--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/280_php_20804024.patch Tue Jun 16 14:11:47 2015 -0700
@@ -0,0 +1,46 @@
+CVE-2014-9653
+Community BUG:
+https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9653
+Community CODE:
+https://github.com/file/file/commit/445c8fb0ebff85195be94cd9f7e1df89cade5c7f
+This patch was adapted from the community reports above.
+
+
+--- php-5.3.29/ext/fileinfo/libmagic/readelf.c_orig 2015-06-12 16:40:10.463458900 -0700
++++ php-5.3.29/ext/fileinfo/libmagic/readelf.c 2015-06-12 16:59:36.213626077 -0700
+@@ -313,7 +313,7 @@
+ file_badseek(ms);
+ return -1;
+ }
+- if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) == -1) {
++ if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) < (ssize_t)xph_sizeof) {
+ file_badread(ms);
+ return -1;
+ }
+@@ -869,7 +869,7 @@
+ file_badseek(ms);
+ return -1;
+ }
+- if (FINFO_READ_FUNC(fd, xsh_addr, xsh_sizeof) == -1) {
++ if (FINFO_READ_FUNC(fd, xsh_addr, xsh_sizeof) < (ssize_t)xsh_sizeof) {
+ file_badread(ms);
+ return -1;
+ }
+@@ -901,7 +901,7 @@
+ efree(nbuf);
+ return -1;
+ }
+- if (FINFO_READ_FUNC(fd, nbuf, (size_t)xsh_size) !=
++ if (FINFO_READ_FUNC(fd, nbuf, (size_t)xsh_size) <
+ (ssize_t)xsh_size) {
+ efree(nbuf);
+ file_badread(ms);
+@@ -1058,7 +1058,7 @@
+ return -1;
+ }
+
+- if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) == -1) {
++ if (FINFO_READ_FUNC(fd, xph_addr, xph_sizeof) < (ssize_t)xph_sizeof) {
+ file_badread(ms);
+ return -1;
+ }