Fixed bug #71704 php_snmp_error() Format String Vulnerability

author Anatol Belski <ab@php.net>

Wed, 16 Mar 2016 08:48:40 +0000 (09:48 +0100)

committer Stanislav Malyshev <stas@php.net>

Tue, 29 Mar 2016 06:42:19 +0000 (23:42 -0700)
author Anatol Belski <ab@php.net>
Wed, 16 Mar 2016 08:48:40 +0000 (09:48 +0100)
committer Stanislav Malyshev <stas@php.net>
Tue, 29 Mar 2016 06:42:19 +0000 (23:42 -0700)
diff --git a/ext/snmp/snmp.c b/ext/snmp/snmp.c

index f7c99c13f395b3bbabe907e9b70486a71a69ea9a..6c1da4cc5546f2051afe737b971c3696c8df1ec6 100644 (file)
--- a/ext/snmp/snmp.c
+++ b/ext/snmp/snmp.c
@@ -533,7 +533,7 @@ static void php_snmp_error(zval *object, const char *docref TSRMLS_DC, int type,
         }
  
         if (object && (snmp_object->exceptions_enabled & type)) {
-               zend_throw_exception_ex(php_snmp_exception_ce, type TSRMLS_CC, snmp_object->snmp_errstr);
+               zend_throw_exception_ex(php_snmp_exception_ce, type TSRMLS_CC, "%s", snmp_object->snmp_errstr);
         } else {
                 va_start(args, format);
                 php_verror(docref, "", E_WARNING, format, args TSRMLS_CC);
author	Anatol Belski <ab@php.net>
	Wed, 16 Mar 2016 08:48:40 +0000 (09:48 +0100)
committer	Stanislav Malyshev <stas@php.net>
	Tue, 29 Mar 2016 06:42:19 +0000 (23:42 -0700)