Skip to content

Instantly share code, notes, and snippets.

/72613.diff Secret

Created Jul 19, 2016
Embed
What would you like to do?
Patch for 72613
commit 5faa15c4ce9d68a286a9ffe10ecbb897ebe95601
Author: Stanislav Malyshev <stas@php.net>
Date: Mon Jul 18 23:01:10 2016 -0700
Partial fix for bug #72613 - do not allow reading past error read
diff --git a/ext/bz2/bz2.c b/ext/bz2/bz2.c
index 3594254..bc6379a 100644
--- a/ext/bz2/bz2.c
+++ b/ext/bz2/bz2.c
@@ -148,7 +148,11 @@ static size_t php_bz2iop_read(php_stream *stream, char *buf, size_t count)
just_read = BZ2_bzread(self->bz_file, buf, to_read);
if (just_read < 1) {
- stream->eof = 0 == just_read;
+ /* it is not safe to keep reading after an error, see #72613 */
+ stream->eof = 1;
+ if (just_read < 0) {
+ return -1;
+ }
break;
}
diff --git a/ext/bz2/tests/72613.bz2 b/ext/bz2/tests/72613.bz2
new file mode 100644
index 0000000..0b932f8
Binary files /dev/null and b/ext/bz2/tests/72613.bz2 differ
diff --git a/ext/bz2/tests/bug72613.phpt b/ext/bz2/tests/bug72613.phpt
new file mode 100644
index 0000000..82547e6
--- /dev/null
+++ b/ext/bz2/tests/bug72613.phpt
@@ -0,0 +1,23 @@
+--TEST--
+Bug #72613 (Inadequate error handling in bzread())
+--SKIPIF--
+<?php if (!extension_loaded("bz2")) print "skip"; ?>
+--FILE--
+<?php
+$fp = bzopen(__DIR__.'/72613.bz2', 'r');
+if ($fp === FALSE) {
+ exit("ERROR: bzopen()");
+}
+$data = "";
+while (!feof($fp)) {
+ $res = bzread($fp);
+ if ($res === FALSE) {
+ exit("ERROR: bzread()");
+ }
+ $data .= $res;
+}
+bzclose($fp);
+?>
+DONE
+--EXPECT--
+DONE
\ No newline at end of file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment