[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/ext/soap/php_http.c branches/PHP_5_4/ext/soap/php_http.c trunk/ext/soap/php_http.c
dmitry Wed, 02 Nov 2011 08:07:12 + Revision: http://svn.php.net/viewvc?view=revisionrevision=318673 Log: Prevent possible integer overflow Changed paths: U php/php-src/branches/PHP_5_3/ext/soap/php_http.c U php/php-src/branches/PHP_5_4/ext/soap/php_http.c U php/php-src/trunk/ext/soap/php_http.c Modified: php/php-src/branches/PHP_5_3/ext/soap/php_http.c === --- php/php-src/branches/PHP_5_3/ext/soap/php_http.c2011-11-02 07:36:52 UTC (rev 318672) +++ php/php-src/branches/PHP_5_3/ext/soap/php_http.c2011-11-02 08:07:12 UTC (rev 318673) @@ -1383,7 +1383,7 @@ } } else if (header_length) { - if (header_length 0) { + if (header_length 0 || header_length = INT_MAX) { return FALSE; } http_buf = emalloc(header_length + 1); Modified: php/php-src/branches/PHP_5_4/ext/soap/php_http.c === --- php/php-src/branches/PHP_5_4/ext/soap/php_http.c2011-11-02 07:36:52 UTC (rev 318672) +++ php/php-src/branches/PHP_5_4/ext/soap/php_http.c2011-11-02 08:07:12 UTC (rev 318673) @@ -1383,7 +1383,7 @@ } } else if (header_length) { - if (header_length 0) { + if (header_length 0 || header_length = INT_MAX) { return FALSE; } http_buf = safe_emalloc(1, header_length, 1); Modified: php/php-src/trunk/ext/soap/php_http.c === --- php/php-src/trunk/ext/soap/php_http.c 2011-11-02 07:36:52 UTC (rev 318672) +++ php/php-src/trunk/ext/soap/php_http.c 2011-11-02 08:07:12 UTC (rev 318673) @@ -1383,7 +1383,7 @@ } } else if (header_length) { - if (header_length 0) { + if (header_length 0 || header_length = INT_MAX) { return FALSE; } http_buf = safe_emalloc(1, header_length, 1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ext/soap/ php_http.c
fmk Wed, 13 Jan 2010 05:32:02 + Revision: http://svn.php.net/viewvc?view=revisionrevision=293487 Log: Don't free soap_headers just before comparing the length. This causes SoapClient to fail when requesting a URL Changed paths: U php/php-src/branches/PHP_5_3/ext/soap/php_http.c Modified: php/php-src/branches/PHP_5_3/ext/soap/php_http.c === --- php/php-src/branches/PHP_5_3/ext/soap/php_http.c2010-01-13 05:16:53 UTC (rev 293486) +++ php/php-src/branches/PHP_5_3/ext/soap/php_http.c2010-01-13 05:32:02 UTC (rev 293487) @@ -759,7 +759,6 @@ smart_str_0(soap_headers); err = php_stream_write(stream, soap_headers.c, soap_headers.len); - smart_str_free(soap_headers); if (err != soap_headers.len) { if (request != buf) {efree(request);} php_stream_close(stream); @@ -770,6 +769,7 @@ smart_str_free(soap_headers_z); return FALSE; } + smart_str_free(soap_headers); } else { add_soap_fault(this_ptr, HTTP, Failed to create stream??, NULL, NULL TSRMLS_CC); smart_str_free(soap_headers_z); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ext/soap/ php_http.c
Hi Frank 2010/1/13 Frank M. Kromann f...@php.net: fmk Wed, 13 Jan 2010 05:32:02 + Revision: http://svn.php.net/viewvc?view=revisionrevision=293487 Log: Don't free soap_headers just before comparing the length. This causes SoapClient to fail when requesting a URL Please merge this change into trunk (HEAD) and PHP_5_2 if needed. -- regrads, Kalle Sommer Nielsen ka...@php.net -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ext/soap/ php_http.c
Hi Kalle, Done. It has been too long since I have committed anything :-) Thanks for reminding me. - Frank Kalle Sommer Nielsen wrote: Hi Frank 2010/1/13 Frank M. Kromann f...@php.net: fmk Wed, 13 Jan 2010 05:32:02 + Revision: http://svn.php.net/viewvc?view=revisionrevision=293487 Log: Don't free soap_headers just before comparing the length. This causes SoapClient to fail when requesting a URL Please merge this change into trunk (HEAD) and PHP_5_2 if needed. -- Frank M. Kromann, M.Sc.E.E. Web by Pixel, Inc. Phone: +1 949 742 7533 Cell: +1 949 702 1794 Denmark: +45 88 33 64 80