author | Craig Mohrman <craig.mohrman@oracle.com> |
Wed, 17 Jun 2015 15:47:38 -0700 | |
branch | s11-update |
changeset 4499 | 4e8085696007 |
permissions | -rw-r--r-- |
4499
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
1 |
CVE-2014-9653 |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
2 |
Community BUG: |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
3 |
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9653 |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
4 |
Community CODE: |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
5 |
https://github.com/file/file/commit/445c8fb0ebff85195be94cd9f7e1df89cade5c7f |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
6 |
This patch was adapted from the community reports above. |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
7 |
|
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
8 |
|
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
9 |
--- php-5.3.29/ext/fileinfo/libmagic/readelf.c_orig 2015-06-12 16:40:10.463458900 -0700 |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
10 |
+++ php-5.3.29/ext/fileinfo/libmagic/readelf.c 2015-06-12 16:59:36.213626077 -0700 |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
11 |
@@ -313,7 +313,7 @@ |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
12 |
file_badseek(ms); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
13 |
return -1; |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
14 |
} |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
15 |
- if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) == -1) { |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
16 |
+ if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) < (ssize_t)xph_sizeof) { |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
17 |
file_badread(ms); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
18 |
return -1; |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
19 |
} |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
20 |
@@ -869,7 +869,7 @@ |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
21 |
file_badseek(ms); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
22 |
return -1; |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
23 |
} |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
24 |
- if (FINFO_READ_FUNC(fd, xsh_addr, xsh_sizeof) == -1) { |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
25 |
+ if (FINFO_READ_FUNC(fd, xsh_addr, xsh_sizeof) < (ssize_t)xsh_sizeof) { |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
26 |
file_badread(ms); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
27 |
return -1; |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
28 |
} |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
29 |
@@ -901,7 +901,7 @@ |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
30 |
efree(nbuf); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
31 |
return -1; |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
32 |
} |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
33 |
- if (FINFO_READ_FUNC(fd, nbuf, (size_t)xsh_size) != |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
34 |
+ if (FINFO_READ_FUNC(fd, nbuf, (size_t)xsh_size) < |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
35 |
(ssize_t)xsh_size) { |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
36 |
efree(nbuf); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
37 |
file_badread(ms); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
38 |
@@ -1058,7 +1058,7 @@ |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
39 |
return -1; |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
40 |
} |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
41 |
|
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
42 |
- if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) == -1) { |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
43 |
+ if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) < (ssize_t)xph_sizeof) { |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
44 |
file_badread(ms); |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
45 |
return -1; |
4e8085696007
20192108 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
46 |
} |