From: Xinchen Hui <laruence@gmail.com>
Date: Mon, 20 Jan 2020 04:33:37 +0000 (+0800)
Subject: Let's make this safer from maliciously crafted filename
X-Git-Tag: php-7.4.7RC1~304
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2958cdc0b53bc320407b73ed74b3ab010f4296bf;p=php

Let's make this safer from maliciously crafted filename
---

diff --git a/ext/opcache/ZendAccelerator.c b/ext/opcache/ZendAccelerator.c
index bd2b665b06..263336d99e 100644
--- a/ext/opcache/ZendAccelerator.c
+++ b/ext/opcache/ZendAccelerator.c
@@ -3216,7 +3216,7 @@ static size_t preload_try_strip_filename(zend_string *filename) {
 	if (ZSTR_LEN(filename) > sizeof(" eval()'d code")
 		&& *(ZSTR_VAL(filename) + ZSTR_LEN(filename) - sizeof(" eval()'d code")) == ':') {
 		const char *cfilename = ZSTR_VAL(filename);
-		size_t cfilenamelen = ZSTR_LEN(filename) - sizeof(" eval()'d code") - 2 /* :*/;
+		size_t cfilenamelen = ZSTR_LEN(filename) - sizeof(" eval()'d code") - 1 /*:*/;
 		while (cfilenamelen && cfilename[--cfilenamelen] != '(');
 		return cfilenamelen;
 	}