/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2012-1823.patch
ViewVC logotype

Annotation of /rpms/php/sme8/php-5.3.3-CVE-2012-1823.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (hide annotations) (download)
Fri Jun 29 14:54:00 2012 UTC (12 years, 5 months ago) by slords
Branch: MAIN
CVS Tags: php-5_3_3-15_el5_sme, php-5_3_3-16_el5_sme, php-5_3_3-14_el5_sme, php-5_3_3-13_el5_sme_1, php-5_3_3-13_el5_sme_2, php-5_3_3-17_el5_sme, php-5_3_3-13_el5_sme, HEAD
Changes since 1.1: +45 -0 lines
* Fri Jun 29 2012 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme
- Obsolete php-domxml and php-dom [SME: 6733]
- Update Obsoletes and Conflicts [SME: 6436]

1 slords 1.2
2     http://git.php.net/?p=php-src.git;a=commitdiff;h=55869a95ab75c0eb99c57201bfeccaef57e0d36d
3    
4     plus parentheses around getenv() call to avoid gcc warning
5    
6     https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1823
7    
8     --- php-5.3.3/sapi/cgi/cgi_main.c.cve1823
9     +++ php-5.3.3/sapi/cgi/cgi_main.c
10     @@ -70,6 +70,7 @@
11     #include "php_main.h"
12     #include "fopen_wrappers.h"
13     #include "ext/standard/php_standard.h"
14     +#include "ext/standard/url.h"
15    
16     #ifdef PHP_WIN32
17     # include <io.h>
18     @@ -1500,6 +1501,9 @@ int main(int argc, char *argv[])
19     #ifndef PHP_WIN32
20     int status = 0;
21     #endif
22     + char *query_string;
23     + char *decoded_query_string;
24     + int skip_getopt = 0;
25    
26     #if 0 && defined(PHP_DEBUG)
27     /* IIS is always making things more difficult. This allows
28     @@ -1549,7 +1553,16 @@ int main(int argc, char *argv[])
29     }
30     }
31    
32     - while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) {
33     + if((query_string = getenv("QUERY_STRING")) != NULL) {
34     + decoded_query_string = strdup(query_string);
35     + php_url_decode(decoded_query_string, strlen(decoded_query_string));
36     + if(*decoded_query_string == '-' && strchr(query_string, '=') == NULL) {
37     + skip_getopt = 1;
38     + }
39     + free(decoded_query_string);
40     + }
41     +
42     + while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) {
43     switch (c) {
44     case 'c':
45     if (cgi_sapi_module.php_ini_path_override) {

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed