diff options
Diffstat (limited to 'www/php3/patches/patch-ak')
-rw-r--r-- | www/php3/patches/patch-ak | 40 |
1 files changed, 0 insertions, 40 deletions
diff --git a/www/php3/patches/patch-ak b/www/php3/patches/patch-ak deleted file mode 100644 index 3ebaa00cf11..00000000000 --- a/www/php3/patches/patch-ak +++ /dev/null @@ -1,40 +0,0 @@ -$NetBSD: patch-ak,v 1.1 2002/02/28 15:07:18 jlam Exp $ - ---- functions/mime.c.orig Mon Oct 16 21:30:59 2000 -+++ functions/mime.c Thu Feb 28 09:20:34 2002 -@@ -1,4 +1,14 @@ - /* -+ * This file is patched with the security fix for the file-upload bug -+ * taken from: -+ * -+ * http://www.php.net/do_download.php?download_file=mime.c.diff-3.0.gz -+ * -+ * and fixes the security problem noted in -+ * -+ * http://security.e-matters.de/advisories/012002.html -+ */ -+/* - +----------------------------------------------------------------------+ - | PHP HTML Embedded Scripting Language Version 3.0 | - +----------------------------------------------------------------------+ -@@ -85,7 +95,9 @@ - SAFE_RETURN; - } - loc = memchr(ptr, '\n', rem); -+ rem -= loc - ptr; - name = strstr(ptr, " name="); -+ ptr = loc; - if (name && name < loc) { - name += 6; - s = memchr(name, '\"', loc - name); -@@ -138,6 +150,10 @@ - sprintf(lbuf, "%s_name[]", abuf); - sbuf=estrdup(abuf); - } else { -+ if (abuf) { -+ efree(abuf); -+ abuf = NULL; -+ } - sprintf(lbuf, "%s_name", namebuf); - sbuf=estrdup(namebuf); - } |