Date: Fri, 1 Jul 2011 17:37:20 +0200 From: Tomas Hoger <thoger@...hat.com> To: OSS Security <oss-security@...ts.openwall.com> Cc: cxib@...urityreason.com Subject: php ZipArchive::addGlob() crashes on invalid flags Hi! Following PHP bug is marked as security and lists CVE-2011-1657: https://bugs.php.net/bug.php?id=54681 http://svn.php.net/viewvc/?view=revision&revision=310814 The fix is committed, hence should be released with 5.3.7. Reporter mentions this really was an underlying glob() implementation flaw, but that's not entirely true. Maybe there are some flags that are not recognized by glob() and still cause it to crash, but the crashes I've been able to reproduce were due to the use of flags supported by glob() that require some glob_t struct setup before calling glob() (such as GLOB_ALTDIRFUNC). -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.