From: Anatol Belski <ab@php.net>
Date: Sun, 14 Sep 2014 13:03:52 +0000 (+0200)
Subject: make it safer for an array underrun
X-Git-Tag: PRE_NATIVE_TLS_MERGE~158^2~85^2~47
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=454548e44032d40ba49e2041c552bedbff49a468;p=php

make it safer for an array underrun
---

diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index 0f6a6bfe88..4cac8b32bc 100644
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -1610,9 +1610,9 @@ static void php_zip_add_from_pattern(INTERNAL_FUNCTION_PARAMETERS, int type) /*
 	}
 
 	if (remove_path && remove_path_len > 1) {
-		int tmp_idx = (int)strlen(remove_path) - 1;
-		if (remove_path[tmp_idx] == '/' || remove_path[tmp_idx] == '\\') {
-			remove_path[tmp_idx] = '\0';
+		size_t real_len = strlen(remove_path);
+		if (real_len > 1 && remove_path[real_len - 1] == '/' || remove_path[real_len - 1] == '\\') {
+			remove_path[real_len - 1] = '\0';
 		}
 	}