Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php-5_3/php-sapi/patches/290_php_20804061.patch
changeset 4494 f5b717124172 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/290_php_20804061.patch	Tue Jun 16 14:11:47 2015 -0700
@@ -0,0 +1,42 @@
+CVE-2014-9705
+Community BUG:
+https://bugs.php.net/bug.php?id=68552
+Community CODE:
+http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803
+Below is the community patch.
+
+
+--- a/ext/enchant/enchant.c	2011/10/01 13:13:13	317600
++++ b/ext/enchant/enchant.c	2015/01/26 11:49:40	335803
+@@ -549,13 +549,12 @@
+ 
+ 	d = enchant_broker_request_dict(pbroker->pbroker, (const char *)tag);
+ 	if (d) {
++		pos = pbroker->dictcnt++;
+ 		if (pbroker->dictcnt) {
+ 			pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
+-			pos = pbroker->dictcnt++;
+ 		} else {
+ 			pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
+ 			pos = 0;
+-			pbroker->dictcnt++;
+ 		}
+ 
+ 		dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
+@@ -606,14 +605,14 @@
+ 
+ 	d = enchant_broker_request_pwl_dict(pbroker->pbroker, (const char *)pwl);
+ 	if (d) {
++		pos = pbroker->dictcnt++;
+ 		if (pbroker->dictcnt) {
+-			pos = pbroker->dictcnt++;
+ 			pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
+ 		} else {
+ 			pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
+ 			pos = 0;
+-			pbroker->dictcnt++;
+ 		}
++
+ 		dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
+ 		dict->id = pos;
+ 		dict->pbroker = pbroker;
upstream/oracle/userland-gate