|
1 Fix for CVE-2013-6712 |
|
2 Patch: |
|
3 http://git.php.net/?p=php-src.git;a=patch;h=12fe4e90be7bfa2a763197079f68f5568a14e071 |
|
4 Code: |
|
5 http://git.php.net/?p=php-src.git;a=commitdiff;h=12fe4e90be7bfa2a763197079f68f5568a14e071 |
|
6 This patch is for php 5.4 code but works well enough on php 5.3 code. |
|
7 Verified by hand that it patches the correct code. |
|
8 Slightly modified by hand to remove unnecessary parts that fail to patch. |
|
9 |
|
10 |
|
11 From 12fe4e90be7bfa2a763197079f68f5568a14e071 Mon Sep 17 00:00:00 2001 |
|
12 From: Remi Collet <[email protected]> |
|
13 Date: Wed, 27 Nov 2013 11:13:16 +0100 |
|
14 Subject: [PATCH] Fixed bug #66060 (Heap buffer over-read in DateInterval) |
|
15 |
|
16 --- |
|
17 NEWS | 3 +++ |
|
18 ext/date/lib/parse_iso_intervals.c | 4 ++-- |
|
19 ext/date/lib/parse_iso_intervals.re | 2 +- |
|
20 3 files changed, 6 insertions(+), 3 deletions(-) |
|
21 |
|
22 diff --git a/ext/date/lib/parse_iso_intervals.c b/ext/date/lib/parse_iso_intervals.c |
|
23 index bd1ad05..480ea38 100644 |
|
24 --- a/ext/date/lib/parse_iso_intervals.c |
|
25 +++ b/ext/date/lib/parse_iso_intervals.c |
|
26 @@ -415,7 +415,7 @@ yy6: |
|
27 break; |
|
28 } |
|
29 ptr++; |
|
30 - } while (*ptr); |
|
31 + } while (!s->errors->error_count && *ptr); |
|
32 s->have_period = 1; |
|
33 TIMELIB_DEINIT; |
|
34 return TIMELIB_PERIOD; |
|
35 diff --git a/ext/date/lib/parse_iso_intervals.re b/ext/date/lib/parse_iso_intervals.re |
|
36 index 56aa34d..c5e9f67 100644 |
|
37 --- a/ext/date/lib/parse_iso_intervals.re |
|
38 +++ b/ext/date/lib/parse_iso_intervals.re |
|
39 @@ -383,7 +383,7 @@ isoweek = year4 "-"? "W" weekofyear; |
|
40 break; |
|
41 } |
|
42 ptr++; |
|
43 - } while (*ptr); |
|
44 + } while (!s->errors->error_count && *ptr); |
|
45 s->have_period = 1; |
|
46 TIMELIB_DEINIT; |
|
47 return TIMELIB_PERIOD; |
|
48 -- |
|
49 1.8.4.3 |
|
50 |
|
51 |