2 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4153
4 http://svn.php.net/viewvc?view=revision&revision=319442
6 --- php-5.3.3/ext/standard/syslog.c.cve4153
7 +++ php-5.3.3/ext/standard/syslog.c
8 @@ -234,6 +234,9 @@ PHP_FUNCTION(openlog)
9 free(BG(syslog_device));
11 BG(syslog_device) = zend_strndup(ident, ident_len);
12 + if(BG(syslog_device) == NULL) {
15 openlog(BG(syslog_device), option, facility);
18 --- php-5.3.3/Zend/zend_builtin_functions.c.cve4153
19 +++ php-5.3.3/Zend/zend_builtin_functions.c
20 @@ -683,6 +683,9 @@ repeat:
22 c.flags = case_sensitive; /* non persistent */
23 c.name = zend_strndup(name, name_len);
24 + if (c.name == NULL) {
27 c.name_len = name_len+1;
28 c.module_number = PHP_USER_CONSTANT;
29 if (zend_register_constant(&c TSRMLS_CC) == SUCCESS) {