/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2012-1823.patch
ViewVC logotype

Diff of /rpms/php/sme8/php-5.3.3-CVE-2012-1823.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by slords, Fri Jun 29 14:45:08 2012 UTC Revision 1.1.2.1 by slords, Fri Jun 29 14:45:08 2012 UTC
# Line 0  Line 1 
1    
2    http://git.php.net/?p=php-src.git;a=commitdiff;h=55869a95ab75c0eb99c57201bfeccaef57e0d36d
3    
4    plus parentheses around getenv() call to avoid gcc warning
5    
6    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1823
7    
8    --- php-5.3.3/sapi/cgi/cgi_main.c.cve1823
9    +++ php-5.3.3/sapi/cgi/cgi_main.c
10    @@ -70,6 +70,7 @@
11     #include "php_main.h"
12     #include "fopen_wrappers.h"
13     #include "ext/standard/php_standard.h"
14    +#include "ext/standard/url.h"
15    
16     #ifdef PHP_WIN32
17     # include <io.h>
18    @@ -1500,6 +1501,9 @@ int main(int argc, char *argv[])
19     #ifndef PHP_WIN32
20            int status = 0;
21     #endif
22    +       char *query_string;
23    +       char *decoded_query_string;
24    +       int skip_getopt = 0;
25    
26     #if 0 && defined(PHP_DEBUG)
27            /* IIS is always making things more difficult.  This allows
28    @@ -1549,7 +1553,16 @@ int main(int argc, char *argv[])
29                    }
30            }
31    
32    -       while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) {
33    +       if((query_string = getenv("QUERY_STRING")) != NULL) {
34    +               decoded_query_string = strdup(query_string);
35    +               php_url_decode(decoded_query_string, strlen(decoded_query_string));
36    +               if(*decoded_query_string == '-' && strchr(query_string, '=') == NULL) {
37    +                       skip_getopt = 1;
38    +               }
39    +               free(decoded_query_string);
40    +       }
41    +
42    +       while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0, 2)) != -1) {
43                    switch (c) {
44                            case 'c':
45                                    if (cgi_sapi_module.php_ini_path_override) {


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed