From e86d8704b44dde164e36b5364036e1988ac566fe Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 14 Feb 2023 14:13:40 +0100 Subject: [PATCH 1/8] more config for new FPM tests --- sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt | 4 +++- .../fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt | 4 +++- sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt | 4 +++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt index d2239ac3c410b..d5c4c4d469871 100644 --- a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt +++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt @@ -21,7 +21,9 @@ php_admin_value[html_errors] = false php_admin_value[max_input_vars] = 20 php_admin_value[max_file_uploads] = 5 php_admin_value[max_multipart_body_parts] = 10 -php_flag[display_errors] = On +php_admin_flag[display_errors] = On +php_admin_flag[display_startup_errors] = On +php_admin_flag[log_errors] = On EOT; $code = << Date: Tue, 14 Feb 2023 15:18:53 +0100 Subject: [PATCH 2/8] [ci skip] Next release will be 8.0.29 --- NEWS | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index ed5df77edfc82..9b41aeb1ed7d5 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.0.28 +?? ??? ????, PHP 8.0.29 + + +14 Feb 2023, PHP 8.0.28 - Core: . Fixed bug #81744 (Password_verify() always return true with some hash). From ac4254ad764c70cb1f05c9270d8d12689fc3aeb6 Mon Sep 17 00:00:00 2001 From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> Date: Sun, 16 Apr 2023 15:05:03 +0200 Subject: [PATCH 3/8] Fix missing randomness check and insufficient random bytes for SOAP HTTP Digest MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If php_random_bytes_throw fails, the nonce will be uninitialized, but still sent to the server. The client nonce is intended to protect against a malicious server. See section 5.10 and 5.12 of RFC 7616 [1], and bullet point 2 below. Tim pointed out that even though it's the MD5 of the nonce that gets sent, enumerating 31 bits is trivial. So we have still a stack information leak of 31 bits. Furthermore, Tim found the following issues: * The small size of cnonce might cause the server to erroneously reject a request due to a repeated (cnonce, nc) pair. As per the birthday problem 31 bits of randomness will return a duplication with 50% chance after less than 55000 requests and nc always starts counting at 1. * The cnonce is intended to protect the client and password against a malicious server that returns a constant server nonce where the server precomputed a rainbow table between passwords and correct client response. As storage is fairly cheap, a server could precompute the client responses for (a subset of) client nonces and still have a chance of reversing the client response with the same probability as the cnonce duplication. Precomputing the rainbow table for all 2^31 cnonces increases the rainbow table size by factor 2 billion, which is infeasible. But precomputing it for 2^14 cnonces only increases the table size by factor 16k and the server would still have a 10% chance of successfully reversing a password with a single client request. This patch fixes the issues by increasing the nonce size, and checking the return value of php_random_bytes_throw(). In the process we also get rid of the MD5 hashing of the nonce. [1] RFC 7616: https://www.rfc-editor.org/rfc/rfc7616 Co-authored-by: Tim Düsterhus --- ext/soap/php_http.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index 1da286ad875f8..e796dba9619ac 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -664,18 +664,23 @@ int make_http_soap_request(zval *this_ptr, if ((digest = zend_hash_str_find(Z_OBJPROP_P(this_ptr), "_digest", sizeof("_digest")-1)) != NULL) { if (Z_TYPE_P(digest) == IS_ARRAY) { char HA1[33], HA2[33], response[33], cnonce[33], nc[9]; - zend_long nonce; + unsigned char nonce[16]; PHP_MD5_CTX md5ctx; unsigned char hash[16]; - php_random_bytes_throw(&nonce, sizeof(nonce)); - nonce &= 0x7fffffff; + if (UNEXPECTED(php_random_bytes_throw(&nonce, sizeof(nonce)) != SUCCESS)) { + ZEND_ASSERT(EG(exception)); + php_stream_close(stream); + convert_to_null(Z_CLIENT_HTTPURL_P(this_ptr)); + convert_to_null(Z_CLIENT_HTTPSOCKET_P(this_ptr)); + convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr)); + smart_str_free(&soap_headers_z); + smart_str_free(&soap_headers); + return FALSE; + } - PHP_MD5Init(&md5ctx); - snprintf(cnonce, sizeof(cnonce), ZEND_LONG_FMT, nonce); - PHP_MD5Update(&md5ctx, (unsigned char*)cnonce, strlen(cnonce)); - PHP_MD5Final(hash, &md5ctx); - make_digest(cnonce, hash); + php_hash_bin2hex(cnonce, nonce, sizeof(nonce)); + cnonce[32] = 0; if ((tmp = zend_hash_str_find(Z_ARRVAL_P(digest), "nc", sizeof("nc")-1)) != NULL && Z_TYPE_P(tmp) == IS_LONG) { From 05724482637904235b95082d06e0dc01965c73d0 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 6 Jun 2023 18:05:22 +0200 Subject: [PATCH 4/8] Fix GH-11382 add missing hash header for bin2hex --- ext/soap/php_http.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index e796dba9619ac..77ed21d4f0f4e 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -20,6 +20,7 @@ #include "ext/standard/base64.h" #include "ext/standard/md5.h" #include "ext/standard/php_random.h" +#include "ext/hash/php_hash.h" static char *get_http_header_value_nodup(char *headers, char *type, size_t *len); static char *get_http_header_value(char *headers, char *type); From b720ab99f8de31e878e1707f0e232f28fc6655c5 Mon Sep 17 00:00:00 2001 From: Pierrick Charron Date: Tue, 6 Jun 2023 17:59:43 -0400 Subject: [PATCH 5/8] Update NEWS --- NEWS | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 9b41aeb1ed7d5..ff0d216d435ce 100644 --- a/NEWS +++ b/NEWS @@ -1,8 +1,14 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.0.29 +?? ??? ????, PHP 8.0.30 +08 Jun 2023, PHP 8.0.29 + +- Soap: + . Fixed bug GHSA-76gg-c692-v2mw (Missing error check and insufficient random + bytes in HTTP Digest authentication for SOAP). (nielsdos, timwolla) + 14 Feb 2023, PHP 8.0.28 - Core: From 32c7c433ac1983c4497349051681a4f361d3d33e Mon Sep 17 00:00:00 2001 From: Pierrick Charron Date: Tue, 6 Jun 2023 18:49:32 -0400 Subject: [PATCH 6/8] Fix wrong backporting of previous soap patch --- ext/soap/php_http.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index 77ed21d4f0f4e..37250a6bdcd12 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -672,9 +672,9 @@ int make_http_soap_request(zval *this_ptr, if (UNEXPECTED(php_random_bytes_throw(&nonce, sizeof(nonce)) != SUCCESS)) { ZEND_ASSERT(EG(exception)); php_stream_close(stream); - convert_to_null(Z_CLIENT_HTTPURL_P(this_ptr)); - convert_to_null(Z_CLIENT_HTTPSOCKET_P(this_ptr)); - convert_to_null(Z_CLIENT_USE_PROXY_P(this_ptr)); + zend_hash_str_del(Z_OBJPROP_P(this_ptr), "httpurl", sizeof("httpurl")-1); + zend_hash_str_del(Z_OBJPROP_P(this_ptr), "httpsocket", sizeof("httpsocket")-1); + zend_hash_str_del(Z_OBJPROP_P(this_ptr), "_use_proxy", sizeof("_use_proxy")-1); smart_str_free(&soap_headers_z); smart_str_free(&soap_headers); return FALSE; From 794bcebb6aff4911f3feafe05a226992dacddcc7 Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Wed, 7 Jun 2023 17:23:39 +0000 Subject: [PATCH 7/8] Update NEWS for PHP 8.0.29 --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index ff0d216d435ce..13d9857d64674 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,6 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? ????, PHP 8.0.30 +08 Jun 2023, PHP 8.0.29 08 Jun 2023, PHP 8.0.29 From 340c89f31f1b8e9efb65c937ac06b75a2195b97b Mon Sep 17 00:00:00 2001 From: Gabriel Caruso Date: Wed, 7 Jun 2023 17:23:41 +0000 Subject: [PATCH 8/8] Update versions for PHP 8.0.29 --- Zend/zend.h | 2 +- configure.ac | 2 +- main/php_version.h | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Zend/zend.h b/Zend/zend.h index 11bf4fc29f1af..3fe84bc821eec 100644 --- a/Zend/zend.h +++ b/Zend/zend.h @@ -20,7 +20,7 @@ #ifndef ZEND_H #define ZEND_H -#define ZEND_VERSION "4.0.27-dev" +#define ZEND_VERSION "4.0.29" #define ZEND_ENGINE_3 diff --git a/configure.ac b/configure.ac index 23d46ae8d10a6..d797f2fde5814 100644 --- a/configure.ac +++ b/configure.ac @@ -17,7 +17,7 @@ dnl Basic autoconf initialization, generation of config.nice. dnl ---------------------------------------------------------------------------- AC_PREREQ([2.68]) -AC_INIT([PHP],[8.0.27-dev],[https://bugs.php.net],[php],[https://www.php.net]) +AC_INIT([PHP],[8.0.29],[https://bugs.php.net],[php],[https://www.php.net]) AC_CONFIG_SRCDIR([main/php_version.h]) AC_CONFIG_AUX_DIR([build]) AC_PRESERVE_HELP_ORDER diff --git a/main/php_version.h b/main/php_version.h index 22111976ccb97..3c7fb60d88356 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -2,7 +2,7 @@ /* edit configure.ac to change version number */ #define PHP_MAJOR_VERSION 8 #define PHP_MINOR_VERSION 0 -#define PHP_RELEASE_VERSION 27 -#define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "8.0.27-dev" -#define PHP_VERSION_ID 80027 +#define PHP_RELEASE_VERSION 29 +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "8.0.29" +#define PHP_VERSION_ID 80029