From: Pierre Joye <pajoye@php.net>
Date: Tue, 15 Jun 2010 18:48:33 +0000 (+0000)
Subject: - Fix #51002, fix possible memory corruption with very long names
X-Git-Tag: php-5.3.3RC1~19
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2cfb5e4254ec3f4a198dd8984ce4e2c1b74310ca;p=php

- Fix #51002, fix possible memory corruption with very long names
---

diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index 01a8925577..293e95f71a 100644
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -280,8 +280,8 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 }
 /* }}} */
 
-static int php_zip_add_file(struct zip *za, const char *filename, int filename_len, 
-	char *entry_name, int entry_name_len, long offset_start, long offset_len TSRMLS_DC) /* {{{ */
+static int php_zip_add_file(struct zip *za, const char *filename, size_t filename_len, 
+	char *entry_name, size_t entry_name_len, long offset_start, long offset_len TSRMLS_DC) /* {{{ */
 {
 	struct zip_source *zs;
 	int cur_idx;
@@ -1629,7 +1629,7 @@ static void php_zip_add_from_pattern(INTERNAL_FUNCTION_PARAMETERS, int type) /*
 
 		for (i = 0; i < found; i++) {
 			char *file, *file_stripped, *entry_name;
-			int entry_name_len,file_stripped_len;
+			size_t entry_name_len, file_stripped_len;
 			char entry_name_buf[MAXPATHLEN];
 			char *basename = NULL;