Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
php5.16119
php5-CVE-2020-7063.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php5-CVE-2020-7063.patch of Package php5.16119
Index: php-5.5.14/ext/phar/phar_object.c =================================================================== --- php-5.5.14.orig/ext/phar/phar_object.c 2020-03-02 15:59:06.996192845 +0100 +++ php-5.5.14/ext/phar/phar_object.c 2020-03-02 15:59:30.092323654 +0100 @@ -1426,6 +1426,7 @@ static int phar_build(zend_object_iterat zend_class_entry *ce = p_obj->c; phar_archive_object *phar_obj = p_obj->p; char *str = "[stream]"; + php_stream_statbuf ssb; iter->funcs->get_current_data(iter, &value TSRMLS_CC); @@ -1708,6 +1709,9 @@ after_open_fp: phar_stream_copy_to_stream(fp, p_obj->fp, PHP_STREAM_COPY_ALL, &contents_len); data->internal_file->uncompressed_filesize = data->internal_file->compressed_filesize = php_stream_tell(p_obj->fp) - data->internal_file->offset; + if (php_stream_stat(fp, &ssb) != -1) { + data->internal_file->flags = ssb.sb.st_mode & PHAR_ENT_PERM_MASK ; + } } if (close_fp) { @@ -3619,7 +3623,8 @@ static void phar_add_file(phar_archive_d char *error; size_t contents_len; phar_entry_data *data; - php_stream *contents_file; + php_stream *contents_file = NULL; + php_stream_statbuf ssb; if (filename_len >= sizeof(".phar")-1 && !memcmp(filename, ".phar", sizeof(".phar")-1)) { zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "Cannot create any files in magic \".phar\" directory", (*pphar)->fname); @@ -3654,6 +3659,10 @@ static void phar_add_file(phar_archive_d phar_stream_copy_to_stream(contents_file, data->fp, PHP_STREAM_COPY_ALL, &contents_len); } + if (contents_file != NULL && php_stream_stat(contents_file, &ssb TSRMLS_CC) != -1) { + data->internal_file->flags = ssb.sb.st_mode & PHAR_ENT_PERM_MASK ; + } + data->internal_file->compressed_filesize = data->internal_file->uncompressed_filesize = contents_len; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor