diff options
| author | taca <taca> | 2011-02-26 02:55:29 +0000 |
|---|---|---|
| committer | taca <taca> | 2011-02-26 02:55:29 +0000 |
| commit | 19c7dbeca000916bcbc414b13930567da45d87ea (patch) | |
| tree | 6738db1cb3f2ea01346b5a5733edfc3a8cca0a25 | |
| parent | 5e75f5c6b2d68871eb02216ad9e830ae6f1b14f3 (diff) | |
| download | pkgsrc-19c7dbeca000916bcbc414b13930567da45d87ea.tar.gz | |
Add a fix for CVE-2011-0420 (CERT: VU#210829) from PHP's repository, r306449.
Bump PKGREVISION.
| -rw-r--r-- | textproc/php-intl/patches/patch-grapheme_grapheme__string.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/textproc/php-intl/patches/patch-grapheme_grapheme__string.c b/textproc/php-intl/patches/patch-grapheme_grapheme__string.c new file mode 100644 index 00000000000..aa01ee15a15 --- /dev/null +++ b/textproc/php-intl/patches/patch-grapheme_grapheme__string.c @@ -0,0 +1,26 @@ +$NetBSD: patch-grapheme_grapheme__string.c,v 1.1.2.2 2011/02/26 02:55:29 taca Exp $ + +A fix for CVE-2011-0420 (CERT: VU#210829) from PHP's repository, r306449. + +--- grapheme/grapheme_string.c.orig 1970-01-01 09:13:08.000000000 +0000 ++++ grapheme/grapheme_string.c +@@ -819,11 +819,17 @@ PHP_FUNCTION(grapheme_extract) + } + + if ( lstart > INT32_MAX || lstart < 0 || lstart >= str_len ) { ++ intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "grapheme_extract: start not contained in string", 0 TSRMLS_CC ); + +- intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "grapheme_extract: start not contained in string", 1 TSRMLS_CC ); +- + RETURN_FALSE; + } ++ if ( size > INT32_MAX || size < 0) { ++ intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "grapheme_extract: size is invalid", 0 TSRMLS_CC ); ++ RETURN_FALSE; ++ } ++ if (size == 0) { ++ RETURN_EMPTY_STRING(); ++ } + + /* we checked that it will fit: */ + start = (int32_t) lstart; |