Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php-5_2/php-sapi/patches/f0_php_21296988.patch
author Craig Mohrman <craig.mohrman@oracle.com>
Mon, 20 Jul 2015 09:11:32 -0700
branchs11u2-sru
changeset 4673 7ca7277ea064
permissions -rw-r--r--
20803826 problem in UTILITY/PHP 21296988 problem in UTILITY/PHP 21445788 CANONICAL_REPO no longer correct for s11.2sru since releasing FOSS Eval packages
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
4673
7ca7277ea064 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     1
 
Community BUG:
7ca7277ea064 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     2
 
https://bugs.php.net/bug.php?id=69364
7ca7277ea064 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     3
 
Patch from another source:
7ca7277ea064 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     4
 
https://github.com/80vul/phpcodz/blob/master/research/cve-2015-4024.patch.diff
7ca7277ea064 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     5
 












7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     6














7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     7


### fix CVE-2015-4024 patch for PHP 5.2/5.3 series @chtg













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     8














7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     9


--- php-5.3.29/main/rfc1867.c_orig













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    10


+++ php-5.3.29/main/rfc1867.c













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    11


@@ -464,6 +464,8 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header T













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    12


 	char *line;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    13


 	mime_header_entry prev_entry, entry;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    14


 	int prev_len, cur_len;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    15


+	int newlines = 0;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    16


+	long upload_max_newlines = 100;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    17


 













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    18


 	/* didn't find boundary, abort */













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    19


 	if (!find_boundary(self, self->boundary TSRMLS_CC)) {













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    20


@@ -489,6 +491,7 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header T













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    21


 













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    22


 			entry.value = estrdup(value);













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    23


 			entry.key = estrdup(key);













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    24


+			newlines = 0;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    25


 













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    26


 		} else if (zend_llist_count(header)) { /* If no ':' on the line, add to previous line */













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    27


 













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    28


@@ -501,6 +504,10 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header T













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    29


 			entry.value[cur_len + prev_len] = '\0';













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    30


 













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    31


 			entry.key = estrdup(prev_entry.key);













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    32


+			newlines++;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    33


+			if (newlines > upload_max_newlines) {













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    34


+				return 0;













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    35


+			}













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    36


 













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    37


 			zend_llist_remove_tail(header);













7ca7277ea064
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    38


 		} else {















upstream/oracle/userland-gate