summaryrefslogtreecommitdiffstats
path: root/php-pecl-zendopcache-CVE-2015-1352.patch
diff options
context:
space:
mode:
Diffstat (limited to 'php-pecl-zendopcache-CVE-2015-1352.patch')
-rw-r--r--php-pecl-zendopcache-CVE-2015-1352.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/php-pecl-zendopcache-CVE-2015-1352.patch b/php-pecl-zendopcache-CVE-2015-1352.patch
new file mode 100644
index 0000000..c6d8d28
--- /dev/null
+++ b/php-pecl-zendopcache-CVE-2015-1352.patch
@@ -0,0 +1,26 @@
+From 9a88100573c40b9f59baa2f2d138809eb47b4317 Mon Sep 17 00:00:00 2001
+From: Xinchen Hui <laruence@php.net>
+Date: Thu, 8 Jan 2015 16:32:20 +0800
+Subject: [PATCH] Fixed bug #68677 (Use After Free in OPcache)
+
+(cherry picked from commit 777c39f4042327eac4b63c7ee87dc1c7a09a3115)
+---
+ zend_shared_alloc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/zend_shared_alloc.c b/zend_shared_alloc.c
+index bbe26e8..8880b88 100644
+--- a/zend_shared_alloc.c
++++ b/zend_shared_alloc.c
+@@ -346,10 +346,10 @@ void *_zend_shared_memdup(void *source, size_t size, zend_bool free_source TSRML
+ retval = ZCG(mem);;
+ ZCG(mem) = (void*)(((char*)ZCG(mem)) + ZEND_ALIGNED_SIZE(size));
+ memcpy(retval, source, size);
++ zend_shared_alloc_register_xlat_entry(source, retval);
+ if (free_source) {
+ interned_efree((char*)source);
+ }
+- zend_shared_alloc_register_xlat_entry(source, retval);
+ return retval;
+ }
+
generated by cgit (git 2.34.1) at 2024-04-27 18:36:35 +0000