Overview

File php-CVE-2016-4346.patch of Package php5.openSUSE_Leap_42.1_Update

Index: php-5.6.1/ext/standard/string.c
===================================================================
--- php-5.6.1.orig/ext/standard/string.c	2014-10-01 11:17:38.000000000 +0200
+++ php-5.6.1/ext/standard/string.c	2016-05-03 16:42:30.404248024 +0200
@@ -5256,11 +5256,11 @@
 	}
 
 	num_pad_chars = pad_length - input_len;
-	if (num_pad_chars >= INT_MAX) {
+	if (num_pad_chars >= INT_MAX - 1) {
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Padding length is too long");
 		return;
 	}
-	result = (char *)emalloc(input_len + num_pad_chars + 1);
+	result = (char *)safe_emalloc(input_len, 1, num_pad_chars + 1);
 
 	/* We need to figure out the left/right padding lengths. */
 	switch (pad_type_val) {
openSUSE Build Service is sponsored by
Places