From 5e3f0f5671564296fd279ccbdd7fa71f0ddb685f Mon Sep 17 00:00:00 2001
From: George Wang <gwang@php.net>
Date: Sat, 7 Feb 2015 12:16:54 -0500
Subject: Fixed #68790 (Missing return)

---
 sapi/litespeed/lsapi_main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sapi/litespeed/lsapi_main.c b/sapi/litespeed/lsapi_main.c
index 6bdf9b7d0c..458a82e660 100644
--- a/sapi/litespeed/lsapi_main.c
+++ b/sapi/litespeed/lsapi_main.c
@@ -466,7 +466,7 @@ static sapi_module_struct lsapi_sapi_module =
 };
 /* }}} */
 
-static int init_request_info( TSRMLS_D )
+static void init_request_info( TSRMLS_D )
 {
     char * pContentType = LSAPI_GetHeader( H_CONTENT_TYPE );
     char * pAuth;
-- 
cgit v1.2.1


From a8722f5330507be74c40d5b8d313226540ea4f48 Mon Sep 17 00:00:00 2001
From: Yasuo Ohgaki <yohgaki@php.net>
Date: Sat, 14 Feb 2015 05:25:04 +0900
Subject: Add NULL byte protection to exec, system and passthru

---
 ext/standard/exec.c                      |  4 ++++
 ext/standard/tests/misc/exec_basic1.phpt | 25 +++++++++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 ext/standard/tests/misc/exec_basic1.phpt

diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index f8a22adf39..d6938a4809 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -188,6 +188,10 @@ static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot execute a blank command");
 		RETURN_FALSE;
 	}
+	if (strlen(cmd) != cmd_len) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "NULL byte detected. Possible attack");
+		RETURN_FALSE;
+	}
 
 	if (!ret_array) {
 		ret = php_exec(mode, cmd, NULL, return_value TSRMLS_CC);
diff --git a/ext/standard/tests/misc/exec_basic1.phpt b/ext/standard/tests/misc/exec_basic1.phpt
new file mode 100644
index 0000000000..514c116d68
--- /dev/null
+++ b/ext/standard/tests/misc/exec_basic1.phpt
@@ -0,0 +1,25 @@
+--TEST--
+exec, system, passthru  — Basic command execution functions
+--SKIPIF--
+<?php
+// If this does not work for Windows, please uncomment or fix test
+// if(substr(PHP_OS, 0, 3) == "WIN") die("skip not for Windows");
+?>
+--FILE--
+<?php
+$cmd = "echo abc\n\0command";
+var_dump(exec($cmd, $output));
+var_dump($output);
+var_dump(system($cmd));
+var_dump(passthru($cmd));
+?>
+--EXPECTF--
+Warning: exec(): NULL byte detected. Possible attack in %s on line %d
+bool(false)
+NULL
+
+Warning: system(): NULL byte detected. Possible attack in %s on line %d
+bool(false)
+
+Warning: passthru(): NULL byte detected. Possible attack in %s on line %d
+bool(false)
-- 
cgit v1.2.1