-
-
Save anonymous/8614d3d2afaf85b1fa6acb93a5bfff49 to your computer and use it in GitHub Desktop.
Patch for 72262
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit 7245bff300d3fa8bacbef7897ff080a6f1c23eba | |
Author: Stanislav Malyshev <stas@php.net> | |
Date: Wed Jun 15 21:58:26 2016 -0700 | |
Fix bug #72262 - do not overflow int | |
diff --git a/ext/spl/spl_directory.c b/ext/spl/spl_directory.c | |
index e20a80a..7718fe4 100644 | |
--- a/ext/spl/spl_directory.c | |
+++ b/ext/spl/spl_directory.c | |
@@ -2872,6 +2872,10 @@ SPL_METHOD(SplFileObject, fread) | |
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Length parameter must be greater than 0"); | |
RETURN_FALSE; | |
} | |
+ if (length > INT_MAX) { | |
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Length parameter must be no more than %d", INT_MAX); | |
+ RETURN_FALSE; | |
+ } | |
Z_STRVAL_P(return_value) = emalloc(length + 1); | |
Z_STRLEN_P(return_value) = php_stream_read(intern->u.file.stream, Z_STRVAL_P(return_value), length); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment