]> git.pld-linux.org Git - packages/php.git/blob - php-5.2.17-bug-323007-2.patch
projects / packages / php.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
use /usr/sbin/php-fpm as other branches
[packages/php.git] / php-5.2.17-bug-323007-2.patch
1 this refers to svn commit: http://svn.php.net/viewvc?view=revision&revision=323007
2 aka CVE-2012-0830
3
4 link: https://bugzilla.redhat.com/show_bug.cgi?id=786686
5
6 diff -up php-5.2.17/main/php_variables.c.bug-323007 php-5.2.17/main/php_variables.c
7 --- php-5.2.17/main/php_variables.c.bug-323007  2012-02-03 12:12:09.000000000 +0700
8 +++ php-5.2.17/main/php_variables.c     2012-02-03 13:17:16.000000000 +0700
9 @@ -187,12 +187,17 @@ PHPAPI void php_register_variable_ex(cha
10                                 }
11                                 if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE
12                                         || Z_TYPE_PP(gpc_element_p) != IS_ARRAY) {
13 -                                       if (zend_hash_num_elements(symtable1) >= PG(max_input_vars)) {
14 -                                               php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.", PG(max_input_vars));
15 -                                       }
16 +                                       if (zend_hash_num_elements(symtable1) <= PG(max_input_vars)) {
17 +                                           if (zend_hash_num_elements(symtable1) == PG(max_input_vars)) {
18 +                                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.", PG(max_input_vars));
19 +                                           }
20                                         MAKE_STD_ZVAL(gpc_element);
21                                         array_init(gpc_element);
22                                         zend_symtable_update(symtable1, escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
23 +                                       } else {
24 +                                   efree(var_orig);
25 +                                   return;
26 +                                       }
27                                 }
28                                 if (index != escaped_index) {
29                                         efree(escaped_index);
PHP: Hypertext Preprocessor
This page took 0.029162 seconds and 3 git commands to generate.