Sophie

Sophie

distrib > * > 2008.0 > x86_64 > by-pkgid > fb1832787a7adf918aad2d840f64675b > files > 29

php-5.2.4-3.5mdv2008.0.src.rpm

fix for CVE-2008-3659
http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_operators.h?r1=1.94.2.4.2.11&r2=1.94.2.4.2.12&view=patch
--- old/Zend/zend_operators.h	2007/12/31 07:20:03	1.94.2.4.2.11
+++ new/Zend/zend_operators.h	2008/08/05 20:11:17	1.94.2.4.2.12
@@ -220,6 +220,9 @@
 	char *p = haystack;
 	char ne = needle[needle_len-1];
 
+	if(needle_len > end-haystack) {
+		return NULL;
+	}
 	end -= needle_len;
 
 	while (p <= end) {

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional