1 |
hoffie 08/03/28 19:19:43 |
2 |
|
3 |
Added: pecl-apc-3.0.16-CVE-2008-1488.patch |
4 |
Log: |
5 |
addpecl-apc-3.0.16-r1, including a fix for CVE-2008-1488, since 3.0.17 causes segfaults (thanks to jakub) |
6 |
(Portage version: 2.1.4.4) |
7 |
|
8 |
Revision Changes Path |
9 |
1.1 dev-php5/pecl-apc/files/pecl-apc-3.0.16-CVE-2008-1488.patch |
10 |
|
11 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-php5/pecl-apc/files/pecl-apc-3.0.16-CVE-2008-1488.patch?rev=1.1&view=markup |
12 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-php5/pecl-apc/files/pecl-apc-3.0.16-CVE-2008-1488.patch?rev=1.1&content-type=text/plain |
13 |
|
14 |
Index: pecl-apc-3.0.16-CVE-2008-1488.patch |
15 |
=================================================================== |
16 |
--- apc.c.old 2008-03-26 19:22:02.000000000 +0100 |
17 |
+++ apc.c 2008-03-26 19:22:23.000000000 +0100 |
18 |
@@ -331,7 +331,7 @@ |
19 |
/* not: [no active file] or no path */ |
20 |
memcpy(fileinfo->fullpath, exec_fname, exec_fname_length); |
21 |
fileinfo->fullpath[exec_fname_length] = DEFAULT_SLASH; |
22 |
- strcpy(fileinfo->fullpath +exec_fname_length +1, filename); |
23 |
+ strlcpy(fileinfo->fullpath +exec_fname_length +1, filename,sizeof(fileinfo->fullpath)-exec_fname_length-1); |
24 |
/* apc_wprint("filename: %s, exec_fname: %s, fileinfo->fullpath: %s", filename, exec_fname, fileinfo->fullpath); */ |
25 |
if (apc_stat(fileinfo->fullpath, &fileinfo->st_buf) == 0) { |
26 |
found = 1; |
27 |
|
28 |
|
29 |
|
30 |
|
31 |
-- |
32 |
gentoo-commits@l.g.o mailing list |