/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2012-2143.patch
ViewVC logotype

Diff of /rpms/php/sme8/php-5.3.3-CVE-2012-2143.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by slords, Fri Jun 29 14:45:08 2012 UTC Revision 1.2 by slords, Fri Jun 29 14:54:00 2012 UTC
# Line 0  Line 1 
1    
2    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2143
3    
4    http://git.php.net/?p=php-src.git;a=commitdiff;h=aab49e934de1fff046e659cbec46e3d053b41c34
5    
6    --- php-5.3.3/ext/standard/crypt_freesec.c.cve2143
7    +++ php-5.3.3/ext/standard/crypt_freesec.c
8    @@ -629,7 +629,8 @@ _crypt_extended_r(const char *key, const
9             */
10            q = (u_char *) keybuf;
11            while (q - (u_char *) keybuf < sizeof(keybuf)) {
12    -               if ((*q++ = *key << 1))
13    +               *q++ = *key << 1;
14    +               if (*key)
15                            key++;
16            }
17            if (des_setkey((u_char *) keybuf, data))
18    --- php-5.3.3/ext/standard/tests/strings/crypt_chars.phpt.cve2143
19    +++ php-5.3.3/ext/standard/tests/strings/crypt_chars.phpt
20    @@ -0,0 +1,19 @@
21    +--TEST--
22    +crypt() function - characters > 0x80
23    +--SKIPIF--
24    +<?php
25    +if (!function_exists('crypt')) {
26    +        die("SKIP crypt() is not available");
27    +}
28    +?>
29    +--FILE--
30    +<?php
31    +var_dump(crypt("À1234abcd", "99"));
32    +var_dump(crypt("À9234abcd", "99"));
33    +var_dump(crypt("À1234abcd", "_01234567"));
34    +var_dump(crypt("À9234abcd", "_01234567"));
35    +--EXPECT--
36    +string(13) "99PxawtsTfX56"
37    +string(13) "99jcVcGxUZOWk"
38    +string(20) "_01234567IBjxKliXXRQ"
39    +string(20) "_012345678OSGpGQRVHA"


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed