File: CVE-2010-4156.patch

package info (click to toggle)
php5 5.3.3-7%2Bsqueeze19
  • links: PTS, VCS
  • area: main
  • in suites: squeeze
  • size: 122,836 kB
  • ctags: 55,742
  • sloc: ansic: 633,963; php: 19,620; sh: 11,344; xml: 5,816; cpp: 2,400; yacc: 1,745; exp: 1,514; makefile: 1,019; pascal: 623; awk: 537; sql: 22
file content (13 lines) | stat: -rw-r--r-- 430 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
 
--- a/ext/mbstring/libmbfl/mbfl/mbfilter.c
+++ b/ext/mbstring/libmbfl/mbfl/mbfilter.c
@@ -1397,6 +1397,10 @@ mbfl_strcut(
 			start = string->val + from;
 			end   = start + (length & -4);
 		} else if ((encoding->flag & MBFL_ENCTYPE_SBCS)) {
+			if (from + length >= string->len) {
+				length = string->len - from;
+			}
+
 			start = string->val + from;
 			end = start + length;
 		} else if (encoding->mblen_table != NULL) {