diff options
Diffstat (limited to 'CVE-2015-2787.patch')
-rw-r--r-- | CVE-2015-2787.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/CVE-2015-2787.patch b/CVE-2015-2787.patch deleted file mode 100644 index 141c56a879b1..000000000000 --- a/CVE-2015-2787.patch +++ /dev/null @@ -1,29 +0,0 @@ -Description: fix arbitrary code exection via process_nested_data use-after-free -Origin: backport, https://github.com/php/php-src/commit/780222f97f47644a6a118ada86a269a96a1e8134 -Origin: backport, https://github.com/php/php-src/commit/d76b293ac71aa5bd4e9a433192afef6e0dd5a4ee -Bug: https://bugs.php.net/bug.php?id=68976 - -Index: php5-5.3.10/ext/standard/var_unserializer.c -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.c 2015-04-17 06:24:38.154295164 -0400 -+++ php5-5.3.10/ext/standard/var_unserializer.c 2015-04-17 06:24:38.154295164 -0400 -@@ -304,6 +304,7 @@ - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, - sizeof data, NULL); - } -+ var_push_dtor(var_hash, &data); - - zval_dtor(key); - FREE_ZVAL(key); -Index: php5-5.3.10/ext/standard/var_unserializer.re -=================================================================== ---- php5-5.3.10.orig/ext/standard/var_unserializer.re 2015-04-17 06:24:38.154295164 -0400 -+++ php5-5.3.10/ext/standard/var_unserializer.re 2015-04-17 06:24:38.154295164 -0400 -@@ -310,6 +310,7 @@ - zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, - sizeof data, NULL); - } -+ var_push_dtor(var_hash, &data); - - zval_dtor(key); - FREE_ZVAL(key); |