Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php/php56/patches/CVE-2013-6501.patch
author Craig Mohrman <craig.mohrman@oracle.com>
Thu, 09 Jul 2015 12:46:30 -0700
changeset 4610 d6280e23d377
permissions -rw-r--r--
20803826 problem in UTILITY/PHP 21296988 problem in UTILITY/PHP
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
4610
d6280e23d377 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     1
 
CVE-2013-6501
d6280e23d377 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     2
 
Community has no fix.
d6280e23d377 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     3
 
This patch was developed internally.
d6280e23d377 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     4
 
Will be offered upstream.
d6280e23d377 20803826 problem in UTILITY/PHP
Craig Mohrman <craig.mohrman@oracle.com>
parents:
diff changeset 
     5
 












d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     6














d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     7


--- php-5.6.8/ext/soap/php_sdl.c_orig	2015-07-06 20:50:10.103937460 -0700













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     8


+++ php-5.6.8/ext/soap/php_sdl.c	2015-07-06 20:52:57.479973793 -0700













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




     9


@@ -1544,6 +1544,7 @@













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    10


 	int f;













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    11


 	struct stat st;













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    12


 	char *in, *buf;













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    13


+	uid_t euid;













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    14


 













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    15


 	f = open(fn, O_RDONLY|O_BINARY);













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    16


 	if (f < 0) {













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    17


@@ -1553,6 +1554,15 @@













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    18


 		close(f);













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    19


 		return NULL;













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    20


 	}













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    21


+	/*













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    22


+	 * If I'm not the owner of this file then someone might be













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    23


+	 * trying to spoof me.













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    24


+	 */













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    25


+	euid = geteuid();













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    26


+	if (st.st_uid != euid) {













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    27


+		close(f);













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    28


+		return NULL;













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    29


+	}













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    30


 	buf = in = emalloc(st.st_size);













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    31


 	if (read(f, in, st.st_size) != st.st_size) {













d6280e23d377
20803826 problem in UTILITY/PHP



Craig Mohrman <craig.mohrman@oracle.com>


parents: 

diff
changeset




    32


 		close(f);















upstream/oracle/userland-gate