rpms / php

Clone
Source Code
GIT

Blame SOURCES/php-5.4.16-CVE-2018-10547.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8-beta-stream-7.2 c8-beta-stream-7.3 c8-beta-stream-7.4 c8-beta-stream-8.0 c8-stream-7.2 c8-stream-7.3 c8-stream-7.4 c8-stream-8.0 c8s-stream-7.4 c8s-stream-8.0 c9 c9-beta c9-beta-stream-8.1 c9-stream-8.1
  1.   f512950a8f9bfceb7a18b2f9652917c6b27c017a
  2.   SOURCES
  3.   php-5.4.16-CVE-2018-10547.patch
Blob History Raw
f51295 
From 6e64aba47f4e41d97c4d010024c68320c0855f45 Mon Sep 17 00:00:00 2001
f51295 
From: Stanislav Malyshev <stas@php.net>
f51295 
Date: Tue, 27 Mar 2018 21:22:28 -0700
f51295 
Subject: [PATCH] Fix #76129 - remove more potential unfiltered outputs for
f51295 
 phar
f51295
f51295 
---
f51295 
 ext/phar/phar_object.c                           | 6 ++----
f51295 
 ext/phar/tests/cache_list/frontcontroller10.phpt | 2 +-
f51295 
 ext/phar/tests/cache_list/frontcontroller6.phpt  | 2 +-
f51295 
 ext/phar/tests/cache_list/frontcontroller8.phpt  | 2 +-
f51295 
 ext/phar/tests/frontcontroller10.phpt            | 2 +-
f51295 
 ext/phar/tests/frontcontroller6.phpt             | 2 +-
f51295 
 ext/phar/tests/frontcontroller8.phpt             | 2 +-
f51295 
 ext/phar/tests/tar/frontcontroller10.phar.phpt   | 2 +-
f51295 
 ext/phar/tests/tar/frontcontroller6.phar.phpt    | 2 +-
f51295 
 ext/phar/tests/tar/frontcontroller8.phar.phpt    | 2 +-
f51295 
 ext/phar/tests/zip/frontcontroller10.phar.phpt   | 2 +-
f51295 
 ext/phar/tests/zip/frontcontroller6.phar.phpt    | 2 +-
f51295 
 ext/phar/tests/zip/frontcontroller8.phar.phpt    | 2 +-
f51295 
 13 files changed, 14 insertions(+), 16 deletions(-)
f51295
f51295 
diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
f51295 
index 64d7a6c..a6f56ac 100644
f51295 
--- a/ext/phar/phar_object.c
f51295 
+++ b/ext/phar/phar_object.c
f51295 
@@ -340,8 +340,7 @@ static void phar_do_403(char *entry, int entry_len TSRMLS_DC) /* {{{ */
f51295 
 	sapi_header_op(SAPI_HEADER_REPLACE, &ctr TSRMLS_CC);
f51295 
 	sapi_send_headers(TSRMLS_C);
f51295 
 	PHPWRITE("<html>\n <head>\n  <title>Access Denied</title>\n </head>\n <body>\n  
403 - File ", sizeof("<html>\n <head>\n  <title>Access Denied</title>\n </head>\n <body>\n  
403 - File ") - 1);
f51295 
-	PHPWRITE(entry, entry_len);
f51295 
-	PHPWRITE(" Access Denied\n </body>\n</html>", sizeof(" Access Denied\n </body>\n</html>") - 1);
f51295 
+	PHPWRITE("Access Denied\n </body>\n</html>", sizeof("Access Denied\n </body>\n</html>") - 1);
f51295 
 }
f51295 
 /* }}} */
f51295
f51295 
@@ -365,8 +364,7 @@ static void phar_do_404(phar_archive_data *phar, char *fname, int fname_len, cha
f51295 
 	sapi_header_op(SAPI_HEADER_REPLACE, &ctr TSRMLS_CC);
f51295 
 	sapi_send_headers(TSRMLS_C);
f51295 
 	PHPWRITE("<html>\n <head>\n  <title>File Not Found</title>\n </head>\n <body>\n  
404 - File ", sizeof("<html>\n <head>\n  <title>File Not Found</title>\n </head>\n <body>\n  
404 - File ") - 1);
f51295 
-	PHPWRITE(entry, entry_len);
f51295 
-	PHPWRITE(" Not Found\n </body>\n</html>",  sizeof(" Not Found\n </body>\n</html>") - 1);
f51295 
+	PHPWRITE("Not Found\n </body>\n</html>",  sizeof("Not Found\n </body>\n</html>") - 1);
f51295 
 }
f51295 
 /* }}} */
f51295
f51295 
diff --git a/ext/phar/tests/cache_list/frontcontroller10.phpt b/ext/phar/tests/cache_list/frontcontroller10.phpt
f51295 
index 00177d4..5fd9868 100644
f51295 
--- a/ext/phar/tests/cache_list/frontcontroller10.phpt
f51295 
+++ b/ext/phar/tests/cache_list/frontcontroller10.phpt
f51295 
@@ -20,6 +20,6 @@ Status: 403 Access Denied
f51295 
   <title>Access Denied</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
403 - File /hi Access Denied
f51295 
+  
403 - File Access Denied
f51295 
  </body>
f51295 
 </html>
f51295 
diff --git a/ext/phar/tests/cache_list/frontcontroller6.phpt b/ext/phar/tests/cache_list/frontcontroller6.phpt
f51295 
index 2480be4..a79c958 100644
f51295 
--- a/ext/phar/tests/cache_list/frontcontroller6.phpt
f51295 
+++ b/ext/phar/tests/cache_list/frontcontroller6.phpt
f51295 
@@ -18,6 +18,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /notfound.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/cache_list/frontcontroller8.phpt b/ext/phar/tests/cache_list/frontcontroller8.phpt
f51295 
index bf9b390..e04f9e5 100644
f51295 
--- a/ext/phar/tests/cache_list/frontcontroller8.phpt
f51295 
+++ b/ext/phar/tests/cache_list/frontcontroller8.phpt
f51295 
@@ -18,6 +18,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /index.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/frontcontroller10.phpt b/ext/phar/tests/frontcontroller10.phpt
f51295 
index 667d5c2..b3f5e64 100644
f51295 
--- a/ext/phar/tests/frontcontroller10.phpt
f51295 
+++ b/ext/phar/tests/frontcontroller10.phpt
f51295 
@@ -19,6 +19,6 @@ Status: 403 Access Denied
f51295 
   <title>Access Denied</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
403 - File /hi Access Denied
f51295 
+  
403 - File Access Denied
f51295 
  </body>
f51295 
 </html>
f51295 
diff --git a/ext/phar/tests/frontcontroller6.phpt b/ext/phar/tests/frontcontroller6.phpt
f51295 
index 1a2cc2c..c5dd382 100644
f51295 
--- a/ext/phar/tests/frontcontroller6.phpt
f51295 
+++ b/ext/phar/tests/frontcontroller6.phpt
f51295 
@@ -16,6 +16,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /notfound.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/frontcontroller8.phpt b/ext/phar/tests/frontcontroller8.phpt
f51295 
index 36e3206..77d33da 100644
f51295 
--- a/ext/phar/tests/frontcontroller8.phpt
f51295 
+++ b/ext/phar/tests/frontcontroller8.phpt
f51295 
@@ -16,6 +16,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /index.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/tar/frontcontroller10.phar.phpt b/ext/phar/tests/tar/frontcontroller10.phar.phpt
f51295 
index f1fc6e3..23ce6f3 100644
f51295 
--- a/ext/phar/tests/tar/frontcontroller10.phar.phpt
f51295 
+++ b/ext/phar/tests/tar/frontcontroller10.phar.phpt
f51295 
@@ -19,6 +19,6 @@ Status: 403 Access Denied
f51295 
   <title>Access Denied</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
403 - File /hi Access Denied
f51295 
+  
403 - File Access Denied
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/tar/frontcontroller6.phar.phpt b/ext/phar/tests/tar/frontcontroller6.phar.phpt
f51295 
index 5375bee..b811f00 100644
f51295 
--- a/ext/phar/tests/tar/frontcontroller6.phar.phpt
f51295 
+++ b/ext/phar/tests/tar/frontcontroller6.phar.phpt
f51295 
@@ -16,6 +16,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /notfound.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/tar/frontcontroller8.phar.phpt b/ext/phar/tests/tar/frontcontroller8.phar.phpt
f51295 
index 19844cb..a180e20 100644
f51295 
--- a/ext/phar/tests/tar/frontcontroller8.phar.phpt
f51295 
+++ b/ext/phar/tests/tar/frontcontroller8.phar.phpt
f51295 
@@ -16,6 +16,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /index.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/zip/frontcontroller10.phar.phpt b/ext/phar/tests/zip/frontcontroller10.phar.phpt
f51295 
index 56d16c2..5bbe9e1 100644
f51295 
--- a/ext/phar/tests/zip/frontcontroller10.phar.phpt
f51295 
+++ b/ext/phar/tests/zip/frontcontroller10.phar.phpt
f51295 
@@ -19,6 +19,6 @@ Status: 403 Access Denied
f51295 
   <title>Access Denied</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
403 - File /hi Access Denied
f51295 
+  
403 - File Access Denied
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/zip/frontcontroller6.phar.phpt b/ext/phar/tests/zip/frontcontroller6.phar.phpt
f51295 
index 15489f6..63f7c62 100644
f51295 
--- a/ext/phar/tests/zip/frontcontroller6.phar.phpt
f51295 
+++ b/ext/phar/tests/zip/frontcontroller6.phar.phpt
f51295 
@@ -17,6 +17,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /notfound.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
diff --git a/ext/phar/tests/zip/frontcontroller8.phar.phpt b/ext/phar/tests/zip/frontcontroller8.phar.phpt
f51295 
index 1b0d133..d4c3a3f 100644
f51295 
--- a/ext/phar/tests/zip/frontcontroller8.phar.phpt
f51295 
+++ b/ext/phar/tests/zip/frontcontroller8.phar.phpt
f51295 
@@ -16,6 +16,6 @@ Status: 404 Not Found
f51295 
   <title>File Not Found</title>
f51295 
  </head>
f51295 
  <body>
f51295 
-  
404 - File /index.php Not Found
f51295 
+  
404 - File Not Found
f51295 
  </body>
f51295 
 </html>
f51295 
\ No newline at end of file
f51295 
--
f51295 
2.1.4
f51295

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation