Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
php7
php7-CVE-2020-7070.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php7-CVE-2020-7070.patch of Package php7
Index: php-7.2.5/main/php_variables.c =================================================================== --- php-7.2.5.orig/main/php_variables.c 2020-10-09 10:40:19.268349033 +0200 +++ php-7.2.5/main/php_variables.c 2020-10-09 10:42:34.845137478 +0200 @@ -490,7 +490,9 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_defaul size_t new_val_len; *val++ = '\0'; - php_url_decode(var, strlen(var)); + if (arg != PARSE_COOKIE) { + php_url_decode(var, strlen(var)); + } val_len = php_url_decode(val, strlen(val)); val = estrndup(val, val_len); if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) { @@ -501,7 +503,9 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_defaul size_t val_len; size_t new_val_len; - php_url_decode(var, strlen(var)); + if (arg != PARSE_COOKIE) { + php_url_decode(var, strlen(var)); + } val_len = 0; val = estrndup("", val_len); if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor