[Pkg-php-commits] r1086 - php5/branches/lenny/debian/patches

Sean Finney seanius at alioth.debian.org
Tue May 27 17:52:35 UTC 2008


Author: seanius
Date: 2008-05-27 17:52:34 +0000 (Tue, 27 May 2008)
New Revision: 1086

Added:
   php5/branches/lenny/debian/patches/CVE-2008-1384.patch
Removed:
   php5/branches/lenny/debian/patches/CVE-2008-1384
Modified:
   php5/branches/lenny/debian/patches/series
Log:
whoops, end patch with .patch

Deleted: php5/branches/lenny/debian/patches/CVE-2008-1384
===================================================================
--- php5/branches/lenny/debian/patches/CVE-2008-1384	2008-05-27 17:51:56 UTC (rev 1085)
+++ php5/branches/lenny/debian/patches/CVE-2008-1384	2008-05-27 17:52:34 UTC (rev 1086)
@@ -1,34 +0,0 @@
-http://cvs.php.net/viewvc.cgi/php-src/ext/standard/formatted_print.c?r1=1.104&r2=1.105&view=patch
-Index: php5-5.2.5/ext/standard/formatted_print.c
-===================================================================
---- php5-5.2.5.orig/ext/standard/formatted_print.c
-+++ php5-5.2.5/ext/standard/formatted_print.c
-@@ -76,6 +76,7 @@ php_sprintf_appendstring(char **buffer, 
- 	register int npad;
- 	int req_size;
- 	int copy_len;
-+	int m_width;
- 
- 	copy_len = (expprec ? MIN(max_width, len) : len);
- 	npad = min_width - copy_len;
-@@ -86,11 +87,19 @@ php_sprintf_appendstring(char **buffer, 
- 	
- 	PRINTF_DEBUG(("sprintf: appendstring(%x, %d, %d, \"%s\", %d, '%c', %d)\n",
- 				  *buffer, *pos, *size, add, min_width, padding, alignment));
-+	m_width = MAX(min_width, copy_len);
- 
--	req_size = *pos + MAX(min_width, copy_len) + 1;
-+	if(m_width > INT_MAX - *pos - 1) {
-+		zend_error_noreturn(E_ERROR, "Field width %d is too long", m_width);
-+	}
-+
-+	req_size = *pos + m_width + 1;
- 
- 	if (req_size > *size) {
- 		while (req_size > *size) {
-+			if(*size > INT_MAX/2) {
-+				zend_error_noreturn(E_ERROR, "Field width %d is too long", req_size); 
-+			}
- 			*size <<= 1;
- 		}
- 		PRINTF_DEBUG(("sprintf ereallocing buffer to %d bytes\n", *size));

Copied: php5/branches/lenny/debian/patches/CVE-2008-1384.patch (from rev 1085, php5/branches/lenny/debian/patches/CVE-2008-1384)
===================================================================
--- php5/branches/lenny/debian/patches/CVE-2008-1384.patch	                        (rev 0)
+++ php5/branches/lenny/debian/patches/CVE-2008-1384.patch	2008-05-27 17:52:34 UTC (rev 1086)
@@ -0,0 +1,34 @@
+http://cvs.php.net/viewvc.cgi/php-src/ext/standard/formatted_print.c?r1=1.104&r2=1.105&view=patch
+Index: php5-5.2.5/ext/standard/formatted_print.c
+===================================================================
+--- php5-5.2.5.orig/ext/standard/formatted_print.c
++++ php5-5.2.5/ext/standard/formatted_print.c
+@@ -76,6 +76,7 @@ php_sprintf_appendstring(char **buffer, 
+ 	register int npad;
+ 	int req_size;
+ 	int copy_len;
++	int m_width;
+ 
+ 	copy_len = (expprec ? MIN(max_width, len) : len);
+ 	npad = min_width - copy_len;
+@@ -86,11 +87,19 @@ php_sprintf_appendstring(char **buffer, 
+ 	
+ 	PRINTF_DEBUG(("sprintf: appendstring(%x, %d, %d, \"%s\", %d, '%c', %d)\n",
+ 				  *buffer, *pos, *size, add, min_width, padding, alignment));
++	m_width = MAX(min_width, copy_len);
+ 
+-	req_size = *pos + MAX(min_width, copy_len) + 1;
++	if(m_width > INT_MAX - *pos - 1) {
++		zend_error_noreturn(E_ERROR, "Field width %d is too long", m_width);
++	}
++
++	req_size = *pos + m_width + 1;
+ 
+ 	if (req_size > *size) {
+ 		while (req_size > *size) {
++			if(*size > INT_MAX/2) {
++				zend_error_noreturn(E_ERROR, "Field width %d is too long", req_size); 
++			}
+ 			*size <<= 1;
+ 		}
+ 		PRINTF_DEBUG(("sprintf ereallocing buffer to %d bytes\n", *size));

Modified: php5/branches/lenny/debian/patches/series
===================================================================
--- php5/branches/lenny/debian/patches/series	2008-05-27 17:51:56 UTC (rev 1085)
+++ php5/branches/lenny/debian/patches/series	2008-05-27 17:52:34 UTC (rev 1086)
@@ -28,6 +28,6 @@
 libdb_is_-ldb
 suhosin.patch
 fix_broken_upstream_tests.patch
-CVE-2008-1384
+CVE-2008-1384.patch
 CVE-2008-2050.patch
 CVE-2008-2051.patch




More information about the Pkg-php-commits mailing list