mirror of
https://github.com/php/php-src.git
synced 2024-12-01 05:43:38 +08:00
b3709bfc52
* PHP-5.6: (27 commits) fix non-standard C update NEWS 5.4.41 next fix CVE num update NEWS Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode) fix test fix type in fix for #69085 fix memory leak & add test Fix tests fix CVE num Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability) Fix test Additional fix for bug #69324 More fixes for bug #69152 Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions) Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar) Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER) Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4) Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault) ... Conflicts: Zend/zend_exceptions.c ext/curl/interface.c ext/dom/document.c ext/fileinfo/libmagic/softmagic.c ext/gd/gd.c ext/hash/hash.c ext/pgsql/pgsql.c ext/phar/phar.c ext/phar/phar_internal.h ext/standard/http_fopen_wrapper.c ext/standard/link.c ext/standard/streamsfuncs.c ext/xmlwriter/php_xmlwriter.c ext/zlib/zlib.c |
||
---|---|---|
.. | ||
apache_config.c | ||
config.m4 | ||
config.w32 | ||
CREDITS | ||
mod_php7.c | ||
php_apache.h | ||
php_functions.c | ||
php.sym | ||
README | ||
sapi_apache2.c |
WHAT IS THIS? This module exploits the layered I/O support in Apache 2.0. HOW DOES IT WORK? In Apache 2.0, you have handlers which generate content (like reading a script from disk). The content goes then through a chain of filters. PHP can be such a filter, so that it processes your script and hands the output to the next filter (which will usually cause a write to the network). DOES IT WORK? Currently the issues with the module are: * Thread safety of external PHP modules * The lack of re-entrancy of PHP. due to this I have disabled the 'virtual' function, and tried to stop any method where a php script can run another php script while it is being run. HOW TO INSTALL This SAPI module is known to work with Apache 2.0.44. $ cd apache-2.x $ cd src $ ./configure --enable-so $ make install For testing purposes, you might want to use --with-mpm=prefork. (Albeit PHP also works with threaded MPMs. See Thread Safety note above) Configure PHP 4: $ cd php-4.x $ ./configure --with-apxs2=/path/to/apache-2.0/bin/apxs $ make install At the end of conf/httpd.conf, add: AddType application/x-httpd-php .php If you would like to enable source code highlighting functionality add: AddType application/x-httpd-php-source .phps That's it. Now start bin/httpd. HOW TO CONFIGURE The Apache 2.0 PHP module supports a new configuration directive that allows an admin to override the php.ini search path. For example, place your php.ini file in Apache's ServerRoot/conf directory and add this to your httpd.conf file: PHPINIDir "conf" DEBUGGING APACHE AND PHP To debug Apache, we recommend: 1. Use the Prefork MPM (Apache 1.3-like process model) by configuring Apache with '--with-mpm=prefork'. 2. Start httpd using -DONE_PROCESS (e.g. (gdb) r -DONE_PROCESS). If you want to debug a part of the PHP startup procedure, set a breakpoint on 'load_module'. Step through it until apr_dso_load() is done. Then you can set a breakpoint on any PHP-related symbol. TODO PHP functions like apache_sub_req (see php_functions.c) Source Code Highlighting Protocol handlers