Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:rkwasny
php
php-5.1.2-CVE-2007-1521.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-5.1.2-CVE-2007-1521.patch of Package php
# CVE-2007-1521 aka MOPB-22-2007 # setting to NULL is probably not necessary _everywhere_, but doesn't hurt ;-) --- ext/session/session.c +++ ext/session/session.c @@ -1496,7 +1496,10 @@ PHP_FUNCTION(session_id) if (ac == 1) { convert_to_string_ex(p_name); - if (PS(id)) efree(PS(id)); + if (PS(id)) { + efree(PS(id)); + PS(id) = NULL; + } PS(id) = estrndup(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name)); } @@ -1521,6 +1524,7 @@ PHP_FUNCTION(session_regenerate_id) RETURN_FALSE; } efree(PS(id)); + PS(id) = NULL; } PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC); @@ -1809,6 +1813,7 @@ static void php_rshutdown_session_global } if (PS(id)) { efree(PS(id)); + PS(id) = NULL; } }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor