#24395 – CVE-2010-3710: Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data

Bug 24395 - CVE-2010-3710: Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data

Summary: CVE-2010-3710: Segfault in filter_var with FILTER_VALIDATE_EMAIL with large a...

Status:	CLOSED FIXED

Alias:	None

Product:	Sisyphus
Classification:	Development
Component:	php5 (show other bugs)
Version:	unstable
Hardware:	all Linux

Importance:	P3 blocker
Assignee:	Anton Farygin
QA Contact:	qa-sisyphus

URL:	http://bugs.php.net/bug.php?id=52929
Keywords:	security

Depends on:
Blocks:

Reported:	2010-10-23 10:37 MSD by Vladimir Lettiev
Modified:	2010-10-30 15:30 MSD (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vladimir Lettiev 2010-10-23 10:37:36 MSD

There is an error in php_filter_validate_email() function, when validating email addresses, that may cause segfault and crash via long input string

Comment 1 Anton Farygin 2010-10-23 11:54:51 MSD

Спасибо, сейчас исправим.

Comment 2 Repository Robot 2010-10-30 15:30:28 MSD

php5-5.3.3.20100722-alt3 -> sisyphus:

* Sat Oct 23 2010 Anton Farygin <rider@altlinux> 5.3.3.20100722-alt3
- fixed default sendmail_path value
- fixed segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data, CVE-2010-3710 (closes: #24395)