nlopess Sun Jul 6 15:23:31 2008 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/pcre/pcrelib pcre_compile.c
Log:
fix CVE-2008-2371. patch by Tavis Ormandy
# currently there's no release of PCRE with this fix. PCRE's author
recommended applying this patch in the meantime
http://cvs.php.net/viewvc.cgi/php-src/ext/pcre/pcrelib/pcre_compile.c?r1=1.1.2.1.2.6.2.4&r2=1.1.2.1.2.6.2.5&diff_format=u
Index: php-src/ext/pcre/pcrelib/pcre_compile.c
diff -u php-src/ext/pcre/pcrelib/pcre_compile.c:1.1.2.1.2.6.2.4
php-src/ext/pcre/pcrelib/pcre_compile.c:1.1.2.1.2.6.2.5
--- php-src/ext/pcre/pcrelib/pcre_compile.c:1.1.2.1.2.6.2.4 Sun Jul 6
15:17:24 2008
+++ php-src/ext/pcre/pcrelib/pcre_compile.c Sun Jul 6 15:23:31 2008
@@ -4929,7 +4929,7 @@
(lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
{
cd->external_options = newoptions;
- options = newoptions;
+ options = *optionsptr = newoptions;
}
else
{
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
