Blame SOURCES/php-5.4.16-CVE-2015-2348.patch
|
 |
20017b |
From 1291d6bbee93b6109eb07e8f7916ff1b7fcc13e1 Mon Sep 17 00:00:00 2001
|
|
|
20017b |
From: Stanislav Malyshev <stas@php.net>
|
|
|
20017b |
Date: Tue, 17 Mar 2015 12:47:58 -0700
|
|
|
20017b |
Subject: [PATCH] Fix bug #69207 - move_uploaded_file allows nulls in path
|
|
|
20017b |
|
|
|
20017b |
---
|
|
|
20017b |
NEWS | 3 +++
|
|
|
20017b |
ext/standard/basic_functions.c | 2 +-
|
|
|
20017b |
2 files changed, 4 insertions(+), 1 deletion(-)
|
|
|
20017b |
|
|
|
20017b |
diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
|
|
|
20017b |
index 9a9df30..c3e2230 100644
|
|
|
20017b |
--- a/ext/standard/basic_functions.c
|
|
|
20017b |
+++ b/ext/standard/basic_functions.c
|
|
|
20017b |
@@ -5771,7 +5771,7 @@ PHP_FUNCTION(move_uploaded_file)
|
|
|
20017b |
RETURN_FALSE;
|
|
|
20017b |
}
|
|
|
20017b |
|
|
|
20017b |
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &path, &path_len, &new_path, &new_path_len) == FAILURE) {
|
|
|
20017b |
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sp", &path, &path_len, &new_path, &new_path_len) == FAILURE) {
|
|
|
20017b |
return;
|
|
|
20017b |
}
|
|
|
20017b |
|
|
|
20017b |
--
|
|
|
20017b |
2.1.4
|
|
|
20017b |
|