We need to check for the length here too, or we crash and no one likes that! :(

diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index b83b506b975f015ed8c4e020c98d6b43a96f12d1..2f071989883f7e94f7aedf6e1f17c0bccbca822a 100644 (file)
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -4312,6 +4312,8 @@ static int exif_read_from_stream(image_info_type *ImageInfo, php_stream *stream,
        int ret;
        zend_stat_t st;
 
+       php_printf("exif_read_from_stream");
+
        /* Start with an empty image information structure. */
        memset(ImageInfo, 0, sizeof(*ImageInfo));
 
@@ -4375,6 +4377,8 @@ static int exif_read_from_file(image_info_type *ImageInfo, char *FileName, int r
        int ret;
        php_stream *stream;
 
+       php_printf("exif_read_from_file");
+
        stream = php_stream_open_wrapper(FileName, "rb", STREAM_MUST_SEEK | IGNORE_PATH, NULL);
 
        if (!stream) {
@@ -4454,6 +4458,12 @@ PHP_FUNCTION(exif_read_data)
        } else {
                convert_to_string(stream);
 
+               if (!Z_STRLEN_P(stream)) {
+                       exif_error_docref(NULL EXIFERR_CC, &ImageInfo, E_WARNING, "Filename cannot be empty");
+
+                       RETURN_FALSE;
+               }
+
                ret = exif_read_from_file(&ImageInfo, Z_STRVAL_P(stream), read_thumbnail, read_all);
        }
 
@@ -4618,6 +4628,12 @@ PHP_FUNCTION(exif_thumbnail)
        } else {
                convert_to_string(stream);
 
+               if (!Z_STRLEN_P(stream)) {
+                       exif_error_docref(NULL EXIFERR_CC, &ImageInfo, E_WARNING, "Filename cannot be empty");
+
+                       RETURN_FALSE;
+               }
+
                ret = exif_read_from_file(&ImageInfo, Z_STRVAL_P(stream), 1, 0);
        }