From a2b8ecb7b8799269d1383691afa7d7fa6526edd2 Mon Sep 17 00:00:00 2001 From: Sven Reichel Date: Fri, 20 Jan 2023 02:59:59 +0100 Subject: [PATCH 1/2] Moved patch files to repo --- composer.json | 16 ++++---- composer.lock | 2 +- patches/.htaccess | 2 - patches/MAG-1.1.1.patch | 11 ------ patches/MAG-1.9.3.0.patch | 45 --------------------- patches/MAG-1.9.3.7.patch | 15 ------- patches/MAG-1.9.3.9.patch | 13 ------- patches/OM-1081.patch | 13 ------- patches/OM-2047.patch | 49 ----------------------- patches/OM-2050.patch | 12 ------ patches/OM-918.patch | 82 --------------------------------------- 11 files changed, 9 insertions(+), 251 deletions(-) delete mode 100644 patches/.htaccess delete mode 100644 patches/MAG-1.1.1.patch delete mode 100644 patches/MAG-1.9.3.0.patch delete mode 100644 patches/MAG-1.9.3.7.patch delete mode 100644 patches/MAG-1.9.3.9.patch delete mode 100644 patches/OM-1081.patch delete mode 100644 patches/OM-2047.patch delete mode 100644 patches/OM-2050.patch delete mode 100644 patches/OM-918.patch diff --git a/composer.json b/composer.json index 8a35d9f68da..aa9d97f27e1 100644 --- a/composer.json +++ b/composer.json @@ -97,14 +97,14 @@ "magento-force": true, "patches": { "shardj/zf1-future": { - "MAG-1.1.1": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/MAG-1.1.1.patch", - "MAG-1.9.3.0": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/MAG-1.9.3.0.patch", - "MAG-1.9.3.7 - SUPEE-10415": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/MAG-1.9.3.7.patch", - "MAG-1.9.3.9": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/MAG-1.9.3.9.patch", - "OM-918 - Add runtime cache to Zend_Locale_Data": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/OM-918.patch", - "OM-1081 - Not detecting HTTPS behind a proxy": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/OM-1081.patch", - "OM-2047 - Pass delimiter char to preg_quote": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/OM-2047.patch", - "OM-2050 - Prevent checking known date codes": "https://raw.githubusercontent.com/OpenMage/magento-lts/1.9.4.x/patches/OM-2050.patch" + "MAG-1.1.1": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.1.1.patch", + "MAG-1.9.3.0": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.9.3.0.patch", + "MAG-1.9.3.7 - SUPEE-10415": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.9.3.7.patch", + "MAG-1.9.3.9": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.9.3.9.patch", + "OM-918 - Add runtime cache to Zend_Locale_Data": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-918.patch", + "OM-1081 - Not detecting HTTPS behind a proxy": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-1081.patch", + "OM-2047 - Pass delimiter char to preg_quote": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-2047.patch", + "OM-2050 - Prevent checking known date codes": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-2050.patch" } } }, diff --git a/composer.lock b/composer.lock index 2b921154d37..0c0ff40e5f7 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "8a447e3de143a95e682b1231242ae579", + "content-hash": "79891e64be50f41467dd0fdc05145d6f", "packages": [ { "name": "colinmollenhour/cache-backend-redis", diff --git a/patches/.htaccess b/patches/.htaccess deleted file mode 100644 index 93169e4eb44..00000000000 --- a/patches/.htaccess +++ /dev/null @@ -1,2 +0,0 @@ -Order deny,allow -Deny from all diff --git a/patches/MAG-1.1.1.patch b/patches/MAG-1.1.1.patch deleted file mode 100644 index 3399b19526f..00000000000 --- a/patches/MAG-1.1.1.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Mime.php -@@ -38,7 +38,7 @@ - const ENCODING_BASE64 = 'base64'; - const DISPOSITION_ATTACHMENT = 'attachment'; - const DISPOSITION_INLINE = 'inline'; -- const LINELENGTH = 72; -+ const LINELENGTH = 200; - const LINEEND = "\n"; - const MULTIPART_ALTERNATIVE = 'multipart/alternative'; - const MULTIPART_MIXED = 'multipart/mixed'; diff --git a/patches/MAG-1.9.3.0.patch b/patches/MAG-1.9.3.0.patch deleted file mode 100644 index 48bb54cbbe2..00000000000 --- a/patches/MAG-1.9.3.0.patch +++ /dev/null @@ -1,45 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Validate/Hostname.php -@@ -2188,7 +2188,9 @@ - $this->_tld = $matches[1]; - if ($this->_options['tld']) { - if (!in_array(strtolower($this->_tld), $this->_validTlds) -- && !in_array($this->_tld, $this->_validTlds)) { -+ && !in_array($this->_tld, $this->_validTlds) -+ && !$this->checkDnsRecords($this->_value) -+ ) { - $this->_error(self::UNKNOWN_TLD); - $status = false; - break; -@@ -2422,5 +2424,31 @@ - } - - return implode($decoded); -+ } -+ -+ /** -+ * Returns true if any DNS records corresponding to a given Internet host are found. -+ * Returns false if no DNS records were found or if an error occurred. -+ * Checks A-Record. -+ * -+ * @param string $hostName -+ * -+ * @return bool -+ */ -+ protected function checkDnsRecords($hostName) -+ { -+ if (function_exists('idn_to_ascii')) { -+ if (defined('IDNA_NONTRANSITIONAL_TO_ASCII') && defined('INTL_IDNA_VARIANT_UTS46')) { -+ $toAscii = idn_to_ascii($hostName, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46); -+ } else { -+ $toAscii = idn_to_ascii($hostName); -+ } -+ $result = checkdnsrr($toAscii, 'A'); -+ } else { -+ $idn = new Net_IDNA2(); -+ $result = checkdnsrr($idn->encode($hostName), 'A'); -+ } -+ -+ return $result; - } - } diff --git a/patches/MAG-1.9.3.7.patch b/patches/MAG-1.9.3.7.patch deleted file mode 100644 index 5c23f7857e5..00000000000 --- a/patches/MAG-1.9.3.7.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Form/Decorator/Form.php -@@ -129,6 +129,12 @@ - $attribs = $this->getOptions(); - $name = $form->getFullyQualifiedName(); - $attribs['id'] = $form->getId(); -+ if ($helper == 'unserialize') { -+ $filter = new Varien_Filter_FormElementName(true); -+ if($filter->filter($name) != $name){ -+ throw new Zend_Form_Exception(sprintf('Invalid element name:"%s"', $name)); -+ } -+ } - return $view->$helper($name, $attribs, $content); - } - } diff --git a/patches/MAG-1.9.3.9.patch b/patches/MAG-1.9.3.9.patch deleted file mode 100644 index 03acc1cd426..00000000000 --- a/patches/MAG-1.9.3.9.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Validate/EmailAddress.php -@@ -429,7 +429,9 @@ - // Quoted-string characters are: DQUOTE *(qtext/quoted-pair) DQUOTE - $qtext = '\x20-\x21\x23-\x5b\x5d-\x7e'; // %d32-33 / %d35-91 / %d93-126 - $quotedPair = '\x20-\x7e'; // %d92 %d32-126 -- if (preg_match('/^"(['. $qtext .']|\x5c[' . $quotedPair . '])*"$/', $this->localPart)) { -+ if ((0 === (strcmp($this->localPart, strip_tags($this->localPart)))) -+ && (0 === (strcmp($this->localPart, htmlspecialchars_decode($this->localPart)))) -+ && (preg_match('/^"(['. $qtext .']|\x5c[' . $quotedPair . '])*"$/', $this->localPart))) { - $result = true; - } else { - $this->_error(self::DOT_ATOM); diff --git a/patches/OM-1081.patch b/patches/OM-1081.patch deleted file mode 100644 index ecd13ae8ac4..00000000000 --- a/patches/OM-1081.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Controller/Request/Http.php -@@ -1041,7 +1041,9 @@ - */ - public function getScheme() - { -- return ($this->getServer('HTTPS') == 'on') ? self::SCHEME_HTTPS : self::SCHEME_HTTP; -+ return (strtolower((string)$this->getServer('HTTPS')) == 'on') || $this->getServer('HTTP_X_FORWARDED_PROTO') == 'https' ? -+ self::SCHEME_HTTPS : -+ self::SCHEME_HTTP; - } - - /** diff --git a/patches/OM-2047.patch b/patches/OM-2047.patch deleted file mode 100644 index 0f5590f24ff..00000000000 --- a/patches/OM-2047.patch +++ /dev/null @@ -1,49 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Cloud/DocumentService/Adapter/WindowsAzure.php -@@ -525,7 +525,7 @@ - */ - protected function _validateKey($key) - { -- if (preg_match('@[/#?' . preg_quote('\\') . ']@', $key)) { -+ if (preg_match('@[/#?' . preg_quote('\\', '@') . ']@', $key)) { - throw new Zend_Cloud_DocumentService_Exception('Invalid partition or row key provided; must not contain /, \\, #, or ? characters'); - } - } - ---- /dev/null -+++ ../library/Zend/Db/Statement.php -@@ -185,11 +185,11 @@ - // e.g. \' or '' - $qe = $this->_adapter->quote($q); - $qe = substr($qe, 1, 2); -- $qe = preg_quote($qe); -+ $qe = preg_quote($qe, '/'); - $escapeChar = substr($qe,0,1); - // remove 'foo\'bar' - if (!empty($q)) { -- $escapeChar = preg_quote($escapeChar); -+ $escapeChar = preg_quote($escapeChar, '/'); - // this segfaults only after 65,000 characters instead of 9,000 - $sql = preg_replace("/$q([^$q{$escapeChar}]*|($qe)*)*$q/s", '', $sql); - } -@@ -207,7 +207,7 @@ - // e.g. \" or "" or \` - $de = $this->_adapter->quoteIdentifier($d); - $de = substr($de, 1, 2); -- $de = preg_quote($de); -+ $de = preg_quote($de, '/'); - // Note: $de and $d where never used..., now they are: - $sql = preg_replace("/$d($de|\\\\{2}|[^$d])*$d/Us", '', $sql); - return $sql; - ---- /dev/null -+++ ../library/Zend/Http/Cookie.php -@@ -396,7 +396,7 @@ - - // Check for either exact match or suffix match - return ($cookieDomain == $host || -- preg_match('/\.' . preg_quote($cookieDomain) . '$/', $host)); -+ preg_match('/\.' . preg_quote($cookieDomain, '/') . '$/', $host)); - } - - /** diff --git a/patches/OM-2050.patch b/patches/OM-2050.patch deleted file mode 100644 index 35b1794d95a..00000000000 --- a/patches/OM-2050.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Date.php -@@ -541,7 +541,8 @@ - } - - if (($part !== null) && !defined($part) -- && ($part != 'ee') && ($part != 'ss') && ($part != 'GG') && ($part != 'MM') && ($part != 'EE') && ($part != 'TT') -+ && ($part !== 'ee') && ($part !== 'ss') && ($part !== 'GG') && ($part !== 'MM') && ($part !== 'EE') && ($part !== 'TT') -+ && ($part !== 'U') && ($part !== 'X') && ($part !== 'c') - && Zend_Locale::isLocale($part, null, false)) { - $locale = $part; - $part = null; diff --git a/patches/OM-918.patch b/patches/OM-918.patch deleted file mode 100644 index 185d7e30fd8..00000000000 --- a/patches/OM-918.patch +++ /dev/null @@ -1,82 +0,0 @@ ---- /dev/null -+++ ../library/Zend/Locale/Data.php -@@ -75,6 +75,13 @@ - private static $_cacheDisabled = false; - - /** -+ * Internal cache, prevent repeated cache requests -+ * -+ * @var array -+ */ -+ private static $_localCache = []; -+ -+ /** - * Read the content from locale - * - * Can be called like: -@@ -335,8 +342,15 @@ - - $val = urlencode((string) $val); - $id = self::_filterCacheId('Zend_LocaleL_' . $locale . '_' . $path . '_' . $val); -+ -+ // add runtime cache to avoid calling cache backend multiple times during one request -+ if (isset(self::$_localCache[$id])) { -+ return self::$_localCache[$id]; -+ } - if (!self::$_cacheDisabled && ($result = self::$_cache->load($id))) { -- return unserialize($result); -+ $result = unserialize($result); -+ self::$_localCache[$id] = $result; -+ return $result; - } - - $temp = []; -@@ -946,11 +960,13 @@ - } - - if (isset(self::$_cache)) { -+ $data = serialize($temp); - if (self::$_cacheTags) { -- self::$_cache->save( serialize($temp), $id, ['Zend_Locale']); -+ self::$_cache->save( $data, $id, ['Zend_Locale']); - } else { -- self::$_cache->save( serialize($temp), $id); -+ self::$_cache->save( $data, $id); - } -+ static::$_localCache[$id] = $temp; - } - - return $temp; -@@ -984,8 +1000,15 @@ - } - $val = urlencode((string) $val); - $id = self::_filterCacheId('Zend_LocaleC_' . $locale . '_' . $path . '_' . $val); -+ -+ // add runtime cache to avoid calling cache backend multiple times during one request -+ if (isset(self::$_localCache[$id])) { -+ return self::$_localCache[$id]; -+ } - if (!self::$_cacheDisabled && ($result = self::$_cache->load($id))) { -- return unserialize($result); -+ $result = unserialize($result); -+ self::$_localCache[$id] = $result; -+ return $result; - } - - switch(strtolower($path)) { -@@ -1499,11 +1522,13 @@ - $temp = current($temp); - } - if (isset(self::$_cache)) { -+ $data = serialize($temp); - if (self::$_cacheTags) { -- self::$_cache->save( serialize($temp), $id, ['Zend_Locale']); -+ self::$_cache->save( $data, $id, ['Zend_Locale']); - } else { -- self::$_cache->save( serialize($temp), $id); -+ self::$_cache->save( $data, $id); - } -+ static::$_localCache[$id] = $temp; - } - - return $temp; From c4f940c02f7502655c03c4dcc99d869c1ea5b4f6 Mon Sep 17 00:00:00 2001 From: Mohamed ELIDRISSI <67818913+elidrissidev@users.noreply.github.com> Date: Tue, 24 Jan 2023 10:05:58 +0100 Subject: [PATCH 2/2] Use permalink for patch URLs --- composer.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index aa9d97f27e1..196e1bd085e 100644 --- a/composer.json +++ b/composer.json @@ -97,14 +97,14 @@ "magento-force": true, "patches": { "shardj/zf1-future": { - "MAG-1.1.1": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.1.1.patch", - "MAG-1.9.3.0": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.9.3.0.patch", - "MAG-1.9.3.7 - SUPEE-10415": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.9.3.7.patch", - "MAG-1.9.3.9": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/MAG-1.9.3.9.patch", - "OM-918 - Add runtime cache to Zend_Locale_Data": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-918.patch", - "OM-1081 - Not detecting HTTPS behind a proxy": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-1081.patch", - "OM-2047 - Pass delimiter char to preg_quote": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-2047.patch", - "OM-2050 - Prevent checking known date codes": "https://raw.githubusercontent.com/OpenMage/composer-patches/main/patches/OM-2050.patch" + "MAG-1.1.1": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/MAG-1.1.1.patch", + "MAG-1.9.3.0": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/MAG-1.9.3.0.patch", + "MAG-1.9.3.7 - SUPEE-10415": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/MAG-1.9.3.7.patch", + "MAG-1.9.3.9": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/MAG-1.9.3.9.patch", + "OM-918 - Add runtime cache to Zend_Locale_Data": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/OM-918.patch", + "OM-1081 - Not detecting HTTPS behind a proxy": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/OM-1081.patch", + "OM-2047 - Pass delimiter char to preg_quote": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/OM-2047.patch", + "OM-2050 - Prevent checking known date codes": "https://raw.githubusercontent.com/OpenMage/composer-patches/74862e7a9fa29dd62c5c02d585d931ce9e3c5815/patches/OM-2050.patch" } } },