diff options
Diffstat (limited to 'dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch')
-rw-r--r-- | dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch b/dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch deleted file mode 100644 index 67c172ae214f..000000000000 --- a/dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch +++ /dev/null @@ -1,37 +0,0 @@ -From a92acbad873a05470af1a47cb785a18eadd827b5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= <tim@bastelstu.be> -Date: Mon, 23 Jan 2023 22:13:57 +0100 -Subject: [PATCH] crypt: Fix possible buffer overread in php_crypt() - ---- - ext/standard/crypt.c | 1 + - ext/standard/tests/password/password_bcrypt_short.phpt | 8 ++++++++ - 2 files changed, 9 insertions(+) - create mode 100644 ext/standard/tests/password/password_bcrypt_short.phpt - -diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c -index 8c105cf910e8..8316c8b96063 100644 ---- a/ext/standard/crypt.c -+++ b/ext/standard/crypt.c -@@ -135,6 +135,7 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch - } else if ( - salt[0] == '$' && - salt[1] == '2' && -+ salt[2] != 0 && - salt[3] == '$') { - char output[PHP_MAX_SALT_LEN + 1]; - -diff --git a/ext/standard/tests/password/password_bcrypt_short.phpt b/ext/standard/tests/password/password_bcrypt_short.phpt -new file mode 100644 -index 000000000000..085bc8a23904 ---- /dev/null -+++ b/ext/standard/tests/password/password_bcrypt_short.phpt -@@ -0,0 +1,8 @@ -+--TEST-- -+Test that password_hash() does not overread buffers when a short hash is passed -+--FILE-- -+<?php -+var_dump(password_verify("foo", '$2')); -+?> -+--EXPECT-- -+bool(false) |