| author | Craig Mohrman <craig.mohrman@oracle.com> |
| Wed, 11 Feb 2015 10:30:02 -0800 | |
| branch | s11u2-sru |
| changeset 3810 | 8421290d92e0 |
| permissions | -rw-r--r-- |
|
3810
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
1 |
Fix for CVE-2014-4049 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
2 |
Community bug: |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
3 |
https://bugs.php.net/bug.php?id=67432 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
4 |
Patch based on: |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
5 |
https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
6 |
Slightly modified from the above source as the context is slightly different. |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
7 |
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
8 |
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
9 |
--- php-5.2.17/ext/standard/dns.c_orig 2010-01-03 01:23:27.000000000 -0800 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
10 |
+++ php-5.2.17/ext/standard/dns.c 2014-10-17 11:12:46.117985578 -0700 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
11 |
@@ -484,6 +484,10 @@ |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
12 |
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
13 |
while (ll < dlen) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
14 |
n = cp[ll]; |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
15 |
+ if ((ll + n) >= dlen) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
16 |
+ // Invalid chunk length, truncate |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
17 |
+ n = dlen - (ll + 1); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
18 |
+ } |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
19 |
memcpy(tp + ll , cp + ll + 1, n); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
20 |
ll = ll + n + 1; |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
21 |
} |