X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;ds=inline;f=php-CVE-2006-1490.patch;fp=php-CVE-2006-1490.patch;h=f1b3590cb0c141d06e4478e5a8f745c8b5662fd1;hb=44606c9b9421a15197b4a4456d362ee0bc594154;hp=0000000000000000000000000000000000000000;hpb=43aa3e8d4d41896a6ec4c47a282a1ea340f405c1;p=packages%2Fphp.git

diff --git a/php-CVE-2006-1490.patch b/php-CVE-2006-1490.patch
new file mode 100644
index 0000000..f1b3590
--- /dev/null
+++ b/php-CVE-2006-1490.patch
@@ -0,0 +1,20 @@
+PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of
+memory via crafted binary data sent to a script that processes user
+input in the html_entity_decode function and sends the encoded results
+back to the client, aka a "binary safety" issue. NOTE: this issue has
+been referred to as a "memory leak," but it is an information leak that
+discloses memory contents.
+
+Patch pulled from cvs.php.net
+
+--- php-5.1.2/ext/standard/html.c	2006/01/01 12:50:14	1.111.2.1
++++ php-5.1.2/ext/standard/html.c	2006/02/25 21:32:11	1.111.2.2
+@@ -884,7 +884,7 @@
+ 	unsigned char replacement[15];
+ 	int replacement_len;
+ 
+-	ret = estrdup(old);
++	ret = estrndup(old, oldlen);
+ 	retlen = oldlen;
+ 	if (!retlen) {
+ 		goto empty_source;