summaryrefslogtreecommitdiffstats
path: root/bug73418.patch
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2016-11-09 18:12:33 +0100
committerRemi Collet <fedora@famillecollet.com>2016-11-09 18:12:33 +0100
commitc2b4eb1f86750d392027119f1a8d33bceca2fd64 (patch)
tree13b55263b0a54b6e45471e3b8b78620365d6ec72 /bug73418.patch
parentbec6bca2de5aaf1a1b186722901dc75ec1529fea (diff)
PHP 5.5.38 with minor security fix from 5.6.28
Diffstat (limited to 'bug73418.patch')
-rw-r--r--bug73418.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/bug73418.patch b/bug73418.patch
new file mode 100644
index 0000000..d85e4a6
--- /dev/null
+++ b/bug73418.patch
@@ -0,0 +1,26 @@
+Backported from 5.6.28 by Remi.
+
+
+From b823b14e374251ad6ab437a9631e4b010ca09b68 Mon Sep 17 00:00:00 2001
+From: Anatol Belski <ab@php.net>
+Date: Thu, 3 Nov 2016 17:03:23 +0100
+Subject: [PATCH] Fixed bug #73418 Integer Overflow in "_php_imap_mail" leads
+ to crash
+
+---
+ ext/imap/php_imap.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c
+index 564473b..6c392fb 100644
+--- a/ext/imap/php_imap.c
++++ b/ext/imap/php_imap.c
+@@ -3894,7 +3898,7 @@ int _php_imap_mail(char *to, char *subject, char *message, char *headers, char *
+ char *tsm_errmsg = NULL;
+ ADDRESS *addr;
+ char *bufferTo = NULL, *bufferCc = NULL, *bufferBcc = NULL, *bufferHeader = NULL;
+- int offset, bufferLen = 0;
++ size_t offset, bufferLen = 0;
+ size_t bt_len;
+
+ if (headers) {