[Bug 1496612] [NEW] CVE-2015-0273 patch broken when ZTS/TSRM enabled.
Josh Farr
josh at creativemarket.com
Wed Sep 16 22:48:31 UTC 2015
Public bug reported:
When attempting to rebuild the php5 package with --enable-maintainer-zts
--with-tsrm-pthreads enabled, it quickly hits an error something like:
/root/build/php5-5.5.9+dfsg/ext/date/php_date.c: In function ‘zim_DateTimeZone___set_state’:
/root/build/php5-5.5.9+dfsg/ext/date/php_date.c:3757:3: warning: passing argument 2 of ‘php_error_docref0’ makes pointer from integer without a cast [enabled by default]
php_error_docref(NULL, E_ERROR, "Timezone initialization failed");
^
In file included from /root/build/php5-5.5.9+dfsg/ext/date/php_date.c:21:0:
/root/build/php5-5.5.9+dfsg/main/php.h:309:13: note: expected ‘void ***’ but argument is of type ‘int’
PHPAPI void php_error_docref0(const char *docref TSRMLS_DC, int type, const char *format, ...)
^
/root/build/php5-5.5.9+dfsg/ext/date/php_date.c:3757:3: warning: passing argument 3 of ‘php_error_docref0’ makes integer from pointer without a cast [enabled by default]
php_error_docref(NULL, E_ERROR, "Timezone initialization failed");
^
...
The problem appears to be introduced by the CVE-2015-0273.patch.
Here's a quick fix to illustrate where the problem appears to be:
sed -i 's/php_error_docref(NULL, E_ERROR, "Timezone initialization
failed");/php_error_docref(NULL TSRMLS_CC, E_ERROR, "Timezone
initialization failed");/g' ext/date/php_date.c
** Affects: php5 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1496612
Title:
CVE-2015-0273 patch broken when ZTS/TSRM enabled.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1496612/+subscriptions
More information about the Ubuntu-server-bugs
mailing list