diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-01-20 10:41:59 -0800 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-01-20 10:41:59 -0800 |
| commit | b16fdebcf8f59e5aa09c11782c05224762ca835e (patch) | |
| tree | e99d54657906281f4755e859bfe6400eda811ab1 /ext/exif/exif.c | |
| parent | ea8415114a9299f6ba7df16c882e6d9d328af054 (diff) | |
| parent | e18ec956873d1cc1fcd4647f4a218c25d0f80209 (diff) | |
| download | php-git-b16fdebcf8f59e5aa09c11782c05224762ca835e.tar.gz | |
Merge branch 'PHP-5.6'
* PHP-5.6:
5.4.38 next
Updated NEWS
Updated NEWS
Fix bug #68711 Remove useless checks. 'num' is unsigned and cannot be <0.
Fix bug #68799: Free called on unitialized pointer
Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
Conflicts:
ext/exif/exif.c
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
Diffstat (limited to 'ext/exif/exif.c')
| -rw-r--r-- | ext/exif/exif.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ext/exif/exif.c b/ext/exif/exif.c index d889db06fd..0e25a05cf2 100644 --- a/ext/exif/exif.c +++ b/ext/exif/exif.c @@ -2695,7 +2695,7 @@ static int exif_process_user_comment(image_info_type *ImageInfo, char **pszInfoP static int exif_process_unicode(image_info_type *ImageInfo, xp_field_type *xp_field, int tag, char *szValuePtr, int ByteCount) { xp_field->tag = tag; - + xp_field->value = NULL; /* XXX this will fail again if encoding_converter returns on error something different than SIZE_MAX */ if (zend_multibyte_encoding_converter( (unsigned char**)&xp_field->value, |