summaryrefslogtreecommitdiff
path: root/dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch
diff options
context:
space:
mode:
authorDavid Seifert <soap@gentoo.org>2023-09-15 09:52:24 +0200
committerDavid Seifert <soap@gentoo.org>2023-09-15 09:52:24 +0200
commite8d2efcc6257f0f976c80d31349d65a24fde1c9c (patch)
tree3ef21b1e8ed46ca0245ffc5c2466fcb3b99804aa /dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch
parent57c907f161d68cb1667d4b53e5c2ab62be3d63de (diff)
downloadgentoo-e8d2efcc6257f0f976c80d31349d65a24fde1c9c.tar.gz
gentoo-e8d2efcc6257f0f976c80d31349d65a24fde1c9c.tar.bz2
gentoo-e8d2efcc6257f0f976c80d31349d65a24fde1c9c.zip
dev-lang/php: drop 7.4.33-r4, 7.4.33-r5, 7.4.33-r6
Signed-off-by: David Seifert <soap@gentoo.org>
Diffstat (limited to 'dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch')
-rw-r--r--dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch37
1 files changed, 0 insertions, 37 deletions
diff --git a/dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch b/dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch
deleted file mode 100644
index 67c172ae214f..000000000000
--- a/dev-lang/php/files/php-7.4.33-CVE-2023-0568.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From a92acbad873a05470af1a47cb785a18eadd827b5 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= <tim@bastelstu.be>
-Date: Mon, 23 Jan 2023 22:13:57 +0100
-Subject: [PATCH] crypt: Fix possible buffer overread in php_crypt()
-
----
- ext/standard/crypt.c | 1 +
- ext/standard/tests/password/password_bcrypt_short.phpt | 8 ++++++++
- 2 files changed, 9 insertions(+)
- create mode 100644 ext/standard/tests/password/password_bcrypt_short.phpt
-
-diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
-index 8c105cf910e8..8316c8b96063 100644
---- a/ext/standard/crypt.c
-+++ b/ext/standard/crypt.c
-@@ -135,6 +135,7 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch
- } else if (
- salt[0] == '$' &&
- salt[1] == '2' &&
-+ salt[2] != 0 &&
- salt[3] == '$') {
- char output[PHP_MAX_SALT_LEN + 1];
-
-diff --git a/ext/standard/tests/password/password_bcrypt_short.phpt b/ext/standard/tests/password/password_bcrypt_short.phpt
-new file mode 100644
-index 000000000000..085bc8a23904
---- /dev/null
-+++ b/ext/standard/tests/password/password_bcrypt_short.phpt
-@@ -0,0 +1,8 @@
-+--TEST--
-+Test that password_hash() does not overread buffers when a short hash is passed
-+--FILE--
-+<?php
-+var_dump(password_verify("foo", '$2'));
-+?>
-+--EXPECT--
-+bool(false)
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-12 13:31:37 +0000