Overview

File php-5.1.2-CVE-2007-0988.patch of Package php

--- Zend/zend_hash.c	2007/01/10 15:58:07	1.121.2.4.2.5
+++ Zend/zend_hash.c	2007/01/20 23:10:02	1.121.2.4.2.6
@@ -141,11 +141,16 @@
 
 	SET_INCONSISTENT(HT_OK);
 
-	while ((1U << i) < nSize) {
-		i++;
+	if (nSize >= 0x80000000) {
+		/* prevent overflow */
+		ht->nTableSize = 0x80000000;
+	} else {
+		while ((1U << i) < nSize) {
+			i++;
+		}
+		ht->nTableSize = 1 << i;
 	}
 
-	ht->nTableSize = 1 << i;
 	ht->nTableMask = ht->nTableSize - 1;
 	ht->pDestructor = pDestructor;
 	ht->arBuckets = NULL;
openSUSE Build Service is sponsored by
Places