Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php/php56/patches/CVE-2015-4021.patch
branchs11u3-sru
changeset 6905 f976b5909005
parent 6738 6ecf2fef476e
child 6907 43b10b717b3e 
--- a/components/php/php56/patches/CVE-2015-4021.patch	Wed Sep 07 09:43:14 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,59 +0,0 @@
-# Source: upstream
-# http://git.php.net/?p=php-src.git;a=patch;h=2c1e49075ba48d93439a9e79eae43d9f8469b832;hp=739adee1912176aacf351edc5751a02ded6ef1ec
-# Fixed in 5.6.9
-
-From 2c1e49075ba48d93439a9e79eae43d9f8469b832 Mon Sep 17 00:00:00 2001
-From: Stanislav Malyshev <[email protected]>
-Date: Wed, 29 Apr 2015 22:04:20 -0700
-Subject: [PATCH 1/1] Fix bug #69453 - don't try to cut empty string
-
----
- ext/phar/tar.c               |  2 +-
- ext/phar/tests/bug69453.phpt | 21 +++++++++++++++++++++
- 2 files changed, 22 insertions(+), 1 deletion(-)
- create mode 100644 ext/phar/tests/bug69453.phpt
-
-diff --git a/ext/phar/tar.c b/ext/phar/tar.c
-index c4a81fb..34ef0ef 100644
---- a/ext/phar/tar.c
-+++ b/ext/phar/tar.c
-@@ -434,7 +434,7 @@ bail:
- 			entry.filename_len = i;
- 			entry.filename = pestrndup(hdr->name, i, myphar->is_persistent);
- 
--			if (entry.filename[entry.filename_len - 1] == '/') {
-+			if (i > 0 && entry.filename[entry.filename_len - 1] == '/') {
- 				/* some tar programs store directories with trailing slash */
- 				entry.filename[entry.filename_len - 1] = '\0';
- 				entry.filename_len--;
-diff --git a/ext/phar/tests/bug69453.phpt b/ext/phar/tests/bug69453.phpt
-new file mode 100644
-index 0000000..4a2a37f
---- /dev/null
-+++ b/ext/phar/tests/bug69453.phpt
-@@ -0,0 +1,21 @@
-+--TEST--
-+Phar: bug #69453: Memory Corruption in phar_parse_tarfile when entry filename starts with null
-+--SKIPIF--
-+<?php if (!extension_loaded("phar")) die("skip"); ?>
-+--FILE--
-+<?php
-+$fname = dirname(__FILE__) . '/bug69453.tar.phar';
-+try {
-+$r = new Phar($fname, 0);
-+} catch(UnexpectedValueException $e) {
-+	echo $e;
-+}
-+?>
-+
-+==DONE==
-+--EXPECTF--
-+exception 'UnexpectedValueException' with message 'phar error: "%s/bug69453.tar.phar" is a corrupted tar file (checksum mismatch of file "")' in %s:%d
-+Stack trace:
-+#0 %s/bug69453.php(%d): Phar->__construct('%s', 0)
-+#1 {main}
-+==DONE==
-\ No newline at end of file
--- 
-2.1.4
-
upstream/oracle/userland-gate