Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
php5.3357
php-CVE-2015-4022.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2015-4022.patch of Package php5.3357
From ac2832935435556dc593784cd0087b5e576bbe4d Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev <stas@php.net> Date: Wed, 29 Apr 2015 21:57:33 -0700 Subject: [PATCH] Fix bug #69545 - avoid overflow when reading list --- ext/ftp/ftp.c +++ ext/ftp/ftp.c @@ -1615,8 +1615,8 @@ ftp_genlist(ftpbuf_t *ftp, const char *cmd, const char *path TSRMLS_DC) databuf_t *data = NULL; char *ptr; int ch, lastch; - int size, rcvd; - int lines; + size_t size, rcvd; + size_t lines; char **ret = NULL; char **entry; char *text; @@ -1658,7 +1658,7 @@ ftp_genlist(ftpbuf_t *ftp, const char *cmd, const char *path TSRMLS_DC) lines = 0; lastch = 0; while ((rcvd = my_recv(ftp, data->fd, data->buf, FTP_BUFSIZE))) { - if (rcvd == -1) { + if (rcvd == -1 || rcvd > ((size_t)(-1))-size) { goto bail; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor