diff options
| author | Alex Dupre <ale@FreeBSD.org> | 2006-10-05 20:59:17 +0000 |
|---|---|---|
| committer | Alex Dupre <ale@FreeBSD.org> | 2006-10-05 20:59:17 +0000 |
| commit | 55aabea080f538aa86012471ecfb8e3e2fbf39bc (patch) | |
| tree | 09a245144df223374209519f49aae1dd839a7ab8 /lang/php53 | |
| parent | 781099df87360ec0592a9180400f0f30d2baa562 (diff) | |
| download | ports-55aabea080f538aa86012471ecfb8e3e2fbf39bc.tar.gz ports-55aabea080f538aa86012471ecfb8e3e2fbf39bc.zip | |
Added safety checks against integer overflow.
Bump PORTREVISION.
While I'm here, I suggest all php users to use the suhosin patch
and suhosin extension to harden the php installation.
Submitted by: simon
Obtained from: PHP CVS repo.
Notes
Notes:
svn path=/head/; revision=174585
Diffstat (limited to 'lang/php53')
| -rw-r--r-- | lang/php53/Makefile | 2 | ||||
| -rw-r--r-- | lang/php53/files/patch-Zend_zend_alloc.c | 21 |
2 files changed, 22 insertions, 1 deletions
diff --git a/lang/php53/Makefile b/lang/php53/Makefile index 203ce94f4e38..955b663e68dc 100644 --- a/lang/php53/Makefile +++ b/lang/php53/Makefile @@ -7,7 +7,7 @@ PORTNAME= php5 PORTVERSION= 5.1.6 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES?= lang devel www MASTER_SITES= ${MASTER_SITE_PHP:S,$,:release,} \ http://downloads.php.net/ilia/:rc \ diff --git a/lang/php53/files/patch-Zend_zend_alloc.c b/lang/php53/files/patch-Zend_zend_alloc.c new file mode 100644 index 000000000000..161fbf32757e --- /dev/null +++ b/lang/php53/files/patch-Zend_zend_alloc.c @@ -0,0 +1,21 @@ +--- Zend/zend_alloc.c 2006/08/10 17:16:24 1.144.2.4 ++++ Zend/zend_alloc.c 2006/09/30 17:15:23 1.144.2.5 +@@ -328,15 +328,14 @@ + ZEND_API void *_ecalloc(size_t nmemb, size_t size ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) + { + void *p; +- int final_size = size*nmemb; +- ++ + HANDLE_BLOCK_INTERRUPTIONS(); +- p = _emalloc(final_size ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC); ++ p = _safe_emalloc(nmemb, size, 0 ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC); + if (!p) { + HANDLE_UNBLOCK_INTERRUPTIONS(); + return (void *) p; + } +- memset(p, 0, final_size); ++ memset(p, 0, size * nmemb); + HANDLE_UNBLOCK_INTERRUPTIONS(); + return p; + } |