Pullup ticket #3394 - requested by taca

security fix for devel/php-shmop Revisions pulled up: - devel/php-shmop/Makefile 1.10 - lang/php5/distinfo 1.88 - lang/php5/patches/patch-ext_shmop_shmop.c 1.1 --- Module Name: pkgsrc Committed By: taca Date: Mon Mar 21 16:08:29 UTC 2011 Modified Files: pkgsrc/devel/php-shmop: Makefile pkgsrc/lang/php5: distinfo Added Files: pkgsrc/lang/php5/patches: patch-ext_shmop_shmop.c Log Message: Add a patch to fix bug #54193 (Integer overflow in shmop_read()) referring r309018 from PHPs' repository. (CVE-2011-1092) Bump PKGREVISION of devel/php-shmop.
author: sbd <sbd> 2011-03-22 06:22:17 +0000
committer: sbd <sbd> 2011-03-22 06:22:17 +0000
commit: a360480337e36e7f095ce155f1c973f717e7f656 (patch)
tree: c85a7b83fb71e16ffe72ba1267a6b5ff0c20ec25
parent: 351a8768525aed4b6fafe93d4837071bd5014493 (diff)
download: pkgsrc-a360480337e36e7f095ce155f1c973f717e7f656.tar.gz
3 files changed, 19 insertions, 5 deletions
diff --git a/devel/php-shmop/Makefile b/devel/php-shmop/Makefile
index e22a8ab4ae1..83fb5b37f2d 100644
--- a/devel/php-shmop/Makefile
+++ b/devel/php-shmop/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.9 2008/06/12 02:14:28 joerg Exp $
+# $NetBSD: Makefile,v 1.9.26.1 2011/03/22 06:22:17 sbd Exp $
 
 MODNAME=		shmop
+PKGREVISION=		1
 CATEGORIES+=		devel
 COMMENT=		PHP extension for simple SysV shared memory operations
 
diff --git a/lang/php5/distinfo b/lang/php5/distinfo
index f6697b4811f..42d2570b69e 100644
--- a/lang/php5/distinfo
+++ b/lang/php5/distinfo
@@ -1,11 +1,8 @@
-$NetBSD: distinfo,v 1.84.2.1 2011/02/23 19:12:53 tron Exp $
+$NetBSD: distinfo,v 1.84.2.2 2011/03/22 06:22:17 sbd Exp $
 
 SHA1 (php-5.2.17/php-5.2.17.tar.bz2) = d68f3b09f766990d815a3c4c63c157db8dab8095
 RMD160 (php-5.2.17/php-5.2.17.tar.bz2) = 567fa8d718b93fb83a89494c83a8bec224ac99e9
 Size (php-5.2.17/php-5.2.17.tar.bz2) = 9092312 bytes
-SHA1 (php-5.2.17/suhosin-patch-5.2.16-0.9.7.patch.gz) = fec10b2b81582d06bb0d0a96ea55c525afc8ab29
-RMD160 (php-5.2.17/suhosin-patch-5.2.16-0.9.7.patch.gz) = b28b70faf136b3e04c5b483da0f4c2279378f43a
-Size (php-5.2.17/suhosin-patch-5.2.16-0.9.7.patch.gz) = 23069 bytes
 SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
 SHA1 (patch-ab) = feeb73834db284e8b3acabc11fb4c934837cb13f
 SHA1 (patch-af) = 68c5a31dccf1854ba1aff653e4c524767d6a64f6
@@ -19,5 +16,6 @@ SHA1 (patch-aq) = 0c9d48547da2fa80aa8357d23ad8505d1c0330df
 SHA1 (patch-ar) = 2d74ec926cc00bfbb67d16210af78c33ad9ac38d
 SHA1 (patch-as) = f7ce5caffe2acdd1f8e9fc8ae6c7ba1d8c6a25c1
 SHA1 (patch-ext_exif_exif.c) = 0a6ab268751e633510cb6b334b1bdb84a014b528
+SHA1 (patch-ext_shmop_shmop.c) = 6e11b87dd71ff26357b14b61df626c40b40a022d
 SHA1 (patch-ext_zip_lib_zip__name__locate.c) = 4030e37ae4f93dbcb1a3a937a5407c2c406a49d6
 SHA1 (patch-ext_zip_php__zip.c) = 134fa566a689d72d63a2fa0aa5c96c4595619089
diff --git a/lang/php5/patches/patch-ext_shmop_shmop.c b/lang/php5/patches/patch-ext_shmop_shmop.c
new file mode 100644
index 00000000000..f6395518d71
--- /dev/null
+++ b/lang/php5/patches/patch-ext_shmop_shmop.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-ext_shmop_shmop.c,v 1.1.2.2 2011/03/22 06:22:18 sbd Exp $
+
+Fix for CVE-2011-1092.
+
+--- ext/shmop/shmop.c.orig	2010-01-03 09:23:27.000000000 +0000
++++ ext/shmop/shmop.c
+@@ -223,7 +223,7 @@ PHP_FUNCTION(shmop_read)
+ 		RETURN_FALSE;
+ 	}
+ 
+-	if (start + count > shmop->size || count < 0) {
++	if (count < 0 || start > (INT_MAX - count) || start + count > shmop->size) {
+ 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "count is out of range");
+ 		RETURN_FALSE;
+ 	}
author	sbd <sbd>	2011-03-22 06:22:17 +0000
committer	sbd <sbd>	2011-03-22 06:22:17 +0000
commit	a360480337e36e7f095ce155f1c973f717e7f656 (patch)
tree	c85a7b83fb71e16ffe72ba1267a6b5ff0c20ec25
parent	351a8768525aed4b6fafe93d4837071bd5014493 (diff)
download	pkgsrc-a360480337e36e7f095ce155f1c973f717e7f656.tar.gz