summaryrefslogtreecommitdiffstats
path: root/bug70480.patch
diff options
context:
space:
mode:
Diffstat (limited to 'bug70480.patch')
-rw-r--r--bug70480.patch29
1 files changed, 29 insertions, 0 deletions
diff --git a/bug70480.patch b/bug70480.patch
new file mode 100644
index 0000000..e39ea89
--- /dev/null
+++ b/bug70480.patch
@@ -0,0 +1,29 @@
+Adapted for 5.4, by Remi Collet, from:
+
+
+From e1ba58f068f4bfc8ced75bb017cd31d8beddf3c2 Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <stas@php.net>
+Date: Mon, 28 Sep 2015 11:31:14 -0700
+Subject: [PATCH] Fix bug #70480 (php_url_parse_ex() buffer overflow read)
+
+(cherry picked from commit 629e4da7cc8b174acdeab84969cbfc606a019b31)
+---
+ ext/standard/url.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/standard/url.c b/ext/standard/url.c
+index fc3f080..b5739f0 100644
+--- a/ext/standard/url.c
++++ b/ext/standard/url.c
+@@ -321,7 +321,7 @@ PHPAPI php_url *php_url_parse_ex(char co
+ nohost:
+
+ if ((p = memchr(s, '?', (ue - s)))) {
+- pp = strchr(s, '#');
++ pp = memchr(s, '#', (ue - s));
+
+ if (pp && pp < p) {
+ if (pp - s) {
+--
+2.1.4
+