From: Pierre Joye <pajoye@php.net>
Date: Tue, 30 Nov 2010 11:04:06 +0000 (+0000)
Subject: Fixed crash in zip extract method (possible CWE-170)
X-Git-Tag: php-5.4.0alpha1~191^2~586
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e8817ab0a690058da15d7e2952392168de3fba87;p=php

Fixed crash in zip extract method (possible CWE-170)
---

diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index 522e92d34f..e7c7014bb6 100644
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -162,6 +162,9 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 	 */
 	virtual_file_ex(&new_state, file, NULL, CWD_EXPAND TSRMLS_CC);
 	path_cleaned =  php_zip_make_relative_path(new_state.cwd, new_state.cwd_length);
+	if(!path_cleaned) {
+		return 0;
+	}
 	path_cleaned_len = strlen(path_cleaned);
 
 	if (path_cleaned_len >= MAXPATHLEN || zip_stat(za, file, 0, &sb) != 0) {