Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
php5
>
php-5.2.17
> php-5.2.14-CVE-2011-0755.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File php-5.2.14-CVE-2011-0755.patch of Package php-5.2.17
Index: ext/standard/tests/general_functions/bug46587.phpt =================================================================== --- /dev/null +++ ext/standard/tests/general_functions/bug46587.phpt @@ -0,0 +1,14 @@ +--TEST-- +Bug #46587 (mt_rand() does not check that max is greater than min). +--FILE-- +<?php +var_dump(mt_rand(3,8)); +var_dump(mt_rand(8,3)); +echo "Done.\n"; +?> +--EXPECTF-- +int(%d) +Warning: mt_rand(): max(3) is smaller than min(8) in %s on line %d +bool(false) +Done. + Index: ext/standard/rand.c =================================================================== --- ext/standard/rand.c.orig +++ ext/standard/rand.c @@ -315,8 +315,14 @@ PHP_FUNCTION(mt_rand) long number; int argc = ZEND_NUM_ARGS(); - if (argc != 0 && zend_parse_parameters(argc TSRMLS_CC, "ll", &min, &max) == FAILURE) - return; + if (argc != 0) { + if (zend_parse_parameters(argc TSRMLS_CC, "ll", &min, &max) == FAILURE) { + return; + } else if (max < min) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "max(%ld) is smaller than min(%ld)", max, min); + RETURN_FALSE; + } + } if (!BG(mt_rand_is_seeded)) { php_mt_srand(GENERATE_SEED() TSRMLS_CC);