Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/php-5_3/php-sapi/patches/264_php_20936509.patch
author Craig Mohrman <craig.mohrman@oracle.com>
Tue, 16 Jun 2015 14:11:47 -0700
changeset 4494 f5b717124172
permissions -rw-r--r--
20192108 problem in UTILITY/PHP 20231115 problem in UTILITY/PHP 20936509 problem in UTILITY/PHP 20804024 problem in UTILITY/PHP 20804061 problem in UTILITY/PHP 20804135 problem in UTILITY/PHP 20804363 problem in UTILITY/PHP 20804424 problem in UTILITY/PHP 20433657 problem in UTILITY/PHP 20803998 problem in UTILITY/PHP 20804391 problem in UTILITY/PHP

CVE-2015-2301
Community BUG:
https://bugs.php.net/bug.php?id=68901
Community CODE:
http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b
Below is the community patch.


diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
index 3671054..712795b 100644
--- a/ext/phar/phar_object.c
+++ b/ext/phar/phar_object.c
@@ -2139,8 +2139,8 @@ static zval *phar_rename_archive(phar_archive_data *phar, char *ext, zend_bool c
 	}
 its_ok:
 	if (SUCCESS == php_stream_stat_path(newpath, &ssb)) {
-		efree(oldpath);
 		zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "phar \"%s\" exists and must be unlinked prior to conversion", newpath);
+		efree(oldpath);
 		return NULL;
 	}
 	if (!phar->is_data) {
upstream/oracle/userland-gate