php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Sec Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
Submitted: 2014-06-10 11:37 UTC Modified: 2014-06-27 08:05 UTC
From: remi@php.net Assigned: remi (profile)
Status: Closed Package: Filesystem function related
PHP Version: 5.4.29 OS: irrevelant
Private report: No CVE-ID: 2014-3478
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: remi@php.net
New email:
PHP Version: OS:

 

 [2014-06-10 11:37 UTC] remi@php.net 
Description:
------------
A flaw was found in the way file compute the truncated pascal string size in mconvert() function. 

Upstream commit:
https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08


Acknowledgment:

This issue was discovered by Francisco Alonso of the Red Hat Security Response Team.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-06-10 11:38 UTC] remi@php.net
-CVE-ID: +CVE-ID: 2014-3478
 [2014-06-10 11:38 UTC] remi@php.net 
Waiting for CVE-2014-3478 public disclosure date.
 [2014-06-10 12:06 UTC] remi@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: remi
 [2014-06-10 12:06 UTC] remi@php.net 
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

http://git.php.net/?p=php-src.git;a=commit;h=e77659a8c87272e5061738a31430d2111482c426
 [2014-07-02 08:26 UTC] ab@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e77659a8c87272e5061738a31430d2111482c426
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-07-02 08:34 UTC] ab@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e77659a8c87272e5061738a31430d2111482c426
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-07-29 21:56 UTC] johannes@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=6bd5a06894fa2f8c1b53bf92fb809d911b740e84
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-08-14 15:34 UTC] johannes@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=6bd5a06894fa2f8c1b53bf92fb809d911b740e84
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-08-14 19:32 UTC] dmitry@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=6bd5a06894fa2f8c1b53bf92fb809d911b740e84
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-10-07 23:14 UTC] stas@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=6bd5a06894fa2f8c1b53bf92fb809d911b740e84
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-10-07 23:14 UTC] stas@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=e77659a8c87272e5061738a31430d2111482c426
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-10-07 23:25 UTC] stas@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=6bd5a06894fa2f8c1b53bf92fb809d911b740e84
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 [2014-10-07 23:26 UTC] stas@php.net 
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=e77659a8c87272e5061738a31430d2111482c426
Log: Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 12:01:29 2024 UTC