Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
php7
php-CVE-2016-6207.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-6207.patch of Package php7
Index: php-7.0.7/ext/gd/libgd/gd.c =================================================================== --- php-7.0.7.orig/ext/gd/libgd/gd.c 2016-05-25 15:13:44.000000000 +0200 +++ php-7.0.7/ext/gd/libgd/gd.c 2016-08-04 09:00:31.981679962 +0200 @@ -184,7 +184,7 @@ gdImagePtr gdImageCreateTrueColor (int s return NULL; } - if (overflow2(sizeof(int), sx)) { + if (overflow2(sizeof(int *), sx)) { return NULL; } Index: php-7.0.7/ext/gd/libgd/gd_interpolation.c =================================================================== --- php-7.0.7.orig/ext/gd/libgd/gd_interpolation.c 2016-05-25 15:13:44.000000000 +0200 +++ php-7.0.7/ext/gd/libgd/gd_interpolation.c 2016-08-04 09:13:55.762834973 +0200 @@ -880,6 +880,7 @@ static inline LineContribType * _gdContr { unsigned int u = 0; LineContribType *res; + int overflow_error = 0; res = (LineContribType *) gdMalloc(sizeof(LineContribType)); if (!res) { @@ -887,10 +888,30 @@ static inline LineContribType * _gdContr } res->WindowSize = windows_size; res->LineLength = line_length; + if (overflow2(line_length, sizeof(ContributionType))) { + return NULL; + } res->ContribRow = (ContributionType *) gdMalloc(line_length * sizeof(ContributionType)); - + if (res->ContribRow == NULL) { + gdFree(res); + return NULL; + } for (u = 0 ; u < line_length ; u++) { - res->ContribRow[u].Weights = (double *) gdMalloc(windows_size * sizeof(double)); + if (overflow2(windows_size, sizeof(double))) { + overflow_error = 1; + } else { + res->ContribRow[u].Weights = (double *) gdMalloc(windows_size * sizeof(double)); + } + if (overflow_error == 1 || res->ContribRow[u].Weights == NULL) { + unsigned int i; + u--; + for (i=0;i<=u;i++) { + gdFree(res->ContribRow[i].Weights); + } + gdFree(res->ContribRow); + gdFree(res); + return NULL; + } } return res; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor