summaryrefslogtreecommitdiffstats
path: root/php-bug78380.patch
blob: 4d7db3511cc4bcb0f4e4f1f30682da4757e23298 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
From 8cc1b123b05c51442b9a4fc4ea61d7719ee96e0e Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sat, 24 Aug 2019 23:11:45 -0700
Subject: [PATCH 2/3] Fix CVE-2019-13224: don't allow different encodings for
 onig_new_deluxe()

Backport from https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55

(cherry picked from commit 1258303e66d8dede4f02347334b9f6576e98a21b)
---
 ext/mbstring/oniguruma/regext.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ext/mbstring/oniguruma/regext.c b/ext/mbstring/oniguruma/regext.c
index b1b957b40c..b108e638c6 100644
--- a/ext/mbstring/oniguruma/regext.c
+++ b/ext/mbstring/oniguruma/regext.c
@@ -29,6 +29,7 @@
 
 #include "regint.h"
 
+#if 0
 static void
 conv_ext0be32(const UChar* s, const UChar* end, UChar* conv)
 {
@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEncoding to, const UChar* s, const UChar* e
 
   return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
 }
+#endif
 
 extern int
 onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
   if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL;
 
   if (ci->pattern_enc != ci->target_enc) {
-    r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end,
-                      &cpat, &cpat_end);
-    if (r) return r;
+    return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
   }
   else {
     cpat     = (UChar* )pattern;
-- 
2.20.1

From b0aa68eade0d15274465136a6d6b84edd8ab6e4b Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 28 Aug 2019 14:06:50 +0200
Subject: [PATCH 3/3] NEWS

---
 NEWS | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/NEWS b/NEWS
index 5039cdf59d..cb7919bafc 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,14 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 
+Backported from 7.1.32
+
+- mbstring:
+  . Fixed CVE-2019-13224 (don't allow different encodings for onig_new_deluxe) (stas)
+
+- pcre:
+  . Fixed bug #75457 (heap use-after-free in pcrelib) (cmb)
+
 Backported from 7.1.31
 
 - EXIF:
-- 
2.20.1