]> granicus.if.org Git - php/commit
projects / php / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1283722) | patch
Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)
authorRemi Collet <remi@php.net>
Mon, 31 Mar 2014 14:50:47 +0000 (16:50 +0200)
committerRemi Collet <remi@php.net>
Mon, 31 Mar 2014 14:50:47 +0000 (16:50 +0200)
commit2c204a55af9b903b3db48dd5a75d492dbf1b387d
treea96ad2d8a4719998781e55d8486175dc5cdca4aetree | snapshot
parent1283722589a8cccd6c49aa9d9c78edeec43f094ecommit | diff
Fixed Bug #66987 Memory corruption in fileinfo ext (bigendian)

On little endian:
map->p == php_magic_database
map->magic[i] = pointer into the map

map->p == NULL
map->magic[i] = pointer to allocated memory

On big endian (ppc64, s390x, ...):
map->p != php_magic_database and map->p != NULL
        map->magic[i] = pointer into a copy of the map

Trying to efree pointer in the later cause memory corruption
Thanks to dkatulek / Red Hat for the report.
ext/fileinfo/libmagic/apprentice.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.