From 2cdbd3537fd9cbbc0e16771a7b63015e2a0ab5f3 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sat, 31 Jan 2015 21:30:58 -0800
Subject: [PATCH 1/2] use right sizeof for memset

---
 sapi/litespeed/lsapilib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sapi/litespeed/lsapilib.c b/sapi/litespeed/lsapilib.c
index aac823fc1c6..3d1513ac502 100644
--- a/sapi/litespeed/lsapilib.c
+++ b/sapi/litespeed/lsapilib.c
@@ -3376,7 +3376,7 @@ void lsapi_MD5Final(unsigned char digest[16], struct lsapi_MD5Context *ctx)
     lsapi_MD5Transform(ctx->buf, (uint32 *) ctx->in);
     byteReverse((unsigned char *) ctx->buf, 4);
     memmove(digest, ctx->buf, 16);
-    memset(ctx, 0, sizeof(ctx));        /* In case it's sensitive */
+    memset(ctx, 0, sizeof(*ctx));        /* In case it's sensitive */
 }
 
 /* The four core functions - F1 is optimized somewhat */

From b30a6d6018705e0a9d345192eba8125ff854c167 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sat, 31 Jan 2015 21:46:56 -0800
Subject: [PATCH 2/2] Use better constant since MAXHOSTNAMELEN may mean shorter
 name

---
 ext/standard/dns.c                       | 8 ++++----
 ext/standard/tests/network/bug68925.phpt | 4 ++--
 main/network.c                           | 6 +-----
 main/php_network.h                       | 4 ++++
 sapi/cgi/fastcgi.c                       | 6 +++++-
 5 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/ext/standard/dns.c b/ext/standard/dns.c
index e21aca49197..7b5dba0eafc 100644
--- a/ext/standard/dns.c
+++ b/ext/standard/dns.c
@@ -222,9 +222,9 @@ PHP_FUNCTION(gethostbyname)
 		return;
 	}
 
-	if(hostname_len > MAXHOSTNAMELEN) {
+	if(hostname_len > MAXFQDNLEN) {
 		/* name too long, protect from CVE-2015-0235 */
-		php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN);
+		php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN);
 		RETURN_STRINGL(hostname, hostname_len, 1);
 	}
 	addr = php_gethostbyname(hostname);
@@ -247,9 +247,9 @@ PHP_FUNCTION(gethostbynamel)
 		return;
 	}
 
-	if(hostname_len > MAXHOSTNAMELEN) {
+	if(hostname_len > MAXFQDNLEN) {
 		/* name too long, protect from CVE-2015-0235 */
-		php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXHOSTNAMELEN);
+		php_error_docref(NULL, E_WARNING, "Host name is too long, the limit is %d characters", MAXFQDNLEN);
 		RETURN_FALSE;
 	}
 
diff --git a/ext/standard/tests/network/bug68925.phpt b/ext/standard/tests/network/bug68925.phpt
index e710d72bdfb..2638dd331d2 100644
--- a/ext/standard/tests/network/bug68925.phpt
+++ b/ext/standard/tests/network/bug68925.phpt
@@ -6,8 +6,8 @@ var_dump(gethostbyname(str_repeat("0", 2501)));
 var_dump(gethostbynamel(str_repeat("0", 2501)));
 ?>
 --EXPECTF--
-Warning: gethostbyname(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d
+Warning: gethostbyname(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d
 string(2501) "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
 
-Warning: gethostbynamel(): Host name is too long, the limit is 256 characters in %s/bug68925.php on line %d
+Warning: gethostbynamel(): Host name is too long, the limit is %d characters in %s/bug68925.php on line %d
 bool(false)
diff --git a/main/network.c b/main/network.c
index 41b2cfa0ba2..18459988078 100644
--- a/main/network.c
+++ b/main/network.c
@@ -103,10 +103,6 @@ const struct in6_addr in6addr_any = {0}; /* IN6ADDR_ANY_INIT; */
 # define PHP_TIMEOUT_ERROR_VALUE		ETIMEDOUT
 #endif
 
-#ifndef MAXHOSTNAMELEN
-#define MAXHOSTNAMELEN 255
-#endif
-
 #if HAVE_GETADDRINFO
 #ifdef HAVE_GAI_STRERROR
 #  define PHP_GAI_STRERROR(x) (gai_strerror(x))
@@ -248,7 +244,7 @@ PHPAPI int php_network_getaddresses(const char *host, int socktype, struct socka
 #else
 	if (!inet_aton(host, &in)) {
 		/* XXX NOT THREAD SAFE (is safe under win32) */
-		if(strlen(host) > MAXHOSTNAMELEN) {
+		if(strlen(host) > MAXFQDNLEN) {
 			host_info = NULL;
 			errno = E2BIG;
 		} else {
diff --git a/main/php_network.h b/main/php_network.h
index dd28f161aa2..35503b7172d 100644
--- a/main/php_network.h
+++ b/main/php_network.h
@@ -311,6 +311,10 @@ END_EXTERN_C()
 
 /* }}} */
 
+#ifndef MAXFQDNLEN
+#define MAXFQDNLEN 255
+#endif
+
 #endif /* _PHP_NETWORK_H */
 
 /*
diff --git a/sapi/cgi/fastcgi.c b/sapi/cgi/fastcgi.c
index 4c6ea4c0a35..53e3202d9a8 100644
--- a/sapi/cgi/fastcgi.c
+++ b/sapi/cgi/fastcgi.c
@@ -27,6 +27,10 @@
 #include <stdarg.h>
 #include <errno.h>
 
+#ifndef MAXFQDNLEN
+#define MAXFQDNLEN 255
+#endif
+
 #ifdef _WIN32
 
 #include <windows.h>
@@ -611,7 +615,7 @@ int fcgi_listen(const char *path, int backlog)
 			if (sa.sa_inet.sin_addr.s_addr == INADDR_NONE) {
 				struct hostent *hep;
 
-				if(strlen(host) > MAXHOSTNAMELEN) {
+				if(strlen(host) > MAXFQDNLEN) {
 					hep = NULL;
 				} else {
 					hep = gethostbyname(host);