summaryrefslogtreecommitdiffstats
path: root/zendopcache-CVE-2015-1352.patch
blob: c6d8d28f334ccbc0f19739584ca44e60862a62b8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
From 9a88100573c40b9f59baa2f2d138809eb47b4317 Mon Sep 17 00:00:00 2001
From: Xinchen Hui <laruence@php.net>
Date: Thu, 8 Jan 2015 16:32:20 +0800
Subject: [PATCH] Fixed bug #68677 (Use After Free in OPcache)

(cherry picked from commit 777c39f4042327eac4b63c7ee87dc1c7a09a3115)
---
 zend_shared_alloc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/zend_shared_alloc.c b/zend_shared_alloc.c
index bbe26e8..8880b88 100644
--- a/zend_shared_alloc.c
+++ b/zend_shared_alloc.c
@@ -346,10 +346,10 @@ void *_zend_shared_memdup(void *source, size_t size, zend_bool free_source TSRML
 	retval = ZCG(mem);;
 	ZCG(mem) = (void*)(((char*)ZCG(mem)) + ZEND_ALIGNED_SIZE(size));
 	memcpy(retval, source, size);
+	zend_shared_alloc_register_xlat_entry(source, retval);
 	if (free_source) {
 		interned_efree((char*)source);
 	}
-	zend_shared_alloc_register_xlat_entry(source, retval);
 	return retval;
 }