diff options
author | Ilia Alshanetsky <iliaa@php.net> | 2010-11-02 17:50:39 +0000 |
---|---|---|
committer | Ilia Alshanetsky <iliaa@php.net> | 2010-11-02 17:50:39 +0000 |
commit | 785bf5b31e172a6a29724be362a347674c816a10 (patch) | |
tree | b120bfc961ff4bcda474431a627eee912c75ed0a | |
parent | b37ecc1a2d68d9b3cdbace15cae9948e33ae0a53 (diff) | |
download | php-git-785bf5b31e172a6a29724be362a347674c816a10.tar.gz |
Fixed a possible double free in imap extension (Identified by Mateusz Kocielski).
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | ext/imap/php_imap.c | 2 |
2 files changed, 4 insertions, 0 deletions
@@ -1,6 +1,8 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2010, PHP 5.2.15 +- Fixed a possible double free in imap extension (Identified by Mateusz + Kocielski). (Ilia) - Fixed possible flaw in open_basedir (CVE-2010-3436). (Pierre) - Fixed possible crash in mssql_fetch_batch(). (Kalle) diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c index 829276023f..2005d51628 100644 --- a/ext/imap/php_imap.c +++ b/ext/imap/php_imap.c @@ -794,10 +794,12 @@ static void php_imap_do_open(INTERNAL_FUNCTION_PARAMETERS, int persistent) if (IMAPG(imap_user)) { efree(IMAPG(imap_user)); + IMAPG(imap_user) = 0; } if (IMAPG(imap_password)) { efree(IMAPG(imap_password)); + IMAPG(imap_password) = 0; } /* local filename, need to perform open_basedir and safe_mode checks */ |