File: CVE-2012-2386-1.patch

package info (click to toggle)
php5 5.3.3.1-7%2Bsqueeze29
  • links: PTS, VCS
  • area: main
  • in suites: squeeze-lts
  • size: 123,520 kB
  • ctags: 55,742
  • sloc: ansic: 633,963; php: 19,620; sh: 11,344; xml: 5,816; cpp: 2,400; yacc: 1,745; exp: 1,514; makefile: 1,019; pascal: 623; awk: 537; sql: 22
file content (38 lines) | stat: -rw-r--r-- 1,067 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
From 158d8a6b088662ce9d31e0c777c6ebe90efdc854 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Mon, 28 May 2012 18:54:15 -0700
Subject: [PATCH] fix unchecked emalloc

---
 ext/phar/tar.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

--- a/ext/phar/tar.c
+++ b/ext/phar/tar.c
@@ -38,7 +38,7 @@ static php_uint32 phar_tar_number(char *
 /* }}} */
 
 /* adapted from format_octal() in libarchive
- * 
+ *
  * Copyright (c) 2003-2009 Tim Kientzle
  * All rights reserved.
  *
@@ -161,7 +161,7 @@ static int phar_tar_process_metadata(pha
 	size_t save = php_stream_tell(fp), read;
 	phar_entry_info *mentry;
 
-	metadata = (char *) emalloc(entry->uncompressed_filesize + 1);
+	metadata = (char *) safe_emalloc(1, entry->uncompressed_filesize, 1);
 
 	read = php_stream_read(fp, metadata, entry->uncompressed_filesize);
 	if (read != entry->uncompressed_filesize) {
@@ -377,7 +377,7 @@ bail:
 			}
 
 			read = php_stream_read(fp, buf, sizeof(buf));
-	
+
 			if (read != sizeof(buf)) {
 				efree(entry.filename);
 				if (error) {