clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-5.6'

Browse Source 
* PHP-5.6:
  update news
  Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
  Port for for bug #68552
  Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
  - BFN

Conflicts:
	ext/date/php_date.c
This commit is contained in:
Stanislav Malyshev 2015-02-17 07:10:30 +01:00
commit 70e51db210
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ext/enchant/enchant.c
View File

@ -552,13 +552,12 @@ PHP_FUNCTION(enchant_broker_request_dict)
d = enchant_broker_request_dict(pbroker->pbroker, (const char *)tag);
if (d) {
pos = pbroker->dictcnt++;
if (pbroker->dictcnt) {
pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
pos = pbroker->dictcnt++;
} else {
pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
pos = 0;
pbroker->dictcnt++;
}
dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
@ -604,14 +603,14 @@ PHP_FUNCTION(enchant_broker_request_pwl_dict)
d = enchant_broker_request_pwl_dict(pbroker->pbroker, (const char *)pwl);
if (d) {
pos = pbroker->dictcnt++;
if (pbroker->dictcnt) {
pos = pbroker->dictcnt++;
pbroker->dict = (enchant_dict **)erealloc(pbroker->dict, sizeof(enchant_dict *) * pbroker->dictcnt);
} else {
pbroker->dict = (enchant_dict **)emalloc(sizeof(enchant_dict *));
pos = 0;
pbroker->dictcnt++;
}
dict = pbroker->dict[pos] = (enchant_dict *)emalloc(sizeof(enchant_dict));
dict->id = pos;
dict->pbroker = pbroker;