Add mitigation for CVE-2015-0235 (bug #68925)

author: Stanislav Malyshev <stas@php.net> 2015-01-31 18:59:18 -0800
committer: Stanislav Malyshev <stas@php.net> 2015-01-31 19:08:13 -0800
commit: 0f9c708229d7d4f4eff96c30cff7a2339f738511 (patch)
tree: f3687dd806e2196641c51ab95b7fcc697f765fc6 /sapi/cgi
parent: 61ad5e24ea2b17bf9a40e1238ffd53daad37df5e (diff)
download: php-git-0f9c708229d7d4f4eff96c30cff7a2339f738511.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/sapi/cgi/fastcgi.c b/sapi/cgi/fastcgi.c
index 8ddc2e4577..4c6ea4c0a3 100644
--- a/sapi/cgi/fastcgi.c
+++ b/sapi/cgi/fastcgi.c
@@ -611,7 +611,11 @@ int fcgi_listen(const char *path, int backlog)
 			if (sa.sa_inet.sin_addr.s_addr == INADDR_NONE) {
 				struct hostent *hep;
 
-				hep = gethostbyname(host);
+				if(strlen(host) > MAXHOSTNAMELEN) {
+					hep = NULL;
+				} else {
+					hep = gethostbyname(host);
+				}
 				if (!hep || hep->h_addrtype != AF_INET || !hep->h_addr_list[0]) {
 					fprintf(stderr, "Cannot resolve host name '%s'!\n", host);
 					return -1;
author	Stanislav Malyshev <stas@php.net>	2015-01-31 18:59:18 -0800
committer	Stanislav Malyshev <stas@php.net>	2015-01-31 19:08:13 -0800
commit	0f9c708229d7d4f4eff96c30cff7a2339f738511 (patch)
tree	f3687dd806e2196641c51ab95b7fcc697f765fc6 /sapi/cgi
parent	61ad5e24ea2b17bf9a40e1238ffd53daad37df5e (diff)
download	php-git-0f9c708229d7d4f4eff96c30cff7a2339f738511.tar.gz