Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
php72.10766
php-CVE-2019-9675.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2019-9675.patch of Package php72.10766
diff --git a/ext/phar/tar.c b/ext/phar/tar.c index 9de3047..20f6882 100644 --- a/ext/phar/tar.c +++ b/ext/phar/tar.c @@ -762,7 +762,12 @@ static int phar_tar_writeheaders_int(phar_entry_info *entry, void *argument) /* header.typeflag = entry->tar_type; if (entry->link) { - strncpy(header.linkname, entry->link, strlen(entry->link)); + if (strlcpy(header.linkname, entry->link, sizeof(header.linkname)) >= sizeof(header.linkname)) { + if (fp->error) { + spprintf(fp->error, 4096, "tar-based phar \"%s\" cannot be created, link \"%s\" is too long for format", entry->phar->fname, entry->link); + } + return ZEND_HASH_APPLY_STOP; + } } strncpy(header.magic, "ustar", sizeof("ustar")-1);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
