Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame^] | 1 | php: patch for CVE-2017-9120 |
| 2 | |
| 3 | Upstream-Status: Backport [https://bugs.php.net/bug.php?id=74544] |
| 4 | |
| 5 | CVE: CVE-2017-9120 |
| 6 | |
| 7 | Signed-off-by: Changqing Li <changqing.li@windriver.com> |
| 8 | |
| 9 | diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c |
| 10 | index 03a39d7..7b88731 100644 |
| 11 | --- a/ext/mysqli/mysqli_api.c |
| 12 | +++ b/ext/mysqli/mysqli_api.c |
| 13 | @@ -1965,7 +1965,7 @@ PHP_FUNCTION(mysqli_real_escape_string) { |
| 14 | } |
| 15 | MYSQLI_FETCH_RESOURCE_CONN(mysql, mysql_link, MYSQLI_STATUS_VALID); |
| 16 | |
| 17 | - newstr = zend_string_alloc(2 * escapestr_len, 0); |
| 18 | + newstr = zend_string_safe_alloc(2, escapestr_len, 0, 0); |
| 19 | ZSTR_LEN(newstr) = mysql_real_escape_string(mysql->mysql, ZSTR_VAL(newstr), escapestr, escapestr_len); |
| 20 | newstr = zend_string_truncate(newstr, ZSTR_LEN(newstr), 0); |
| 21 | |