File php-CVE-2016-4346.patch of Package php5.openSUSE_Leap_42.1_Update
Index: php-5.6.1/ext/standard/string.c
===================================================================
--- php-5.6.1.orig/ext/standard/string.c 2014-10-01 11:17:38.000000000 +0200
+++ php-5.6.1/ext/standard/string.c 2016-05-03 16:42:30.404248024 +0200
@@ -5256,11 +5256,11 @@
}
num_pad_chars = pad_length - input_len;
- if (num_pad_chars >= INT_MAX) {
+ if (num_pad_chars >= INT_MAX - 1) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Padding length is too long");
return;
}
- result = (char *)emalloc(input_len + num_pad_chars + 1);
+ result = (char *)safe_emalloc(input_len, 1, num_pad_chars + 1);
/* We need to figure out the left/right padding lengths. */
switch (pad_type_val) {