diff options
| author | taca <taca@pkgsrc.org> | 2011-03-21 16:08:28 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2011-03-21 16:08:28 +0000 |
| commit | 4478ac80996f1735f5f29a87bcd075e086ca52ae (patch) | |
| tree | c34ea00eeac6fd5fc243eecce80dee8e5a9ba6f7 /lang | |
| parent | 7246948b4b68fba8f503326e2f171c338a1a032e (diff) | |
| download | pkgsrc-4478ac80996f1735f5f29a87bcd075e086ca52ae.tar.gz | |
Add a patch to fix bug #54193 (Integer overflow in shmop_read()) referring
r309018 from PHPs' repository. (CVE-2011-1092)
Bump PKGREVISION of devel/php-shmop.
Diffstat (limited to 'lang')
| -rw-r--r-- | lang/php5/distinfo | 6 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ext_shmop_shmop.c | 15 |
2 files changed, 17 insertions, 4 deletions
diff --git a/lang/php5/distinfo b/lang/php5/distinfo index 63b83ccde70..c520cb218fa 100644 --- a/lang/php5/distinfo +++ b/lang/php5/distinfo @@ -1,11 +1,8 @@ -$NetBSD: distinfo,v 1.87 2011/02/21 16:26:49 taca Exp $ +$NetBSD: distinfo,v 1.88 2011/03/21 16:08:29 taca Exp $ SHA1 (php-5.2.17/php-5.2.17.tar.bz2) = d68f3b09f766990d815a3c4c63c157db8dab8095 RMD160 (php-5.2.17/php-5.2.17.tar.bz2) = 567fa8d718b93fb83a89494c83a8bec224ac99e9 Size (php-5.2.17/php-5.2.17.tar.bz2) = 9092312 bytes -SHA1 (php-5.2.17/suhosin-patch-5.2.16-0.9.7.patch.gz) = fec10b2b81582d06bb0d0a96ea55c525afc8ab29 -RMD160 (php-5.2.17/suhosin-patch-5.2.16-0.9.7.patch.gz) = b28b70faf136b3e04c5b483da0f4c2279378f43a -Size (php-5.2.17/suhosin-patch-5.2.16-0.9.7.patch.gz) = 23069 bytes SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20 SHA1 (patch-af) = 68c5a31dccf1854ba1aff653e4c524767d6a64f6 SHA1 (patch-ag) = 5e3e822657925a77fbccaca63f283863a1cc6d94 @@ -18,5 +15,6 @@ SHA1 (patch-aq) = 0c9d48547da2fa80aa8357d23ad8505d1c0330df SHA1 (patch-ar) = 2d74ec926cc00bfbb67d16210af78c33ad9ac38d SHA1 (patch-as) = f7ce5caffe2acdd1f8e9fc8ae6c7ba1d8c6a25c1 SHA1 (patch-ext_exif_exif.c) = 0a6ab268751e633510cb6b334b1bdb84a014b528 +SHA1 (patch-ext_shmop_shmop.c) = 6e11b87dd71ff26357b14b61df626c40b40a022d SHA1 (patch-ext_zip_lib_zip__name__locate.c) = 4030e37ae4f93dbcb1a3a937a5407c2c406a49d6 SHA1 (patch-ext_zip_php__zip.c) = 134fa566a689d72d63a2fa0aa5c96c4595619089 diff --git a/lang/php5/patches/patch-ext_shmop_shmop.c b/lang/php5/patches/patch-ext_shmop_shmop.c new file mode 100644 index 00000000000..f90283836bc --- /dev/null +++ b/lang/php5/patches/patch-ext_shmop_shmop.c @@ -0,0 +1,15 @@ +$NetBSD: patch-ext_shmop_shmop.c,v 1.1 2011/03/21 16:08:29 taca Exp $ + +Fix for CVE-2011-1092. + +--- ext/shmop/shmop.c.orig 2010-01-03 09:23:27.000000000 +0000 ++++ ext/shmop/shmop.c +@@ -223,7 +223,7 @@ PHP_FUNCTION(shmop_read) + RETURN_FALSE; + } + +- if (start + count > shmop->size || count < 0) { ++ if (count < 0 || start > (INT_MAX - count) || start + count > shmop->size) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "count is out of range"); + RETURN_FALSE; + } |