Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
php5.11086
php-CVE-2014-3669.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2014-3669.patch of Package php5.11086
X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Fvar_unserializer.re;h=6de158392e116823eaba710dbf221e722e351250;hp=130750805f462a4a79cddf5a96e95bf2e63bf432;hb=56754a7f9eba0e4f559b6ca081d9f2a447b3f159;hpb=88412772d295ebf7dd34409534507dc9bcac726e diff --git a/ext/standard/var_unserializer.re b/ext/standard/var_unserializer.re index 1307508..6de1583 100644 --- ext/standard/var_unserializer.re +++ ext/standard/var_unserializer.re @@ -376,7 +376,7 @@ static inline int object_custom(UNSERIALIZE_PARAMETER, zend_class_entry *ce) (*p) += 2; - if (datalen < 0 || (*p) + datalen >= max) { + if (datalen < 0 || (max - (*p)) <= datalen) { zend_error(E_WARNING, "Insufficient data for unserializing - %ld required, %ld present", datalen, (long)(max - (*p))); return 0; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor