History log of /PHP-8.1/ext/mysqli/tests/ghsa-h35g-vwh6-m678-query-len-overflow.phpt (Results 1 – 2 of 2)
Revision Date Author Comments
# 39c292b1 09-Dec-2024 Jakub Zelenka

Use empheral port for mysqli fake server tests


# 2f5aa9f9 08-Oct-2024 Jakub Zelenka

Fix GHSA-h35g-vwh6-m678: Mysqlnd - various heap buffer over-reads

This fixes issues causing buffer over-read that leak heap content:
- RESP packet field default left over for COM_LIST

Fix GHSA-h35g-vwh6-m678: Mysqlnd - various heap buffer over-reads

This fixes issues causing buffer over-read that leak heap content:
- RESP packet field default left over for COM_LIST
- RESP packet upsert filename
- OK packet message
- RESP packet for stmt row data
- ps_fetch_from_1_to_8_bytes
- ps_fetch_float
- ps_fetch_double
- ps_fetch_time
- ps_fetch_date
- ps_fetch_datetime
- ps_fetch_string
- ps_fetch_bit
- RESP packet for query row data (just possible overflow on 32bit)

It also adds various protocol tests using a new fake server.

show more ...