author | Craig Mohrman <craig.mohrman@oracle.com> |
Thu, 12 Feb 2015 10:14:29 -0800 | |
branch | s11-update |
changeset 3777 | 68aef260e079 |
permissions | -rw-r--r-- |
3777
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
1 |
Fix for CVE-2014-5120 |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
2 |
Based on code in php 5.3.29 from comments in: |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
3 |
https://bugs.php.net/bug.php?id=67730 |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
4 |
|
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
5 |
|
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
6 |
--- php-5.2.17/ext/gd/gd_ctx.c_orig 2010-01-03 01:23:27.000000000 -0800 |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
7 |
+++ php-5.2.17/ext/gd/gd_ctx.c 2014-11-04 15:12:01.612256878 -0800 |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
8 |
@@ -90,7 +90,9 @@ |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
9 |
} |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
10 |
|
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
11 |
if (argc > 1 && (Z_TYPE_PP(file) != IS_NULL && ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))))) { |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
12 |
- |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
13 |
+ if (strlen(Z_STRVAL_PP(file)) != Z_STRLEN_PP(file)) { |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
14 |
+ RETURN_FALSE; |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
15 |
+ } |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
16 |
PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename"); |
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
17 |
|
68aef260e079
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
18 |
fp = VCWD_FOPEN(fn, "wb"); |