gnu: Add php.

* gnu/packages/php.scm: New file.
* gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch: New file.
* gnu/packages/patches/gd-fix-truecolor-format-correction.patch: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add php.
(dist_patch_DATA): Add gd patches.

Co-authored-by: Marius Bakke <mbakke@fastmail.com>
This commit is contained in:
Julien Lepiller 2016-11-11 15:18:29 +01:00 committed by Marius Bakke
parent b28a33512f
commit 1845c2a436
No known key found for this signature in database
GPG key ID: A2A06DF2A33A54FA
4 changed files with 534 additions and 0 deletions

View file

@ -295,6 +295,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/pem.scm \
%D%/packages/perl.scm \
%D%/packages/photo.scm \
%D%/packages/php.scm \
%D%/packages/pkg-config.scm \
%D%/packages/plotutils.scm \
%D%/packages/polkit.scm \
@ -551,8 +552,10 @@ dist_patch_DATA = \
%D%/packages/patches/gcc-6-cross-environment-variables.patch \
%D%/packages/patches/gd-CVE-2016-7568.patch \
%D%/packages/patches/gd-CVE-2016-8670.patch \
%D%/packages/patches/gd-fix-chunk-size-on-boundaries.patch \
%D%/packages/patches/gd-fix-gd2-read-test.patch \
%D%/packages/patches/gd-fix-tests-on-i686.patch \
%D%/packages/patches/gd-fix-truecolor-format-correction.patch \
%D%/packages/patches/gegl-CVE-2012-4433.patch \
%D%/packages/patches/geoclue-config.patch \
%D%/packages/patches/ghostscript-CVE-2013-5653.patch \

View file

@ -0,0 +1,102 @@
This fixes PHP bug #73155: https://bugs.php.net/bug.php?id=73155
Patch adapted from upstream source repository:
https://github.com/libgd/libgd/commit/8067a8ac336dfe0acbe96ec2eb24572209a7f279
(.gitignore change removed)
From 8067a8ac336dfe0acbe96ec2eb24572209a7f279 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Fri, 23 Sep 2016 18:29:52 +0200
Subject: [PATCH] Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
(cherry picked from commit bb1998a16e30d542ab22eba5501911a9aa066edb)
---
src/gd_gd2.c | 4 ++--
tests/gd2/CMakeLists.txt | 1 +
tests/gd2/Makemodule.am | 1 +
tests/gd2/bug00309.c | 37 +++++++++++++++++++++++++++++++++++++
4 files changed, 41 insertions(+), 2 deletions(-)
create mode 100644 tests/gd2/bug00309.c
diff --git a/src/gd_gd2.c b/src/gd_gd2.c
index 75e5e1f..b9b2f93 100644
--- a/src/gd_gd2.c
+++ b/src/gd_gd2.c
@@ -938,8 +938,8 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
};
/* Work out number of chunks. */
- ncx = im->sx / cs + 1;
- ncy = im->sy / cs + 1;
+ ncx = (im->sx + cs - 1) / cs;
+ ncy = (im->sy + cs - 1) / cs;
/* Write the standard header. */
_gd2PutHeader (im, out, cs, fmt, ncx, ncy);
diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt
index 3b650ad..247b466 100644
--- a/tests/gd2/CMakeLists.txt
+++ b/tests/gd2/CMakeLists.txt
@@ -1,5 +1,6 @@
SET(TESTS_FILES
bug_289
+ bug00309
gd2_empty_file
gd2_im2im
gd2_null
diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am
index b8ee946..d69aee0 100644
--- a/tests/gd2/Makemodule.am
+++ b/tests/gd2/Makemodule.am
@@ -1,5 +1,6 @@
libgd_test_programs += \
gd2/bug_289 \
+ gd2/bug00309 \
gd2/gd2_empty_file \
gd2/php_bug_72339 \
gd2/gd2_read_corrupt
diff --git a/tests/gd2/bug00309.c b/tests/gd2/bug00309.c
new file mode 100644
index 0000000..b649cdc
--- /dev/null
+++ b/tests/gd2/bug00309.c
@@ -0,0 +1,37 @@
+/**
+ * Regression test for <https://github.com/libgd/libgd/issues/309>.
+ *
+ * We test that an image with 64x64 pixels reports only a single chunk in the
+ * GD2 image header when the chunk size is 64.
+ */
+
+
+#include "gd.h"
+#include "gdtest.h"
+
+
+int main()
+{
+ gdImagePtr im;
+ unsigned char *buf;
+ int size, word;
+
+ im = gdImageCreate(64, 64);
+ gdImageColorAllocate(im, 0, 0, 0);
+
+ buf = gdImageGd2Ptr(im, 64, 1, &size);
+
+ gdImageDestroy(im);
+
+ word = buf[10] << 8 | buf[11];
+ gdTestAssertMsg(word == 64, "chunk size is %d, but expected 64\n", word);
+ word = buf[14] << 8 | buf[15];
+ gdTestAssertMsg(word == 1, "x chunk count is %d, but expected 1\n", word);
+ word = buf[16] << 8 | buf[17];
+ gdTestAssertMsg(word == 1, "y chunk count is %d, but expected 1\n", word);
+ gdTestAssertMsg(size == 5145, "file size is %d, but expected 5145\n", size);
+
+ gdFree(buf);
+
+ return gdNumFailures();
+}

View file

@ -0,0 +1,95 @@
This fixes PHP bug #73159: https://bugs.php.net/bug.php?id=73159
Patch lifted from upstream source repository:
https://github.com/libgd/libgd/commit/e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5
From e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Mon, 15 Aug 2016 17:49:40 +0200
Subject: [PATCH] Fix #289: Passing unrecognized formats to gdImageGd2 results
in corrupted files
We must not apply the format correction twice for truecolor images.
(cherry picked from commit 09090c125658e23a4ae2a2e002646bb7278bd89e)
---
src/gd_gd2.c | 2 +-
tests/gd2/CMakeLists.txt | 1 +
tests/gd2/Makemodule.am | 1 +
tests/gd2/bug_289.c | 33 +++++++++++++++++++++++++++++++++
4 files changed, 36 insertions(+), 1 deletion(-)
create mode 100644 tests/gd2/bug_289.c
diff --git a/src/gd_gd2.c b/src/gd_gd2.c
index 86c881e..75e5e1f 100644
--- a/src/gd_gd2.c
+++ b/src/gd_gd2.c
@@ -918,7 +918,7 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt)
/* Force fmt to a valid value since we don't return anything. */
/* */
if ((fmt != GD2_FMT_RAW) && (fmt != GD2_FMT_COMPRESSED)) {
- fmt = im->trueColor ? GD2_FMT_TRUECOLOR_COMPRESSED : GD2_FMT_COMPRESSED;
+ fmt = GD2_FMT_COMPRESSED;
};
if (im->trueColor) {
fmt += 2;
diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt
index 8aecacc..3b650ad 100644
--- a/tests/gd2/CMakeLists.txt
+++ b/tests/gd2/CMakeLists.txt
@@ -1,4 +1,5 @@
SET(TESTS_FILES
+ bug_289
gd2_empty_file
gd2_im2im
gd2_null
diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am
index 754a284..b8ee946 100644
--- a/tests/gd2/Makemodule.am
+++ b/tests/gd2/Makemodule.am
@@ -1,4 +1,5 @@
libgd_test_programs += \
+ gd2/bug_289 \
gd2/gd2_empty_file \
gd2/php_bug_72339 \
gd2/gd2_read_corrupt
diff --git a/tests/gd2/bug_289.c b/tests/gd2/bug_289.c
new file mode 100644
index 0000000..ad311e9
--- /dev/null
+++ b/tests/gd2/bug_289.c
@@ -0,0 +1,33 @@
+/**
+ * Passing an unrecognized format to gdImageGd2() should result in
+ * GD2_FMT_TRUECOLOR_COMPRESSED for truecolor images.
+ *
+ * See <https://github.com/libgd/libgd/issues/289>.
+ */
+
+#include "gd.h"
+#include "gdtest.h"
+
+
+#define GD2_FMT_UNRECOGNIZED 0
+#define GD2_FMT_TRUECOLOR_COMPRESSED 4
+
+#define MSG "expected %s byte to be %d, but got %d\n"
+
+
+int main()
+{
+ gdImagePtr im;
+ char *buffer;
+ int size;
+
+ im = gdImageCreateTrueColor(10, 10);
+ gdTestAssert(im != NULL);
+ buffer = (char *) gdImageGd2Ptr(im, 128, GD2_FMT_UNRECOGNIZED, &size);
+ gdTestAssert(buffer != NULL);
+ gdImageDestroy(im);
+ gdTestAssertMsg(buffer[12] == 0, MSG, "1st", 0, buffer[12]);
+ gdTestAssertMsg(buffer[13] == GD2_FMT_TRUECOLOR_COMPRESSED, MSG, "2nd", GD2_FMT_TRUECOLOR_COMPRESSED, buffer[13]);
+
+ return gdNumFailures();
+}

334
gnu/packages/php.scm Normal file
View file

@ -0,0 +1,334 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages php)
#:use-module (gnu packages)
#:use-module (gnu packages algebra)
#:use-module (gnu packages aspell)
#:use-module (gnu packages base)
#:use-module (gnu packages bison)
#:use-module (gnu packages compression)
#:use-module (gnu packages curl)
#:use-module (gnu packages cyrus-sasl)
#:use-module (gnu packages databases)
#:use-module (gnu packages fontutils)
#:use-module (gnu packages gd)
#:use-module (gnu packages gettext)
#:use-module (gnu packages glib)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages image)
#:use-module (gnu packages linux)
#:use-module (gnu packages multiprecision)
#:use-module (gnu packages openldap)
#:use-module (gnu packages pcre)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages readline)
#:use-module (gnu packages textutils)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
#:use-module (gnu packages zip)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
#:use-module ((guix licenses) #:prefix license:))
;; This fixes PHP bugs 73155 and 73159. Remove when gd
;; is updated to > 2.2.3.
(define gd-for-php
(package (inherit gd)
(source
(origin
(inherit (package-source gd))
(patches (search-patches
"gd-fix-truecolor-format-correction.patch"
"gd-fix-chunk-size-on-boundaries.patch"))))))
(define-public php
(package
(name "php")
(version "7.0.13")
(home-page "https://secure.php.net/")
(source (origin
(method url-fetch)
(uri (string-append home-page "distributions/"
name "-" version ".tar.xz"))
(sha256
(base32
"1gzihbpcp51jc587gs1ryn59hsnr7vf5427dmcvdimvm77wsfyrm"))
(modules '((guix build utils)))
(snippet
'(with-directory-excursion "ext"
(for-each delete-file-recursively
;; Some of the bundled libraries have no proper upstream.
;; Ideally we'd extract these out as separate packages:
;;"mbstring/libmbfl"
;;"date/lib"
;;"bcmath/libbcmath"
;;"fileinfo/libmagic" ; This is a patched version of libmagic.
'("gd/libgd"
"mbstring/oniguruma"
"pcre/pcrelib"
"sqlite3/libsqlite"
"xmlrpc/libxmlrpc"
"zip/lib"))))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
(let-syntax ((with (syntax-rules ()
((_ option input)
(string-append option "="
(assoc-ref %build-inputs input))))))
(list (with "--with-bz2" "bzip2")
(with "--with-curl" "curl")
(with "--with-freetype-dir" "freetype")
(with "--with-gd" "gd")
(with "--with-gdbm" "gdbm")
(with "--with-gettext" "glibc") ; libintl.h
(with "--with-gmp" "gmp")
(with "--with-jpeg-dir" "libjpeg")
(with "--with-ldap" "openldap")
(with "--with-ldap-sasl" "cyrus-sasl")
(with "--with-libzip" "zip")
(with "--with-libxml-dir" "libxml2")
(with "--with-onig" "oniguruma")
(with "--with-pcre-dir" "pcre")
(with "--with-pcre-regex" "pcre")
(with "--with-pdo-pgsql" "postgresql")
(with "--with-pdo-sqlite" "sqlite")
(with "--with-pgsql" "postgresql")
(with "--with-png-dir" "libpng")
;; PHPs Pspell extension, while retaining its current name,
;; now uses the Aspell library.
(with "--with-pspell" "aspell")
(with "--with-readline" "readline")
(with "--with-sqlite3" "sqlite")
(with "--with-tidy" "tidy")
(with "--with-webp-dir" "libwebp")
(with "--with-xpm-dir" "libxpm")
(with "--with-xsl" "libxslt")
(with "--with-zlib-dir" "zlib")
;; We could add "--with-snmp", but it requires netsnmp that
;; we don't have a package for. It is used to build the snmp
;; extension of php.
"--with-iconv"
"--with-openssl"
"--with-pdo-mysql"
"--with-zlib"
"--enable-calendar"
"--enable-dba=shared"
"--enable-exif"
"--enable-flatfile"
"--enable-fpm"
"--enable-ftp"
"--enable-inifile"
"--enable-mbstring"
"--enable-pcntl"
"--enable-sockets"
"--enable-threads"))
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'do-not-record-build-flags
(lambda _
;; Prevent configure flags from being stored and causing
;; unnecessary runtime dependencies.
(substitute* "scripts/php-config.in"
(("@CONFIGURE_OPTIONS@") "")
(("@PHP_LDFLAGS@") ""))
;; This file has ISO-8859-1 encoding.
(with-fluids ((%default-port-encoding "ISO-8859-1"))
(substitute* "main/build-defs.h.in"
(("@CONFIGURE_COMMAND@") "(omitted)")))
#t))
(add-before 'build 'patch-/bin/sh
(lambda _
(substitute* '("run-tests.php" "ext/standard/proc_open.c")
(("/bin/sh") (which "sh")))
#t))
(add-before 'check 'prepare-tests
(lambda _
;; Some of these files have ISO-8859-1 encoding, whereas others
;; use ASCII, so we can't use a "catch-all" find-files here.
(with-fluids ((%default-port-encoding "ISO-8859-1"))
(substitute* '("ext/mbstring/tests/mb_send_mail02.phpt"
"ext/mbstring/tests/mb_send_mail04.phpt"
"ext/mbstring/tests/mb_send_mail05.phpt"
"ext/mbstring/tests/mb_send_mail06.phpt")
(("/bin/cat") (which "cat"))))
(substitute* '("ext/mbstring/tests/mb_send_mail01.phpt"
"ext/mbstring/tests/mb_send_mail03.phpt"
"ext/mbstring/tests/bug52861.phpt"
"ext/standard/tests/general_functions/bug34794.phpt"
"ext/standard/tests/general_functions/bug44667.phpt"
"ext/standard/tests/general_functions/proc_open.phpt")
(("/bin/cat") (which "cat")))
;; The encoding of this file is not recognized, so we simply drop it.
(delete-file "ext/mbstring/tests/mb_send_mail07.phpt")
(substitute* "ext/standard/tests/streams/bug60602.phpt"
(("'ls'") (string-append "'" (which "ls") "'")))
;; Drop tests that are known to fail.
(for-each delete-file
'("ext/posix/tests/posix_getgrgid.phpt" ; Requires /etc/group.
"ext/sockets/tests/bug63000.phpt" ; Fails to detect OS.
"ext/sockets/tests/socket_shutdown.phpt" ; Requires DNS.
"ext/sockets/tests/socket_send.phpt" ; Likewise.
"ext/sockets/tests/mcast_ipv4_recv.phpt" ; Requires multicast.
;; These needs /etc/services.
"ext/standard/tests/general_functions/getservbyname_basic.phpt"
"ext/standard/tests/general_functions/getservbyport_basic.phpt"
"ext/standard/tests/general_functions/getservbyport_variation1.phpt"
;; And /etc/protocols.
"ext/standard/tests/network/getprotobyname_basic.phpt"
"ext/standard/tests/network/getprotobynumber_basic.phpt"
;; And exotic locales.
"ext/standard/tests/strings/setlocale_basic1.phpt"
"ext/standard/tests/strings/setlocale_basic2.phpt"
"ext/standard/tests/strings/setlocale_basic3.phpt"
"ext/standard/tests/strings/setlocale_variation1.phpt"
;; XXX: These gd tests fails. Likely because our version
;; is different from the (patched) bundled one.
;; Here, gd quits immediately after "fatal libpng error"; while the
;; test expects it to additionally return a "setjmp" error and warning.
"ext/gd/tests/bug39780_extern.phpt"
"ext/gd/tests/libgd00086_extern.phpt"
;; Extra newline in gd-png output.
"ext/gd/tests/bug45799.phpt"
;; Different error message than expected from imagecrop().
"ext/gd/tests/bug66356.phpt"
;; Similarly for imagecreatefromgd2().
"ext/gd/tests/bug72339.phpt"
;; Call to undefined function imageantialias(). They are
;; supposed to fail anyway.
"ext/gd/tests/bug72482.phpt"
"ext/gd/tests/bug72482_2.phpt"
"ext/gd/tests/bug73213.phpt"
;; Test expects generic "gd warning" but gets the actual function name.
"ext/gd/tests/createfromwbmp2_extern.phpt"
;; TODO: Enable these when libgd is built with xpm support.
"ext/gd/tests/xpm2gd.phpt"
"ext/gd/tests/xpm2jpg.phpt"
"ext/gd/tests/xpm2png.phpt"
;; XXX: These iconv tests have the expected outcome,
;; but with different error messages.
;; Expects "illegal character", instead gets "unknown error (84)".
"ext/iconv/tests/bug52211.phpt"
;; Expects "wrong charset", gets unknown error (22).
"ext/iconv/tests/iconv_mime_decode_variation3.phpt"
"ext/iconv/tests/iconv_strlen_error2.phpt"
"ext/iconv/tests/iconv_strlen_variation2.phpt"
"ext/iconv/tests/iconv_substr_error2.phpt"
;; Expects conversion error, gets "error condition Termsig=11".
"ext/iconv/tests/iconv_strpos_error2.phpt"
"ext/iconv/tests/iconv_strrpos_error2.phpt"
;; Similar, but iterating over multiple values.
;; iconv breaks the loop after the first error with Termsig=11.
"ext/iconv/tests/iconv_strpos_variation4.phpt"
"ext/iconv/tests/iconv_strrpos_variation3.phpt"
;; XXX: These test failures appear legitimate, needs investigation.
;; open_basedir() restriction failure.
"ext/curl/tests/bug61948.phpt"
;; Expects a false boolean, gets empty array from glob().
"ext/standard/tests/file/bug41655_1.phpt"
"ext/standard/tests/file/glob_variation5.phpt"
;; Test output is correct, but in wrong order.
"ext/standard/tests/streams/proc_open_bug64438.phpt"
;; The test expects an Array, but instead get the contents(?).
"ext/gd/tests/bug43073.phpt"
;; imagettftext() returns wrong coordinates.
"ext/gd/tests/bug48732.phpt"
;; Similarly for imageftbbox().
"ext/gd/tests/bug48801.phpt"
;; Different expected output from imagecolorallocate().
"ext/gd/tests/bug53504.phpt"
;; Wrong image size after scaling an image.
"ext/gd/tests/bug73272.phpt"
;; Expects iconv to detect illegal characters, instead gets
;; "unknown error (84)" and heap corruption(!).
"ext/iconv/tests/bug48147.phpt"
;; Expects illegal character ".", gets "=?utf-8?Q?."
"ext/iconv/tests/bug51250.phpt"
;; @iconv() does not return expected output.
"ext/iconv/tests/iconv003.phpt"
;; iconv throws "buffer length exceeded" on some string checks.
"ext/iconv/tests/iconv_mime_encode.phpt"
;; file_get_contents(): iconv stream filter
;; ("ISO-8859-1"=>"UTF-8") unknown error.
"ext/standard/tests/file/bug43008.phpt"
;; Table data not created in sqlite(?).
"ext/pdo_sqlite/tests/bug_42589.phpt"))
;; Skip tests requiring network access.
(setenv "SKIP_ONLINE_TESTS" "1")
;; Without this variable, 'make test' passes regardless of failures.
(setenv "REPORT_EXIT_STATUS" "1")
#t)))
#:test-target "test"))
(inputs
`(("aspell" ,aspell)
("bzip2" ,bzip2)
("curl" ,curl)
("cyrus-sasl" ,cyrus-sasl)
("freetype" ,freetype)
("gd" ,gd-for-php)
("gdbm" ,gdbm)
("glibc" ,glibc)
("gmp" ,gmp)
("libgcrypt" ,libgcrypt)
("libjpeg" ,libjpeg)
("libpng" ,libpng)
("libwebp" ,libwebp)
("libxml2" ,libxml2)
("libxpm" ,libxpm)
("libxslt" ,libxslt)
("libx11" ,libx11)
("oniguruma" ,oniguruma)
("openldap" ,openldap)
("openssl" ,openssl)
("pcre" ,pcre)
("postgresql" ,postgresql)
("readline" ,readline)
("sqlite" ,sqlite-3.15.1)
("tidy" ,tidy)
("zip" ,zip)
("zlib" ,zlib)))
(native-inputs
`(("pkg-config" ,pkg-config)
("bison" ,bison)
("intltool" ,intltool)
("procps" ,procps))) ; For tests.
(synopsis "PHP programming language")
(description
"PHP (PHP Hypertext Processor) is a server-side (CGI) scripting
language designed primarily for web development but is also used as
a general-purpose programming language. PHP code may be embedded into
HTML code, or it can be used in combination with various web template
systems, web content management systems and web frameworks." )
(license (list
(license:non-copyleft "file://LICENSE") ; The PHP license.
(license:non-copyleft "file://Zend/LICENSE") ; The Zend license.
license:lgpl2.1 ; ext/mbstring/libmbfl
license:lgpl2.1+ ; ext/bcmath/libbcmath
license:bsd-2 ; ext/fileinfo/libmagic
license:expat)))) ; ext/date/lib