felipe Fri, 02 Jul 2010 00:33:42 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=300926
Log: - Fixed a possible interruption array leak in trim() Changed paths: U php/php-src/branches/PHP_5_2/NEWS U php/php-src/branches/PHP_5_2/ext/standard/string.c Modified: php/php-src/branches/PHP_5_2/NEWS =================================================================== --- php/php-src/branches/PHP_5_2/NEWS 2010-07-01 23:30:35 UTC (rev 300925) +++ php/php-src/branches/PHP_5_2/NEWS 2010-07-02 00:33:42 UTC (rev 300926) @@ -6,7 +6,7 @@ - Fixed a possible interruption array leak in strrchr(). Reported by Péter Veres. (Felipe) - Fixed a possible interruption array leak in strchr(), strstr(), substr(), - chunk_split(), strtok(), addcslashes(), str_repeat(). (Felipe) + chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe) - Fixed a possible memory corruption in substr_replace() (Dmitry) - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) Modified: php/php-src/branches/PHP_5_2/ext/standard/string.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/standard/string.c 2010-07-01 23:30:35 UTC (rev 300925) +++ php/php-src/branches/PHP_5_2/ext/standard/string.c 2010-07-02 00:33:42 UTC (rev 300926) @@ -774,6 +774,9 @@ WRONG_PARAM_COUNT; } + if (PZVAL_IS_REF(*str)) { + SEPARATE_ZVAL(str); + } convert_to_string_ex(str); if (argc > 1) {
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php