Note:
This project will be discontinued after December 13, 2021. [more]
2019-01-15
The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some stream functions, such as stream_get_line, to trigger an out-of-bounds read when operating on such malformed streams. The implementations were updated to return valid values consistently. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).
Products | Hhvm |
Type | Out-of-bounds Read (CWE-125) |
First patch |
https://github.com/facebook/hhvm/commit/6e4dd9ec3f14b48170fc45dc9d13a3261765f994 |
Relevant file/s |
• ./hphp/runtime/base/output-file.cpp (modified, +1, -1)
• ./hphp/runtime/ext/bz2/bz2-file.cpp (modified, +1, -1) • ./hphp/test/slow/oob_read_file.php (added, +12) • ./hphp/test/slow/oob_read_file.php.expectf (added, +4) |
Links | https://hhvm.com/blog/2019/01/14/hhvm-3.30.2.html |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: