Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php-5_3/php-sapi/patches/211_php_19556437.patch
author Craig Mohrman <craig.mohrman@oracle.com>
Wed, 11 Feb 2015 10:30:02 -0800
branchs11u2-sru
changeset 3810 8421290d92e0
permissions -rw-r--r--
19838509 upgrade php to version 5.3.29 18857741 problem in UTILITY/PHP 18890894 problem in UTILITY/PHP 18890895 problem in UTILITY/PHP 19003253 problem in UTILITY/PHP 19167518 problem in UTILITY/PHP 19519142 problem in UTILITY/PHP 19556437 problem in UTILITY/PHP 19707971 problem in UTILITY/PHP 19796954 problem in UTILITY/PHP 20258327 problem in UTILITY/PHP 20488612 announce PHP 5.2 EOF in man page

Fix for CVE-2014-3587
Patch from PHP community:
http://git.php.net/?p=php-src.git;a=blobdiff;f=ext/fileinfo/libmagic/cdf.c;h=2c0a2d9dfcd803e21fb40cd04c48a679aa09a6df;hp=429f3b952f68d1ef7f2ebb4925ef5b16c54b7833;hb=35f32637b08ca6397829138ed45a0768f592f262;hpb=eab42649ab9c6d949dc8e1ba9e31124e9cfb3b1b


diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c
index 429f3b9..2c0a2d9 100644
--- a/ext/fileinfo/libmagic/cdf.c
+++ b/ext/fileinfo/libmagic/cdf.c
@@ -820,7 +820,7 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
 		q = (const uint8_t *)(const void *)
 		    ((const char *)(const void *)p + ofs
 		    - 2 * sizeof(uint32_t));
-		if (q > e) {
+		if (q < p || q > e) {
 			DPRINTF(("Ran of the end %p > %p\n", q, e));
 			goto out;
 		}
upstream/oracle/userland-gate