Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:102318 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 57669 invoked from network); 20 Jun 2018 09:25:07 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Jun 2018 09:25:07 -0000 Authentication-Results: pb1.pair.com header.from=nikita.ppv@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=nikita.ppv@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.48 as permitted sender) X-PHP-List-Original-Sender: nikita.ppv@gmail.com X-Host-Fingerprint: 209.85.214.48 mail-it0-f48.google.com Received: from [209.85.214.48] ([209.85.214.48:36773] helo=mail-it0-f48.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 93/72-32156-17D1A2B5 for ; Wed, 20 Jun 2018 05:25:06 -0400 Received: by mail-it0-f48.google.com with SMTP id j135-v6so4561854itj.1 for ; Wed, 20 Jun 2018 02:25:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=h8B5W1ur2u6on7yKE9wc7bM5NRxJ8XUR6QSu9WbwXX0=; b=FDQjl9IyTqaRg0pGd1b5bJP0dZ4rEnIrixQXk32fBPD0F5BPK5g0sXR1mERL6oV1Tm NyAnaRXFpEXBzF1DrdBr55bZ43dQdLW1wunsYSHAfpdQa5SME6B0O8pAEJJV2QdR0N5L bKB84BcATvPiPDuPuC1XgB9jdIdZuxIYYLGANjDRQ1T5h9FztfMBR+LBCIbbyV+AtgrL m1WIGRurK2QXZPr55GLYnZSSjX4GQWwKr1eR3piJI4dZU5c2DjZagCfCtQokMTzJvG9S HjRfHw9evAPdnCSBTUt3WmsusTCxh9tKcrlA/ARJ7Wn5Qp4MdVzDv096v1U/UrIni1p/ 63Ig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=h8B5W1ur2u6on7yKE9wc7bM5NRxJ8XUR6QSu9WbwXX0=; b=VrNJG0dH1ZCadQhhv5+30gtPYeOUKn521UQouW3Dguubgw5ovMxZaqV57kkPdiEkQq FKPHJ5vI3LTGjzydiPXBIvCuVvrOkBcCwMDqGs6tSWLeTzWzFAM8Cj3q1bLJBN5pCR7e QIYXXtgNztckFlcX2H2Jqsl5/tm7wPHT69UQY4vNVR/7PSKhdvSbJ2WraRzzqGkv6s/O 1B5/PqbGnqJiVFj9PapTDnCJbe3OI8gMnuv9HnjhFctvCIxsxRbs5KT5e5xShOgLw2nR QrlnYwmWkFktag8WafN7uEP5/R2JkXN/I9+uQCtLUfICK4+A+NvCvwFHH6dMGmHTZ7AV aToQ== X-Gm-Message-State: APt69E3MkakjWRCAKkT56ncel23EvqlGRPSBIG6OSt2oggamSRDQtspy IXE2nQCxNmxwpq0hN7vi/JUpQFxrb8siBPtDlTHQ4w== X-Google-Smtp-Source: ADUXVKLfCO8+9NSmDDUdKBImYn6kFRIRRQJUKYkg1nhs7e55GQG7Xy14bXQGf/NXlGqUEL0yLSwYsbxsmN2AxQRBD/0= X-Received: by 2002:a02:7157:: with SMTP id n23-v6mr15667969jaf.94.1529486702893; Wed, 20 Jun 2018 02:25:02 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a6b:fe0c:0:0:0:0:0 with HTTP; Wed, 20 Jun 2018 02:25:02 -0700 (PDT) In-Reply-To: References: <9bcd3495-4d32-dfd0-c91f-29cdc0c582d2@gmail.com> Date: Wed, 20 Jun 2018 11:25:02 +0200 Message-ID: To: Lester Caine Cc: PHP internals Content-Type: multipart/alternative; boundary="0000000000009d5f93056f0f5f78" Subject: Re: [PHP-DEV] Cleaning up unmaintained extensions - interbase From: nikita.ppv@gmail.com (Nikita Popov) --0000000000009d5f93056f0f5f78 Content-Type: text/plain; charset="UTF-8" On Tue, Jun 19, 2018 at 11:47 PM, Lester Caine wrote: > On 19/06/18 21:48, Stanislav Malyshev wrote: > >> What Bug! >>> It's passing all the test that I run on it perfectly stably otherwise I >>> would not even bother with PHP7. But the problem supporting ANY driver >>> is the exotic nature of PHP is just as difficult as the tools it needs >>> to interface with to make a fully functional stack ... >>> >> I have four bugs for interbase and four for firebird submitted just >> recently, as security issues. Do you want to take care of them? I can >> assign them to you if you want to take care of them. >> > > The last time I managed to patch php was over 15 years ago, I have not > been able to get a handle on the new structure used by PHP7 in part because > I've not had time to do any C coding since. I'm still working on moving > PHP5.2 code to work on PHP7 while keeping the stack working on W10 and > maintained versions of SUSE Linux. And some of the stuff I thought I'd > finished upgrading is not working again :( > > I'm not seeing any bugs listed in bugs.php.net that are security risks. I > don't touch PDO_firebird as it does not handle key Firebird features so > looking at 'InterBase related' only returns 8 bugs, and one of them is > missing documentation on the fbird_ aliases that I use in the ADOdb > Firebird driver. THAT is something I do spend time keeping tidy, and fixes > some of the niggles raw access encounters, but I will have a look at the > 2017 bugs that I'd not been aware of ... the other bugs are somewhat exotic > but not security matters. Just to clarify which bug I was referring to in that mail, it's this one: https://bugs.php.net/bug.php?id=72175 There are three issues that must be addressed: * The issue in the original bug report: Connecting to the same DB multiple times does not work. * The use of zend_list_delete() in *_close() functions, which is memory-unsafe. * Incorrect interaction of closing and multiple shared connections. While the underlying connection is shared, closing one resource should not close all the other ones, but also not result in any leaks (this ties into the previous point -- you can't just use zend_list_delete for that!) You may need to implement a double resource indirection to properly handle this, one holding the actual connection and another holding the connection resource. If you or someone who is familiar with interbase could fix these issues, that would be highly appreciated. Thanks, Nikita --0000000000009d5f93056f0f5f78--