/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2014-3670.patch
ViewVC logotype

Contents of /rpms/php/sme8/php-5.3.3-CVE-2014-3670.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Sat Nov 1 13:01:52 2014 UTC (10 years, 1 month ago) by vip-ire
Branch: MAIN
CVS Tags: php-5_3_3-17_el5_sme, HEAD
* Sat Nov 1 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-17.sme
- Resync with upstream php53, which include (see [SME: 8633])
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
- core: fix integer overflow in unserialize() CVE-2014-3669
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670

1 bug68113.phpt removed as binary patch not supported
2
3
4 From 287c91c1f060dc85a8bdb51488c50db8614448b7 Mon Sep 17 00:00:00 2001
5 From: Stanislav Malyshev <stas@php.net>
6 Date: Sun, 28 Sep 2014 16:57:42 -0700
7 Subject: [PATCH] Fix bug #68113 (Heap corruption in exif_thumbnail())
8
9 ---
10 NEWS | 6 +++++-
11 ext/exif/exif.c | 4 ++--
12 ext/exif/tests/bug68113.jpg | Bin 0 -> 368 bytes
13 ext/exif/tests/bug68113.phpt | 17 +++++++++++++++++
14 4 files changed, 24 insertions(+), 3 deletions(-)
15 create mode 100755 ext/exif/tests/bug68113.jpg
16 create mode 100644 ext/exif/tests/bug68113.phpt
17
18 diff --git a/ext/exif/exif.c b/ext/exif/exif.c
19 index 38907b4..637ebf9 100644
20 --- a/ext/exif/exif.c
21 +++ b/ext/exif/exif.c
22 @@ -2446,11 +2446,11 @@ static void* exif_ifd_make_value(image_info_data *info_data, int motorola_intel
23 data_ptr += 8;
24 break;
25 case TAG_FMT_SINGLE:
26 - memmove(data_ptr, &info_data->value.f, byte_count);
27 + memmove(data_ptr, &info_value->f, 4);
28 data_ptr += 4;
29 break;
30 case TAG_FMT_DOUBLE:
31 - memmove(data_ptr, &info_data->value.d, byte_count);
32 + memmove(data_ptr, &info_value->d, 8);
33 data_ptr += 8;
34 break;
35 }
36 --
37 2.1.0
38

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed