[pkgsrc/trunk]: pkgsrc/lang/php53 And more fix for memory leaks by revision 3...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang/php53 And more fix for memory leaks by revision 3...
From: taca <taca%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 11:52:14 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/5b03f984e496
branches:  trunk
changeset: 598971:5b03f984e496
user:      taca <taca%pkgsrc.org@localhost>
date:      Thu Feb 02 16:19:44 2012 +0000

description:
And more fix for memory leaks by revision 323013 from PHP's repository.
Hopefully, these 18 minutes is allowed to avoid to PKGREVISION bump.

diffstat:

 lang/php53/distinfo                            |   4 +-
 lang/php53/patches/patch-main_php__variables.c |  39 +++++++++++++++++++++++--
 2 files changed, 37 insertions(+), 6 deletions(-)

diffs (75 lines):

diff -r fc416f9c21cb -r 5b03f984e496 lang/php53/distinfo
--- a/lang/php53/distinfo       Thu Feb 02 16:01:31 2012 +0000
+++ b/lang/php53/distinfo       Thu Feb 02 16:19:44 2012 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.33 2012/02/02 16:00:40 taca Exp $
+$NetBSD: distinfo,v 1.34 2012/02/02 16:19:44 taca Exp $
 
 SHA1 (php-5.3.9/php-5.3.9.tar.bz2) = fe0626735c3d9dd370cef9bdcfe9506629449f51
 RMD160 (php-5.3.9/php-5.3.9.tar.bz2) = 428ed51982637f092c43369cf5cfb284d58da3f6
@@ -17,6 +17,6 @@
 SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f
 SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48
 SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e
-SHA1 (patch-main_php__variables.c) = 2938bda56e51ddefd8b589035fc68ded9b83ab57
+SHA1 (patch-main_php__variables.c) = 94a3fe7d0c52bf98bf91666448bd5a629f25802d
 SHA1 (patch-main_streams_cast.c) = c169ccb73dc660e40eff9f9e168374f35eedadad
 SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23
diff -r fc416f9c21cb -r 5b03f984e496 lang/php53/patches/patch-main_php__variables.c
--- a/lang/php53/patches/patch-main_php__variables.c    Thu Feb 02 16:01:31 2012 +0000
+++ b/lang/php53/patches/patch-main_php__variables.c    Thu Feb 02 16:19:44 2012 +0000
@@ -1,19 +1,50 @@
-$NetBSD: patch-main_php__variables.c,v 1.3 2012/02/02 16:00:40 taca Exp $
+$NetBSD: patch-main_php__variables.c,v 1.4 2012/02/02 16:19:44 taca Exp $
 
-Fix for "Critical PHP Remote Vulnerability Introduced in Fix for PHP Hashtable
-Collision DOS" by revision 323007 from PHP's repository.
+* Fix for "Critical PHP Remote Vulnerability Introduced in Fix for PHP Hashtable
+  Collision DOS" by revision 323007 from PHP's repository.
 
 http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/
 
+* And more fix for memory leaks by revision 323013 from PHP's repository.
+
 --- main/php_variables.c.orig  2012-01-01 13:15:04.000000000 +0000
 +++ main/php_variables.c
-@@ -198,6 +198,9 @@ PHPAPI void php_register_variable_ex(cha
+@@ -182,7 +182,12 @@ PHPAPI void php_register_variable_ex(cha
+                       if (!index) {
+                               MAKE_STD_ZVAL(gpc_element);
+                               array_init(gpc_element);
+-                              zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
++                              if (zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p) == FAILURE) {
++                                      zval_ptr_dtor(&gpc_element);
++                                      zval_dtor(val);
++                                      efree(var_orig);
++                                      return;
++                              }
+                       } else {
+                               if (PG(magic_quotes_gpc)) {
+                                       escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
+@@ -198,6 +203,13 @@ PHPAPI void php_register_variable_ex(cha
                                                MAKE_STD_ZVAL(gpc_element);
                                                array_init(gpc_element);
                                                zend_symtable_update(symtable1, escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
 +                                      } else {
++                                              if (index != escaped_index) {
++                                                      efree(escaped_index);
++                                              }
++                                              zval_dtor(val);
 +                                              efree(var_orig);
 +                                              return;
                                        }
                                }
                                if (index != escaped_index) {
+@@ -223,7 +235,9 @@ plain_var:
+               gpc_element->value = val->value;
+               Z_TYPE_P(gpc_element) = Z_TYPE_P(val);
+               if (!index) {
+-                      zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
++                      if (zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p) == FAILURE) {
++                              zval_ptr_dtor(&gpc_element);
++                      }
+               } else {
+                       if (PG(magic_quotes_gpc)) { 
+                               escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc Updated www/p5-URI to 1.60
Next by Date: [pkgsrc/trunk]: pkgsrc/lang/gcc47 Fix typo.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated www/p5-URI to 1.60
Next by Thread: [pkgsrc/trunk]: pkgsrc/lang/gcc47 Fix typo.
Indexes:

Home | Main Index | Thread Index | Old Index