diff options
| author | xXx-caillou-xXx | 2017-11-29 11:06:50 +0100 |
|---|---|---|
| committer | jvoisin | 2017-11-29 11:06:50 +0100 |
| commit | 8df77884f38e7a7334b56aafe2f441567f175af8 (patch) | |
| tree | cb6ad5394f2210bc347f29473a7887677cace627 /src | |
| parent | a7459a39306e62ee58e2d8cd16f0cb156944c06f (diff) | |
Fix segfault in sp_disabled_functions.c
There was an off-by-one in `should_disable`, effectively smashing the last byte of the stack canary. This was discovered while building the package for Alpine Linux. Kudos to their hardened toolchain!
Diffstat (limited to 'src')
| -rw-r--r-- | src/sp_disabled_functions.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c index 0b1cc91..44a215c 100644 --- a/src/sp_disabled_functions.c +++ b/src/sp_disabled_functions.c | |||
| @@ -102,7 +102,7 @@ static bool is_local_var_matching(zend_execute_data *execute_data, const sp_disa | |||
| 102 | } | 102 | } |
| 103 | 103 | ||
| 104 | bool should_disable(zend_execute_data* execute_data) { | 104 | bool should_disable(zend_execute_data* execute_data) { |
| 105 | char current_file_hash[SHA256_SIZE * 2] = {0}; | 105 | char current_file_hash[SHA256_SIZE * 2 + 1] = {0}; |
| 106 | const char* current_filename = zend_get_executed_filename(TSRMLS_C); | 106 | const char* current_filename = zend_get_executed_filename(TSRMLS_C); |
| 107 | const sp_node_t* config = | 107 | const sp_node_t* config = |
| 108 | SNUFFLEUPAGUS_G(config).config_disabled_functions->disabled_functions; | 108 | SNUFFLEUPAGUS_G(config).config_disabled_functions->disabled_functions; |