diff options
author | Hitendra Prajapati <hprajapati@mvista.com> | 2023-11-21 10:37:27 +0530 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2023-12-17 15:36:42 -0500 |
commit | db0a8862fc79aedab7046e978f5c7abb5157319f (patch) | |
tree | ec6e9af052d92b04e4bb1799273cd66cf822b947 | |
parent | 57e58dc62fa5cc819bdfc2971898b8aa443fef29 (diff) | |
download | meta-openembedded-db0a8862fc79aedab7046e978f5c7abb5157319f.tar.gz |
php: CVE-2022-4900 fix potential buffer overflow
Upstream-Status: Backport from https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-oe/recipes-devtools/php/php/CVE-2022-4900.patch | 48 | ||||
-rw-r--r-- | meta-oe/recipes-devtools/php/php_7.4.33.bb | 1 |
2 files changed, 49 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/php/php/CVE-2022-4900.patch b/meta-oe/recipes-devtools/php/php/CVE-2022-4900.patch new file mode 100644 index 000000000..4bfd94c9f --- /dev/null +++ b/meta-oe/recipes-devtools/php/php/CVE-2022-4900.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | From 789a37f14405e2d1a05a76c9fb4ed2d49d4580d5 Mon Sep 17 00:00:00 2001 | ||
2 | From: guoyiyuan <yguoaz@gmail.com> | ||
3 | Date: Wed, 13 Jul 2022 20:55:51 +0800 | ||
4 | Subject: [PATCH] Prevent potential buffer overflow for large value of | ||
5 | php_cli_server_workers_max | ||
6 | |||
7 | Fixes #8989. | ||
8 | Closes #9000 | ||
9 | |||
10 | Upstream-Status: Backport [https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5] | ||
11 | CVE: CVE-2022-4900 | ||
12 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
13 | --- | ||
14 | sapi/cli/php_cli_server.c | 11 +++-------- | ||
15 | 1 file changed, 3 insertions(+), 8 deletions(-) | ||
16 | |||
17 | diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c | ||
18 | index c3097861..48f8309d 100644 | ||
19 | --- a/sapi/cli/php_cli_server.c | ||
20 | +++ b/sapi/cli/php_cli_server.c | ||
21 | @@ -517,13 +517,8 @@ static int sapi_cli_server_startup(sapi_module_struct *sapi_module) /* {{{ */ | ||
22 | if (php_cli_server_workers_max > 1) { | ||
23 | zend_long php_cli_server_worker; | ||
24 | |||
25 | - php_cli_server_workers = calloc( | ||
26 | - php_cli_server_workers_max, sizeof(pid_t)); | ||
27 | - if (!php_cli_server_workers) { | ||
28 | - php_cli_server_workers_max = 1; | ||
29 | - | ||
30 | - return SUCCESS; | ||
31 | - } | ||
32 | + php_cli_server_workers = pecalloc( | ||
33 | + php_cli_server_workers_max, sizeof(pid_t), 1); | ||
34 | |||
35 | php_cli_server_master = getpid(); | ||
36 | |||
37 | @@ -2361,7 +2356,7 @@ static void php_cli_server_dtor(php_cli_server *server) /* {{{ */ | ||
38 | !WIFSIGNALED(php_cli_server_worker_status)); | ||
39 | } | ||
40 | |||
41 | - free(php_cli_server_workers); | ||
42 | + pefree(php_cli_server_workers, 1); | ||
43 | } | ||
44 | #endif | ||
45 | } /* }}} */ | ||
46 | -- | ||
47 | 2.25.1 | ||
48 | |||
diff --git a/meta-oe/recipes-devtools/php/php_7.4.33.bb b/meta-oe/recipes-devtools/php/php_7.4.33.bb index 2a82d62ca..74606e488 100644 --- a/meta-oe/recipes-devtools/php/php_7.4.33.bb +++ b/meta-oe/recipes-devtools/php/php_7.4.33.bb | |||
@@ -17,6 +17,7 @@ SRC_URI = "http://php.net/distributions/php-${PV}.tar.bz2 \ | |||
17 | file://0001-configure.ac-don-t-include-build-libtool.m4.patch \ | 17 | file://0001-configure.ac-don-t-include-build-libtool.m4.patch \ |
18 | file://0001-php.m4-don-t-unset-cache-variables.patch \ | 18 | file://0001-php.m4-don-t-unset-cache-variables.patch \ |
19 | file://CVE-2023-3824.patch \ | 19 | file://CVE-2023-3824.patch \ |
20 | file://CVE-2022-4900.patch \ | ||
20 | " | 21 | " |
21 | 22 | ||
22 | SRC_URI_append_class-target = " \ | 23 | SRC_URI_append_class-target = " \ |