diff options
Diffstat (limited to 'php-pecl-zendopcache-CVE-2015-1352.patch')
-rw-r--r-- | php-pecl-zendopcache-CVE-2015-1352.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/php-pecl-zendopcache-CVE-2015-1352.patch b/php-pecl-zendopcache-CVE-2015-1352.patch new file mode 100644 index 0000000..c6d8d28 --- /dev/null +++ b/php-pecl-zendopcache-CVE-2015-1352.patch @@ -0,0 +1,26 @@ +From 9a88100573c40b9f59baa2f2d138809eb47b4317 Mon Sep 17 00:00:00 2001 +From: Xinchen Hui <laruence@php.net> +Date: Thu, 8 Jan 2015 16:32:20 +0800 +Subject: [PATCH] Fixed bug #68677 (Use After Free in OPcache) + +(cherry picked from commit 777c39f4042327eac4b63c7ee87dc1c7a09a3115) +--- + zend_shared_alloc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/zend_shared_alloc.c b/zend_shared_alloc.c +index bbe26e8..8880b88 100644 +--- a/zend_shared_alloc.c ++++ b/zend_shared_alloc.c +@@ -346,10 +346,10 @@ void *_zend_shared_memdup(void *source, size_t size, zend_bool free_source TSRML + retval = ZCG(mem);; + ZCG(mem) = (void*)(((char*)ZCG(mem)) + ZEND_ALIGNED_SIZE(size)); + memcpy(retval, source, size); ++ zend_shared_alloc_register_xlat_entry(source, retval); + if (free_source) { + interned_efree((char*)source); + } +- zend_shared_alloc_register_xlat_entry(source, retval); + return retval; + } + |