File php-CVE-2014-9705.patch of Package php5.openSUSE_Leap_42.1_Update
https://bugzilla.suse.com/show_bug.cgi?id=922451#c12
--- ext/enchant/enchant.c 2014-06-25 15:06:23.000000000 +0200
+++ ext/enchant/enchant.c 2015-03-19 11:32:48.517178050 +0100
@@ -550,13 +550,12 @@
d = enchant_broker_request_dict(pbroker->pbroker, (const char *)tag);
if (d) {
- if (pbroker->dictcnt) {
+ pos = pbroker->dictcnt++;
+ if (pos) {
pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
- pos = pbroker->dictcnt++;
} else {
pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
pos = 0;
- pbroker->dictcnt++;
}
dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
@@ -607,14 +606,14 @@
d = enchant_broker_request_pwl_dict(pbroker->pbroker, (const char *)pwl);
if (d) {
- if (pbroker->dictcnt) {
- pos = pbroker->dictcnt++;
+ pos = pbroker->dictcnt++;
+ if (pos) {
pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
} else {
pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
pos = 0;
- pbroker->dictcnt++;
}
+
dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
dict->id = pos;
dict->pbroker = pbroker;