File php-5.3.15-CVE-2012-3365.patch of Package php5

http://git.php.net/?p=php-src.git;a=commit;h=055ecbc62878e86287d742c7246c21606cee8183
Index: ext/sqlite/pdo_sqlite2.c
===================================================================
--- ext/sqlite/pdo_sqlite2.c.orig
+++ ext/sqlite/pdo_sqlite2.c
@@ -515,7 +515,7 @@ static struct pdo_dbh_methods sqlite2_me
 
 static char *make_filename_safe(const char *filename TSRMLS_DC)
 {
-	if (*filename && strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
+	if (*filename && memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
 
 		if (!fullpath) {
Index: ext/sqlite/sqlite.c
===================================================================
--- ext/sqlite/sqlite.c.orig
+++ ext/sqlite/sqlite.c
@@ -1064,7 +1064,7 @@ static int php_sqlite_authorizer(void *a
 {
 	switch (access_type) {
 		case SQLITE_COPY:
-			if (strncmp(arg4, ":memory:", sizeof(":memory:") - 1)) {
+			if (memcmp(arg4, ":memory:", sizeof(":memory:"))) {
 				TSRMLS_FETCH();
 				if (PG(safe_mode) && (!php_checkuid(arg4, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
 					return SQLITE_DENY;
@@ -1077,7 +1077,7 @@ static int php_sqlite_authorizer(void *a
 			return SQLITE_OK;
 #ifdef SQLITE_ATTACH
 		case SQLITE_ATTACH:
-			if (strncmp(arg3, ":memory:", sizeof(":memory:") - 1)) {
+			if (memcmp(arg3, ":memory:", sizeof(":memory:"))) {
 				TSRMLS_FETCH();
 				if (PG(safe_mode) && (!php_checkuid(arg3, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
 					return SQLITE_DENY;
@@ -1563,7 +1563,7 @@ PHP_FUNCTION(sqlite_popen)
 	if (strlen(filename) != filename_len) {
 		RETURN_FALSE;
 	}
-	if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
+	if (memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		/* resolve the fully-qualified path name to use as the hash key */
 		if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
 			RETURN_FALSE;
@@ -1645,7 +1645,7 @@ PHP_FUNCTION(sqlite_open)
 		RETURN_FALSE;
 	}
 
-	if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
+	if (memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		/* resolve the fully-qualified path name to use as the hash key */
 		if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
 			zend_restore_error_handling(&error_handling TSRMLS_CC);
@@ -1703,7 +1703,7 @@ PHP_FUNCTION(sqlite_factory)
 		RETURN_FALSE;
 	}
 
-	if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
+	if (memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		/* resolve the fully-qualified path name to use as the hash key */
 		if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
 			zend_restore_error_handling(&error_handling TSRMLS_CC);
openSUSE Build Service is sponsored by