]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fe21acc)
php_stream_fopen_tmpfile may file, causing any following stream usage to crash
authorPierre Joye <pierre.php@gmail.com>
Tue, 14 May 2013 07:20:53 +0000 (09:20 +0200)
committerPierre Joye <pierre.php@gmail.com>
Tue, 14 May 2013 07:20:53 +0000 (09:20 +0200)
ext/phar/zip.c patch | blob | history

diff --git a/ext/phar/zip.c b/ext/phar/zip.c
index 33732fbd63fafdc97e0f5aba35d23c5b2d002d27..2d57c08c5aa91070953f2bb96d507e69a1b06613 100644 (file)
--- a/ext/phar/zip.c
+++ b/ext/phar/zip.c
@@ -1122,6 +1122,10 @@ static int phar_zip_applysignature(phar_archive_data *phar, struct _phar_zip_pas
                entry.fp = php_stream_fopen_tmpfile();
                entry.fp_type = PHAR_MOD;
                entry.is_modified = 1;
+               if (entry.fp == NULL) {
+                       spprintf(pass->error, 0, "phar error: unable to create temporary file for signature");
+                       return FAILURE;
+               }
 
                PHAR_SET_32(sigbuf, phar->sig_flags);
                PHAR_SET_32(sigbuf + 4, signature_length);
Unnamed repository; edit this file 'description' to name the repository.