diff options
Diffstat (limited to 'lang/php53/patches/patch-ak')
-rw-r--r-- | lang/php53/patches/patch-ak | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/lang/php53/patches/patch-ak b/lang/php53/patches/patch-ak deleted file mode 100644 index 9b347870c1a..00000000000 --- a/lang/php53/patches/patch-ak +++ /dev/null @@ -1,35 +0,0 @@ -$NetBSD: patch-ak,v 1.1 2010/03/27 06:23:13 taca Exp $ - -Fix for CVE-2010-0397: r296152, r296153 from svn from PHP. - ---- ext/xmlrpc/xmlrpc-epi-php.c.orig 2010-02-03 20:19:05.000000000 +0000 -+++ ext/xmlrpc/xmlrpc-epi-php.c -@@ -778,6 +778,7 @@ zval* decode_request_worker(char *xml_in - zval* retval = NULL; - XMLRPC_REQUEST response; - STRUCT_XMLRPC_REQUEST_INPUT_OPTIONS opts = {{0}}; -+ const char *method_name; - opts.xml_elem_opts.encoding = encoding_in ? utf8_get_encoding_id_from_string(encoding_in) : ENCODING_DEFAULT; - - /* generate XMLRPC_REQUEST from raw xml */ -@@ -788,10 +789,16 @@ zval* decode_request_worker(char *xml_in - - if (XMLRPC_RequestGetRequestType(response) == xmlrpc_request_call) { - if (method_name_out) { -- zval_dtor(method_name_out); -- Z_TYPE_P(method_name_out) = IS_STRING; -- Z_STRVAL_P(method_name_out) = estrdup(XMLRPC_RequestGetMethodName(response)); -- Z_STRLEN_P(method_name_out) = strlen(Z_STRVAL_P(method_name_out)); -+ method_name = XMLRPC_RequestGetMethodName(response); -+ if (method_name) { -+ zval_dtor(method_name_out); -+ Z_TYPE_P(method_name_out) = IS_STRING; -+ Z_STRVAL_P(method_name_out) = estrdup(method_name); -+ Z_STRLEN_P(method_name_out) = strlen(Z_STRVAL_P(method_name_out)); -+ } else if (retval) { -+ zval_ptr_dtor(&retval); -+ retval = NULL; -+ } - } - } - |