Home page logo
/

oss-sec logo oss-sec mailing list archives

php ZipArchive::addGlob() crashes on invalid flags
From: Tomas Hoger <thoger () redhat com>
Date: Fri, 1 Jul 2011 17:37:20 +0200

Hi!

Following PHP bug is marked as security and lists CVE-2011-1657:

https://bugs.php.net/bug.php?id=54681
http://svn.php.net/viewvc/?view=revision&revision=310814

The fix is committed, hence should be released with 5.3.7.

Reporter mentions this really was an underlying glob() implementation
flaw, but that's not entirely true.  Maybe there are some flags that
are not recognized by glob() and still cause it to crash, but the
crashes I've been able to reproduce were due to the use of flags
supported by glob() that require some glob_t struct setup before
calling glob() (such as GLOB_ALTDIRFUNC).

-- 
Tomas Hoger / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault