- new - binary safeness in html_decode()

author Adam Gołębiowski <adamg@pld-linux.org>

Wed, 19 Apr 2006 16:42:01 +0000 (16:42 +0000)

committer cvs2git <feedback@pld-linux.org>

Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
author Adam Gołębiowski <adamg@pld-linux.org>
Wed, 19 Apr 2006 16:42:01 +0000 (16:42 +0000)
committer cvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
diff --git a/php-CVE-2006-1490.patch b/php-CVE-2006-1490.patch

new file mode 100644 (file)

index 0000000..f1b3590
--- /dev/null
+++ b/php-CVE-2006-1490.patch
@@ -0,0 +1,20 @@
+PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of
+memory via crafted binary data sent to a script that processes user
+input in the html_entity_decode function and sends the encoded results
+back to the client, aka a "binary safety" issue. NOTE: this issue has
+been referred to as a "memory leak," but it is an information leak that
+discloses memory contents.
+
+Patch pulled from cvs.php.net
+
+--- php-5.1.2/ext/standard/html.c      2006/01/01 12:50:14     1.111.2.1
++++ php-5.1.2/ext/standard/html.c      2006/02/25 21:32:11     1.111.2.2
+@@ -884,7 +884,7 @@
+       unsigned char replacement[15];
+       int replacement_len;
+ 
+-      ret = estrdup(old);
++      ret = estrndup(old, oldlen);
+       retlen = oldlen;
+       if (!retlen) {
+               goto empty_source;
author	Adam Gołębiowski <adamg@pld-linux.org>
	Wed, 19 Apr 2006 16:42:01 +0000 (16:42 +0000)
committer	cvs2git <feedback@pld-linux.org>
	Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)