File php-5.3.3-CVE-2011-0753.patch of Package php5

Index: ext/pcntl/pcntl.c
===================================================================
--- ext/pcntl/pcntl.c.orig
+++ ext/pcntl/pcntl.c
@@ -797,7 +797,7 @@ PHP_FUNCTION(pcntl_signal)
 	zend_hash_index_update(&PCNTL_G(php_signal_table), signo, (void **) &handle, sizeof(zval *), (void **) &dest_handle);
 	if (dest_handle) zval_add_ref(dest_handle);
 	
-	if (php_signal(signo, pcntl_signal_handler, (int) restart_syscalls) == SIG_ERR) {
+	if (php_signal4(signo, pcntl_signal_handler, (int) restart_syscalls, 1) == SIG_ERR) {
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Error assigning signal");
 		RETURN_FALSE;
 	}
@@ -1103,11 +1103,19 @@ void pcntl_signal_dispatch()
 {
 	zval *param, **handle, *retval;
 	struct php_pcntl_pending_signal *queue, *next;
+	sigset_t mask;
+	sigset_t old_mask;
 	TSRMLS_FETCH();
+		
+	/* Mask all signals */
+	sigfillset(&mask);
+	sigprocmask(SIG_BLOCK, &mask, &old_mask);
 
 	/* Bail if the queue is empty or if we are already playing the queue*/
-	if (! PCNTL_G(head) || PCNTL_G(processing_signal_queue))
+	if (! PCNTL_G(head) || PCNTL_G(processing_signal_queue)) {
+		sigprocmask(SIG_SETMASK, &old_mask, NULL);
 		return;
+	}
 
 	/* Prevent reentrant handler calls */
 	PCNTL_G(processing_signal_queue) = 1;
@@ -1139,6 +1147,9 @@ void pcntl_signal_dispatch()
 
 	/* Re-enable queue */
 	PCNTL_G(processing_signal_queue) = 0;
+	
+	/* return signal mask to previous state */
+	sigprocmask(SIG_SETMASK, &old_mask, NULL);
 }
 
 
--- ext/pcntl/php_signal.c	2010/11/01 22:40:29	305019
+++ ext/pcntl/php_signal.c	2010/11/01 22:43:59	305020
@@ -22,11 +22,15 @@
 
 /* php_signal using sigaction is derrived from Advanced Programing
  * in the Unix Environment by W. Richard Stevens p 298. */
-Sigfunc *php_signal(int signo, Sigfunc *func, int restart)
+Sigfunc *php_signal4(int signo, Sigfunc *func, int restart, int mask_all)
 {
 	struct sigaction act,oact;
 	act.sa_handler = func;
-	sigemptyset(&act.sa_mask);
+	if (mask_all) {
+		sigfillset(&act.sa_mask);
+	} else {
+		sigemptyset(&act.sa_mask);
+	}
 	act.sa_flags = 0;
 	if (signo == SIGALRM || (! restart)) {
 #ifdef SA_INTERRUPT
@@ -41,6 +45,11 @@
 		return SIG_ERR;
  
 	return oact.sa_handler;
+}
+
+Sigfunc *php_signal(int signo, Sigfunc *func, int restart)
+{
+	return php_signal4(signo, func, restart, 0);
 }
 
 /*

--- ext/pcntl/php_signal.h	2010/11/01 22:40:29	305019
+++ ext/pcntl/php_signal.h	2010/11/01 22:43:59	305020
@@ -31,5 +31,6 @@
 
 typedef void Sigfunc(int);
 Sigfunc *php_signal(int signo, Sigfunc *func, int restart);
+Sigfunc *php_signal4(int signo, Sigfunc *func, int restart, int mask_all);
 
 #endif

openSUSE Build Service is sponsored by