Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.3:Update
php5.3101
php-5.3.17-CVE-2014-3487.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-5.3.17-CVE-2014-3487.patch of Package php5.3101
X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Ffileinfo%2Flibmagic%2Fcdf.c;h=429f3b952f68d1ef7f2ebb4925ef5b16c54b7833;hp=ee467a6671ed93b91728f9820ed643efaab736a9;hb=25b1dc917a53787dbb2532721ca22f3f36eb13c0;hpb=da5d40bae6505364c3604385a2b6ae4e27a4a5d6 diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c index ee467a6..429f3b9 100644 --- ext/fileinfo/libmagic/cdf.c +++ ext/fileinfo/libmagic/cdf.c @@ -812,7 +812,11 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, if (cdf_check_stream_offset(sst, h, e, 0, __LINE__) == -1) goto out; for (i = 0; i < sh.sh_properties; i++) { - size_t ofs = CDF_GETUINT32(p, (i << 1) + 1); + size_t ofs, tail = (i << 1) + 1; + if (cdf_check_stream_offset(sst, h, p, tail * sizeof(uint32_t), + __LINE__) == -1) + goto out; + ofs = CDF_GETUINT32(p, tail); q = (const uint8_t *)(const void *) ((const char *)(const void *)p + ofs - 2 * sizeof(uint32_t));
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor