diff options
Diffstat (limited to 'meta-webserver/recipes-php')
-rw-r--r-- | meta-webserver/recipes-php/modphp/files/php-CVE-2014-5120.patch | 35 | ||||
-rw-r--r-- | meta-webserver/recipes-php/modphp/modphp5.inc | 1 |
2 files changed, 36 insertions, 0 deletions
diff --git a/meta-webserver/recipes-php/modphp/files/php-CVE-2014-5120.patch b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-5120.patch new file mode 100644 index 00000000000..f2e23b3f09d --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-5120.patch @@ -0,0 +1,35 @@ +modphp: Security Advisory - php - CVE-2014-5120 + +Upstream-Status: Backport + +Signed-off-by Yue Tao <yue.tao@windriver.com> + +From 706aefb78112a44d4932d4c9430c6a898696f51f Mon Sep 17 00:00:00 2001 +From: Stanislav Malyshev <stas@php.net> +Date: Mon, 18 Aug 2014 22:49:10 -0700 +Subject: [PATCH] Fix bug #67730 - Null byte injection possible with imagexxx + functions + +--- + ext/gd/gd_ctx.c | 5 +++++ + 2 files changed, 7 insertions(+) + +diff --git a/ext/gd/gd_ctx.c b/ext/gd/gd_ctx.c +index bff691f..eafbab5 100644 +--- a/ext/gd/gd_ctx.c ++++ b/ext/gd/gd_ctx.c +@@ -124,6 +124,11 @@ static void _php_image_output_ctx(INTERNAL_FUNCTION_PARAMETERS, int image_type, + RETURN_FALSE; + } + } else if (Z_TYPE_P(to_zval) == IS_STRING) { ++ if (CHECK_ZVAL_NULL_PATH(to_zval)) { ++ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid 2nd parameter, filename must not contain null bytes"); ++ RETURN_FALSE; ++ } ++ + stream = php_stream_open_wrapper(Z_STRVAL_P(to_zval), "wb", REPORT_ERRORS|IGNORE_PATH|IGNORE_URL_WIN, NULL); + if (stream == NULL) { + RETURN_FALSE; +-- +1.7.9.5 + diff --git a/meta-webserver/recipes-php/modphp/modphp5.inc b/meta-webserver/recipes-php/modphp/modphp5.inc index 0d7bb7a13cf..6a2a61f5f71 100644 --- a/meta-webserver/recipes-php/modphp/modphp5.inc +++ b/meta-webserver/recipes-php/modphp/modphp5.inc @@ -9,6 +9,7 @@ SRC_URI = "http://www.php.net/distributions/php-${PV}.tar.bz2 \ file://pthread-check-threads-m4.patch \ file://70_mod_php5.conf \ file://0001-using-pkgconfig-to-check-libxml.patch \ + file://php-CVE-2014-5120.patch \ " S = "${WORKDIR}/php-${PV}" |