granicus.if.org Git - php/commit

author	Christoph M. Becker <cmbecker69@gmx.de>
	Wed, 11 Mar 2020 09:16:04 +0000 (10:16 +0100)
committer	Christoph M. Becker <cmbecker69@gmx.de>
	Wed, 11 Mar 2020 10:30:15 +0000 (11:30 +0100)
commit	53797c206a4304e0c322c39cb02abf891429367e
tree	4609957fb50b81d618aa6ca33c4e62db394e8eb2	tree \| snapshot
parent	2462f2dab185f53544f2c5335ba6c16a007f3c71	commit \| diff

Fix #78210: Invalid pointer address

This is actually about three distinct issues:

* If an empty string is passed as $address to `stream_socket_sendto()`,
  the `sa` is not initialized, so we must not pass it as `addr` to
  `php_stream_xport_sendto()`.

* On POSIX, `recvfrom()` truncates messages which are too long to fit
  into the specified buffer (unless `MSG_PEEK` is given), discards the
  excessive bytes, and returns the buffer length.  On Windows, the same
  happens, but `recvfrom()` returns `SOCKET_ERROR` with the error code
  `WSAEMSGSIZE`.  We have to catch this for best POSIX compatibility.

* In `php_network_parse_network_address_with_port()`, we have to zero
  `in6` (not only its alias `sa`) to properly support IPv6.

Co-Authored-By: Nikita Popov <nikita.ppv@googlemail.com>

NEWS		diff \| blob \| history
ext/standard/streamsfuncs.c		diff \| blob \| history
main/network.c		diff \| blob \| history
main/streams/xp_socket.c		diff \| blob \| history