Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:dmfr
php5
php-5.3.17-CVE-2014-0207.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-5.3.17-CVE-2014-0207.patch of Package php5
From: Remi Collet <remi@php.net> Date: Tue, 3 Jun 2014 09:05:00 +0000 (+0200) Subject: Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check X-Git-Tag: php-5.4.30RC1~33 X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=commitdiff_plain;h=4fcb9a9d1b1063a65fbeb27395de4979c75bd962 Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check Upstream fix https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391.patch Only revelant part applied --- diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c index 4712e84..16649f1 100644 --- ext/fileinfo/libmagic/cdf.c +++ ext/fileinfo/libmagic/cdf.c @@ -365,10 +365,10 @@ cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs, size_t ss = CDF_SHORT_SEC_SIZE(h); size_t pos = CDF_SHORT_SEC_POS(h, id); assert(ss == len); - if (pos > CDF_SEC_SIZE(h) * sst->sst_len) { + if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) { DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", - pos, CDF_SEC_SIZE(h) * sst->sst_len)); + pos + len, CDF_SEC_SIZE(h) * sst->sst_len)); return -1; } (void)memcpy(((char *)buf) + offs,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor