Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
php5
>
php-5.3.28
> CVE-2014-3479.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File CVE-2014-3479.patch of Package php-5.3.28
--- php-5.3.28/ext/fileinfo/libmagic/cdf.c.orig 2014-06-27 22:20:14.827472051 +0200 +++ php-5.3.28/ext/fileinfo/libmagic/cdf.c 2014-06-27 22:26:26.350829626 +0200 @@ -277,13 +277,15 @@ { const char *b = (const char *)sst->sst_tab; const char *e = ((const char *)p) + tail; + size_t ss = sst->sst_dirlen < h->h_min_size_standard_stream ? + CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); (void)&line; - if (e >= b && (size_t)(e - b) < CDF_SEC_SIZE(h) * sst->sst_len) + if (e >= b && (size_t)(e - b) <= ss * sst->sst_len) return 0; DPRINTF(("%d: offset begin %p end %p %" SIZE_T_FORMAT "u" " >= %" SIZE_T_FORMAT "u [%" SIZE_T_FORMAT "u %" SIZE_T_FORMAT "u]\n", line, b, e, (size_t)(e - b), - CDF_SEC_SIZE(h) * sst->sst_len, CDF_SEC_SIZE(h), sst->sst_len)); + ss * sst->sst_len, ss, sst->sst_len)); errno = EFTYPE; return -1; }