Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
php5.6518
php-CVE-2016-7129.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-7129.patch of Package php5.6518
diff --git a/ext/wddx/wddx.c b/ext/wddx/wddx.c index cde3e07..faadbfe1 100644 --- a/ext/wddx/wddx.c +++ b/ext/wddx/wddx.c @@ -1123,18 +1123,26 @@ static void php_wddx_process_data(void *user_data, const XML_Char *s, int len) case ST_DATETIME: { char *tmp; - tmp = emalloc(len + 1); - memcpy(tmp, s, len); + if (Z_TYPE_P(ent->data) == IS_STRING) { + tmp = safe_emalloc(Z_STRLEN_P(ent->data), 1, (size_t)len + 1); + memcpy(tmp, Z_STRVAL_P(ent->data), Z_STRLEN_P(ent->data)); + memcpy(tmp + Z_STRLEN_P(ent->data), s, len); + len += Z_STRLEN_P(ent->data); + efree(Z_STRVAL_P(ent->data)); + Z_TYPE_P(ent->data) = IS_LONG; + } else { + tmp = emalloc(len + 1); + memcpy(tmp, s, len); + } tmp[len] = '\0'; Z_LVAL_P(ent->data) = php_parse_date(tmp, NULL); /* date out of range < 1969 or > 2038 */ if (Z_LVAL_P(ent->data) == -1) { - Z_TYPE_P(ent->data) = IS_STRING; - Z_STRLEN_P(ent->data) = len; - Z_STRVAL_P(ent->data) = estrndup(s, len); + ZVAL_STRINGL(ent->data, tmp, len, 0); + } else { + efree(tmp); } - efree(tmp); } break;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor