From c3d73d417a4ac66bdf464da1d76e50cedb97be3b Mon Sep 17 00:00:00 2001
From: Ilia Alshanetsky <iliaa@php.net>
Date: Sun, 2 May 2010 19:34:21 +0000
Subject: [PATCH] - Fixed a possible stack exaustion inside fnmatch().
 Reporeted by Stefan Esser

---
 NEWS                | 2 ++
 ext/standard/file.c | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/NEWS b/NEWS
index a52393d738..7b9a08b6e4 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,8 @@ PHP                                                                        NEWS
 
 - Updated timezone database to version 2010.5. (Derick)
 
+- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
+  Esser (Ilia)
 - Reset error state in PDO::beginTransaction() reset error state. (Ilia)
 - Fixed a NULL pointer dereference when processing invalid XML-RPC
   requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
diff --git a/ext/standard/file.c b/ext/standard/file.c
index 6fd1a4d960..24179aa76e 100644
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -2551,6 +2551,10 @@ PHP_FUNCTION(fnmatch)
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Filename exceeds the maximum allowed length of %d characters", MAXPATHLEN);
 		RETURN_FALSE;
 	}
+	if (pattern_len >= MAXPATHLEN) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Pattern exceeds the maximum allowed length of %d characters", MAXPATHLEN);
+		RETURN_FALSE;
+	}
 
 	RETURN_BOOL( ! fnmatch( pattern, filename, flags ));
 }
-- 
2.40.0