From 8a22540a95db7c8a9857efc2ced8b91ceffda238 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Tue, 15 Apr 2014 10:43:24 -0700
Subject: [PATCH 1/2] Fix bug #67060: use default mode of 660

---
 NEWS                     | 4 ++++
 sapi/fpm/fpm/fpm_unix.c  | 2 +-
 sapi/fpm/php-fpm.conf.in | 4 ++--
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 72c09399256..264b438b595 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,10 @@ PHP                                                                        NEWS
   . Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
     (Stefan Esser).
 
+- FPM:
+  . Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure
+    default configuration) (CVE-2014-0185). (Stas)
+
 11 Jul 2013, PHP 5.3.27
 
 - Core:
diff --git a/sapi/fpm/fpm/fpm_unix.c b/sapi/fpm/fpm/fpm_unix.c
index 48249e8a494..ea0e67369cd 100644
--- a/sapi/fpm/fpm/fpm_unix.c
+++ b/sapi/fpm/fpm/fpm_unix.c
@@ -35,7 +35,7 @@ int fpm_unix_resolve_socket_premissions(struct fpm_worker_pool_s *wp) /* {{{ */
 	/* uninitialized */
 	wp->socket_uid = -1;
 	wp->socket_gid = -1;
-	wp->socket_mode = 0666;
+	wp->socket_mode = 0660;
 
 	if (!c) {
 		return 0;
diff --git a/sapi/fpm/php-fpm.conf.in b/sapi/fpm/php-fpm.conf.in
index 44e4dbac080..e8efc7020a6 100644
--- a/sapi/fpm/php-fpm.conf.in
+++ b/sapi/fpm/php-fpm.conf.in
@@ -158,10 +158,10 @@ listen = 127.0.0.1:9000
 ; permissions must be set in order to allow connections from a web server. Many
 ; BSD-derived systems allow connections regardless of permissions. 
 ; Default Values: user and group are set as the running user
-;                 mode is set to 0666
+;                 mode is set to 0660
 ;listen.owner = @php_fpm_user@
 ;listen.group = @php_fpm_group@
-;listen.mode = 0666
+;listen.mode = 0660
  
 ; List of ipv4 addresses of FastCGI clients which are allowed to connect.
 ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original

From adc070ca995384e4de83fa3446c6dfcf946a3f50 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 18 May 2014 23:42:30 -0700
Subject: [PATCH 2/2] fix typo in ODBC code

---
 ext/odbc/php_odbc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c
index 8e555ff9d2e..b6a0d48a38e 100644
--- a/ext/odbc/php_odbc.c
+++ b/ext/odbc/php_odbc.c
@@ -1317,7 +1317,7 @@ PHP_FUNCTION(odbc_execute)
 			if (Z_STRLEN_PP(tmp) > 2 &&
 				Z_STRVAL_PP(tmp)[0] == '\'' &&
 				Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') {
-				if (strlen(tmp) != Z_STRLEN_PP(tmp)) {
+				if (strlen(Z_STRVAL_PP(tmp)) != Z_STRLEN_PP(tmp)) {
 					RETURN_FALSE;
 				}