diff options
Diffstat (limited to 'www/php4/patches/patch-av')
| -rw-r--r-- | www/php4/patches/patch-av | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/www/php4/patches/patch-av b/www/php4/patches/patch-av deleted file mode 100644 index 18689fc693a..00000000000 --- a/www/php4/patches/patch-av +++ /dev/null @@ -1,32 +0,0 @@ -$NetBSD: patch-av,v 1.3 2006/11/04 11:19:41 adrianp Exp $ - -# CVE-2006-5465 - ---- ext/standard/html.c.orig 2006-02-25 21:33:06.000000000 +0000 -+++ ext/standard/html.c -@@ -878,7 +878,7 @@ PHPAPI char *php_escape_html_entities(un - - matches_map = 0; - -- if (len + 9 > maxlen) -+ if (len + 16 > maxlen) - replaced = erealloc (replaced, maxlen += 128); - - if (all) { -@@ -903,9 +903,15 @@ PHPAPI char *php_escape_html_entities(un - } - - if (matches_map) { -+ int l = strlen(rep); -+ /* increase the buffer size */ -+ if (len + 2 + l >= maxlen) { -+ replaced = erealloc(replaced, maxlen += 128); -+ } -+ - replaced[len++] = '&'; - strcpy(replaced + len, rep); -- len += strlen(rep); -+ len += l; - replaced[len++] = ';'; - } - } |