Overview

File php-5.1.2-CVE-2007-1521.patch of Package php

# CVE-2007-1521 aka MOPB-22-2007
# setting to NULL is probably not necessary _everywhere_, but doesn't hurt ;-)
--- ext/session/session.c
+++ ext/session/session.c
@@ -1496,7 +1496,10 @@ PHP_FUNCTION(session_id)
 
 	if (ac == 1) {
 		convert_to_string_ex(p_name);
-		if (PS(id)) efree(PS(id));
+		if (PS(id)) {
+			efree(PS(id));
+			PS(id) = NULL;
+		}
 		PS(id) = estrndup(Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name));
 	}
 	
@@ -1521,6 +1524,7 @@ PHP_FUNCTION(session_regenerate_id)
 				RETURN_FALSE;
 			}
 			efree(PS(id));
+			PS(id) = NULL;
 		}
 	
 		PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
@@ -1809,6 +1813,7 @@ static void php_rshutdown_session_global
 	}
 	if (PS(id)) {
 		efree(PS(id));
+		PS(id) = NULL;
 	}
 }
openSUSE Build Service is sponsored by
Places