[Pkg-php-commits] [php/debian-sid] Update CVE-2010-3870 to include test case

[Ondřej Surý]

---
 debian/patches/CVE-2010-3870.patch |   35 +++++++++++++++++++++++++++++++----
 1 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/debian/patches/CVE-2010-3870.patch b/debian/patches/CVE-2010-3870.patch
index 008f1d6..758e894 100644
--- a/debian/patches/CVE-2010-3870.patch
+++ b/debian/patches/CVE-2010-3870.patch
@@ -1,6 +1,6 @@
---- a/ext/xml/xml.c	2010/01/05 13:03:40	293146
-+++ b/ext/xml/xml.c	2010/10/27 18:13:25	304959
-@@ -659,10 +659,111 @@
+--- a/ext/xml/xml.c
++++ b/ext/xml/xml.c
+@@ -659,10 +659,111 @@ PHPAPI char *xml_utf8_encode(const char 
  }
  /* }}} */
  
@@ -113,7 +113,7 @@
  	char *newbuf = emalloc(len + 1);
  	unsigned int c;
  	char (*decoder)(unsigned short) = NULL;
-@@ -681,36 +782,15 @@
+@@ -681,36 +782,15 @@ PHPAPI char *xml_utf8_decode(const XML_C
  		newbuf[*newlen] = '\0';
  		return newbuf;
  	}
@@ -158,3 +158,30 @@
  		newbuf[*newlen] = decoder ? decoder(c) : c;
  		++*newlen;
  	}
+--- /dev/null
++++ b/ext/xml/tests/bug49687.phpt
+@@ -0,0 +1,24 @@
++--TEST--
++Bug #49687 Several utf8_decode deficiencies and vulnerabilities
++--SKIPIF--
++<?php
++require_once("skipif.inc");
++if (!extension_loaded('xml')) die ("skip xml extension not available");
++?>
++--FILE--
++<?php
++
++$tests = array(
++    "\x41\xC2\x3E\x42",
++    "\xE3\x80\x22",
++    "\x41\x98\xBA\x42\xE2\x98\x43\xE2\x98\xBA\xE2\x98",
++);
++foreach ($tests as $t) {
++    echo bin2hex(utf8_decode($t)), "\n";
++}
++echo "Done.\n";
++--EXPECT--
++413f3e42
++3f22
++413f3f423f433f3f
++Done.
-- 
1.7.1