/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2011-1938.patch

Diff of /rpms/php/sme8/php-5.3.3-CVE-2011-1938.patch

-Revision 1.1 by slords,
Thu Nov  3 22:49:53 2011 UTC
+Revision 1.2 by slords,
Thu Nov  3 22:54:19 2011 UTC
-Line 0
+Line 1
+ https://bugzilla.redhat.com/show_bug.cgi?id=709067
+ http://svn.php.net/viewvc?view=revision&revision=311369
+ http://svn.php.net/viewvc?view=revision&revision=311370
+ --- php-5.3.3/ext/sockets/sockets.c.cve1938
+ +++ php-5.3.3/ext/sockets/sockets.c
+ @@ -1333,6 +1333,11 @@ PHP_FUNCTION(socket_connect)
+                         break;
+                 case AF_UNIX:
+ +                       if (addr_len >= sizeof(s_un.sun_path)) {
+ +                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Path too long");
+ +                               RETURN_FALSE;
+ +                       }
+ +
+                         memset(&s_un, 0, sizeof(struct sockaddr_un));
+                         s_un.sun_family = AF_UNIX;

 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
-Removed lines/characters
+Added lines/characters

admin@koozali.org	ViewVC Help
Powered by ViewVC 1.2.1