]> git.pld-linux.org Git - packages/php.git/commitdiff
projects / packages / php.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f462585)
- obsolete
authorJakub Bogusz <qboosh@pld-linux.org>
Tue, 8 May 2007 16:42:43 +0000 (16:42 +0000)
committercvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
Changed files:
    php-5.1.6-CVE-2007-0455.patch -> 1.2
    php-5.1.6-CVE-2007-1001.patch -> 1.2
    php-5.1.6-CVE-2007-1583.patch -> 1.2
    php-5.1.6-CVE-2007-1718.patch -> 1.2

php-5.1.6-CVE-2007-0455.patch [deleted file] patch | blob | blame | history
php-5.1.6-CVE-2007-1001.patch [deleted file] patch | blob | blame | history
php-5.1.6-CVE-2007-1583.patch [deleted file] patch | blob | blame | history
php-5.1.6-CVE-2007-1718.patch [deleted file] patch | blob | blame | history

diff --git a/php-5.1.6-CVE-2007-0455.patch b/php-5.1.6-CVE-2007-0455.patch
deleted file mode 100644 (file)
index 875b6b3..0000000
--- a/php-5.1.6-CVE-2007-0455.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-
-https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235028
-
---- php-5.1.6/ext/gd/libgd/gdft.c.cve0455
-+++ php-5.1.6/ext/gd/libgd/gdft.c
-@@ -967,7 +967,7 @@
-                                       } else {
-                                               ch = c & 0xFF;  /* don't extend sign */
-                                       }
--                                      next++;
-+                                      if (*next) next++;
-                               }
-                               break;
-                       case gdFTEX_Big5: {
diff --git a/php-5.1.6-CVE-2007-1001.patch b/php-5.1.6-CVE-2007-1001.patch
deleted file mode 100644 (file)
index 84d679c..0000000
--- a/php-5.1.6-CVE-2007-1001.patch
+++ /dev/null
@@ -1,38 +0,0 @@
---- php-5.1.6/ext/gd/libgd/wbmp.c.cve1001
-+++ php-5.1.6/ext/gd/libgd/wbmp.c
-@@ -102,6 +102,8 @@
-   return (0);
- }
-+#define SAFE_MULTIPLE(x,y) (x == 0 || y == 0 || (x > 0 && y > 0 && (x < INT_MAX / y)))
-+
- /* create wbmp
-    ** -----------
-    ** create an empty wbmp
-@@ -116,6 +118,12 @@
-   if ((wbmp = (Wbmp *) gdMalloc (sizeof (Wbmp))) == NULL)
-     return (NULL);
-+  if (!SAFE_MULTIPLE(width, height)) {
-+      php_gd_error("createwbmp: Integer overflow from WBMP image height/width (%d x %d)\n", width, height);
-+      gdFree(wbmp);
-+      return NULL;
-+  }
-+
-   if ((wbmp->bitmap = (int *) safe_emalloc(sizeof(int), width * height, 0)) == NULL)
-     {
-       gdFree (wbmp);
-@@ -176,6 +184,13 @@
-   printf ("W: %d, H: %d\n", wbmp->width, wbmp->height);
- #endif
-+  if (!SAFE_MULTIPLE(wbmp->width, wbmp->height)) {
-+      php_gd_error("readwbmp: Integer overflow from WBMP image height/width (%d x %d)\n", 
-+                   wbmp->width, wbmp->height);
-+      gdFree(wbmp);
-+      return (-1);
-+  }
-+
-   if ((wbmp->bitmap = (int *) safe_emalloc(wbmp->width * wbmp->height, sizeof(int), 0)) == NULL)
-     {
-       gdFree (wbmp);
diff --git a/php-5.1.6-CVE-2007-1583.patch b/php-5.1.6-CVE-2007-1583.patch
deleted file mode 100644 (file)
index 99d57b8..0000000
--- a/php-5.1.6-CVE-2007-1583.patch
+++ /dev/null
@@ -1,25 +0,0 @@
---- php-5.1.6/ext/mbstring/mb_gpc.c.cve1286
-+++ php-5.1.6/ext/mbstring/mb_gpc.c
-@@ -206,9 +206,8 @@
-       /* register_globals stuff
-        * XXX: this feature is going to be deprecated? */
--      if (info->force_register_globals) {
--              prev_rg_state = PG(register_globals);
--              PG(register_globals) = 1;
-+      if (info->force_register_globals && !(prev_rg_state = PG(register_globals))) {
-+              zend_alter_ini_entry("register_globals", sizeof("register_globals"), "1", sizeof("1")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
-       }
-       if (!res || *res == '\0') {
-@@ -341,8 +340,8 @@
- out:
-       /* register_global stuff */
--      if (info->force_register_globals) {
--              PG(register_globals) = prev_rg_state;
-+      if (info->force_register_globals && !prev_rg_state) {
-+              zend_alter_ini_entry("register_globals", sizeof("register_globals"), "0", sizeof("0")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
-       }
-       if (convd != NULL) {
diff --git a/php-5.1.6-CVE-2007-1718.patch b/php-5.1.6-CVE-2007-1718.patch
deleted file mode 100644 (file)
index 24ee481..0000000
--- a/php-5.1.6-CVE-2007-1718.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- php-5.1.6/ext/standard/mail.c.cve1718
-+++ php-5.1.6/ext/standard/mail.c
-@@ -48,8 +48,8 @@
- #define SKIP_LONG_HEADER_SEP(str, pos)                                                                                \
-       if (str[pos] == '\r' && str[pos + 1] == '\n' && (str[pos + 2] == ' ' || str[pos + 2] == '\t')) {        \
--              pos += 3;                                                                                       \
--              while (str[pos] == ' ' || str[pos] == '\t') {                                                   \
-+              pos += 2;                                                                                       \
-+              while (str[pos + 1] == ' ' || str[pos + 1] == '\t') {                                                   \
-                       pos++;                                                                                  \
-               }                                                                                               \
-               continue;                                                                                       \
PHP: Hypertext Preprocessor
This page took 0.333771 seconds and 4 git commands to generate.