[Frugalware-darcs] frugalware-0.5: php-5.1.6-3siwenna1-i686

Sun Nov 5 23:45:24 CET 2006

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.5;a=darcs_commitdiff;h=20061105223847-dd049-a02d2c1a5a9fa397a5102202d30bdc0e2cc2fd55.gz;

[php-5.1.6-3siwenna1-i686
voroskoi <voroskoi at frugalware.org>**20061105223847
 secfix relbump, closes #1419
] {
addfile ./source/devel/php/CVE-2006-5465.patch
hunk ./source/devel/php/CVE-2006-5465.patch 1
+diff -Nurp orig/ext/standard/html.c new/ext/standard/html.c
+--- orig/ext/standard/html.c	2006-11-02 09:57:49.000000000 +0000
++++ new/ext/standard/html.c	2006-11-02 10:00:40.000000000 +0000
+@@ -1096,7 +1096,7 @@ PHPAPI char *php_escape_html_entities(un
+ 
+ 		matches_map = 0;
+ 
+-		if (len + 9 > maxlen)
++		if (len + 16 > maxlen)
+ 			replaced = erealloc (replaced, maxlen += 128);
+ 
+ 		if (all) {
+@@ -1121,9 +1121,15 @@ PHPAPI char *php_escape_html_entities(un
+ 			}
+ 
+ 			if (matches_map) {
++				int l = strlen(rep);
++				/* increase the buffer size */
++				if (len + 2 + l >= maxlen) {
++					replaced = erealloc(replaced, maxlen += 128);
++				}
++
+ 				replaced[len++] = '&';
+ 				strcpy(replaced + len, rep);
+-				len += strlen(rep);
++				len += l;
+ 				replaced[len++] = ';';
+ 			}
+ 		}
hunk ./source/devel/php/FrugalBuild 1
-# Last Modified: Wed, 11 Oct 2006 00:06:04 +0200
hunk ./source/devel/php/FrugalBuild 7
-pkgrel=2siwenna1
+pkgrel=3siwenna1
hunk ./source/devel/php/FrugalBuild 18
-	CVE-2006-4625.patch CVE-2006-4812-vendor-workaround.patch)
-sha1sums=('e6f9df1db989e694dac6e1e190c5022f75c6a9cc' \
-          '0ac6f2d25385eb2c74af82c7a54639eb531d8414' \
-	  '6e79ce079b6a021f6a6c99a06aa123160a604fd7' \
-	  '0850ef23512a02e8460dc36f08f453d148dcd9df' \
-	  'c080133b017d5d6f50511e19d7590dc2600ac51a' \
-	  'b6cac8c50c8025dc1b14c2e16e112c841869eee1' \
-	  'd14697a2bf527e61f0827feb066547cb03e60a82')
+	CVE-2006-4625.patch CVE-2006-4812-vendor-workaround.patch CVE-2006-5465.patch)
hunk ./source/devel/php/FrugalBuild 132
+sha1sums=('e6f9df1db989e694dac6e1e190c5022f75c6a9cc' \
+	  '0ac6f2d25385eb2c74af82c7a54639eb531d8414' \
+	  '6e79ce079b6a021f6a6c99a06aa123160a604fd7' \
+	  '0850ef23512a02e8460dc36f08f453d148dcd9df' \
+	  'c080133b017d5d6f50511e19d7590dc2600ac51a' \
+	  'b6cac8c50c8025dc1b14c2e16e112c841869eee1' \
+	  'd14697a2bf527e61f0827feb066547cb03e60a82' \
+	  '4e88e1ecc4c5ea81b013b52337b0b906a9ec7404')
}