packages: php/php-buff_ovf.patch (NEW) - stack buffer overflow patch to soc...
marti
marti at pld-linux.org
Tue May 24 07:39:18 CEST 2011
Author: marti Date: Tue May 24 05:39:18 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- stack buffer overflow patch to socket_connect()
---- Files affected:
packages/php:
php-buff_ovf.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: packages/php/php-buff_ovf.patch
diff -u /dev/null packages/php/php-buff_ovf.patch:1.1
--- /dev/null Tue May 24 07:39:18 2011
+++ packages/php/php-buff_ovf.patch Tue May 24 07:39:13 2011
@@ -0,0 +1,16 @@
+diff -ur php-5.3.6-orig//ext/sockets/sockets.c php-5.3.6//ext/sockets/sockets.c
+--- php-5.3.6-orig//ext/sockets/sockets.c 2011-01-01 03:19:59.000000000 +0100
++++ php-5.3.6//ext/sockets/sockets.c 2011-05-24 07:09:54.592779164 +0200
+@@ -1333,6 +1333,11 @@
+ break;
+
+ case AF_UNIX:
++ if (addr_len >= sizeof(s_un.sun_path)) {
++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Path too long", php_sock->type);
++ RETURN_FALSE;
++ }
++
+ memset(&s_un, 0, sizeof(struct sockaddr_un));
+
+ s_un.sun_family = AF_UNIX;
+Tylko w php-5.3.6//ext/sockets: sockets.c~
================================================================
More information about the pld-cvs-commit
mailing list