Merge branch 'PHP-5.5-security' into PHP-5.5.24

smalyshev · smalyshev · commit 9bbd995679cf · 2015-04-12T20:12:38.000-07:00
* PHP-5.5-security: (22 commits)
  Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
  Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
  Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
  updated NEWS
  added test for bug #69354
  revert skipif, this should run everywhere
  further ODBC 3.0 compliance
  more compliance with the ODBC 3.0
  test fixes
  Prevent GC from changing zval or object 'color' before they are actually inserted into possible roots buffer.
  sigh, can't even copypaste without screwing up
  oop, put both the error number and message for both db object to the error message
  test fixes
  Fixed bug #69281 (opcache_is_script_cached no longer works)
  Fix typo: unitialized -&gt; uninitialized
  Fix typo: unitialized -&gt; uninitialized
  Fixed bug #68739 (Missing break / control flow). Fixed bug #68740 (NULL Pointer Dereference). Fixed bug #68677 (Use After Free).
  Fixed bug #68739 (Missing break / control flow in curl)
  Fixed bug #68740 (NULL Pointer Dereference)
  Fixed bug #68677 (Use After Free in OPcache)
  ...

Conflicts:
	configure.in
	ext/curl/tests/bug69316.phpt
	main/php_version.h
diff --git a/Zend/tests/bug43201.phpt b/Zend/tests/bug43201.phpt
@@ -1,5 +1,5 @@
 --TEST--
-Bug #43201 (Crash on using unitialized vals and __get/__set)
+Bug #43201 (Crash on using uninitialized vals and __get/__set)
 --FILE--
 <?php
 class Foo {
diff --git a/Zend/zend_gc.c b/Zend/zend_gc.c
@@ -147,8 +147,6 @@ ZEND_API void gc_zval_possible_root(zval *zv TSRMLS_DC)
 	GC_BENCH_INC(zval_possible_root);
 
 	if (GC_ZVAL_GET_COLOR(zv) != GC_PURPLE) {
-		GC_ZVAL_SET_PURPLE(zv);
-
 		if (!GC_ZVAL_ADDRESS(zv)) {
 			gc_root_buffer *newRoot = GC_G(unused);
 
@@ -159,7 +157,6 @@ ZEND_API void gc_zval_possible_root(zval *zv TSRMLS_DC)
 				GC_G(first_unused)++;
 			} else {
 				if (!GC_G(gc_enabled)) {
-					GC_ZVAL_SET_BLACK(zv);
 					return;
 				}
 				zv->refcount__gc++;
@@ -169,10 +166,10 @@ ZEND_API void gc_zval_possible_root(zval *zv TSRMLS_DC)
 				if (!newRoot) {
 					return;
 				}
-				GC_ZVAL_SET_PURPLE(zv);
 				GC_G(unused) = newRoot->prev;
 			}
 
+			GC_ZVAL_SET_PURPLE(zv);
 			newRoot->next = GC_G(roots).next;
 			newRoot->prev = &GC_G(roots);
 			GC_G(roots).next->prev = newRoot;
@@ -203,7 +200,6 @@ ZEND_API void gc_zobj_possible_root(zval *zv TSRMLS_DC)
 
 	obj = &EG(objects_store).object_buckets[Z_OBJ_HANDLE_P(zv)].bucket.obj;
 	if (GC_GET_COLOR(obj->buffered) != GC_PURPLE) {
-		GC_SET_PURPLE(obj->buffered);
 		if (!GC_ADDRESS(obj->buffered)) {
 			gc_root_buffer *newRoot = GC_G(unused);
 
@@ -214,7 +210,6 @@ ZEND_API void gc_zobj_possible_root(zval *zv TSRMLS_DC)
 				GC_G(first_unused)++;
 			} else {
 				if (!GC_G(gc_enabled)) {
-					GC_ZVAL_SET_BLACK(zv);
 					return;
 				}
 				zv->refcount__gc++;
@@ -225,10 +220,10 @@ ZEND_API void gc_zobj_possible_root(zval *zv TSRMLS_DC)
 					return;
 				}
 				obj = &EG(objects_store).object_buckets[Z_OBJ_HANDLE_P(zv)].bucket.obj;
-				GC_SET_PURPLE(obj->buffered);
 				GC_G(unused) = newRoot->prev;
 			}
 
+			GC_SET_PURPLE(obj->buffered);
 			newRoot->next = GC_G(roots).next;
 			newRoot->prev = &GC_G(roots);
 			GC_G(roots).next->prev = newRoot;
diff --git a/ext/curl/interface.c b/ext/curl/interface.c
@@ -1420,6 +1420,7 @@ static int curl_fnmatch(void *ctx, const char *pattern, const char *string)
 			if (error == FAILURE) {
 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot call the CURLOPT_FNMATCH_FUNCTION");
 			} else if (retval_ptr) {
+				_php_curl_verify_handlers(ch, 1 TSRMLS_CC);
 				if (Z_TYPE_P(retval_ptr) != IS_LONG) {
 					convert_to_long_ex(&retval_ptr);
 				}
@@ -2855,6 +2856,7 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue TSRMLS_DC)
 					curl_easy_setopt(ch->cp, CURLOPT_SHARE, sh->share);
 				}
 			}
+			break;
 
 #if LIBCURL_VERSION_NUM >= 0x071500 /* Available since 7.21.0 */
 		case CURLOPT_FNMATCH_FUNCTION:
diff --git a/ext/curl/tests/bug69316.phpt b/ext/curl/tests/bug69316.phpt
@@ -1,10 +1,7 @@
 --TEST--
 Bug #69316: Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER
 --SKIPIF--
-<?php 
-if (!extension_loaded("curl")) exit("skip curl extension not loaded");
-if (false === getenv('PHP_CURL_HTTP_REMOTE_SERVER'))  exit("skip PHP_CURL_HTTP_REMOTE_SERVER env variable is not defined");
-?>
+<?php include 'skipif.inc'; ?>
 --FILE--
 <?php
   function hdr_callback($ch, $data) {
@@ -18,8 +15,9 @@ if (false === getenv('PHP_CURL_HTTP_REMOTE_SERVER'))  exit("skip PHP_CURL_HTTP_R
       }
       return strlen($data);
   }
-  $host = getenv('PHP_CURL_HTTP_REMOTE_SERVER');
-  
+
+  include 'server.inc';
+  $host = curl_cli_server_start();
   $temp_file = dirname(__FILE__) . '/body.tmp';
   $url = "{$host}/get.php?test=getpost";
   $ch = curl_init();
diff --git a/ext/exif/tests/bug68799.phpt b/ext/exif/tests/bug68799.phpt
@@ -1,5 +1,5 @@
 --TEST--
-Bug #68799 (Free called on unitialized pointer)
+Bug #68799 (Free called on uninitialized pointer)
 --SKIPIF--
 <?php if (!extension_loaded('exif')) print 'skip exif extension not available';?>
 --FILE--
diff --git a/ext/mysqli/tests/mysqli_fetch_field_flags.phpt b/ext/mysqli/tests/mysqli_fetch_field_flags.phpt
@@ -199,7 +199,6 @@ mysqli_close($link);
 	if (!mysqli_query($link, 'DROP TABLE IF EXISTS test')) {
 		printf("[008] %s [%d] %s\n", $column_def,
 			mysqli_errno($link), mysqli_error($link));
-		continue;
 	}
 
 	$column_def = array('col1 CHAR(1)', 'col2 CHAR(2)','INDEX idx_col1_col2(col1, col2)');
@@ -220,7 +219,6 @@ mysqli_close($link);
 		while ($field = mysqli_fetch_field($res)) {
 			if (!isset($expected_flags[$field->name])) {
 				printf("[010] Found unexpected field '%s'\n", $field->name);
-				continue;
 			}
 			list($missing_flags, $unexpected_flags, $flags_found) = checkFlags($field->flags, $expected_flags[$field->name], $flags);
 			if ($unexpected_flags)
diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c
@@ -960,9 +960,9 @@ int odbc_bindcols(odbc_result *result TSRMLS_DC)
 		charextraalloc = 0;
 		colfieldid = SQL_COLUMN_DISPLAY_SIZE;
 
-		rc = SQLColAttributes(result->stmt, (SQLUSMALLINT)(i+1), SQL_COLUMN_NAME, 
+		rc = PHP_ODBC_SQLCOLATTRIBUTE(result->stmt, (SQLUSMALLINT)(i+1), PHP_ODBC_DESC_BASE_COLUMN_NAME,
 				result->values[i].name, sizeof(result->values[i].name), &colnamelen, 0);
-		rc = SQLColAttributes(result->stmt, (SQLUSMALLINT)(i+1), SQL_COLUMN_TYPE, 
+		rc = PHP_ODBC_SQLCOLATTRIBUTE(result->stmt, (SQLUSMALLINT)(i+1), SQL_COLUMN_TYPE, 
 				NULL, 0, NULL, &result->values[i].coltype);
 		
 		/* Don't bind LONG / BINARY columns, so that fetch behaviour can
@@ -997,7 +997,7 @@ int odbc_bindcols(odbc_result *result TSRMLS_DC)
 				charextraalloc = 1;
 #endif
 			default:
-				rc = SQLColAttributes(result->stmt, (SQLUSMALLINT)(i+1), colfieldid,
+				rc = PHP_ODBC_SQLCOLATTRIBUTE(result->stmt, (SQLUSMALLINT)(i+1), colfieldid,
 								NULL, 0, NULL, &displaysize);
 				/* Workaround for Oracle ODBC Driver bug (#50162) when fetching TIMESTAMP column */
 				if (result->values[i].coltype == SQL_TIMESTAMP) {
@@ -1091,7 +1091,7 @@ void odbc_column_lengths(INTERNAL_FUNCTION_PARAMETERS, int type)
 		RETURN_FALSE;
 	}
 
-	SQLColAttributes(result->stmt, (SQLUSMALLINT)pv_num, (SQLUSMALLINT) (type?SQL_COLUMN_SCALE:SQL_COLUMN_PRECISION), NULL, 0, NULL, &len);
+	PHP_ODBC_SQLCOLATTRIBUTE(result->stmt, (SQLUSMALLINT)pv_num, (SQLUSMALLINT) (type?SQL_COLUMN_SCALE:SQL_COLUMN_PRECISION), NULL, 0, NULL, &len);
 
 	RETURN_LONG(len);
 }
@@ -2135,7 +2135,7 @@ PHP_FUNCTION(odbc_result)
 				   fieldsize = result->longreadlen;
 				}
 			} else {
-			   SQLColAttributes(result->stmt, (SQLUSMALLINT)(field_ind + 1), 
+			   PHP_ODBC_SQLCOLATTRIBUTE(result->stmt, (SQLUSMALLINT)(field_ind + 1), 
 					   			(SQLUSMALLINT)((sql_c_type == SQL_C_BINARY) ? SQL_COLUMN_LENGTH :
 					   			SQL_COLUMN_DISPLAY_SIZE),
 					   			NULL, 0, NULL, &fieldsize);
@@ -2871,7 +2871,7 @@ PHP_FUNCTION(odbc_field_type)
 		RETURN_FALSE;
 	}
 
-	SQLColAttributes(result->stmt, (SQLUSMALLINT)pv_num, SQL_COLUMN_TYPE_NAME, tmp, 31, &tmplen, NULL);
+	PHP_ODBC_SQLCOLATTRIBUTE(result->stmt, (SQLUSMALLINT)pv_num, SQL_COLUMN_TYPE_NAME, tmp, 31, &tmplen, NULL);
 	RETURN_STRING(tmp,1)
 }
 /* }}} */
diff --git a/ext/odbc/php_odbc_includes.h b/ext/odbc/php_odbc_includes.h
@@ -281,8 +281,16 @@ void odbc_sql_error(ODBC_SQL_ERROR_PARAMS);
 
 #if defined(ODBCVER) && (ODBCVER >= 0x0300)
 #define IS_SQL_LONG(x) (x == SQL_LONGVARBINARY || x == SQL_LONGVARCHAR || x == SQL_WLONGVARCHAR)
+
+#define PHP_ODBC_SQLCOLATTRIBUTE SQLColAttribute
+
+#define PHP_ODBC_DESC_BASE_COLUMN_NAME SQL_DESC_BASE_COLUMN_NAME
 #else
 #define IS_SQL_LONG(x) (x == SQL_LONGVARBINARY || x == SQL_LONGVARCHAR)
+
+#define PHP_ODBC_SQLCOLATTRIBUTE SQLColAttributes
+
+#define PHP_ODBC_DESC_BASE_COLUMN_NAME SQL_COLUMN_NAME
 #endif
 #define IS_SQL_BINARY(x) (x == SQL_BINARY || x == SQL_VARBINARY || x == SQL_LONGVARBINARY)
 
diff --git a/ext/odbc/tests/bug60616.phpt b/ext/odbc/tests/bug60616.phpt
@@ -2,6 +2,11 @@
 odbc_exec(): Getting accurate unicode data from query
 --SKIPIF--
 <?php include 'skipif.inc'; ?>
+<?php 
+	if ("unixODBC" != ODBC_TYPE) {
+		die("skip ODBC_TYPE != unixODBC");
+	}
+?>
 --FILE--
 <?php
 
diff --git a/ext/odbc/tests/bug69354.phpt b/ext/odbc/tests/bug69354.phpt
@@ -0,0 +1,43 @@
+--TEST--
+Bug #69354 Incorrect use of SQLColAttributes with ODBC 3.0
+--SKIPIF--
+<?php include 'skipif.inc'; ?>
+--FILE--
+<?php
+
+include 'config.inc';
+
+$conn = odbc_connect($dsn, $user, $pass);
+
+@odbc_exec($conn, 'CREATE DATABASE odbcTEST');
+
+odbc_exec($conn, 'CREATE TABLE FOO (ID INT, VARCHAR_COL VARCHAR(100))');
+
+odbc_exec($conn, "INSERT INTO FOO(ID, VARCHAR_COL) VALUES (1, '" . str_repeat("a", 100) . "')");
+
+$res = odbc_exec($conn,"select VARCHAR_COL from FOO");
+if ($res) {
+	if (odbc_fetch_row($res)) {
+		$ret = odbc_result($res,'varchar_col');
+		echo strlen($ret), "\n";
+		echo $ret[0], "\n";
+		echo $ret[strlen($ret)-1], "\n";
+	}
+}
+?>
+==DONE==
+--EXPECT--
+100
+a
+a
+==DONE==
+--CLEAN--
+<?php
+include 'config.inc';
+
+$conn = odbc_connect($dsn, $user, $pass);
+
+odbc_exec($conn, 'DROP TABLE FOO');
+odbc_exec($conn, 'DROP DATABASE odbcTEST');
+
+?>
diff --git a/ext/odbc/tests/odbc_exec_001.phpt b/ext/odbc/tests/odbc_exec_001.phpt
@@ -2,6 +2,11 @@
 odbc_exec(): Basic test
 --SKIPIF--
 <?php include 'skipif.inc'; ?>
+<?php 
+	if ("unixODBC" != ODBC_TYPE) {
+		die("skip ODBC_TYPE != unixODBC");
+	}
+?>
 --FILE--
 <?php
 
diff --git a/ext/odbc/tests/odbc_free_result_001.phpt b/ext/odbc/tests/odbc_free_result_001.phpt
@@ -11,7 +11,7 @@ $conn = odbc_connect($dsn, $user, $pass);
 
 odbc_exec($conn, 'CREATE DATABASE odbcTEST');
 
-odbc_exec($conn, 'CREATE TABLE FOO (TEST INT)');
+odbc_exec($conn, 'CREATE TABLE FOO (TEST INT NOT NULL)');
 odbc_exec($conn, 'ALTER TABLE FOO ADD PRIMARY KEY (TEST)');
 
 odbc_exec($conn, 'INSERT INTO FOO VALUES (1)');
diff --git a/ext/opcache/tests/bug69281.phpt b/ext/opcache/tests/bug69281.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Test that script cached info is correct with validate_timestamps disabled
+--INI--
+opcache.enable=1
+opcache.enable_cli=1
+opcache.file_update_protection=0
+opcache.validate_timestamps=0
+--SKIPIF--
+<?php require_once('skipif.inc'); ?>
+--FILE--
+<?php
+var_dump(opcache_is_script_cached(__FILE__));
+var_dump(opcache_is_script_cached("nonexistent.php"));
+?>
+--EXPECT--
+bool(true)
+bool(false)
diff --git a/ext/opcache/tests/is_script_cached.phpt b/ext/opcache/tests/is_script_cached.phpt
@@ -4,6 +4,7 @@ Test that script cached info is correct
 opcache.enable=1
 opcache.enable_cli=1
 opcache.file_update_protection=0
+opcache.validate_timestamps=1
 --SKIPIF--
 <?php require_once('skipif.inc'); ?>
 --FILE--
diff --git a/ext/opcache/zend_accelerator_module.c b/ext/opcache/zend_accelerator_module.c
@@ -320,14 +320,16 @@ static int filename_is_in_cache(char *filename, int filename_len TSRMLS_DC)
 		persistent_script = zend_accel_hash_find(&ZCSG(hash), filename, filename_len + 1);
 		if (persistent_script) {
 			return !persistent_script->corrupted &&
-				validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS;
+				(!ZCG(accel_directives).validate_timestamps ||
+				validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS);
 		}
 	}
 
 	if ((key = accel_make_persistent_key_ex(&handle, filename_len, &key_length TSRMLS_CC)) != NULL) {
 		persistent_script = zend_accel_hash_find(&ZCSG(hash), key, key_length + 1);
 		return persistent_script && !persistent_script->corrupted &&
-			validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS;
+			(!ZCG(accel_directives).validate_timestamps ||
+			validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS);
 	}
 
 	return 0;
diff --git a/ext/opcache/zend_shared_alloc.c b/ext/opcache/zend_shared_alloc.c
@@ -346,10 +346,10 @@ void *_zend_shared_memdup(void *source, size_t size, zend_bool free_source TSRML
 	retval = ZCG(mem);;
 	ZCG(mem) = (void*)(((char*)ZCG(mem)) + ZEND_ALIGNED_SIZE(size));
 	memcpy(retval, source, size);
+	zend_shared_alloc_register_xlat_entry(source, retval);
 	if (free_source) {
 		interned_efree((char*)source);
 	}
-	zend_shared_alloc_register_xlat_entry(source, retval);
 	return retval;
 }
 
diff --git a/ext/pcre/pcrelib/pcre_exec.c b/ext/pcre/pcrelib/pcre_exec.c
@@ -688,7 +688,7 @@ the alternative names that are used. */
 #define foc           number
 #define save_mark     data
 
-/* These statements are here to stop the compiler complaining about unitialized
+/* These statements are here to stop the compiler complaining about uninitialized
 variables. */
 
 #ifdef SUPPORT_UCP
diff --git a/ext/pdo_mysql/tests/pdo_mysql_pconnect.phpt b/ext/pdo_mysql/tests/pdo_mysql_pconnect.phpt
@@ -85,10 +85,12 @@ MySQLPDOTest::skip();
 
 
 	} catch (PDOException $e) {
-		printf("[001] %s, [%s] %s\n",
+		printf("[001] %s, [%s] %s [%s] %s\n",
 			$e->getMessage(),
-			(is_object($db)) ? $db->errorCode() : 'n/a',
-			(is_object($db)) ? implode(' ', $db->errorInfo()) : 'n/a');
+			(is_object($db1)) ? $db1->errorCode() : 'n/a',
+			(is_object($db1)) ? implode(' ', $db1->errorInfo()) : 'n/a',
+			(is_object($db2)) ? $db2->errorCode() : 'n/a',
+			(is_object($db2)) ? implode(' ', $db2->errorInfo()) : 'n/a');
 	}
 
 	print "done!";
diff --git a/ext/xmlwriter/php_xmlwriter.c b/ext/xmlwriter/php_xmlwriter.c
@@ -113,7 +113,7 @@ static void xmlwriter_free_resource_ptr(xmlwriter_object *intern TSRMLS_DC)
 		ze_xmlwriter_object *obj = (ze_xmlwriter_object*) zend_object_store_get_object(object TSRMLS_CC); \
 		intern = obj->xmlwriter_ptr; \
 		if (!intern) { \
-			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or unitialized XMLWriter object"); \
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or uninitialized XMLWriter object"); \
 			RETURN_FALSE; \
 		} \
 	}
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
@@ -417,7 +417,7 @@ static int php_zip_parse_options(zval *options, long *remove_all_path,
 		ze_zip_object *obj = (ze_zip_object*) zend_object_store_get_object(object TSRMLS_CC); \
 		intern = obj->za; \
 		if (!intern) { \
-			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or unitialized Zip object"); \
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or uninitialized Zip object"); \
 			RETURN_FALSE; \
 		} \
 	}

Original file line number	Diff line number	Diff line change
`@@ -1420,6 +1420,7 @@ static int curl_fnmatch(void ctx, const char pattern, const char *string)`
`1420`	`1420`	`if (error == FAILURE) {`
`1421`	`1421`	`php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot call the CURLOPT_FNMATCH_FUNCTION");`
`1422`	`1422`	`} else if (retval_ptr) {`
	`1423`	`+ _php_curl_verify_handlers(ch, 1 TSRMLS_CC);`
`1423`	`1424`	`if (Z_TYPE_P(retval_ptr) != IS_LONG) {`
`1424`	`1425`	`convert_to_long_ex(&retval_ptr);`
`1425`	`1426`	`}`
`@@ -2855,6 +2856,7 @@ static int _php_curl_setopt(php_curl ch, long option, zval *zvalue TSRMLS_DC)`
`2855`	`2856`	`curl_easy_setopt(ch->cp, CURLOPT_SHARE, sh->share);`
`2856`	`2857`	`}`
`2857`	`2858`	`}`
	`2859`	`+ break;`
`2858`	`2860`
`2859`	`2861`	`#if LIBCURL_VERSION_NUM >= 0x071500 /* Available since 7.21.0 */`
`2860`	`2862`	`case CURLOPT_FNMATCH_FUNCTION:`
Original file line number	Diff line number	Diff line change
`@@ -199,7 +199,6 @@ mysqli_close($link);`
`199`	`199`	`if (!mysqli_query($link, 'DROP TABLE IF EXISTS test')) {`
`200`	`200`	`printf("[008] %s [%d] %s\n", $column_def,`
`201`	`201`	`mysqli_errno($link), mysqli_error($link));`
`202`		`- continue;`
`203`	`202`	`}`
`204`	`203`
`205`	`204`	`$column_def = array('col1 CHAR(1)', 'col2 CHAR(2)','INDEX idx_col1_col2(col1, col2)');`
`@@ -220,7 +219,6 @@ mysqli_close($link);`
`220`	`219`	`while ($field = mysqli_fetch_field($res)) {`
`221`	`220`	`if (!isset($expected_flags[$field->name])) {`
`222`	`221`	`printf("[010] Found unexpected field '%s'\n", $field->name);`
`223`		`- continue;`
`224`	`222`	`}`
`225`	`223`	`list($missing_flags, $unexpected_flags, $flags_found) = checkFlags($field->flags, $expected_flags[$field->name], $flags);`
`226`	`224`	`if ($unexpected_flags)`
Original file line number	Diff line number	Diff line change
`@@ -320,14 +320,16 @@ static int filename_is_in_cache(char *filename, int filename_len TSRMLS_DC)`
`320`	`320`	`persistent_script = zend_accel_hash_find(&ZCSG(hash), filename, filename_len + 1);`
`321`	`321`	`if (persistent_script) {`
`322`	`322`	`return !persistent_script->corrupted &&`
`323`		`- validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS;`
	`323`	`+ (!ZCG(accel_directives).validate_timestamps \|\|`
	`324`	`+ validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS);`
`324`	`325`	`}`
`325`	`326`	`}`
`326`	`327`
`327`	`328`	`if ((key = accel_make_persistent_key_ex(&handle, filename_len, &key_length TSRMLS_CC)) != NULL) {`
`328`	`329`	`persistent_script = zend_accel_hash_find(&ZCSG(hash), key, key_length + 1);`
`329`	`330`	`return persistent_script && !persistent_script->corrupted &&`
`330`		`- validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS;`
	`331`	`+ (!ZCG(accel_directives).validate_timestamps \|\|`
	`332`	`+ validate_timestamp_and_record(persistent_script, &handle TSRMLS_CC) == SUCCESS);`
`331`	`333`	`}`
`332`	`334`
`333`	`335`	`return 0;`
Original file line number	Diff line number	Diff line change
`@@ -346,10 +346,10 @@ void _zend_shared_memdup(void source, size_t size, zend_bool free_source TSRML`
`346`	`346`	`retval = ZCG(mem);;`
`347`	`347`	`ZCG(mem) = (void)(((char)ZCG(mem)) + ZEND_ALIGNED_SIZE(size));`
`348`	`348`	`memcpy(retval, source, size);`
	`349`	`+ zend_shared_alloc_register_xlat_entry(source, retval);`
`349`	`350`	`if (free_source) {`
`350`	`351`	`interned_efree((char*)source);`
`351`	`352`	`}`
`352`		`- zend_shared_alloc_register_xlat_entry(source, retval);`
`353`	`353`	`return retval;`
`354`	`354`	`}`
`355`	`355`
Original file line number	Diff line number	Diff line change
`@@ -113,7 +113,7 @@ static void xmlwriter_free_resource_ptr(xmlwriter_object *intern TSRMLS_DC)`
`113`	`113`	`ze_xmlwriter_object obj = (ze_xmlwriter_object) zend_object_store_get_object(object TSRMLS_CC); \`
`114`	`114`	`intern = obj->xmlwriter_ptr; \`
`115`	`115`	`if (!intern) { \`
`116`		`- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or unitialized XMLWriter object"); \`
	`116`	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or uninitialized XMLWriter object"); \`
`117`	`117`	`RETURN_FALSE; \`
`118`	`118`	`} \`
`119`	`119`	`}`
Original file line number	Diff line number	Diff line change
`@@ -417,7 +417,7 @@ static int php_zip_parse_options(zval options, long remove_all_path,`
`417`	`417`	`ze_zip_object obj = (ze_zip_object) zend_object_store_get_object(object TSRMLS_CC); \`
`418`	`418`	`intern = obj->za; \`
`419`	`419`	`if (!intern) { \`
`420`		`- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or unitialized Zip object"); \`
	`420`	`+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid or uninitialized Zip object"); \`
`421`	`421`	`RETURN_FALSE; \`
`422`	`422`	`} \`
`423`	`423`	`}`