get_executed_lineno(TSRMLS_C);
 	}
 
 	if (DTRACE_EXECUTE_ENTRY_ENABLED()) {
-		DTRACE_EXECUTE_ENTRY(filename, lineno);
+		DTRACE_EXECUTE_ENTRY((char *)filename, lineno);
 	}
 
 	execute_internal(execute_data_ptr, fci, return_value_used TSRMLS_CC);
 
 	if (DTRACE_EXECUTE_RETURN_ENABLED()) {
-		DTRACE_EXECUTE_RETURN(filename, lineno);
+		DTRACE_EXECUTE_RETURN((char *)filename, lineno);
 	}
 }
 

Zend/zend_exceptions.c

@@ -85,12 +85,12 @@ void zend_throw_exception_internal(zval *exception TSRMLS_DC) /* {{{ */
 {
 #ifdef HAVE_DTRACE
 	if (DTRACE_EXCEPTION_THROWN_ENABLED()) {
-		char *classname;
-		int name_len;
+		const char *classname;
+		zend_uint name_len;
 
 		if (exception != NULL) {
 			zend_get_object_classname(exception, &classname, &name_len TSRMLS_CC);
-			DTRACE_EXCEPTION_THROWN(classname);
+			DTRACE_EXCEPTION_THROWN((char *)classname);
 		} else {
 			DTRACE_EXCEPTION_THROWN(NULL);
 		}

Zend/zend_vm_def.h

@@ -3010,7 +3010,7 @@ ZEND_VM_HANDLER(107, ZEND_CATCH, CONST, CV)
 
 #ifdef HAVE_DTRACE
 	if (DTRACE_EXCEPTION_CAUGHT_ENABLED()) {
-		DTRACE_EXCEPTION_CAUGHT(ce->name);
+		DTRACE_EXCEPTION_CAUGHT((char *)ce->name);
 	}
 #endif /* HAVE_DTRACE */
 

Zend/zend_vm_execute.h

@@ -7121,7 +7121,7 @@ static int ZEND_FASTCALL  ZEND_CATCH_SPEC_CONST_CV_HANDLER(ZEND_OPCODE_HANDLER_A
 
 #ifdef HAVE_DTRACE
 	if (DTRACE_EXCEPTION_CAUGHT_ENABLED()) {
-		DTRACE_EXCEPTION_CAUGHT(ce->name);
+		DTRACE_EXCEPTION_CAUGHT((char *)ce->name);
 	}
 #endif /* HAVE_DTRACE */
 

acinclude.m4

@@ -2925,17 +2925,17 @@ dnl providerdesc
 dnl header-file
   ac_hdrobj=$2
 
-dnl Add providerdesc.o into global objects when needed
+dnl Add providerdesc.o or .lo into global objects when needed
   case $host_alias in
   *freebsd*)
     PHP_GLOBAL_OBJS="[$]PHP_GLOBAL_OBJS [$]ac_bdir[$]ac_provsrc.o"
     PHP_LDFLAGS="$PHP_LDFLAGS -lelf"
     ;;
   *solaris*)
-    PHP_GLOBAL_OBJS="[$]PHP_GLOBAL_OBJS [$]ac_bdir[$]ac_provsrc.o"
+    PHP_GLOBAL_OBJS="[$]PHP_GLOBAL_OBJS [$]ac_bdir[$]ac_provsrc.lo"
     ;;
   *linux*)
-    PHP_GLOBAL_OBJS="[$]PHP_GLOBAL_OBJS [$]ac_bdir[$]ac_provsrc.o"
+    PHP_GLOBAL_OBJS="[$]PHP_GLOBAL_OBJS [$]ac_bdir[$]ac_provsrc.lo"
     ;;
   esac
 
@@ -2969,12 +2969,46 @@ dnl in GNU Make which causes the .d file to be overwritten (Bug 61268)
 $abs_srcdir/$ac_provsrc:;
 
 $ac_bdir[$]ac_hdrobj: $abs_srcdir/$ac_provsrc
-	CFLAGS="\$(CFLAGS_CLEAN)" dtrace -h -C -s $ac_srcdir[$]ac_provsrc -o \$[]@.bak && \$(SED) 's,PHP_,DTRACE_,g' \$[]@.bak > \$[]@
+	CFLAGS="\$(CFLAGS_CLEAN)" dtrace -h -C -s $ac_srcdir[$]ac_provsrc -o \$[]@.bak && \$(SED) -e 's,PHP_,DTRACE_,g' \$[]@.bak > \$[]@
 
 \$(PHP_DTRACE_OBJS): $ac_bdir[$]ac_hdrobj
 
+EOF
+
+  case $host_alias in
+  *solaris*|*linux*)
+    dtrace_prov_name="`echo $ac_provsrc | $SED -e 's#\(.*\)\/##'`.o"
+    dtrace_lib_dir="`echo $ac_bdir[$]ac_provsrc | $SED -e 's#\(.*\)/[^/]*#\1#'`/.libs"
+    dtrace_d_obj="`echo $ac_bdir[$]ac_provsrc | $SED -e 's#\(.*\)/\([^/]*\)#\1/.libs/\2#'`.o"
+    dtrace_nolib_objs='$(PHP_DTRACE_OBJS:.lo=.o)'
+    for ac_lo in $PHP_DTRACE_OBJS; do
+      dtrace_lib_objs="[$]dtrace_lib_objs `echo $ac_lo | $SED -e 's,\.lo$,.o,' -e 's#\(.*\)\/#\1\/.libs\/#'`"
+    done;
+dnl Always attempt to create both PIC and non-PIC DTrace objects (Bug 63692)
+    cat>>Makefile.objects<<EOF
+$ac_bdir[$]ac_provsrc.lo: \$(PHP_DTRACE_OBJS)
+	echo "[#] Generated by Makefile for libtool" > \$[]@
+	@test -d "$dtrace_lib_dir" || mkdir $dtrace_lib_dir
+	if CFLAGS="\$(CFLAGS_CLEAN)" dtrace -G -o $dtrace_d_obj -s $abs_srcdir/$ac_provsrc $dtrace_lib_objs 2> /dev/null && test -f "$dtrace_d_obj"; then [\\]
+	  echo "pic_object=['].libs/$dtrace_prov_name[']" >> \$[]@ [;\\]
+	else [\\]
+	  echo "pic_object='none'" >> \$[]@ [;\\]
+	fi
+	if CFLAGS="\$(CFLAGS_CLEAN)" dtrace -G -o $ac_bdir[$]ac_provsrc.o -s $abs_srcdir/$ac_provsrc $dtrace_nolib_objs 2> /dev/null && test -f "$ac_bdir[$]ac_provsrc.o"; then [\\]
+	  echo "non_pic_object=[']$dtrace_prov_name[']" >> \$[]@ [;\\]
+	else [\\]
+	  echo "non_pic_object='none'" >> \$[]@ [;\\]
+	fi
+
+EOF
+
+    ;;
+  *)
+cat>>Makefile.objects<<EOF
 $ac_bdir[$]ac_provsrc.o: \$(PHP_DTRACE_OBJS)
 	CFLAGS="\$(CFLAGS_CLEAN)" dtrace -G -o \$[]@ -s $abs_srcdir/$ac_provsrc $dtrace_objs
 
 EOF
+    ;;
+  esac
 ])

ext/date/php_date.c

@@ -1041,7 +1041,7 @@ char *php_date_short_day_name(timelib_sll y, timelib_sll m, timelib_sll d)
 static char *date_format(char *format, int format_len, timelib_time *t, int localtime)
 {
 	smart_str            string = {0};
-	int                  i, length;
+	int                  i, length = 0;
 	char                 buffer[97];
 	timelib_time_offset *offset = NULL;
 	timelib_sll          isoweek, isoyear;
@@ -2538,8 +2538,8 @@ PHPAPI int php_date_initialize(php_date_obj *dateobj, /*const*/ char *time_str,
 	timelib_time   *now;
 	timelib_tzinfo *tzi = NULL;
 	timelib_error_container *err = NULL;
-	int type = TIMELIB_ZONETYPE_ID, new_dst;
-	char *new_abbr;
+	int type = TIMELIB_ZONETYPE_ID, new_dst = 0;
+	char *new_abbr = NULL;
 	timelib_sll     new_offset;
 
 	if (dateobj->time) {

ext/dom/document.c

@@ -1973,14 +1973,15 @@ static void _dom_document_schema_validate(INTERNAL_FUNCTION_PARAMETERS, int type
 	xmlDoc *docp;
 	dom_object *intern;
 	char *source = NULL, *valid_file = NULL;
-	int source_len = 0;
+	int source_len = 0, valid_opts = 0;
+	long flags = 0;
 	xmlSchemaParserCtxtPtr  parser;
 	xmlSchemaPtr            sptr;
 	xmlSchemaValidCtxtPtr   vptr;
 	int                     is_valid;
 	char resolved_path[MAXPATHLEN + 1];
 
-	if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op", &id, dom_document_class_entry, &source, &source_len) == FAILURE) {
+	if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Op|l", &id, dom_document_class_entry, &source, &source_len, &flags) == FAILURE) {
 		return;
 	}
 
@@ -2029,6 +2030,13 @@ static void _dom_document_schema_validate(INTERNAL_FUNCTION_PARAMETERS, int type
 		RETURN_FALSE;
 	}
 
+#if LIBXML_VERSION >= 20614
+	if (flags & XML_SCHEMA_VAL_VC_I_CREATE) {
+		valid_opts |= XML_SCHEMA_VAL_VC_I_CREATE;
+	}
+#endif
+
+	xmlSchemaSetValidOptions(vptr, valid_opts);
 	xmlSchemaSetValidErrors(vptr, php_libxml_error_handler, php_libxml_error_handler, vptr);
 	is_valid = xmlSchemaValidateDoc(vptr, docp);
 	xmlSchemaFree(sptr);
@@ -2042,14 +2050,14 @@ static void _dom_document_schema_validate(INTERNAL_FUNCTION_PARAMETERS, int type
 }
 /* }}} */
 
-/* {{{ proto boolean dom_document_schema_validate_file(string filename); */
+/* {{{ proto boolean dom_document_schema_validate_file(string filename, int flags); */
 PHP_FUNCTION(dom_document_schema_validate_file)
 {
 	_dom_document_schema_validate(INTERNAL_FUNCTION_PARAM_PASSTHRU, DOM_LOAD_FILE);
 }
 /* }}} end dom_document_schema_validate_file */
 
-/* {{{ proto boolean dom_document_schema_validate(string source); */
+/* {{{ proto boolean dom_document_schema_validate(string source, int flags); */
 PHP_FUNCTION(dom_document_schema_validate_xml)
 {
 	_dom_document_schema_validate(INTERNAL_FUNCTION_PARAM_PASSTHRU, DOM_LOAD_STRING);

ext/dom/tests/DOMDocument_loadXML_basic.phpt

@@ -0,0 +1,21 @@
+--TEST--
+Test DOMDocument::loadXML() basic behavior
+--DESCRIPTION--
+This test verifies the basic behaviour of the method
+Environment variables used in the test:
+- XML_FILE: the xml file to load
+- LOAD_OPTIONS: the second parameter to pass to the method
+- EXPECTED_RESULT: the expected result
+--CREDITS--
+Antonio Diaz Ruiz <dejalatele@gmail.com>
+--INI--
+assert.bail=true
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--ENV--
+XML_FILE=/book.xml
+LOAD_OPTIONS=0
+EXPECTED_RESULT=1
+--FILE_EXTERNAL--
+domdocumentloadxml_test_method.php
+--EXPECT--

ext/dom/tests/DOMDocument_loadXML_error1.phpt

@@ -0,0 +1,26 @@
+--TEST--
+Test DOMDocument::loadXML() detects not-well formed XML 
+--DESCRIPTION--
+This test verifies the method detects an opening and ending tag mismatch 
+Environment variables used in the test:
+- XML_FILE: the xml file to load
+- LOAD_OPTIONS: the second parameter to pass to the method
+- EXPECTED_RESULT: the expected result
+--CREDITS--
+Antonio Diaz Ruiz <dejalatele@gmail.com>
+--INI--
+assert.bail=true
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--ENV--
+XML_FILE=/not_well_formed.xml
+LOAD_OPTIONS=0
+EXPECTED_RESULT=0
+--FILE_EXTERNAL--
+domdocumentloadxml_test_method.php
+--EXPECTF--
+Warning: DOMDocument::load%r(XML){0,1}%r(): Opening and ending tag mismatch: title line 5 and book %s
+
+Warning: DOMDocument::load%r(XML){0,1}%r(): expected '>' %s
+
+Warning: DOMDocument::load%r(XML){0,1}%r(): Premature end of data in tag books %s