Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php-5_2/php-sapi/patches/65_php_19556437.patch
changeset 4073 4f086b95f18c
parent 4071 4b68c2b0134b
child 4074 3b59c13ef5ec
equal deleted inserted replaced
4071:4b68c2b0134b 4073:4f086b95f18c 
     1 Fix for CVE-2014-5120
 
       
     2 Based on code in php 5.3.29 from comments in:
 
       
     3 https://bugs.php.net/bug.php?id=67730
 
       
     4 
       
     5 
       
     6 --- php-5.2.17/ext/gd/gd_ctx.c_orig	2010-01-03 01:23:27.000000000 -0800
 
       
     7 +++ php-5.2.17/ext/gd/gd_ctx.c	2014-11-04 15:12:01.612256878 -0800
 
       
     8 @@ -90,7 +90,9 @@
 
       
     9  	}
 
       
    10  
       
    11  	if (argc > 1 && (Z_TYPE_PP(file) != IS_NULL && ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))))) {
 
       
    12 -
 
       
    13 +		if (strlen(Z_STRVAL_PP(file)) != Z_STRLEN_PP(file)) {
 
       
    14 +			RETURN_FALSE;
 
       
    15 +		}
 
       
    16  		PHP_GD_CHECK_OPEN_BASEDIR(fn, "Invalid filename");
 
       
    17  
       
    18  		fp = VCWD_FOPEN(fn, "wb");
upstream/oracle/userland-gate