php 5.4 security patches from 5.5.34 (WIP)

author: Remi Collet <fedora@famillecollet.com> 2016-03-29 14:38:41 +0200
committer: Remi Collet <fedora@famillecollet.com> 2016-03-29 14:38:41 +0200
commit: 20725105f5fd5bbb19de56ac72576f9874138468 (patch)
tree: 4e8f9c06f22c49294bb297ab5949765dc274dd2e /bug71704.patch
parent: 6dfa2b2d9e32298dd65125133e68d23b2cce316a (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/bug71704.patch b/bug71704.patch
new file mode 100644
index 0000000..8497846
--- /dev/null
+++ b/bug71704.patch
@@ -0,0 +1,26 @@
+Backported from 5.5 for 5.4 by Remi Collet
+
+From 9c19a08b9daed6bae3071dd25742f59a59618823 Mon Sep 17 00:00:00 2001
+From: Anatol Belski <ab@php.net>
+Date: Wed, 16 Mar 2016 09:48:40 +0100
+Subject: [PATCH] Fixed bug #71704 php_snmp_error() Format String Vulnerability
+
+Conflicts:
+	ext/snmp/snmp.c
+---
+ ext/snmp/snmp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/snmp/snmp.c b/ext/snmp/snmp.c
+index f7c99c1..6c1da4c 100644
+--- a/ext/snmp/snmp.c
++++ b/ext/snmp/snmp.c
+@@ -533,7 +533,7 @@ static void php_snmp_error(zval *object, const char *docref TSRMLS_DC, int type,
+ 	}
+ 
+ 	if (object && (snmp_object->exceptions_enabled & type)) {
+-		zend_throw_exception_ex(php_snmp_exception_ce, type TSRMLS_CC, snmp_object->snmp_errstr);
++		zend_throw_exception_ex(php_snmp_exception_ce, type TSRMLS_CC, "%s", snmp_object->snmp_errstr);
+ 	} else {
+ 		va_start(args, format);
+ 		php_verror(docref, "", E_WARNING, format, args TSRMLS_CC);
author	Remi Collet <fedora@famillecollet.com>	2016-03-29 14:38:41 +0200
committer	Remi Collet <fedora@famillecollet.com>	2016-03-29 14:38:41 +0200
commit	20725105f5fd5bbb19de56ac72576f9874138468 (patch)
tree	4e8f9c06f22c49294bb297ab5949765dc274dd2e /bug71704.patch
parent	6dfa2b2d9e32298dd65125133e68d23b2cce316a (diff)