--- a/components/php-5_2/php-sapi/patches/63_php_19796954.patch Wed Apr 08 15:18:37 2015 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,29 +0,0 @@
-Fix for CVE-2014-8088
-Patch:
-http://git.php.net/?p=php-src.git;a=commitdiff_plain;h=ed4de188dd1c15d278a8250e6be3cba142bba6af
-Code:
-http://git.php.net/?p=php-src.git;a=commitdiff;h=ed4de188dd1c15d278a8250e6be3cba142bba6af
-Verified by hand that it patches the correct code.
-
-
-diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
-index 10daa82..da5aa5f 100644
---- a/ext/ldap/ldap.c
-+++ b/ext/ldap/ldap.c
-@@ -399,6 +399,16 @@ PHP_FUNCTION(ldap_bind)
- RETURN_FALSE;
- }
-
-+ if (ldap_bind_dn != NULL && memchr(ldap_bind_dn, '\0', ldap_bind_dnlen) != NULL) {
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "DN contains a null byte");
-+ RETURN_FALSE;
-+ }
-+
-+ if (ldap_bind_pw != NULL && memchr(ldap_bind_pw, '\0', ldap_bind_pwlen) != NULL) {
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Password contains a null byte");
-+ RETURN_FALSE;
-+ }
-+
- ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
-
- if ((rc = ldap_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw, LDAP_AUTH_SIMPLE)) != LDAP_SUCCESS) {