php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Sec Bug #66820 out-of-bounds memory access in fileinfo
Submitted: 2014-03-04 13:11 UTC Modified: 2014-03-06 13:11 UTC
From: remi@php.net Assigned: remi (profile)
Status: Closed Package: Filesystem function related
PHP Version: 5.4.25 OS: irrevelant
Private report: No CVE-ID: 2014-2270
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: remi@php.net
New email:
PHP Version: OS:

 

 [2014-03-04 13:11 UTC] remi@php.net 
Description:
------------
A flaw was found in the way the file utility determined the type of Portable Executable (PE) format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code.

Upstream report: http://bugs.gw.com/view.php?id=313

Upstream fix: https://github.com/glensc/file/commit/447558595a3650db2886cd2f416ad0beba965801

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-03-04 19:40 UTC] remi@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: remi
 [2014-03-04 19:40 UTC] remi@php.net 
Fixed by http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
 [2014-03-05 06:13 UTC] remi@php.net 
Additional upstream fix (already applied)
https://github.com/glensc/file/commit/70c65d2e1841491f59168db1f905e8b14083fb1c
 [2014-03-05 17:19 UTC] remi@php.net
-CVE-ID: +CVE-ID: 2014-2270
 [2014-03-10 11:04 UTC] ab@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-03-10 11:29 UTC] ab@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-04-10 04:47 UTC] tyrael@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-10-07 23:15 UTC] stas@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 [2014-10-07 23:27 UTC] stas@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
Log: Fixed Bug #66820 out-of-bounds memory access in fileinfo
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 12:01:29 2024 UTC