File php-5.3.5-CVE-2012-2688.patch of Package php5

http://git.php.net/?p=php-src.git;a=commit;h=fc74503792b1ee92e4b813690890f3ed38fa3ad5
Index: main/streams/streams.c
===================================================================
--- main/streams/streams.c.orig
+++ main/streams/streams.c
@@ -2164,6 +2164,11 @@ PHPAPI int _php_stream_scandir(char *dir
 			if (vector_size == 0) {
 				vector_size = 10;
 			} else {
+				if(vector_size*2 < vector_size) {
+					/* overflow */
+					efree(vector);
+					return FAILURE;
+				}
 				vector_size *= 2;
 			}
 			vector = (char **) erealloc(vector, vector_size * sizeof(char *));
openSUSE Build Service is sponsored by