Subject: pkg/33230: PHP-4.4.2 patch available
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <tonnerre@thebsh.sygroup.ch>
List: pkgsrc-bugs
Date: 04/10/2006 12:15:00
>Number: 33230
>Category: pkg
>Synopsis: Patch for the information exposure vulnerability in php-4.4.2 available (1803)
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Apr 10 12:15:00 +0000 2006
>Originator: Tonnerre Lombard
>Release: NetBSD 2.1
>Organization:
SyGroup GmbH
>Environment:
System: NetBSD thebsh.sygroup-int.ch 2.1 NetBSD 2.1 (GENERIC.MP) #0: Mon Oct 24 19:21:50 UTC 2005 jmc@faith.netbsd.org:/home/builds/ab/netbsd-2-1-RELEASE/alpha/200510241747Z-obj/home/builds/ab/netbsd-2-1-RELEASE/src/sys/arch/alpha/compile/GENERIC.MP alpha
Architecture: alpha
Machine: alpha
>Description:
PHP 4.4.2 has a nice feature of remote memory reading. According to
the PHP people, this patch removes the feature for people who don't
want it.
>How-To-Repeat:
http://hostname/index.php?foo=AAAAAAAAAAAAAAAAAAA<lots of them>AAAA
>Fix:
--- html.c 2006/01/01 13:09:55 1.112
+++ html.c 2006/02/25 21:30:32 1.113
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: html.c,v 1.112 2006/01/01 13:09:55 sniper Exp $ */
+/* $Id: html.c,v 1.113 2006/02/25 21:30:32 rasmus Exp $ */
/*
* HTML entity resources:
@@ -884,7 +884,7 @@
unsigned char replacement[15];
int replacement_len;
- ret = estrdup(old);
+ ret = estrndup(old, oldlen);
retlen = oldlen;
if (!retlen) {
goto empty_source;