File php-5.3.3-CVE-2011-3268.patch of Package php5

http://svn.php.net/viewvc?view=revision&revision=312919
--- ext/standard/crypt.c	2011/01/01 02:19:59	306939
+++ ext/standard/crypt.c	2011/07/04 23:38:09	312919
@@ -179,6 +179,8 @@
 		salt[2] = '\0';
 #endif
 		salt_in_len = strlen(salt);
+	} else {
+		salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len);
 	}
 
 /* Windows (win32/crypt) has a stripped down version of libxcrypt and 

openSUSE Build Service is sponsored by