← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/php5/gutsy

« back to all changes in this revision

Viewing changes to Zend/zend_objects_API.c

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt, CVE-2007-0905, CVE-2007-0906, CVE-2007-0909, CVE-2007-0910
  • Date: 2007-02-20 17:54:46 UTC
  • mfrom: (1.1.6 upstream)
  • Revision ID: james.westby@ubuntu.com-20070220175446-nudqyuv0dfowel3r
Tags: 5.2.1-0ubuntu1
* New upstream security/bugfix release:
  - safe_mode & open_basedir bypasses inside the session extension
    [CVE-2007-0905]
  - multiple buffer overflows in various extensions and functions
    [CVE-2007-0906]
  - underflow in the internal sapi_header_op() function [CVE-2007-0907]
  - information disclosure in the wddx extension [CVE-2007-0908]
  - string format vulnerability in *print() functions on 64 bit systems
    [CVE-2007-0909]
  - possible clobbering of super-globals in several code paths
    [CVE-2007-0910]
* Adapted patches to new upstream release:
  - 006-debian_quirks.patch
  - 034-apache2_umask_fix.patch
  - 044-strtod_arm_fix.patch
* Drop 109-libdb4.4.patch: Obsolete, upstream now checks for db 4.5 and 4.4.
* Drop 114-zend_alloc.c_m68k_alignment.patch and
  115-zend_alloc.c_memleak.patch: Applied upstream.
* Add debian/patches/000upstream-str_ireplace_offbyone.patch:
  - Fix off-by-one in str_ireplace(), a regression introduced in 5.2.1.
  - Patch taken from upstream CVS:
    http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.630&r2=1.631
  - CVE-2007-0911
* debian/control: Set Ubuntu maintainer.

Show diffs side-by-side

added added

removed removed

Lines of Context:
Zend/zend_objects_API.c
2
2
   +----------------------------------------------------------------------+
3
3
   | Zend Engine                                                          |
4
4
   +----------------------------------------------------------------------+
5
 
   | Copyright (c) 1998-2006 Zend Technologies Ltd. (http://www.zend.com) |
 
5
   | Copyright (c) 1998-2007 Zend Technologies Ltd. (http://www.zend.com) |
6
6
   +----------------------------------------------------------------------+
7
7
   | This source file is subject to version 2.00 of the Zend license,     |
8
8
   | that is bundled with this package in the file LICENSE, and is        |
17
17
   +----------------------------------------------------------------------+
18
18
*/
19
19
 
20
 
/* $Id: zend_objects_API.c,v 1.47.2.6.2.3 2006/08/07 15:15:20 dmitry Exp $ */
 
20
/* $Id: zend_objects_API.c,v 1.47.2.6.2.5 2007/01/01 09:35:47 sebastian Exp $ */
21
21
 
22
22
#include "zend.h"
23
23
#include "zend_globals.h"
64
64
 
65
65
ZEND_API void zend_objects_store_mark_destructed(zend_objects_store *objects TSRMLS_DC)
66
66
{
67
 
        zend_uint i = 1;
 
67
        zend_uint i;
68
68
 
 
69
        if (!objects->object_buckets) {
 
70
                return;
 
71
        }
69
72
        for (i = 1; i < objects->top ; i++) {
70
73
                if (objects->object_buckets[i].valid) {
71
74
                        objects->object_buckets[i].destructor_called = 1;