FreeBSD Bugzilla – Attachment 144436 Details for
Bug 191638
lang/php5 Patch for phpinfo() Type Confusion Infoleak Vulnerability and SSL Private Keys
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
PHP 5.3 infoleak vulnerability patch
file_191638.txt (text/plain), 2.57 KB, created by
logan
on 2014-07-05 22:08:13 UTC
(
hide
)
Description:
PHP 5.3 infoleak vulnerability patch
Filename:
MIME Type:
Creator:
logan
Created:
2014-07-05 22:08:13 UTC
Size:
2.57 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 360815) >+++ Makefile (working copy) >@@ -3,7 +3,7 @@ > > PORTNAME= php53 > PORTVERSION= 5.3.28 >-PORTREVISION?= 2 >+PORTREVISION?= 3 > CATEGORIES?= lang devel www > MASTER_SITES= ${MASTER_SITE_PHP} > MASTER_SITE_SUBDIR= distributions >Index: files/patch-ext_standard_info.c >=================================================================== >--- files/patch-ext_standard_info.c (revision 0) >+++ files/patch-ext_standard_info.c (working copy) >@@ -0,0 +1,23 @@ >+--- ext/standard/info.c.orig 2013-12-10 23:04:57.000000000 +0400 >++++ ext/standard/info.c 2014-07-05 22:03:29.000000000 +0400 >+@@ -972,16 +972,16 @@ PHPAPI void php_print_info(int flag TSRM >+ >+ php_info_print_table_start(); >+ php_info_print_table_header(2, "Variable", "Value"); >+- if (zend_hash_find(&EG(symbol_table), "PHP_SELF", sizeof("PHP_SELF"), (void **) &data) != FAILURE) { >++ if (zend_hash_find(&EG(symbol_table), "PHP_SELF", sizeof("PHP_SELF"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { >+ php_info_print_table_row(2, "PHP_SELF", Z_STRVAL_PP(data)); >+ } >+- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_TYPE", sizeof("PHP_AUTH_TYPE"), (void **) &data) != FAILURE) { >++ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_TYPE", sizeof("PHP_AUTH_TYPE"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { >+ php_info_print_table_row(2, "PHP_AUTH_TYPE", Z_STRVAL_PP(data)); >+ } >+- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_USER", sizeof("PHP_AUTH_USER"), (void **) &data) != FAILURE) { >++ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_USER", sizeof("PHP_AUTH_USER"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { >+ php_info_print_table_row(2, "PHP_AUTH_USER", Z_STRVAL_PP(data)); >+ } >+- if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_PW", sizeof("PHP_AUTH_PW"), (void **) &data) != FAILURE) { >++ if (zend_hash_find(&EG(symbol_table), "PHP_AUTH_PW", sizeof("PHP_AUTH_PW"), (void **) &data) != FAILURE && Z_TYPE_PP(data) == IS_STRING) { >+ php_info_print_table_row(2, "PHP_AUTH_PW", Z_STRVAL_PP(data)); >+ } >+ php_print_gpcse_array("_REQUEST", sizeof("_REQUEST")-1 TSRMLS_CC); > >Property changes on: files/patch-ext_standard_info.c >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=144436">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 191638
:
144433
| 144436