summarylogtreecommitdiffstats
path: root/curl_embedded_null.patch
diff options
context:
space:
mode:
Diffstat (limited to 'curl_embedded_null.patch')
-rw-r--r--curl_embedded_null.patch43
1 files changed, 0 insertions, 43 deletions
diff --git a/curl_embedded_null.patch b/curl_embedded_null.patch
deleted file mode 100644
index eca9b1d1c39e..000000000000
--- a/curl_embedded_null.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-Description: fix local file disclosure via curl NULL byte injection
-Origin: backport, http://git.php.net/?p=php-src.git;a=commit;h=ab0939e5e5449cba04b02fff3a5595f725bce0a0
-Bug: https://bugs.php.net/bug.php?id=68089
-
-Index: php5-5.3.10/ext/curl/interface.c
-===================================================================
---- php5-5.3.10.orig/ext/curl/interface.c 2014-10-28 14:54:02.671549358 -0400
-+++ php5-5.3.10/ext/curl/interface.c 2014-10-28 14:54:49.427898135 -0400
-@@ -172,6 +172,11 @@
- #endif
- TSRMLS_FETCH();
-
-+ if (strlen(url) != len) {
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Curl option contains invalid characters (\\0)");
-+ return 0;
-+ }
-+
- /* Disable file:// if open_basedir or safe_mode are used */
- if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) {
- #if LIBCURL_VERSION_NUM >= 0x071304
-Index: php5-5.3.10/ext/curl/tests/bug68089.phpt
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ php5-5.3.10/ext/curl/tests/bug68089.phpt 2014-10-28 14:54:02.667549328 -0400
-@@ -0,0 +1,18 @@
-+--TEST--
-+Bug #68089 (NULL byte injection - cURL lib)
-+--SKIPIF--
-+<?php
-+include 'skipif.inc';
-+
-+?>
-+--FILE--
-+<?php
-+$url = "file:///etc/passwd\0http://google.com";
-+$ch = curl_init();
-+var_dump(curl_setopt($ch, CURLOPT_URL, $url));
-+?>
-+Done
-+--EXPECTF--
-+Warning: curl_setopt(): Curl option contains invalid characters (\0) in %s/bug68089.php on line 4
-+bool(false)
-+Done