From: Pierre Joye Date: Tue, 14 May 2013 07:20:53 +0000 (+0200) Subject: php_stream_fopen_tmpfile may file, causing any following stream usage to crash X-Git-Tag: php-5.3.26RC1~9 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=533e636a62a1f1d5119f262f44c48097d7762735;p=php php_stream_fopen_tmpfile may file, causing any following stream usage to crash --- diff --git a/ext/phar/zip.c b/ext/phar/zip.c index 33732fbd63..2d57c08c5a 100644 --- a/ext/phar/zip.c +++ b/ext/phar/zip.c @@ -1122,6 +1122,10 @@ static int phar_zip_applysignature(phar_archive_data *phar, struct _phar_zip_pas entry.fp = php_stream_fopen_tmpfile(); entry.fp_type = PHAR_MOD; entry.is_modified = 1; + if (entry.fp == NULL) { + spprintf(pass->error, 0, "phar error: unable to create temporary file for signature"); + return FAILURE; + } PHAR_SET_32(sigbuf, phar->sig_flags); PHAR_SET_32(sigbuf + 4, signature_length);