diff options
| author | Remi Collet <remi@remirepo.net> | 2019-08-28 15:43:42 +0200 |
|---|---|---|
| committer | Remi Collet <remi@remirepo.net> | 2019-08-28 15:43:42 +0200 |
| commit | d55411f02f2475c2bf1515297170dbd276bf7682 (patch) | |
| tree | 545d2d56238f301ffd5b582736f8e7ebc05d8e6a /php-bug78380.patch | |
| parent | e9d4f0fffefd7b6afee2a8d22ab6622e6f15dd5f (diff) | |
From 7.1.32
- mbstring:
Fix CVE-2019-13224 don't allow different encodings for onig_new_deluxe
- pcre:
Fix #75457 heap use-after-free in pcrelib
Diffstat (limited to 'php-bug78380.patch')
| -rw-r--r-- | php-bug78380.patch | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/php-bug78380.patch b/php-bug78380.patch new file mode 100644 index 0000000..4d7db35 --- /dev/null +++ b/php-bug78380.patch @@ -0,0 +1,78 @@ +From 8cc1b123b05c51442b9a4fc4ea61d7719ee96e0e Mon Sep 17 00:00:00 2001 +From: Stanislav Malyshev <stas@php.net> +Date: Sat, 24 Aug 2019 23:11:45 -0700 +Subject: [PATCH 2/3] Fix CVE-2019-13224: don't allow different encodings for + onig_new_deluxe() + +Backport from https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 + +(cherry picked from commit 1258303e66d8dede4f02347334b9f6576e98a21b) +--- + ext/mbstring/oniguruma/regext.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/ext/mbstring/oniguruma/regext.c b/ext/mbstring/oniguruma/regext.c +index b1b957b40c..b108e638c6 100644 +--- a/ext/mbstring/oniguruma/regext.c ++++ b/ext/mbstring/oniguruma/regext.c +@@ -29,6 +29,7 @@ + + #include "regint.h" + ++#if 0 + static void + conv_ext0be32(const UChar* s, const UChar* end, UChar* conv) + { +@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEncoding to, const UChar* s, const UChar* e + + return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } ++#endif + + extern int + onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end, +@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end, + if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL; + + if (ci->pattern_enc != ci->target_enc) { +- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end, +- &cpat, &cpat_end); +- if (r) return r; ++ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } + else { + cpat = (UChar* )pattern; +-- +2.20.1 + +From b0aa68eade0d15274465136a6d6b84edd8ab6e4b Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@remirepo.net> +Date: Wed, 28 Aug 2019 14:06:50 +0200 +Subject: [PATCH 3/3] NEWS + +--- + NEWS | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/NEWS b/NEWS +index 5039cdf59d..cb7919bafc 100644 +--- a/NEWS ++++ b/NEWS +@@ -1,6 +1,14 @@ + PHP NEWS + ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| + ++Backported from 7.1.32 ++ ++- mbstring: ++ . Fixed CVE-2019-13224 (don't allow different encodings for onig_new_deluxe) (stas) ++ ++- pcre: ++ . Fixed bug #75457 (heap use-after-free in pcrelib) (cmb) ++ + Backported from 7.1.31 + + - EXIF: +-- +2.20.1 + |