File php-5.3.5-CVE-2011-1466.patch of Package php5
http://svn.php.net/viewvc/?view=revision&revision=306475
http://svn.php.net/viewvc/?view=revision&revision=317360
http://svn.php.net/viewvc/?view=revision&revision=317387
Index: ext/calendar/gregor.c
===================================================================
--- ext/calendar/gregor.c.orig
+++ ext/calendar/gregor.c
@@ -127,6 +127,7 @@
**************************************************************************/
#include "sdncal.h"
+#include <limits.h>
#define GREGOR_SDN_OFFSET 32045
#define DAYS_PER_5_MONTHS 153
@@ -146,21 +147,12 @@ void SdnToGregorian(
long int temp;
int dayOfYear;
- if (sdn <= 0) {
- *pYear = 0;
- *pMonth = 0;
- *pDay = 0;
- return;
+ if (sdn <= 0 ||
+ sdn > (LONG_MAX - 4 * GREGOR_SDN_OFFSET) / 4) {
+ goto fail;
}
temp = (sdn + GREGOR_SDN_OFFSET) * 4 - 1;
- if (temp < 0) {
- *pYear = 0;
- *pMonth = 0;
- *pDay = 0;
- return;
- }
-
/* Calculate the century (year/100). */
century = temp / DAYS_PER_400_YEARS;
@@ -190,6 +182,11 @@ void SdnToGregorian(
*pYear = year;
*pMonth = month;
*pDay = day;
+ return;
+fail:
+ *pYear = 0;
+ *pMonth = 0;
+ *pDay = 0;
}
long int GregorianToSdn(
Index: ext/calendar/julian.c
===================================================================
--- ext/calendar/julian.c.orig
+++ ext/calendar/julian.c
@@ -146,6 +146,7 @@
**************************************************************************/
#include "sdncal.h"
+#include <limits.h>
#define JULIAN_SDN_OFFSET 32083
#define DAYS_PER_5_MONTHS 153
@@ -164,15 +165,22 @@ void SdnToJulian(
int dayOfYear;
if (sdn <= 0) {
- *pYear = 0;
- *pMonth = 0;
- *pDay = 0;
- return;
+ goto fail;
}
- temp = (sdn + JULIAN_SDN_OFFSET) * 4 - 1;
+ /* Check for overflow */
+ if (sdn > (LONG_MAX - JULIAN_SDN_OFFSET * 4 + 1) / 4 || sdn < LONG_MIN / 4) {
+ goto fail;
+ }
+ temp = sdn * 4 + (JULIAN_SDN_OFFSET * 4 - 1);
/* Calculate the year and day of year (1 <= dayOfYear <= 366). */
- year = temp / DAYS_PER_4_YEARS;
+ {
+ long yearl = temp / DAYS_PER_4_YEARS;
+ if (yearl > INT_MAX || yearl < INT_MIN) {
+ goto fail;
+ }
+ year = (int) yearl;
+ }
dayOfYear = (temp % DAYS_PER_4_YEARS) / 4 + 1;
/* Calculate the month and day of month. */
@@ -196,6 +204,12 @@ void SdnToJulian(
*pYear = year;
*pMonth = month;
*pDay = day;
+ return;
+
+fail:
+ *pYear = 0;
+ *pMonth = 0;
+ *pDay = 0;
}
long int JulianToSdn(