From a3c1ecaddd1f813e469059bca45a173185af3d6a Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Tue, 5 Sep 2023 09:43:08 +0200
Subject: add upstream patches for PHP 8.3

build out of sources tree
---
 php-snuffleupagus.spec | 50 +++++++++++++-------------
 upstream.patch         | 96 ++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 122 insertions(+), 24 deletions(-)

diff --git a/php-snuffleupagus.spec b/php-snuffleupagus.spec
index d2e82b7..cd9a69e 100644
--- a/php-snuffleupagus.spec
+++ b/php-snuffleupagus.spec
@@ -1,15 +1,12 @@
 # remirepo spec file for php-snuffleupagus
 #
 # Copyright (c) 2018-2023 Remi Collet
-# License: CC-BY-SA
+# License: CC-BY-SA-4.0
 # http://creativecommons.org/licenses/by-sa/4.0/
 #
 # Please, preserve the changelog entries
 #
 
-# we don't want -z defs linker flag
-%undefine _strict_symbol_defs_build
-
 %if 0%{?scl:1}
 %scl_package        php-snuffleupagus
 %else
@@ -26,9 +23,11 @@
 #global gh_date     20180117
 %global pecl_name   snuffleupagus
 # ZTS is not supported, test suite fails
-# https://github.com/nbs-system/snuffleupagus/issues/123
+# https://github.com/jvoisin/snuffleupagus/issues/123
 %global with_zts    0
 %global ini_name    40-%{pecl_name}.ini
+%global sources     src
+%global _configure  ../%{sources}/configure
 
 Summary:       Security module for PHP
 Name:          %{?scl_prefix}php-snuffleupagus
@@ -36,7 +35,7 @@ Version:       0.9.0
 %if 0%{?gh_date}
 Release:       1%{gh_date}.%{gh_short}%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}}
 %else
-Release:       2%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}}
+Release:       3%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}}
 %endif
 License:       LGPL-3.0-only
 Group:         Development/Languages
@@ -75,9 +74,9 @@ Package built for PHP %(%{__php} -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSIO
 
 %prep
 %setup -q -n %{gh_project}-%{gh_commit}
-%patch0 -p1
+%patch -P0 -p1
 
-cd src
+cd %{sources}
 # Sanity check, really often broken
 grep PHP_SNUFFLEUPAGUS_VERSION php_snuffleupagus.h
 # sed -e '/PHP_SNUFFLEUPAGUS_VERSION/s/0.9.0/0.8.0/' -i php_snuffleupagus.h
@@ -89,9 +88,9 @@ if test "x${extver}" != "x%{version}%{?gh_date:-dev}"; then
 fi
 cd ..
 
+mkdir NTS
 %if %{with_zts}
-# duplicate for ZTS build
-cp -pr src ZTS
+mkdir ZTS
 %endif
 
 # Drop in the bit of configuration
@@ -123,19 +122,20 @@ EOF
 %build
 %{?dtsenable}
 
-cd src
-%{_bindir}/phpize
+cd %{sources}
+%{__phpize}
+
+cd ../NTS
 %configure \
-    --with-php-config=%{_bindir}/php-config \
+    --with-php-config=%{__phpconfig} \
     --with-libdir=%{_lib} \
     --enable-snuffleupagus
 make %{?_smp_mflags}
 
 %if %{with_zts}
 cd ../ZTS
-%{_bindir}/zts-phpize
 %configure \
-    --with-php-config=%{_bindir}/zts-php-config \
+    --with-php-config=%{__ztsphpconfig} \
     --with-libdir=%{_lib} \
     --enable-snuffleupagus
 make %{?_smp_mflags}
@@ -147,7 +147,7 @@ make %{?_smp_mflags}
 
 
 # Install the NTS stuff
-make -C src install INSTALL_ROOT=%{buildroot}
+make -C NTS install INSTALL_ROOT=%{buildroot}
 install -D -m 644 %{ini_name} %{buildroot}%{php_inidir}/%{ini_name}
 install -D -m 644 %{pecl_name}-default.rules %{buildroot}%{php_inidir}/%{pecl_name}-default.rules
 
@@ -166,6 +166,8 @@ else
   rm src/tests/upload_validation/upload_validation_real.phpt
 fi
 
+cd %{sources}
+
 %if "%{php_version}" < "8"
 rm -rf src/tests/*php8*/
 %endif
@@ -175,7 +177,6 @@ export SP_SKIP_OLD_PHP_CHECK=1
 # add extensions used by test suite
 TEST_DEPS="-d extension=xml.so -d extension=dom.so -d extension=curl.so -d extension=simplexml.so"
 
-cd src
 : Minimal load test for NTS extension
 %{__php} --no-php-ini \
     --define extension=%{buildroot}%{php_extdir}/%{pecl_name}.so \
@@ -185,17 +186,15 @@ cd src
 %if %{with tests}
 : Upstream test suite  for NTS extension
 TEST_PHP_EXECUTABLE=%{__php} \
-TEST_PHP_ARGS="-n $TEST_DEPS -d extension=$PWD/modules/%{pecl_name}.so" \
-NO_INTERACTION=1 \
+TEST_PHP_ARGS="-n $TEST_DEPS -d extension=%{buildroot}%{php_extdir}/%{pecl_name}.so" \
 REPORT_EXIT_STATUS=1 \
-%{__php} -n run-tests.php --show-diff
+%{__php} -n run-tests.php -q --show-diff
 %endif
 
 %if %{with_zts}
-cd ../ZTS
 : Minimal load test for ZTS extension
 %{__ztsphp} --no-php-ini \
-    --define extension=$PWD/modules/%{pecl_name}.so \
+    --define extension=%{buildroot}%{php_ztsextdir}/%{pecl_name}.so \
     --define sp.allow_broken_configuration=1 \
     --modules | grep %{pecl_name}
 
@@ -203,9 +202,8 @@ cd ../ZTS
 : Upstream test suite  for ZTS extension
 TEST_PHP_EXECUTABLE=%{__ztsphp} \
 TEST_PHP_ARGS="-n $TEST_DEPS -d extension=%{buildroot}%{php_ztsextdir}/%{pecl_name}.so" \
-NO_INTERACTION=1 \
 REPORT_EXIT_STATUS=1 \
-%{__ztsphp} -n run-tests.php --show-diff
+%{__ztsphp} -n run-tests.php -q --show-diff
 %endif
 %endif
 
@@ -226,6 +224,10 @@ REPORT_EXIT_STATUS=1 \
 
 
 %changelog
+* Tue Sep  5 2023 Remi Collet <remi@remirepo.net> - 0.9.0-3
+- add upstream patches for PHP 8.3
+- build out of sources tree
+
 * Thu Jan  5 2023 Remi Collet <remi@remirepo.net> - 0.9.0-2
 - test build for upstream fix for gh#444
 
diff --git a/upstream.patch b/upstream.patch
index aa212c8..4f9fa16 100644
--- a/upstream.patch
+++ b/upstream.patch
@@ -275,3 +275,99 @@ index bc7e338b..4a8292d7 100644
 -unlink($dir . "/content.xml");
 -unlink($dir . "/content.txt");
 -?>
+From 709d850429d0d62b148bc235745c830c2f7a55be Mon Sep 17 00:00:00 2001
+From: jvoisin <julien.voisin@dustri.org>
+Date: Sun, 25 Jun 2023 14:25:46 +0200
+Subject: [PATCH] Remove ZEND_HOT
+
+---
+ src/sp_execute.c     | 2 +-
+ src/sp_pcre_compat.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/sp_execute.c b/src/sp_execute.c
+index 6e80b6df..f105b7f9 100644
+--- a/src/sp_execute.c
++++ b/src/sp_execute.c
+@@ -89,7 +89,7 @@ inline static void is_builtin_matching(
+   should_disable_ht(EG(current_execute_data), function_name, param_value, param_name, SPCFG(disabled_functions_reg).disabled_functions, ht);
+ }
+ 
+-static void ZEND_HOT is_in_eval_and_whitelisted(zend_execute_data const* const execute_data) {
++static void is_in_eval_and_whitelisted(zend_execute_data const* const execute_data) {
+   sp_config_eval const* const config_eval = &(SPCFG(eval));
+ 
+   if (EXPECTED(0 == SPG(in_eval))) {
+diff --git a/src/sp_pcre_compat.c b/src/sp_pcre_compat.c
+index 81c51fdc..3658692e 100644
+--- a/src/sp_pcre_compat.c
++++ b/src/sp_pcre_compat.c
+@@ -23,7 +23,7 @@ sp_pcre* sp_pcre_compile(const char* const pattern) {
+   return ret;
+ }
+ 
+-bool ZEND_HOT sp_is_regexp_matching_len(const sp_pcre* regexp, const char* str, size_t len) {
++bool sp_is_regexp_matching_len(const sp_pcre* regexp, const char* str, size_t len) {
+   int ret = 0;
+ 
+   assert(NULL != regexp);
+From 78668b6ef599f700ba939017dc805485452f5319 Mon Sep 17 00:00:00 2001
+From: jvoisin <julien.voisin@dustri.org>
+Date: Sun, 25 Jun 2023 14:56:43 +0200
+Subject: [PATCH] Fix an unserialize-related warning
+
+This should fix `Warning: unserialize(): Extra data starting at offset 8 of 72 bytes in unserialize.php on line 4`.
+On the flip side, it's not longer possible in PHP8.3 and above, when using
+Snuffleupagus, to have other extensions hooking unserialize().
+---
+ src/sp_unserialize.c | 18 +++++++++++++-----
+ 1 file changed, 13 insertions(+), 5 deletions(-)
+
+diff --git a/src/sp_unserialize.c b/src/sp_unserialize.c
+index 641d9899..ab0d9edb 100644
+--- a/src/sp_unserialize.c
++++ b/src/sp_unserialize.c
+@@ -50,8 +50,6 @@ static zend_string *sp_do_hash_hmac_sha256(char* restrict data, size_t data_len,
+   return hex_digest;
+ }
+ 
+-// ------------------
+-
+ PHP_FUNCTION(sp_serialize) {
+   zif_handler orig_handler;
+ 
+@@ -130,11 +128,16 @@ PHP_FUNCTION(sp_unserialize) {
+     }
+   } else { status = 1; }
+ 
+-  zif_handler orig_handler;
++  zif_handler orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize"));
+   if (0 == status) {
+-    if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) {
++#if PHP_VERSION_ID >= 80300
++      // PHP8.3 gives a warning about trailing data in unserialize strings.
++      php_unserialize_with_options(return_value, buf, buf_len - 64, opts, "unserialize");
++#else
++    if ((orig_handler)) {
+       orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
+     }
++#endif
+   } else {
+     const sp_config_unserialize *config_unserialize = &(SPCFG(unserialize));
+     if (config_unserialize->dump) {
+@@ -143,9 +146,14 @@ PHP_FUNCTION(sp_unserialize) {
+     }
+     if (true == config_unserialize->simulation) {
+       sp_log_simulation("unserialize", "Invalid HMAC for %s", serialized_str);
+-      if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) {
++#if PHP_VERSION_ID >= 80300
++      // PHP8.3 gives a warning about trailing data in unserialize strings.
++      php_unserialize_with_options(return_value, buf, buf_len - 64, opts, "unserialize");
++#else
++      if ((orig_handler)) {
+         orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
+       }
++#endif
+     } else {
+       sp_log_drop("unserialize", "Invalid HMAC for %s", serialized_str);
+     }
-- 
cgit