[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/ext/soap/php_http.c branches/PHP_5_4/ext/soap/php_http.c trunk/ext/soap/php_http.c
dmitry Wed, 02 Nov 2011 08:07:12 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=318673
Log:
Prevent possible integer overflow
Changed paths:
U php/php-src/branches/PHP_5_3/ext/soap/php_http.c
U php/php-src/branches/PHP_5_4/ext/soap/php_http.c
U php/php-src/trunk/ext/soap/php_http.c
Modified: php/php-src/branches/PHP_5_3/ext/soap/php_http.c
===
--- php/php-src/branches/PHP_5_3/ext/soap/php_http.c2011-11-02 07:36:52 UTC
(rev 318672)
+++ php/php-src/branches/PHP_5_3/ext/soap/php_http.c2011-11-02 08:07:12 UTC
(rev 318673)
@@ -1383,7 +1383,7 @@
}
} else if (header_length) {
- if (header_length 0) {
+ if (header_length 0 || header_length = INT_MAX) {
return FALSE;
}
http_buf = emalloc(header_length + 1);
Modified: php/php-src/branches/PHP_5_4/ext/soap/php_http.c
===
--- php/php-src/branches/PHP_5_4/ext/soap/php_http.c2011-11-02 07:36:52 UTC
(rev 318672)
+++ php/php-src/branches/PHP_5_4/ext/soap/php_http.c2011-11-02 08:07:12 UTC
(rev 318673)
@@ -1383,7 +1383,7 @@
}
} else if (header_length) {
- if (header_length 0) {
+ if (header_length 0 || header_length = INT_MAX) {
return FALSE;
}
http_buf = safe_emalloc(1, header_length, 1);
Modified: php/php-src/trunk/ext/soap/php_http.c
===
--- php/php-src/trunk/ext/soap/php_http.c 2011-11-02 07:36:52 UTC (rev
318672)
+++ php/php-src/trunk/ext/soap/php_http.c 2011-11-02 08:07:12 UTC (rev
318673)
@@ -1383,7 +1383,7 @@
}
} else if (header_length) {
- if (header_length 0) {
+ if (header_length 0 || header_length = INT_MAX) {
return FALSE;
}
http_buf = safe_emalloc(1, header_length, 1);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ext/soap/ php_http.c
fmk Wed, 13 Jan 2010 05:32:02 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=293487
Log:
Don't free soap_headers just before comparing the length. This causes
SoapClient to fail when requesting a URL
Changed paths:
U php/php-src/branches/PHP_5_3/ext/soap/php_http.c
Modified: php/php-src/branches/PHP_5_3/ext/soap/php_http.c
===
--- php/php-src/branches/PHP_5_3/ext/soap/php_http.c2010-01-13 05:16:53 UTC
(rev 293486)
+++ php/php-src/branches/PHP_5_3/ext/soap/php_http.c2010-01-13 05:32:02 UTC
(rev 293487)
@@ -759,7 +759,6 @@
smart_str_0(soap_headers);
err = php_stream_write(stream, soap_headers.c,
soap_headers.len);
- smart_str_free(soap_headers);
if (err != soap_headers.len) {
if (request != buf) {efree(request);}
php_stream_close(stream);
@@ -770,6 +769,7 @@
smart_str_free(soap_headers_z);
return FALSE;
}
+ smart_str_free(soap_headers);
} else {
add_soap_fault(this_ptr, HTTP, Failed to create stream??,
NULL, NULL TSRMLS_CC);
smart_str_free(soap_headers_z);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ext/soap/ php_http.c
Hi Frank 2010/1/13 Frank M. Kromann f...@php.net: fmk Wed, 13 Jan 2010 05:32:02 + Revision: http://svn.php.net/viewvc?view=revisionrevision=293487 Log: Don't free soap_headers just before comparing the length. This causes SoapClient to fail when requesting a URL Please merge this change into trunk (HEAD) and PHP_5_2 if needed. -- regrads, Kalle Sommer Nielsen ka...@php.net -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/PHP_5_3/ext/soap/ php_http.c
Hi Kalle, Done. It has been too long since I have committed anything :-) Thanks for reminding me. - Frank Kalle Sommer Nielsen wrote: Hi Frank 2010/1/13 Frank M. Kromann f...@php.net: fmk Wed, 13 Jan 2010 05:32:02 + Revision: http://svn.php.net/viewvc?view=revisionrevision=293487 Log: Don't free soap_headers just before comparing the length. This causes SoapClient to fail when requesting a URL Please merge this change into trunk (HEAD) and PHP_5_2 if needed. -- Frank M. Kromann, M.Sc.E.E. Web by Pixel, Inc. Phone: +1 949 742 7533 Cell: +1 949 702 1794 Denmark: +45 88 33 64 80
