PHP :: Sec Bug #61504 :: Potential vulnerability in fileinfo ext

Sec Bug #61504	Potential vulnerability in fileinfo ext
Submitted:	2012-03-25 12:49 UTC	Modified:	2012-04-06 13:31 UTC
From:	ab@php.net	Assigned:	ab (profile)
Status:	Closed	Package:	*Directory/Filesystem functions
PHP Version:	Irrelevant	OS:	all
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !

Your email address: MUST BE VALID
Solve the problem: 38 - 25 = ?
Subscribe to this entry?

[2012-03-25 12:49 UTC] ab@php.net

Description:
------------
Package : file
Vulnerability : missing bounds checks
Problem type : remote
Debian-specific: no

The bundled libmagick is still of the vulnerable version.

According to this message:
http://www.openwall.com/lists/oss-security/2012/02/20/7

the fix is contained in the following revisions:

https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295
https://github.com/glensc/file/commit/1140872578eedaeecf828f1841d17ff574372dba

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-03-25 13:03 UTC] pajoye@php.net

And here is the patch Anatoliy wrote for php, based on 5.04:

 http://belsky.info/uploads/my/fileinfo.5.04.1.diff.gz

5.11 update is also on its way and can be done later.

[2012-03-25 15:23 UTC] ab@php.net

There are also two patches for the libmagic (already contained in the one posted 
by Pierre)

Security patch for the original libmagick 5.04
http://belsky.info/uploads/my/libmagic.5.04.sec.patch.gz

PHP port
http://belsky.info/uploads/my/libmagic.5.04.php.patch.gz

[2012-03-25 16:06 UTC] ab@php.net

Finally, here is the patch containing all three previous together:

http://belsky.info/uploads/my/fileinfo.5.04.2.diff.gz

Contains 
libmagic 5.04 patched and ready to use
libmagic.patch 
tests/magic updated
data_file.c updated

[2012-03-27 08:00 UTC] ab@php.net

Here is the patch for libmagic 5.11 against the current code base:

http://belsky.info/uploads/my/fileinfo.5.11.7.diff.gz

Contains 
libmagic 5.11 patched and ready to use
libmagic.patch + fix for a bug in a ported file regex stuff
tests/magic updated
data_file.c updated

[2012-03-27 12:33 UTC] pierre.php@gmail.com@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11

[2012-03-27 18:51 UTC] ab@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

[2012-03-27 18:51 UTC] ab@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: ab

[2012-03-27 19:05 UTC] ab@php.net

-Status: Closed +Status: Re-Opened

[2012-03-28 00:15 UTC] pierre.php@gmail.com@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other

[2012-03-28 00:16 UTC] pierre.php@gmail.com@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other

[2012-03-28 07:58 UTC] cataphract@php.net

Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert &quot;- fix bug #61504, fix build errors on windows and possibly other&quot;

[2012-03-29 04:23 UTC] cataphract@php.net

Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert &quot;- fix bug #61504, fix build errors on windows and possibly other&quot;

[2012-03-29 04:23 UTC] pierre.php@gmail.com@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other

[2012-03-29 04:23 UTC] pierre.php@gmail.com@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11

[2012-04-06 13:31 UTC] ab@php.net

-Status: Re-Opened +Status: Closed

[2014-10-07 23:28 UTC] stas@php.net

Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert &quot;- fix bug #61504, fix build errors on windows and possibly other&quot;

[2014-10-07 23:28 UTC] stas@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other

[2014-10-07 23:28 UTC] stas@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11

[2014-10-07 23:39 UTC] stas@php.net

Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert &quot;- fix bug #61504, fix build errors on windows and possibly other&quot;

[2014-10-07 23:39 UTC] stas@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other

[2014-10-07 23:39 UTC] stas@php.net

Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Wed Apr 24 03:01:29 2024 UTC