Search
j0ke.net Open Build Service
>
Projects
>
home:jg
:
playground
:
zpanel
>
zpphp
> php-5.3.3-CVE-2012-2688.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File php-5.3.3-CVE-2012-2688.patch of Package zpphp
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2688 http://git.php.net/?p=php-src.git;a=commitdiff;h=fc74503792b1ee92e4b813690890f3ed38fa3ad5 --- php-5.3.3/main/streams/streams.c.cve2688 2012-10-16 13:41:35.000000000 +0200 +++ php-5.3.3/main/streams/streams.c 2012-10-16 13:49:11.548079279 +0200 @@ -2160,6 +2160,11 @@ if (vector_size == 0) { vector_size = 10; } else { + if (vector_size*2 < vector_size) { + /* overflow */ + efree(vector); + return FAILURE; + } vector_size *= 2; } vector = (char **) erealloc(vector, vector_size * sizeof(char *));