File php-5.3.17-CVE-2014-3480.patch of Package php5.openSUSE_12.3_Update

X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Ffileinfo%2Flibmagic%2Fcdf.c;h=ee467a6671ed93b91728f9820ed643efaab736a9;hp=c9a5d50a35bae973cc01801a422c94f8ff9cd86d;hb=40ef6e07e0b2cdced57c506e08cf18f47122292d;hpb=2b33a41162a729b3b680fa2015efe11f15cc3114

diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c
index c9a5d50..ee467a6 100644
--- ext/fileinfo/libmagic/cdf.c
+++ ext/fileinfo/libmagic/cdf.c
@@ -470,7 +470,8 @@ size_t
 cdf_count_chain(const cdf_sat_t *sat, cdf_secid_t sid, size_t size)
 {
 	size_t i, j;
-	cdf_secid_t maxsector = (cdf_secid_t)(sat->sat_len * size);
+	cdf_secid_t maxsector = (cdf_secid_t)((sat->sat_len * size)
+	    / sizeof(maxsector));
 
 	DPRINTF(("Chain:"));
 	for (j = i = 0; sid >= 0; i++, j++) {
@@ -480,8 +481,8 @@ cdf_count_chain(const cdf_sat_t *sat, cdf_secid_t sid, size_t size)
 			errno = EFTYPE;
 			return (size_t)-1;
 		}
-		if (sid > maxsector) {
-			DPRINTF(("Sector %d > %d\n", sid, maxsector));
+		if (sid >= maxsector) {
+			DPRINTF(("Sector %d >= %d\n", sid, maxsector));
 			errno = EFTYPE;
 			return (size_t)-1;
 		}

Places

File php-5.3.17-CVE-2014-3480.patch of Package php5.openSUSE_12.3_Update

Places