Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
php5.6680
php-CVE-2016-10159.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-10159.patch of Package php5.6680
--- a/ext/phar/phar.c +++ b/ext/phar/phar.c @@ -1055,7 +1055,7 @@ static int phar_parse_pharfile(php_stream *fp, char *fname, int fname_len, char entry.is_persistent = mydata->is_persistent; for (manifest_index = 0; manifest_index < manifest_count; ++manifest_index) { - if (buffer + 4 > endbuffer) { + if (buffer + 24 > endbuffer) { MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest entry)") } @@ -1069,7 +1069,7 @@ static int phar_parse_pharfile(php_stream *fp, char *fname, int fname_len, char entry.manifest_pos = manifest_index; } - if (entry.filename_len + 20 > endbuffer - buffer) { + if (entry.filename_len > endbuffer - buffer - 20) { MAPPHAR_FAIL("internal corruption of phar \"%s\" (truncated manifest entry)"); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
