Overview

File php-5.3.5-CVE-2012-3365.patch of Package php5

http://git.php.net/?p=php-src.git;a=commit;h=055ecbc62878e86287d742c7246c21606cee8183
Index: ext/pdo_sqlite/sqlite_driver.c
===================================================================
--- ext/pdo_sqlite/sqlite_driver.c.orig
+++ ext/pdo_sqlite/sqlite_driver.c
@@ -636,7 +636,7 @@ static struct pdo_dbh_methods sqlite_met
 
 static char *make_filename_safe(const char *filename TSRMLS_DC)
 {
-	if (*filename && strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
+	if (*filename && memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
 
 		if (!fullpath) {
Index: ext/sqlite3/sqlite3.c
===================================================================
--- ext/sqlite3/sqlite3.c.orig
+++ ext/sqlite3/sqlite3.c
@@ -114,7 +114,7 @@
 		zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Already initialised DB Object", 0 TSRMLS_CC);
 	}
 
-	if (strncmp(filename, ":memory:", 8) != 0) {
+	if (memcmp(filename, ":memory:", sizeof(":memory:")) != 0) {
 		if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
 			zend_throw_exception(zend_exception_get_default(TSRMLS_C), "Unable to expand filepath", 0 TSRMLS_CC);
 			return;
@@ -1820,7 +1820,7 @@
 	switch (access_type) {
 		case SQLITE_ATTACH:
 		{
-			if (strncmp(arg3, ":memory:", sizeof(":memory:")-1) && *arg3) {
+			if (memcmp(arg3, ":memory:", sizeof(":memory:")) && *arg3) {
 				TSRMLS_FETCH();
 
 #if PHP_API_VERSION < 20100412
Index: ext/sqlite/pdo_sqlite2.c
===================================================================
--- ext/sqlite/pdo_sqlite2.c.orig
+++ ext/sqlite/pdo_sqlite2.c
@@ -515,7 +515,7 @@ static struct pdo_dbh_methods sqlite2_me
 
 static char *make_filename_safe(const char *filename TSRMLS_DC)
 {
-	if (*filename && strncmp(filename, ":memory:", sizeof(":memory:")-1)) {
+	if (*filename && memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		char *fullpath = expand_filepath(filename, NULL TSRMLS_CC);
 
 		if (!fullpath) {
Index: ext/sqlite/sqlite.c
===================================================================
--- ext/sqlite/sqlite.c.orig
+++ ext/sqlite/sqlite.c
@@ -1064,7 +1064,7 @@
 {
 	switch (access_type) {
 		case SQLITE_COPY:
-			if (strncmp(arg4, ":memory:", sizeof(":memory:") - 1)) {
+			if (memcmp(arg4, ":memory:", sizeof(":memory:"))) {
 				TSRMLS_FETCH();
 				if (PG(safe_mode) && (!php_checkuid(arg4, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
 					return SQLITE_DENY;
@@ -1077,7 +1077,7 @@
 			return SQLITE_OK;
 #ifdef SQLITE_ATTACH
 		case SQLITE_ATTACH:
-			if (strncmp(arg3, ":memory:", sizeof(":memory:") - 1)) {
+			if (memcmp(arg3, ":memory:", sizeof(":memory:"))) {
 				TSRMLS_FETCH();
 				if (PG(safe_mode) && (!php_checkuid(arg3, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
 					return SQLITE_DENY;
@@ -1560,7 +1560,7 @@
 		ZVAL_NULL(errmsg);
 	}
 
-	if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
+	if (memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		/* resolve the fully-qualified path name to use as the hash key */
 		if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
 			RETURN_FALSE;
@@ -1637,7 +1637,7 @@
 		ZVAL_NULL(errmsg);
 	}
 
-	if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
+	if (memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		/* resolve the fully-qualified path name to use as the hash key */
 		if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
 			zend_restore_error_handling(&error_handling TSRMLS_CC);
@@ -1690,7 +1690,7 @@
 		ZVAL_NULL(errmsg);
 	}
 
-	if (strncmp(filename, ":memory:", sizeof(":memory:") - 1)) {
+	if (memcmp(filename, ":memory:", sizeof(":memory:"))) {
 		/* resolve the fully-qualified path name to use as the hash key */
 		if (!(fullpath = expand_filepath(filename, NULL TSRMLS_CC))) {
 			zend_restore_error_handling(&error_handling TSRMLS_CC);
openSUSE Build Service is sponsored by
Places