From a2713f204e1202b6844c114a005c304aafb008c7 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Sat, 10 Sep 2016 10:14:22 +0200 Subject: PHP 5.5.38 + security patches from 5.6.25 --- bug72627.patch | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 bug72627.patch (limited to 'bug72627.patch') diff --git a/bug72627.patch b/bug72627.patch new file mode 100644 index 0000000..410e40e --- /dev/null +++ b/bug72627.patch @@ -0,0 +1,34 @@ +Backported from 5.6.25 by Remi. +Binary patch dropped + +From 32a629ef2cff754c3dd6cc24eb1e25aeaf439891 Mon Sep 17 00:00:00 2001 +From: Stanislav Malyshev +Date: Mon, 8 Aug 2016 00:49:34 -0700 +Subject: [PATCH] Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF + +--- + ext/exif/exif.c | 5 ++- + ext/exif/tests/bug72627.phpt | 71 +++++++++++++++++++++++++++++++++++++++++++ + ext/exif/tests/bug72627.tiff | Bin 0 -> 1250 bytes + 3 files changed, 75 insertions(+), 1 deletion(-) + create mode 100644 ext/exif/tests/bug72627.phpt + create mode 100644 ext/exif/tests/bug72627.tiff + +diff --git a/ext/exif/exif.c b/ext/exif/exif.c +index f95de3a..657a2cc1 100644 +--- a/ext/exif/exif.c ++++ b/ext/exif/exif.c +@@ -3778,8 +3778,11 @@ static int exif_process_IFD_in_TIFF(image_info_type *ImageInfo, size_t dir_offse + fgot = php_stream_read(ImageInfo->infile, ImageInfo->Thumbnail.data, ImageInfo->Thumbnail.size); + if (fgot < ImageInfo->Thumbnail.size) { + EXIF_ERRLOG_THUMBEOF(ImageInfo) ++ efree(ImageInfo->Thumbnail.data); ++ ImageInfo->Thumbnail.data = NULL; ++ } else { ++ exif_thumbnail_build(ImageInfo TSRMLS_CC); + } +- exif_thumbnail_build(ImageInfo TSRMLS_CC); + } + #ifdef EXIF_DEBUG + exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_NOTICE, "Read next IFD (THUMBNAIL) done"); + -- cgit