Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
php5.3636
php-CVE-2016-4343.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-4343.patch of Package php5.3636
Index: php-5.5.14/ext/phar/dirstream.c =================================================================== --- php-5.5.14.orig/ext/phar/dirstream.c 2016-05-04 14:20:16.242293050 +0200 +++ php-5.5.14/ext/phar/dirstream.c 2016-05-04 14:24:35.526299860 +0200 @@ -207,6 +207,7 @@ zend_hash_internal_pointer_reset(manifest); while (FAILURE != zend_hash_has_more_elements(manifest)) { + keylen = 0; if (HASH_KEY_NON_EXISTENT == zend_hash_get_current_key_ex(manifest, &key, &keylen, &unused, 0, NULL)) { break; } @@ -214,7 +215,7 @@ PHAR_STR(key, str_key); if (keylen <= (uint)dirlen) { - if (keylen < (uint)dirlen || !strncmp(str_key, dir, dirlen)) { + if (keylen == 0 || keylen < (uint)dirlen || !strncmp(str_key, dir, dirlen)) { PHAR_STR_FREE(str_key); if (SUCCESS != zend_hash_move_forward(manifest)) { break; Index: php-5.5.14/ext/phar/tar.c =================================================================== --- php-5.5.14.orig/ext/phar/tar.c 2016-05-04 14:20:03.638292719 +0200 +++ php-5.5.14/ext/phar/tar.c 2016-05-04 14:20:16.242293050 +0200 @@ -347,7 +347,7 @@ entry.filename_len = entry.uncompressed_filesize; /* Check for overflow - bug 61065 */ - if (entry.filename_len == UINT_MAX) { + if (entry.filename_len == UINT_MAX || entry.filename_len == 0) { if (error) { spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (invalid entry size)", fname); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor