[packages/php/PHP_7_0] - hopefuly it's the same patch as adamg intended

Fri Oct 25 14:29:12 CEST 2019

commit bbb6e53594778f2bcfe65384a074d5f6c349addc
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Fri Oct 25 14:29:05 2019 +0200

    - hopefuly it's the same patch as adamg intended

 php-CVE-2019-11043.patch | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
---

diff --git a/php-CVE-2019-11043.patch b/php-CVE-2019-11043.patch
new file mode 100644
index 0000000..a841677
--- /dev/null
+++ b/php-CVE-2019-11043.patch
@@ -0,0 +1,22 @@
+commit ab061f95ca966731b1c84cf5b7b20155c0a1c06a
+Author: Jakub Zelenka <bukka at php.net>
+Date:   Sat Oct 12 15:56:16 2019 +0100
+
+    Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
+
+diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
+index 24a7e5d56a..50f92981f1 100644
+--- a/sapi/fpm/fpm/fpm_main.c
++++ b/sapi/fpm/fpm/fpm_main.c
+@@ -1209,8 +1209,8 @@ static void init_request_info(void)
+ 								path_info = script_path_translated + ptlen;
+ 								tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0));
+ 							} else {
+-								path_info = env_path_info ? env_path_info + pilen - slen : NULL;
+-								tflag = (orig_path_info != path_info);
++								path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL;
++								tflag = path_info && (orig_path_info != path_info);
+ 							}
+ 
+ 							if (tflag) {
+
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/bbb6e53594778f2bcfe65384a074d5f6c349addc

