File php-5.1.2-CVE-2007-0906-session.patch of Package php - openSUSE Build Service

File php-5.1.2-CVE-2007-0906-session.patch of Package php

--- ext/session/session.c
+++ ext/session/session.c
@@ -445,6 +445,11 @@ PS_SERIALIZER_DECODE_FUNC(php_binary)
 
 	for (p = val; p < endptr; ) {
 		namelen = *p & (~PS_BIN_UNDEF);
+
+		if (namelen < 0 || namelen > PS_BIN_MAX || (p + namelen) >= endptr) {
+			return FAILURE;
+		}
+
 		has_value = *p & PS_BIN_UNDEF ? 0 : 1;
 
 		name = estrndup(p + 1, namelen);

openSUSE Build Service is sponsored by