File: CVE-2015-4602.patch

package info (click to toggle)
php5 5.3.3.1-7%2Bsqueeze29
  • links: PTS, VCS
  • area: main
  • in suites: squeeze-lts
  • size: 123,520 kB
  • ctags: 55,742
  • sloc: ansic: 633,963; php: 19,620; sh: 11,344; xml: 5,816; cpp: 2,400; yacc: 1,745; exp: 1,514; makefile: 1,019; pascal: 623; awk: 537; sql: 22
file content (22 lines) | stat: -rw-r--r-- 970 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
From fb83c76deec58f1fab17c350f04c9f042e5977d1 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 22 Mar 2015 18:17:47 -0700
Subject: [PATCH] Check that the type is correct

---
 ext/standard/incomplete_class.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: php5-5.3.3.1/ext/standard/incomplete_class.c
===================================================================
--- php5-5.3.3.1.orig/ext/standard/incomplete_class.c	2015-07-20 15:51:32.000000000 +0200
+++ php5-5.3.3.1/ext/standard/incomplete_class.c	2015-07-20 15:51:32.000000000 +0200
@@ -144,7 +144,7 @@
 
 	object_properties = Z_OBJPROP_P(object);
 
-	if (zend_hash_find(object_properties, MAGIC_MEMBER, sizeof(MAGIC_MEMBER), (void **) &val) == SUCCESS) {
+	if (zend_hash_find(object_properties, MAGIC_MEMBER, sizeof(MAGIC_MEMBER), (void **) &val) == SUCCESS && Z_TYPE_PP(val) == IS_STRING) {
 		retval = estrndup(Z_STRVAL_PP(val), Z_STRLEN_PP(val));
 
 		if (nlen) {