diff options
Diffstat (limited to 'php-5.5.6-CVE-2013-6712.patch')
-rw-r--r-- | php-5.5.6-CVE-2013-6712.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/php-5.5.6-CVE-2013-6712.patch b/php-5.5.6-CVE-2013-6712.patch new file mode 100644 index 0000000..553f708 --- /dev/null +++ b/php-5.5.6-CVE-2013-6712.patch @@ -0,0 +1,40 @@ +From 12fe4e90be7bfa2a763197079f68f5568a14e071 Mon Sep 17 00:00:00 2001 +From: Remi Collet <remi@php.net> +Date: Wed, 27 Nov 2013 11:13:16 +0100 +Subject: [PATCH] Fixed bug #66060 (Heap buffer over-read in DateInterval) + +--- + NEWS | 3 +++ + ext/date/lib/parse_iso_intervals.c | 4 ++-- + ext/date/lib/parse_iso_intervals.re | 2 +- + 3 files changed, 6 insertions(+), 3 deletions(-) + +diff --git a/ext/date/lib/parse_iso_intervals.c b/ext/date/lib/parse_iso_intervals.c +index bd1ad05..480ea38 100644 +--- a/ext/date/lib/parse_iso_intervals.c ++++ b/ext/date/lib/parse_iso_intervals.c +@@ -380,7 +380,7 @@ yy6: + break; + } + ptr++; +- } while (*ptr); ++ } while (!s->errors->error_count && *ptr); + s->have_period = 1; + TIMELIB_DEINIT; + return TIMELIB_PERIOD; +diff --git a/ext/date/lib/parse_iso_intervals.re b/ext/date/lib/parse_iso_intervals.re +index 56aa34d..c5e9f67 100644 +--- a/ext/date/lib/parse_iso_intervals.re ++++ b/ext/date/lib/parse_iso_intervals.re +@@ -348,7 +348,7 @@ isoweek = year4 "-"? "W" weekofyear; + break; + } + ptr++; +- } while (*ptr); ++ } while (!s->errors->error_count && *ptr); + s->have_period = 1; + TIMELIB_DEINIT; + return TIMELIB_PERIOD; +-- +1.8.4.3 + |