Patch file-upstream.patch for Filesystem function related Bug #67716
Patch version 2014-07-30 12:00 UTC
Return to Bug #67716 |
Download this patch
Patch Revisions:
Developer: remi@php.net
From 9217c8d8e3760a9747311727f49150af84f189a4 Mon Sep 17 00:00:00 2001
From: Remi Collet <rcollet@redhat.com>
Date: Tue, 29 Jul 2014 13:06:17 +0200
Subject: [PATCH] fix possible pointer overflow
Signed-off-by: Remi Collet <rcollet@redhat.com>
---
src/cdf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cdf.c b/src/cdf.c
index 5dbf3b1..552f460 100644
--- a/src/cdf.c
+++ b/src/cdf.c
@@ -835,7 +835,7 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
q = (const uint8_t *)(const void *)
((const char *)(const void *)p + ofs
- 2 * sizeof(uint32_t));
- if (q > e) {
+ if (q < p || q > e) {
DPRINTF(("Ran of the end %p > %p\n", q, e));
goto out;
}
--
1.9.3
|
Copyright © 2001-2024 The PHP Group