addpkg: php53 5.3.29-4

author: Felix Yan 2015-07-23 19:55:08 +0800
committer: Felix Yan 2015-07-23 19:55:08 +0800
commit: 46328e7f9a997f2080d9b01ea32910302ca1fbb2 (patch)
tree: ab71f43b4093ed44f201782a09e3b55a9aea3e32 /CVE-2015-2301.patch
download: aur-46328e7f9a997f2080d9b01ea32910302ca1fbb2.tar.gz
1 files changed, 24 insertions, 0 deletions
diff --git a/CVE-2015-2301.patch b/CVE-2015-2301.patch
new file mode 100644
index 000000000000..bdeceaa67b24
--- /dev/null
+++ b/CVE-2015-2301.patch
@@ -0,0 +1,24 @@
+From b2cf3f064b8f5efef89bb084521b61318c71781b Mon Sep 17 00:00:00 2001
+From: Xinchen Hui <laruence@php.net>
+Date: Thu, 29 Jan 2015 00:00:09 +0800
+Subject: [PATCH] Fixed bug #68901 (use after free)
+
+---
+ NEWS                   | 3 +++
+ ext/phar/phar_object.c | 2 +-
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+Index: php5-5.3.10/ext/phar/phar_object.c
+===================================================================
+--- php5-5.3.10.orig/ext/phar/phar_object.c	2015-03-16 13:56:47.878348393 -0400
++++ php5-5.3.10/ext/phar/phar_object.c	2015-03-16 13:56:47.826347993 -0400
+@@ -2320,8 +2320,8 @@
+ 	}
+ its_ok:
+ 	if (SUCCESS == php_stream_stat_path(newpath, &ssb)) {
+-		efree(oldpath);
+ 		zend_throw_exception_ex(spl_ce_BadMethodCallException, 0 TSRMLS_CC, "phar \"%s\" exists and must be unlinked prior to conversion", newpath);
++		efree(oldpath);
+ 		return NULL;
+ 	}
+ 	if (!phar->is_data) {
author	Felix Yan	2015-07-23 19:55:08 +0800
committer	Felix Yan	2015-07-23 19:55:08 +0800
commit	46328e7f9a997f2080d9b01ea32910302ca1fbb2 (patch)
tree	ab71f43b4093ed44f201782a09e3b55a9aea3e32 /CVE-2015-2301.patch
download	aur-46328e7f9a997f2080d9b01ea32910302ca1fbb2.tar.gz