Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
devel:languages:php:php53
php5
php-5.3.3-CVE-2014-3710.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-5.3.3-CVE-2014-3710.patch of Package php5
From 1803228597e82218a8c105e67975bc50e6f5bf0d Mon Sep 17 00:00:00 2001 From: Remi Collet <remi@php.net> Date: Wed, 22 Oct 2014 15:37:04 +0200 Subject: [PATCH] Fix bug #68283: fileinfo: out-of-bounds read in elf note headers Upstream commit https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0 CVE -2014-3710 --- ext/fileinfo/libmagic/readelf.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ext/fileinfo/libmagic/readelf.c b/ext/fileinfo/libmagic/readelf.c index 1c3845f..bb6f70f 100644 --- a/ext/fileinfo/libmagic/readelf.c +++ b/ext/fileinfo/libmagic/readelf.c @@ -372,6 +372,13 @@ donote(struct magic_set *ms, void *vbuf, size_t offset, size_t size, #endif uint32_t namesz, descsz; + if (xnh_sizeof + offset > size) { + /* + * We're out of note headers. + */ + return xnh_sizeof + offset; + } + (void)memcpy(xnh_addr, &nbuf[offset], xnh_sizeof); offset += xnh_sizeof; -- 2.1.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor