diff options
author | adrianp <adrianp@pkgsrc.org> | 2006-11-04 11:19:41 +0000 |
---|---|---|
committer | adrianp <adrianp@pkgsrc.org> | 2006-11-04 11:19:41 +0000 |
commit | 762ba9d8282df0923cdb19b602501f53bb38a70a (patch) | |
tree | 3a32c3f048e128ce684285734399a47b0296253c /lang | |
parent | 2796a02828dbcbad2fcc0152adae65cd8b7d6418 (diff) | |
download | pkgsrc-762ba9d8282df0923cdb19b602501f53bb38a70a.tar.gz |
Fix for CVE-2006-5465 from PHP CVS
http://www.hardened-php.net/advisory_132006.138.html
Diffstat (limited to 'lang')
-rw-r--r-- | lang/php5/Makefile | 4 | ||||
-rw-r--r-- | lang/php5/distinfo | 3 | ||||
-rw-r--r-- | lang/php5/patches/patch-av | 32 |
3 files changed, 36 insertions, 3 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile index d755cb26b05..e35a7dade9b 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.45 2006/10/22 13:19:19 adrianp Exp $ +# $NetBSD: Makefile,v 1.46 2006/11/04 11:27:55 adrianp Exp $ PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= lang HOMEPAGE= http://www.php.net/ diff --git a/lang/php5/distinfo b/lang/php5/distinfo index d96ed4945dd..227e39fada7 100644 --- a/lang/php5/distinfo +++ b/lang/php5/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.31 2006/11/01 11:33:34 tron Exp $ +$NetBSD: distinfo,v 1.32 2006/11/04 11:27:55 adrianp Exp $ SHA1 (php-5.1.6/php-5.1.6.tar.bz2) = a20b946f1de0a8a35a8a6bf437adbba4e5448d27 RMD160 (php-5.1.6/php-5.1.6.tar.bz2) = 7ac52f4674532397c982f6ced594b70dd17522af @@ -12,3 +12,4 @@ SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc SHA1 (patch-ak) = 2d5264d33ebef631d4a2d0cdf8a2ed365bdbeb7e SHA1 (patch-as) = 4fc74c8e8d0a7a152a7bbe1672ad0834021db16c SHA1 (patch-au) = 90264101db6c2f000c30d1f513392acec781202b +SHA1 (patch-av) = b14aed514e801e58deec95ecdda107a1c6b5457d diff --git a/lang/php5/patches/patch-av b/lang/php5/patches/patch-av new file mode 100644 index 00000000000..58397c04b98 --- /dev/null +++ b/lang/php5/patches/patch-av @@ -0,0 +1,32 @@ +$NetBSD: patch-av,v 1.3 2006/11/04 11:27:55 adrianp Exp $ + +# CVE-2006-5465 + +--- ext/standard/html.c.orig 2006-02-25 21:32:11.000000000 +0000 ++++ ext/standard/html.c +@@ -1096,7 +1096,7 @@ PHPAPI char *php_escape_html_entities(un + + matches_map = 0; + +- if (len + 9 > maxlen) ++ if (len + 16 > maxlen) + replaced = erealloc (replaced, maxlen += 128); + + if (all) { +@@ -1121,9 +1121,15 @@ PHPAPI char *php_escape_html_entities(un + } + + if (matches_map) { ++ int l = strlen(rep); ++ /* increase the buffer size */ ++ if (len + 2 + l >= maxlen) { ++ replaced = erealloc(replaced, maxlen += 128); ++ } ++ + replaced[len++] = '&'; + strcpy(replaced + len, rep); +- len += strlen(rep); ++ len += l; + replaced[len++] = ';'; + } + } |