| author | Craig Mohrman <craig.mohrman@oracle.com> |
| Wed, 11 Feb 2015 10:30:02 -0800 | |
| branch | s11u2-sru |
| changeset 3810 | 8421290d92e0 |
| permissions | -rw-r--r-- |
|
3810
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
1 |
Fix for CVE-2014-4721 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
2 |
Bug: |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
3 |
https://bugs.php.net/bug.php?id=67498 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
4 |
Patch: |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
5 |
https://bugs.php.net/patch-display.php?bug=67498&patch=bug67948-patch&revision=1403508072 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
6 |
Slightly modified to correct for diff context. |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
7 |
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
8 |
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
9 |
diff --git a/ext/standard/info.c b/ext/standard/info.c |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
10 |
index 70b2e2f..0f15bbe 100644 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
11 |
--- a/ext/standard/info.c |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
12 |
+++ b/ext/standard/info.c |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
13 |
@@ -875,16 +875,16 @@ PHPAPI void php_print_info(int flag TSRMLS_DC) |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
14 |
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
15 |
php_info_print_table_start(); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
16 |
php_info_print_table_header(2, "Variable", "Value"); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
17 |
- if (zend_hash_find(&EG(symbol_table), "PHP_SELF", sizeof("PHP_SELF"), (void **) &data) != FAILURE) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
18 |
+ if (zend_hash_find(&EG(symbol_table), "PHP_SELF", sizeof("PHP_SELF"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
19 |
php_info_print_table_row(2, "PHP_SELF", Z_STRVAL_PP(data)); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
20 |
} |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
21 |
- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_TYPE", sizeof("PHP_AUTH_TYPE"), (void **) &data) != FAILURE) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
22 |
+ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_TYPE", sizeof("PHP_AUTH_TYPE"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
23 |
php_info_print_table_row(2, "PHP_AUTH_TYPE", Z_STRVAL_PP(data)); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
24 |
} |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
25 |
- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_USER", sizeof("PHP_AUTH_USER"), (void **) &data) != FAILURE) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
26 |
+ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_USER", sizeof("PHP_AUTH_USER"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
27 |
php_info_print_table_row(2, "PHP_AUTH_USER", Z_STRVAL_PP(data)); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
28 |
} |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
29 |
- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_PW", sizeof("PHP_AUTH_PW"), (void **) &data) != FAILURE) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
30 |
+ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_PW", sizeof("PHP_AUTH_PW"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) {
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
31 |
php_info_print_table_row(2, "PHP_AUTH_PW", Z_STRVAL_PP(data)); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
32 |
} |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
33 |
php_print_gpcse_array("_REQUEST", sizeof("_REQUEST")-1 TSRMLS_CC);
|
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
34 |
diff --git a/ext/standard/tests/general_functions/bug67498.phpt b/ext/standard/tests/general_functions/bug67498.phpt |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
35 |
new file mode 100644 |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
36 |
index 0000000..5b5951b |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
37 |
--- /dev/null |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
38 |
+++ b/ext/standard/tests/general_functions/bug67498.phpt |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
39 |
@@ -0,0 +1,15 @@ |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
40 |
+--TEST-- |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
41 |
+phpinfo() Type Confusion Information Leak Vulnerability |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
42 |
+--FILE-- |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
43 |
+<?php |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
44 |
+$PHP_SELF = 1; |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
45 |
+phpinfo(INFO_VARIABLES); |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
46 |
+ |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
47 |
+?> |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
48 |
+==DONE== |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
49 |
+--EXPECTF-- |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
50 |
+phpinfo() |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
51 |
+ |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
52 |
+PHP Variables |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
53 |
+%A |
|
8421290d92e0
19838509 upgrade php to version 5.3.29
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff
changeset
|
54 |
+==DONE== |