Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
php5
:
5.2.17
:
monolithic
>
php5-monolithic
> php-5.2.14-CVE-2011-3182.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File php-5.2.14-CVE-2011-3182.patch of Package php5-monolithic
http://svn.php.net/viewvc?view=revision&revision=313826 http://svn.php.net/viewvc?view=revision&revision=313827 http://svn.php.net/viewvc?view=revision&revision=313828 http://svn.php.net/viewvc?view=revision&revision=313830 http://svn.php.net/viewvc?view=revision&revision=313831 http://svn.php.net/viewvc?view=revision&revision=313832 http://svn.php.net/viewvc?view=revision&revision=313833 http://svn.php.net/viewvc?view=revision&revision=313835 http://svn.php.net/viewvc?view=revision&revision=313903 https://bugzilla.redhat.com/show_bug.cgi?id=732516 Index: ext/curl/interface.c =================================================================== --- ext/curl/interface.c.orig +++ ext/curl/interface.c @@ -803,6 +803,9 @@ PHP_MINIT_FUNCTION(curl) int i, c = CRYPTO_num_locks(); php_curl_openssl_tsl = malloc(c * sizeof(MUTEX_T)); + if (!php_curl_openssl_tsl) { + return FAILURE; + } for (i = 0; i < c; ++i) { php_curl_openssl_tsl[i] = tsrm_mutex_alloc(); Index: ext/com_dotnet/com_dotnet.c =================================================================== --- ext/com_dotnet/com_dotnet.c.orig +++ ext/com_dotnet/com_dotnet.c @@ -129,6 +129,9 @@ static HRESULT dotnet_init(char **p_wher char *where = ""; stuff = malloc(sizeof(*stuff)); + if (!stuff) { + return S_FALSE; + } memset(stuff, 0, sizeof(*stuff)); where = "CoCreateInstance"; Index: ext/pdo_odbc/pdo_odbc.c =================================================================== --- ext/pdo_odbc/pdo_odbc.c.orig +++ ext/pdo_odbc/pdo_odbc.c @@ -98,6 +98,9 @@ PHP_MINIT_FUNCTION(pdo_odbc) char *instance = INI_STR("pdo_odbc.db2_instance_name"); if (instance) { char *env = malloc(sizeof("DB2INSTANCE=") + strlen(instance)); + if (!env) { + return FAILURE; + } strcpy(env, "DB2INSTANCE="); strcat(env, instance); putenv(env); Index: ext/interbase/interbase.c =================================================================== --- ext/interbase/interbase.c.orig +++ ext/interbase/interbase.c @@ -998,9 +998,12 @@ static void _php_ibase_connect(INTERNAL_ ZEND_REGISTER_RESOURCE(return_value, ib_link, le_link); } else { zend_rsrc_list_entry new_le; - + ib_link = (ibase_db_link *) malloc(sizeof(ibase_db_link)); - + if (!ib_link) { + RETURN_FALSE; + } + /* hash it up */ Z_TYPE(new_le) = le_plink; new_le.ptr = ib_link; Index: ext/readline/readline.c =================================================================== --- ext/readline/readline.c.orig +++ ext/readline/readline.c @@ -465,6 +465,9 @@ static char **_readline_completion_cb(co matches = rl_completion_matches(text,_readline_command_generator); } else { matches = malloc(sizeof(char *) * 2); + if (!matches) { + return NULL; + } matches[0] = strdup(""); matches[1] = '\0'; } @@ -505,6 +508,10 @@ PHP_FUNCTION(readline_completion_functio zval_copy_ctor(_readline_completion); rl_attempted_completion_function = _readline_completion_cb; + if (rl_attempted_completion_function == NULL) { + efree(name); + RETURN_FALSE; + } RETURN_TRUE; } Index: ext/standard/url_scanner_ex.re =================================================================== --- ext/standard/url_scanner_ex.re.orig +++ ext/standard/url_scanner_ex.re @@ -55,9 +55,13 @@ static PHP_INI_MH(OnUpdateTags) if (ctx->tags) zend_hash_destroy(ctx->tags); - else + else { ctx->tags = malloc(sizeof(HashTable)); - + if (!ctx->tags) { + return FAILURE; + } + } + zend_hash_init(ctx->tags, 0, NULL, NULL, 1); for (key = php_strtok_r(tmp, ",", &lasts); Index: ext/sybase_ct/php_sybase_ct.c =================================================================== --- ext/sybase_ct/php_sybase_ct.c.orig +++ ext/sybase_ct/php_sybase_ct.c @@ -777,6 +777,10 @@ static void php_sybase_do_connect(INTERN } sybase_ptr = (sybase_link *) malloc(sizeof(sybase_link)); + if (!sybase_ptr) { + efree(hashed_details); + RETURN_FALSE; + } if (!php_sybase_do_connect_internal(sybase_ptr, host, user, passwd, charset, appname TSRMLS_CC)) { free(sybase_ptr); efree(hashed_details); Index: ext/mssql/php_mssql.c =================================================================== --- ext/mssql/php_mssql.c.orig +++ ext/mssql/php_mssql.c @@ -685,6 +685,13 @@ static void php_mssql_do_connect(INTERNA /* hash it up */ mssql_ptr = (mssql_link *) malloc(sizeof(mssql_link)); + if (!mssql_ptr) { + efree(hashed_details); + dbfreelogin(mssql.login); + dbclose(mssql.link); + RETURN_FALSE; + } + memcpy(mssql_ptr, &mssql, sizeof(mssql_link)); Z_TYPE(new_le) = le_plink; new_le.ptr = mssql_ptr;