summaryrefslogtreecommitdiffstats
path: root/bug71798.patch
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2016-03-29 14:38:41 +0200
committerRemi Collet <fedora@famillecollet.com>2016-03-29 14:38:41 +0200
commit20725105f5fd5bbb19de56ac72576f9874138468 (patch)
tree4e8f9c06f22c49294bb297ab5949765dc274dd2e /bug71798.patch
parent6dfa2b2d9e32298dd65125133e68d23b2cce316a (diff)
php 5.4 security patches from 5.5.34 (WIP)
Diffstat (limited to 'bug71798.patch')
-rw-r--r--bug71798.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/bug71798.patch b/bug71798.patch
new file mode 100644
index 0000000..88c3a77
--- /dev/null
+++ b/bug71798.patch
@@ -0,0 +1,26 @@
+Backported from 5.5 for 5.4 by Remi Collet
+
+From 95433e8e339dbb6b5d5541473c1661db6ba2c451 Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <stas@php.net>
+Date: Sun, 27 Mar 2016 14:22:19 -0700
+Subject: [PATCH] Fix bug #71798 - Integer Overflow in php_raw_url_encode
+
+---
+ ext/standard/url.c | 2 +-
+ main/php_version.h | 6 +++---
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/ext/standard/url.c b/ext/standard/url.c
+index 2f56d31..27a216a 100644
+--- a/ext/standard/url.c
++++ b/ext/standard/url.c
+@@ -600,7 +600,7 @@ PHPAPI int php_url_decode(char *str, int len)
+ */
+ PHPAPI char *php_raw_url_encode(char const *s, int len, int *new_length)
+ {
+- register int x, y;
++ register size_t x, y;
+ unsigned char *str;
+
+ str = (unsigned char *) safe_emalloc(3, len, 1);
+