diff options
| -rw-r--r-- | 11.patch | 35 | ||||
| -rw-r--r-- | 13.patch | 22 | ||||
| -rw-r--r-- | php-pecl-rnp.spec | 52 |
3 files changed, 77 insertions, 32 deletions
diff --git a/11.patch b/11.patch new file mode 100644 index 0000000..d5a4e79 --- /dev/null +++ b/11.patch @@ -0,0 +1,35 @@ +From f32b3b4c0a77096d256b4635b7183fb6dc53461b Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Thu, 31 Jul 2025 10:09:23 +0200 +Subject: [PATCH] check input length for librnp 0.18 + +--- + rnp.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/rnp.c b/rnp.c +index 0a41e03..632925b 100644 +--- a/rnp.c ++++ b/rnp.c +@@ -330,6 +330,10 @@ PHP_FUNCTION(rnp_dump_packets) + Z_PARAM_LONG(flags) + ZEND_PARSE_PARAMETERS_END(); + ++ if (!ZSTR_LEN(input)) { ++ RETURN_FALSE; ++ } ++ + ret = rnp_input_from_memory(&mem_input, (uint8_t *)ZSTR_VAL(input), ZSTR_LEN(input), false); + + if (ret != RNP_SUCCESS) { +@@ -1938,6 +1942,10 @@ PHP_FUNCTION(rnp_import_keys) + Z_PARAM_LONG(flags) + ZEND_PARSE_PARAMETERS_END(); + ++ if (!ZSTR_LEN(input)) { ++ RETURN_FALSE; ++ } ++ + pffi = Z_FFI_P(zffi); + + ret = rnp_input_from_memory(&mem_input, (uint8_t *)ZSTR_VAL(input), ZSTR_LEN(input), false); diff --git a/13.patch b/13.patch new file mode 100644 index 0000000..6f94de7 --- /dev/null +++ b/13.patch @@ -0,0 +1,22 @@ +From 570e2f865370a74cbffa95d2bbe1a440b60413fe Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Thu, 31 Jul 2025 10:24:18 +0200 +Subject: [PATCH] Fix #12 segfault in php_rnp_password_callback + +--- + rnp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/rnp.c b/rnp.c +index 0a41e03..28c4ccc 100644 +--- a/rnp.c ++++ b/rnp.c +@@ -592,7 +592,7 @@ static bool php_rnp_password_callback(rnp_ffi_t ffi, + } + + ZVAL_NULL(&retval); +- ZVAL_STRINGL(&passwordval, buf, buf_len); ++ ZVAL_EMPTY_STRING(&passwordval); + + if (key) { + ret = rnp_key_get_fprint(key, &key_fp); diff --git a/php-pecl-rnp.spec b/php-pecl-rnp.spec index fce6fee..b85bf72 100644 --- a/php-pecl-rnp.spec +++ b/php-pecl-rnp.spec @@ -1,18 +1,13 @@ # remirepo spec file for php-pecl-rnp # -# Copyright (c) 2022-2023 Remi Collet -# License: CC-BY-SA-4.0 -# http://creativecommons.org/licenses/by-sa/4.0/ +# SPDX-FileCopyrightText: Copyright 2022-2025 Remi Collet +# SPDX-License-Identifier: CECILL-2.1 +# http://www.cecill.info/licences/Licence_CeCILL_V2-en.txt # # Please, preserve the changelog entries # -# we don't want -z defs linker flag -%undefine _strict_symbol_defs_build - -%if 0%{?scl:1} -%scl_package php-pecl-rnp -%endif +%{?scl:%scl_package php-pecl-rnp} %bcond_without tests %global with_zts 0%{!?_without_zts:%{?__ztsphp:1}} @@ -27,12 +22,15 @@ Summary: wrapper around the RNP library Name: %{?scl_prefix}php-pecl-%{pecl_name} Version: %{upstream_version}%{?upstream_prever:~%{upstream_prever}} -Release: 3%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}} +Release: 4%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}} License: BSD-2-Clause URL: https://pecl.php.net/package/%{pecl_name} Source0: https://pecl.php.net/get/%{pecl_name}-%{upstream_version}%{?upstream_prever}.tgz +Patch0: 11.patch +Patch1: 13.patch + BuildRequires: make BuildRequires: %{?dtsprefix}gcc BuildRequires: %{?scl_prefix}php-devel >= 8.0 @@ -58,10 +56,13 @@ Package built for PHP %(%{__php} -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSIO %setup -qc # Don't install/register tests sed -e 's/role="test"/role="src"/' \ - %{?_licensedir:-e '/LICENSE/s/role="doc"/role="src"/' } \ + -e '/LICENSE/s/role="doc"/role="src"/' \ -i package.xml pushd %{sources} +%patch -P0 -p1 +%patch -P1 -p1 + # Check version as upstream often forget to update this extver=$(sed -n '/define PHP_RNP_VERSION/{s/.* "//;s/".*$//;p}' php_rnp.h) if test "x${extver}" != "x%{upstream_version}%{?upstream_prever}%{?gh_date:-dev}"; then @@ -149,28 +150,8 @@ TEST_PHP_ARGS="-n -d extension=%{buildroot}%{php_extdir}/%{pecl_name}.so" \ %endif -%if 0%{?fedora} < 24 && 0%{?rhel} < 8 -# when pear installed alone, after us -%triggerin -- %{?scl_prefix}php-pear -if [ -x %{__pecl} ] ; then - %{pecl_install} %{pecl_xmldir}/%{name}.xml >/dev/null || : -fi - -# posttrans as pear can be installed after us -%posttrans -if [ -x %{__pecl} ] ; then - %{pecl_install} %{pecl_xmldir}/%{name}.xml >/dev/null || : -fi - -%postun -if [ $1 -eq 0 -a -x %{__pecl} ] ; then - %{pecl_uninstall} %{pecl_name} >/dev/null || : -fi -%endif - - %files -%{?_licensedir:%license %{sources}/LICENSE} +%license %{sources}/LICENSE %doc %{pecl_docdir}/%{pecl_name} %{pecl_xmldir}/%{name}.xml @@ -184,6 +165,13 @@ fi %changelog +* Thu Jul 31 2025 Remi Collet <remi@remirepo.net> - 0.2.0-4 +- fix behavior change with librnp 0.18 using patch from + https://github.com/rnpgp/php-rnp/pull/11 +- fix segfault in php_rnp_password_callback using patch from + https://github.com/rnpgp/php-rnp/pull/13 +- re-license spec file to CECILL-2.1 + * Wed Aug 30 2023 Remi Collet <remi@remirepo.net> - 0.2.0-3 - rebuild for PHP 8.3.0RC1 |