php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

Patch file-upstream.patch for Filesystem function related Bug #67716

Patch version 2014-07-30 12:00 UTC

Return to Bug #67716 | Download this patch
Patch Revisions:

Developer: remi@php.net

From 9217c8d8e3760a9747311727f49150af84f189a4 Mon Sep 17 00:00:00 2001
From: Remi Collet <rcollet@redhat.com>
Date: Tue, 29 Jul 2014 13:06:17 +0200
Subject: [PATCH] fix possible pointer overflow

Signed-off-by: Remi Collet <rcollet@redhat.com>
---
 src/cdf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cdf.c b/src/cdf.c
index 5dbf3b1..552f460 100644
--- a/src/cdf.c
+++ b/src/cdf.c
@@ -835,7 +835,7 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
 		q = (const uint8_t *)(const void *)
 		    ((const char *)(const void *)p + ofs
 		    - 2 * sizeof(uint32_t));
-		if (q > e) {
+		if (q < p || q > e) {
 			DPRINTF(("Ran of the end %p > %p\n", q, e));
 			goto out;
 		}
-- 
1.9.3

 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC