270df3ffd6
updated libmagic.patch in 5.5
2014-10-25 12:01:58 +02:00
5b295bf191
Fix bug #68283 : fileinfo: out-of-bounds read in elf note headers
...
Upstream commit
https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
CVE -2014-3710
(cherry picked from commit 1803228597
2014-10-25 11:29:16 +02:00
7958793342
Merge branch 'PHP-5.4' into PHP-5.5
2014-09-20 16:40:02 -07:00
e64da8c20d
Fixed bug #66242 (don't assume char is signed)
...
This fixes a bug in libmagic where a cast to 'char' is assumed to result
in sign extension to occur. However, unqualified 'char' is unsigned on
architectures such as ARM, so the cast needs to be to 'signed char'
explicitly.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org >
2014-09-20 16:39:48 -07:00
3468f03b6f
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix bug #67716 - Segfault in cdf.c
2014-08-14 17:21:29 -07:00
35f32637b0
Fix bug #67716 - Segfault in cdf.c
2014-08-14 17:21:20 -07:00
49387b31cf
Fix bug #67716 - Segfault in cdf.c
2014-08-14 17:19:03 -07:00
41e1ccefd5
Merge branch 'PHP-5.4' into PHP-5.5
...
Conflicts:
NEWS
configure.in
main/php_version.h
2014-08-06 15:27:56 +03:00
61ec9b5b0f
add test
2014-08-04 00:08:08 -07:00
eeaec70758
Fix bug #67705 (extensive backtracking in rule regular expression)
2014-08-04 00:05:40 -07:00
4965d1c2ce
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
updated libmagic.patch
2014-07-01 10:27:38 +02:00
af5f997a5d
updated libmagic.patch
2014-07-01 10:25:20 +02:00
12a62ce868
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec
2014-06-10 14:35:23 +02:00
25b1dc917a
Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec
...
Upstream:
https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d
Adapted for C standard.
2014-06-10 14:33:37 +02:00
ff66c90af0
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Bug #67412 fileinfo: cdf_count_chain insufficient boundary check
2014-06-10 14:23:37 +02:00
40ef6e07e0
Bug #67412 fileinfo: cdf_count_chain insufficient boundary check
...
Upstream:
https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
2014-06-10 14:22:04 +02:00
f6fee381be
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check
2014-06-10 14:16:07 +02:00
5c9f967999
Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check
...
Upstream:
https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67
2014-06-10 14:13:14 +02:00
18ff81eb1a
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
2014-06-10 14:04:36 +02:00
e77659a8c8
Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
...
Upstream
https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08
2014-06-10 14:02:36 +02:00
2d59b87527
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check
2014-06-03 11:09:04 +02:00
4fcb9a9d1b
Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check
...
Upstream fix https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391.patch
Only revelant part applied
2014-06-03 11:05:00 +02:00
546797f329
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
updated libmagic.patch for 5.4+
Conflicts:
ext/fileinfo/libmagic.patch
2014-05-27 22:38:02 +02:00
d2765e4b8c
updated libmagic.patch for 5.4+
2014-05-27 22:36:12 +02:00
d184f07b3c
backport this piece from 5.6, related to the #66307 fix
2014-05-26 18:05:13 -07:00
15ee33eb21
Fixed bug #66307 Fileinfo crashes with powerpoint files
2014-05-26 18:04:27 -07:00
5ce11c2698
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation)
Fix bug #67327 : fileinfo: CDF infinite loop in nelements DoS
2014-05-26 18:03:01 -07:00
4005f06df6
Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation)
...
Upstream patch: https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
2014-05-26 18:01:17 -07:00
57225f09ed
Fix bug #67327 : fileinfo: CDF infinite loop in nelements DoS
...
Upstream fix: https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0
2014-05-26 17:45:14 -07:00
db960e82b4
updated libmagic.patch
2014-04-24 20:13:47 +02:00
d7bb09cc1d
backport this piece from 5.6, related to the #66307 fix
2014-04-24 19:50:23 +02:00
03fa5501a8
Fixed bug #66307 Fileinfo crashes with powerpoint files
2014-04-24 19:30:34 +02:00
178eac6c98
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
2014-03-31 16:57:12 +02:00
2c204a55af
Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
...
On little endian:
map->p == php_magic_database
map->magic[i] = pointer into the map
map->p == NULL
map->magic[i] = pointer to allocated memory
On big endian (ppc64, s390x, ...):
map->p != php_magic_database and map->p != NULL
map->magic[i] = pointer into a copy of the map
Trying to efree pointer in the later cause memory corruption
Thanks to dkatulek / Red Hat for the report.
2014-03-31 16:50:47 +02:00
84b0ab6d8f
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fixed bug #66946 extensive backtracking in awk rule regular expression CVE-2013-7345
Fixed bug #66946 extensive backtracking in awk rule regular expression CVE-2013-7345
2014-03-25 11:01:20 +01:00
4374a52e9d
Fixed bug #66946 extensive backtracking in awk rule regular expression
...
CVE-2013-7345
Applied upstream patch:
https://github.com/file/file/commit/ef2329cf71acb59204dd981e2c6cce6c81fe467c
Add the magicdata.patch to track patches applied to upstream data file.
2014-03-25 11:00:33 +01:00
1df558c6a0
Fixed bug #66946 extensive backtracking in awk rule regular expression
...
CVE-2013-7345
Applied upstream patch:
https://github.com/file/file/commit/ef2329cf71acb59204dd981e2c6cce6c81fe467c
Add the magicdata.patch to track patches applied to upstream data file.
2014-03-25 10:58:50 +01:00
c17fd65165
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
updated libmagic.patch
2014-03-10 14:13:15 +01:00
b9d494a33b
updated libmagic.patch
2014-03-10 14:12:20 +01:00
5d08cae346
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
NEWS
Fixed Bug #66820 out-of-bounds memory access in fileinfo
2014-03-04 20:36:08 +01:00
a33759fd27
Fixed Bug #66820 out-of-bounds memory access in fileinfo
...
Upstream fix:
https://github.com/glensc/file/commit/447558595a3650db2886cd2f416ad0beba965801
Notice, test changed, with upstream agreement:
-define OFFSET_OOB(n, o, i) ((n) < (o) || (i) >= ((n) - (o)))
+define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o)))
2014-03-04 20:32:52 +01:00
bc0b6e02e4
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Improves fix for memory leak, keep in sync with upstream.
2014-03-04 13:43:42 +01:00
731013ee8e
Improves fix for memory leak, keep in sync with upstream.
...
Previous fix:
http://git.php.net/?p=php-src.git;a=commitdiff;h=10eb0070700382f966bf260e44135e1f724a15d2
Upstream fix:
https://github.com/glensc/file/commit/c0c0032b9e9eb57b91fefef905a3b018bab492d9
2014-03-04 13:41:37 +01:00
e244e2245b
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
updated libmagic.patch in 5.4/5
2014-02-20 19:00:36 +01:00
ce1fd72776
updated libmagic.patch in 5.4/5
2014-02-20 19:00:05 +01:00
6d4d4155d2
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
fixed leak introduced after CVE/upgrade
2014-02-20 18:54:35 +01:00
10eb007070
fixed leak introduced after CVE/upgrade
2014-02-20 18:53:53 +01:00
8dd99dd2dc
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
updated libmagic.patch
2014-02-18 19:08:45 +01:00
a289b37f48
updated libmagic.patch
2014-02-18 19:08:16 +01:00
bd8cd98d6d
Set fileinfo version to 1.0.5 (as in php 5.4, no diff)
2014-02-18 13:57:53 +01:00
Anatol Belski