代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/php 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 9a96e864885ccc3b19d360ba410a562eb7c5dc45 Mon Sep 17 00:00:00 2001
From: gwx620998 <gulining1@huawei.com>
Date: Sat, 23 Mar 2019 03:34:11 -0400
Subject: [PATCH] CVE-2019-9023
Signed-off-by: gwx620998 <gulining1@huawei.com>
---
ext/mbstring/oniguruma/src/regcomp.c | 3 +++
ext/mbstring/oniguruma/src/regparse.c | 2 ++
ext/mbstring/oniguruma/src/unicode.c | 1 +
ext/mbstring/oniguruma/src/utf32_be.c | 3 ++-
4 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/ext/mbstring/oniguruma/src/regcomp.c b/ext/mbstring/oniguruma/src/regcomp.c
index 0e9a9ab..cf914cc 100644
--- a/ext/mbstring/oniguruma/src/regcomp.c
+++ b/ext/mbstring/oniguruma/src/regcomp.c
@@ -476,6 +476,7 @@ compile_length_string_node(Node* node, regex_t* reg)
for (; p < sn->end; ) {
len = enclen(enc, p);
+ if (p + len > sn->end) len = sn->end - p;
if (len == prev_len) {
slen++;
}
@@ -524,6 +525,7 @@ compile_string_node(Node* node, regex_t* reg)
for (; p < end; ) {
len = enclen(enc, p);
+ if (p + len > end) len = end - p;
if (len == prev_len) {
slen++;
}
@@ -3436,6 +3438,7 @@ expand_case_fold_string(Node* node, regex_t* reg)
}
len = enclen(reg->enc, p);
+ if (p + len > end) len = end - p;
if (n == 0) {
if (IS_NULL(snode)) {
diff --git a/ext/mbstring/oniguruma/src/regparse.c b/ext/mbstring/oniguruma/src/regparse.c
index 8153513..9393b9d 100644
--- a/ext/mbstring/oniguruma/src/regparse.c
+++ b/ext/mbstring/oniguruma/src/regparse.c
@@ -3594,6 +3594,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
}
else { /* string */
p = tok->backp + enclen(enc, tok->backp);
+ if (p > end) p = end;
}
}
break;
@@ -3763,6 +3764,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env)
out:
#endif
*src = p;
+ if (*src > end) *src = end;
return tok->type;
}
diff --git a/ext/mbstring/oniguruma/src/unicode.c b/ext/mbstring/oniguruma/src/unicode.c
index 8812ca2..cbdc42f 100644
--- a/ext/mbstring/oniguruma/src/unicode.c
+++ b/ext/mbstring/oniguruma/src/unicode.c
@@ -255,6 +255,7 @@ onigenc_unicode_mbc_case_fold(OnigEncoding enc,
code = ONIGENC_MBC_TO_CODE(enc, p, end);
len = enclen(enc, p);
+ if (*pp + len > end) len = end - *pp;
*pp += len;
#ifdef USE_UNICODE_CASE_FOLD_TURKISH_AZERI
diff --git a/ext/mbstring/oniguruma/src/utf32_be.c b/ext/mbstring/oniguruma/src/utf32_be.c
index d0c7f39..4cf6fed 100644
--- a/ext/mbstring/oniguruma/src/utf32_be.c
+++ b/ext/mbstring/oniguruma/src/utf32_be.c
@@ -65,8 +65,9 @@ utf32be_is_mbc_newline(const UChar* p, const UChar* end)
}
static OnigCodePoint
-utf32be_mbc_to_code(const UChar* p, const UChar* end ARG_UNUSED)
+utf32be_mbc_to_code(const UChar* p, const UChar* end)
{
+ if (p + 4 > end) return (OnigCodePoint ) NULL;
return (OnigCodePoint )(((p[0] * 256 + p[1]) * 256 + p[2]) * 256 + p[3]);
}
--
1.8.3.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手