Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
php7
php-CVE-2017-9120.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2017-9120.patch of Package php7
Index: php-7.2.34/ext/mysqli/mysqli_api.c =================================================================== --- php-7.2.34.orig/ext/mysqli/mysqli_api.c +++ php-7.2.34/ext/mysqli/mysqli_api.c @@ -1967,7 +1967,7 @@ PHP_FUNCTION(mysqli_real_escape_string) } MYSQLI_FETCH_RESOURCE_CONN(mysql, mysql_link, MYSQLI_STATUS_VALID); - newstr = zend_string_alloc(2 * escapestr_len, 0); + newstr = zend_string_safe_alloc(2, escapestr_len, 0, 0); ZSTR_LEN(newstr) = mysql_real_escape_string(mysql->mysql, ZSTR_VAL(newstr), escapestr, escapestr_len); newstr = zend_string_truncate(newstr, ZSTR_LEN(newstr), 0);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor