SOURCES: php4-CVE-2006-1490.patch (NEW) - new - binary safeness in...
adamg
adamg at pld-linux.org
Wed Apr 19 19:52:19 CEST 2006
Author: adamg Date: Wed Apr 19 17:52:19 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- new - binary safeness in html_decode()
---- Files affected:
SOURCES:
php4-CVE-2006-1490.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/php4-CVE-2006-1490.patch
diff -u /dev/null SOURCES/php4-CVE-2006-1490.patch:1.1
--- /dev/null Wed Apr 19 19:52:19 2006
+++ SOURCES/php4-CVE-2006-1490.patch Wed Apr 19 19:52:14 2006
@@ -0,0 +1,20 @@
+PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of
+memory via crafted binary data sent to a script that processes user
+input in the html_entity_decode function and sends the encoded results
+back to the client, aka a "binary safety" issue. NOTE: this issue has
+been referred to as a "memory leak," but it is an information leak that
+discloses memory contents.
+
+Patch pulled from cvs.php.net
+
+--- php-4.4.2/ext/standard/html.c 2006/01/01 13:46:57 1.63.2.23.2.1
++++ php-4.4.2/ext/standard/html.c 2006/02/25 21:33:06 1.63.2.23.2.2
+@@ -793,7 +793,7 @@
+ enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
+ unsigned char replacement[15];
+
+- ret = estrdup(old);
++ ret = estrndup(old, oldlen);
+ retlen = oldlen;
+ if (!retlen) {
+ goto empty_source;
================================================================
More information about the pld-cvs-commit
mailing list