Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php-5_2/php-sapi/patches/63_php_19796954.patch
changeset 4073 4f086b95f18c
parent 4071 4b68c2b0134b
child 4074 3b59c13ef5ec 
--- a/components/php-5_2/php-sapi/patches/63_php_19796954.patch	Wed Apr 08 15:18:37 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,29 +0,0 @@
-Fix for CVE-2014-8088
-Patch:
-http://git.php.net/?p=php-src.git;a=commitdiff_plain;h=ed4de188dd1c15d278a8250e6be3cba142bba6af
-Code:
-http://git.php.net/?p=php-src.git;a=commitdiff;h=ed4de188dd1c15d278a8250e6be3cba142bba6af
-Verified by hand that it patches the correct code.
-
-
-diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
-index 10daa82..da5aa5f 100644
---- a/ext/ldap/ldap.c
-+++ b/ext/ldap/ldap.c
-@@ -399,6 +399,16 @@ PHP_FUNCTION(ldap_bind)
- 		RETURN_FALSE;
- 	}
- 
-+	if (ldap_bind_dn != NULL && memchr(ldap_bind_dn, '\0', ldap_bind_dnlen) != NULL) {
-+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "DN contains a null byte");
-+		RETURN_FALSE;
-+	}
-+
-+	if (ldap_bind_pw != NULL && memchr(ldap_bind_pw, '\0', ldap_bind_pwlen) != NULL) {
-+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Password contains a null byte");
-+		RETURN_FALSE;
-+	}
-+
- 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
- 
- 	if ((rc = ldap_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw, LDAP_AUTH_SIMPLE)) != LDAP_SUCCESS) {
upstream/oracle/userland-gate