Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
php5.11086
php-CVE-2016-5096.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-5096.patch of Package php5.11086
X-Git-Url: https://72.52.91.13:4430/?p=php-src.git;a=blobdiff_plain;f=ext%2Fstandard%2Ffile.c;h=e39c84f1cd41e536a35b5069f74443d66bae87b5;hp=0abc022ca6b1558a3aee50963851c5d59fee96ff;hb=abd159cce48f3e34f08e4751c568e09677d5ec9c;hpb=95ed19ae28009aa7b3ed42d5760478de82640560 diff --git a/ext/standard/file.c b/ext/standard/file.c index 0abc022..e39c84f 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -1758,6 +1758,12 @@ PHPAPI PHP_FUNCTION(fread) RETURN_FALSE; } + if (len > INT_MAX) { + /* string length is int in 5.x so we can not read more than int */ + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Length parameter must be no more than %d", INT_MAX); + RETURN_FALSE; + } + Z_STRVAL_P(return_value) = emalloc(len + 1); Z_STRLEN_P(return_value) = php_stream_read(stream, Z_STRVAL_P(return_value), len);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor