Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.3:Update
php5
php-5.3.17-CVE-2014-3515.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-5.3.17-CVE-2014-3515.patch of Package php5
From: Stanislav Malyshev <stas@php.net> Date: Sun, 22 Jun 2014 02:46:16 +0000 (-0700) Subject: Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion X-Git-Tag: php-5.4.30~6 X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=commitdiff_plain;h=88223c5245e9b470e1e6362bfd96829562ffe6ab Fix bug #67492: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion --- Index: ext/spl/spl_array.c =================================================================== --- ext/spl/spl_array.c.orig 2014-06-30 17:45:07.373212272 +0200 +++ ext/spl/spl_array.c 2014-06-30 17:49:00.493207840 +0200 @@ -1806,7 +1806,7 @@ ++p; ALLOC_INIT_ZVAL(pmembers); - if (!php_var_unserialize(&pmembers, &p, s + buf_len, var_hash_p TSRMLS_CC)) { + if (!php_var_unserialize(&pmembers, &p, s + buf_len, var_hash_p TSRMLS_CC) || Z_TYPE_P(pmembers) != IS_ARRAY) { zval_ptr_dtor(&pmembers); goto outexcept; } Index: ext/spl/spl_observer.c =================================================================== --- ext/spl/spl_observer.c.orig 2014-06-30 17:44:43.821212720 +0200 +++ ext/spl/spl_observer.c 2014-06-30 17:45:07.373212272 +0200 @@ -801,7 +801,7 @@ ++p; ALLOC_INIT_ZVAL(pmembers); - if (!php_var_unserialize(&pmembers, &p, s + buf_len, &var_hash TSRMLS_CC)) { + if (!php_var_unserialize(&pmembers, &p, s + buf_len, &var_hash TSRMLS_CC) || Z_TYPE_P(pmembers) != IS_ARRAY) { zval_ptr_dtor(&pmembers); goto outexcept; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor