[packages/php.git] / php-5.3.3-CVE-2011-4153.patch


https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4153

http://svn.php.net/viewvc?view=revision&revision=319442

--- php-5.3.3/ext/standard/syslog.c.cve4153
+++ php-5.3.3/ext/standard/syslog.c
@@ -234,6 +234,9 @@ PHP_FUNCTION(openlog)
 		free(BG(syslog_device));
 	}
 	BG(syslog_device) = zend_strndup(ident, ident_len);
+	if(BG(syslog_device) == NULL) {
+		RETURN_FALSE;
+	}
 	openlog(BG(syslog_device), option, facility);
 	RETURN_TRUE;
 }
--- php-5.3.3/Zend/zend_builtin_functions.c.cve4153
+++ php-5.3.3/Zend/zend_builtin_functions.c
@@ -683,6 +683,9 @@ repeat:
 	}
 	c.flags = case_sensitive; /* non persistent */
 	c.name = zend_strndup(name, name_len);
+	if (c.name == NULL) {
+		RETURN_FALSE;
+	}
 	c.name_len = name_len+1;
 	c.module_number = PHP_USER_CONSTANT;
 	if (zend_register_constant(&c TSRMLS_CC) == SUCCESS) {
Commit	Line	Data
6e15a154 ER	1
	2	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4153
	3
	4	http://svn.php.net/viewvc?view=revision&revision=319442
	5
	6	--- php-5.3.3/ext/standard/syslog.c.cve4153
	7	+++ php-5.3.3/ext/standard/syslog.c
	8	@@ -234,6 +234,9 @@ PHP_FUNCTION(openlog)
	9	free(BG(syslog_device));
	10	}
	11	BG(syslog_device) = zend_strndup(ident, ident_len);
	12	+ if(BG(syslog_device) == NULL) {
	13	+ RETURN_FALSE;
	14	+ }
	15	openlog(BG(syslog_device), option, facility);
	16	RETURN_TRUE;
	17	}
	18	--- php-5.3.3/Zend/zend_builtin_functions.c.cve4153
	19	+++ php-5.3.3/Zend/zend_builtin_functions.c
	20	@@ -683,6 +683,9 @@ repeat:
	21	}
	22	c.flags = case_sensitive; /* non persistent */
	23	c.name = zend_strndup(name, name_len);
	24	+ if (c.name == NULL) {
	25	+ RETURN_FALSE;
	26	+ }
	27	c.name_len = name_len+1;
	28	c.module_number = PHP_USER_CONSTANT;
	29	if (zend_register_constant(&c TSRMLS_CC) == SUCCESS) {