pajoye Tue, 19 Oct 2010 09:56:11 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=304506
Log:
- fix Fixed NULL pointer dereference in ZipArchive::getArchiveComment,
(CVE-2010-3709), report&patch from Maksymilian Arciemowicz
Changed paths:
U php/php-src/trunk/ext/zip/php_zip.c
Modified: php/php-src/trunk/ext/zip/php_zip.c
===================================================================
--- php/php-src/trunk/ext/zip/php_zip.c 2010-10-19 09:55:36 UTC (rev 304505)
+++ php/php-src/trunk/ext/zip/php_zip.c 2010-10-19 09:56:11 UTC (rev 304506)
@@ -1974,6 +1974,9 @@
}
comment = zip_get_archive_comment(intern, &comment_len, (int)flags);
+ if(comment==NULL) {
+ RETURN_FALSE;
+ }
RETURN_STRINGL((char *)comment, (long)comment_len, 1);
}
/* }}} */
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
