File php-5.3.3-CVE-2010-4156.patch of Package php5

Index: ext/mbstring/libmbfl/mbfl/mbfilter.c
===================================================================
--- ext/mbstring/libmbfl/mbfl/mbfilter.c.orig
+++ ext/mbstring/libmbfl/mbfl/mbfilter.c
@@ -1398,6 +1398,11 @@ mbfl_strcut(
 			end   = start + (length & -4);
 		} else if ((encoding->flag & MBFL_ENCTYPE_SBCS)) {
 			start = string->val + from;
+
+                        if (from + length >= string->len) {
+                          length = string->len - from;
+                        }
+
 			end = start + length;
 		} else if (encoding->mblen_table != NULL) {
 			const unsigned char *mbtab = encoding->mblen_table;
openSUSE Build Service is sponsored by