diff options
Diffstat (limited to 'meta-oe/recipes-devtools/php/php-5.6.12/CVE-2016-1903.patch')
-rw-r--r-- | meta-oe/recipes-devtools/php/php-5.6.12/CVE-2016-1903.patch | 55 |
1 files changed, 0 insertions, 55 deletions
diff --git a/meta-oe/recipes-devtools/php/php-5.6.12/CVE-2016-1903.patch b/meta-oe/recipes-devtools/php/php-5.6.12/CVE-2016-1903.patch deleted file mode 100644 index a7c35fe439..0000000000 --- a/meta-oe/recipes-devtools/php/php-5.6.12/CVE-2016-1903.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 4b8394dd78571826ac66a69dc240c623f31d78f8 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev <stas@php.net> -Date: Mon, 7 Dec 2015 23:30:49 -0800 -Subject: [PATCH] Fix bug #70976: fix boundary check on - gdImageRotateInterpolated - -Upstream-Status: Backport - -https://git.php.net/?p=php-src.git;a=commit;h=4b8394dd78571826ac66a69dc240c623f31d78f8 - -CVE: CVE-2016-1903 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - ext/gd/libgd/gd_interpolation.c | 2 +- - ext/gd/tests/bug70976.phpt | 13 +++++++++++++ - 2 files changed, 14 insertions(+), 1 deletion(-) - create mode 100644 ext/gd/tests/bug70976.phpt - -diff --git a/ext/gd/libgd/gd_interpolation.c b/ext/gd/libgd/gd_interpolation.c -index f70169d..0f874ac 100644 ---- a/ext/gd/libgd/gd_interpolation.c -+++ b/ext/gd/libgd/gd_interpolation.c -@@ -2162,7 +2162,7 @@ gdImagePtr gdImageRotateInterpolated(const gdImagePtr src, const float angle, in - { - const int angle_rounded = (int)floor(angle * 100); - -- if (bgcolor < 0) { -+ if (bgcolor < 0 || bgcolor >= gdMaxColors) { - return NULL; - } - -diff --git a/ext/gd/tests/bug70976.phpt b/ext/gd/tests/bug70976.phpt -new file mode 100644 -index 0000000..23af4ee ---- /dev/null -+++ b/ext/gd/tests/bug70976.phpt -@@ -0,0 +1,13 @@ -+--TEST-- -+Bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds) -+--SKIPIF-- -+<?php -+ if(!extension_loaded('gd')){ die('skip gd extension not available'); } -+?> -+--FILE-- -+<?php -+$img = imagerotate(imagecreate(1,1),45,0x7ffffff9); -+var_dump($img); -+?> -+--EXPECTF-- -+bool(false) -\ No newline at end of file --- -2.3.5 - |