Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:GA
php5
php-CVE-2014-4698.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2014-4698.patch of Package php5
X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fspl%2Fspl_array.c;h=0fe47b651c13f80c35e612de5cf69ea306095fe6;hp=8392e72714b80483641b1a0d2b6e6389e3c22959;hb=22882a9d89712ff2b6ebc20a689a89452bba4dcd;hpb=df78c48354f376cf419d7a97f88ca07d572f00fb Index: ext/spl/spl_array.c =================================================================== --- ext/spl/spl_array.c.orig 2014-06-25 15:06:23.000000000 +0200 +++ ext/spl/spl_array.c 2014-07-17 17:24:01.085311011 +0200 @@ -1733,6 +1733,7 @@ const unsigned char *p, *s; php_unserialize_data_t var_hash; zval *pmembers, *pflags = NULL; + HashTable *aht; long flags; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &buf, &buf_len) == FAILURE) { @@ -1744,6 +1745,12 @@ return; } + aht = spl_array_get_hash_table(intern, 0 TSRMLS_CC); + if (aht->nApplyCount > 0) { + zend_error(E_WARNING, "Modification of ArrayObject during sorting is prohibited"); + return; + } + /* storage */ s = p = (const unsigned char*)buf; PHP_VAR_UNSERIALIZE_INIT(var_hash);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor