[Secure-testing-commits] r5701 - data/patches/MOPB

[Sean Finney]

Author: seanius
Date: 2007-04-22 16:47:04 +0000 (Sun, 22 Apr 2007)
New Revision: 5701

Added:
   data/patches/MOPB/MOPB-26-php4.diff
Log:
a php4 fix for mopb 26 was found, though i couldnot get the exploit to work we should take it

Added: data/patches/MOPB/MOPB-26-php4.diff
===================================================================
--- data/patches/MOPB/MOPB-26-php4.diff	2007-04-22 15:07:50 UTC (rev 5700)
+++ data/patches/MOPB/MOPB-26-php4.diff	2007-04-22 16:47:04 UTC (rev 5701)
@@ -0,0 +1,36 @@
+--- mbstring.c	2006/12/21 17:28:57	1.142.2.47.2.19
++++ mbstring.c	2007/03/18 17:19:30	1.142.2.47.2.20
+@@ -17,7 +17,7 @@
+    +----------------------------------------------------------------------+
+  */
+ 
+-/* $Id: mbstring.c,v 1.142.2.47.2.19 2006/12/21 17:28:57 masugata Exp $ */
++/* $Id: mbstring.c,v 1.142.2.47.2.20 2007/03/18 17:19:30 iliaa Exp $ */
+ 
+ /*
+  * PHP4 Multibyte String module "mbstring"
+@@ -1954,9 +1954,9 @@
+ 	string.no_encoding = from_encoding;
+ 	old_rg = PG(register_globals);
+ 	if (argc == 1) {
+-		PG(register_globals) = 1;
++		zend_alter_ini_entry("register_globals", sizeof("register_globals"), "1", sizeof("1")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
+ 	} else {
+-		PG(register_globals) = 0;
++		zend_alter_ini_entry("register_globals", sizeof("register_globals"), "0", sizeof("0")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
+ 	}
+ 	n = 0;
+ 	while (n < num) {
+@@ -1985,7 +1985,11 @@
+ 		mbfl_string_clear(&resvar);
+ 		mbfl_string_clear(&resval);
+ 	}
+-	PG(register_globals) = old_rg;
++	if (old_rg) {
++		zend_alter_ini_entry("register_globals", sizeof("register_globals"), "1", sizeof("1")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
++	} else {
++		zend_alter_ini_entry("register_globals", sizeof("register_globals"), "0", sizeof("0")-1, PHP_INI_PERDIR, PHP_INI_STAGE_RUNTIME);
++	}
+ 
+ 	if (convd != NULL) {
+ 		MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd);