- Update to 7.0.13 - http://www.php.net/releases/7_0_13.php

- update tzdata patch to v14, improve check for valid tz file

.gitignore

@@ -12,3 +12,4 @@ php-7.1.*.xz
 /php-7.0.11RC1.tar.xz
 /php-7.0.11.tar.xz
 /php-7.0.12.tar.xz
+/php-7.0.13.tar.xz

php-7.0.0-systzdata-v14.patch

@@ -2,6 +2,7 @@ Add support for use of the system timezone database, rather
 than embedding a copy.  Discussed upstream but was not desired.
 
 History:
+r14: improve check for valid tz file
 r13: adapt for upstream changes to use PHP allocator
 r12: adapt for upstream changes for new zic
 r11: use canonical names to avoid more case sensitivity issues
@@ -21,10 +22,10 @@ r3: fix a crash if /usr/share/zoneinfo doesn't exist (Raphael Geissert)
 r2: add filesystem trawl to set up name alias index
 r1: initial revision
 
-diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/lib/parse_tz.c
---- php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata	2015-08-18 23:39:24.000000000 +0200
-+++ php-7.0.0RC1/ext/date/lib/parse_tz.c	2015-08-22 07:54:38.097258458 +0200
-@@ -20,6 +20,16 @@
+diff -up php-7.0.12RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.12RC1/ext/date/lib/parse_tz.c
+--- php-7.0.12RC1/ext/date/lib/parse_tz.c.systzdata	2016-09-27 17:31:31.000000000 +0200
++++ php-7.0.12RC1/ext/date/lib/parse_tz.c	2016-10-07 14:53:11.270619502 +0200
+@@ -24,6 +24,16 @@
  
  #include "timelib.h"
  
@@ -41,7 +42,7 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
  #include <stdio.h>
  
  #ifdef HAVE_LOCALE_H
-@@ -32,8 +42,12 @@
+@@ -36,8 +46,12 @@
  #include <strings.h>
  #endif
  
@@ -54,7 +55,7 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
  
  #if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
  # if defined(__LITTLE_ENDIAN__)
-@@ -55,6 +69,11 @@ static int read_preamble(const unsigned
+@@ -59,6 +73,11 @@ static int read_preamble(const unsigned
  {
  	uint32_t version;
  
@@ -66,7 +67,7 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
  	/* read ID */
  	version = (*tzf)[3] - '0';
  	*tzf += 4;
-@@ -298,7 +317,418 @@ void timelib_dump_tzinfo(timelib_tzinfo
+@@ -302,7 +321,429 @@ void timelib_dump_tzinfo(timelib_tzinfo
  	}
  }
  
@@ -285,6 +286,7 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
 +		&& strcmp(ent->d_name, "posix") != 0
 +		&& strcmp(ent->d_name, "posixrules") != 0
 +		&& strcmp(ent->d_name, "right") != 0
++		&& strstr(ent->d_name, ".list") == NULL
 +		&& strstr(ent->d_name, ".tab") == NULL;
 +}
 +
@@ -425,8 +427,18 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
 +
 +/* Returns true if the passed-in stat structure describes a
 + * probably-valid timezone file. */
-+static int is_valid_tzfile(const struct stat *st)
++static int is_valid_tzfile(const struct stat *st, int fd)
 +{
++	if (fd) {
++		char buf[20];
++		if (read(fd, buf, 20)!=20) {
++			return 0;
++		}
++		lseek(fd, SEEK_SET, 0);
++		if (memcmp(buf, "TZif", 4)) {
++			return 0;			
++		}
++	}
 +	return S_ISREG(st->st_mode) && st->st_size > 20;
 +}
 +
@@ -464,11 +476,11 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
 +	}
 +
 +	snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", canonical_tzname(timezone));
-+	
++
 +	fd = open(fname, O_RDONLY);
 +	if (fd == -1) {
 +		return NULL;
-+	} else if (fstat(fd, &st) != 0 || !is_valid_tzfile(&st)) {
++	} else if (fstat(fd, &st) != 0 || !is_valid_tzfile(&st, fd)) {
 +		close(fd);
 +		return NULL;
 +	}
@@ -486,7 +498,7 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
  {
  	int left = 0, right = tzdb->index_size - 1;
  #ifdef HAVE_SETLOCALE
-@@ -337,21 +767,88 @@ static int seek_to_tz_position(const uns
+@@ -341,21 +782,88 @@ static int seek_to_tz_position(const uns
  	return 0;
  }
  
@@ -568,7 +580,7 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
 +
 +		snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", canonical_tzname(timezone));
 +
-+		return stat(fname, &st) == 0 && is_valid_tzfile(&st);
++		return stat(fname, &st) == 0 && is_valid_tzfile(&st, 0);
 +	}
 +#endif
 +
@@ -576,7 +588,7 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
  }
  
  static void skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
-@@ -376,24 +873,54 @@ static void read_64bit_header(const unsi
+@@ -380,24 +888,54 @@ static void read_64bit_header(const unsi
  timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb)
  {
  	const unsigned char *tzf;
@@ -640,9 +652,9 @@ diff -up php-7.0.0RC1/ext/date/lib/parse_tz.c.systzdata php-7.0.0RC1/ext/date/li
  	} else {
  		tmp = NULL;
  	}
-diff -up php-7.0.0RC1/ext/date/lib/timelib.m4.systzdata php-7.0.0RC1/ext/date/lib/timelib.m4
---- php-7.0.0RC1/ext/date/lib/timelib.m4.systzdata	2015-08-18 23:39:24.000000000 +0200
-+++ php-7.0.0RC1/ext/date/lib/timelib.m4	2015-08-22 07:47:34.854055364 +0200
+diff -up php-7.0.12RC1/ext/date/lib/timelib.m4.systzdata php-7.0.12RC1/ext/date/lib/timelib.m4
+--- php-7.0.12RC1/ext/date/lib/timelib.m4.systzdata	2016-09-27 17:31:31.000000000 +0200
++++ php-7.0.12RC1/ext/date/lib/timelib.m4	2016-10-07 14:36:19.569469385 +0200
 @@ -78,3 +78,17 @@ stdlib.h
  
  dnl Check for strtoll, atoll

php.spec

@@ -63,7 +63,7 @@
 
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
-Version: 7.0.12
+Version: 7.0.13
 %if 0%{?rcver:1}
 Release: 0.%{rpmrel}.%{rcver}%{?dist}
 %else
@@ -1490,6 +1490,10 @@ rm -f README.{Zeus,QNX,CVS-RULES}
 
 
 %changelog
+* Wed Nov  9 2016 Remi Collet <remi@fedoraproject.org> 7.0.13-1
+- Update to 7.0.13 - http://www.php.net/releases/7_0_13.php
+- update tzdata patch to v14, improve check for valid tz file
+
 * Thu Oct 13 2016 Remi Collet <remi@fedoraproject.org> 7.0.12-2
 - Update to 7.0.12 - http://www.php.net/releases/7_0_12.php
 

sources

@@ -1 +1 @@
-bdcc4dbdac90c2a39422786653059f70  php-7.0.12.tar.xz
+eb117bf1d1efc99c522f132b265a3402  php-7.0.13.tar.xz