diff options
| author | Pierre Joye <pajoye@php.net> | 2010-10-19 09:55:36 +0000 |
|---|---|---|
| committer | Pierre Joye <pajoye@php.net> | 2010-10-19 09:55:36 +0000 |
| commit | 80bea6534863413d80a23fe58913b73fc8333086 (patch) | |
| tree | da8a2b3c547c09d45b72d4277bb7983c50db4a29 | |
| parent | c1b7bd348e188098473759b3b0a28b001fda9ea8 (diff) | |
| download | php-git-80bea6534863413d80a23fe58913b73fc8333086.tar.gz | |
- fix Fixed NULL pointer dereference in ZipArchive::getArchiveComment, (CVE-2010-3709), report&patch from Maksymilian Arciemowicz
| -rw-r--r-- | ext/zip/php_zip.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c index c2adccf8a1..a6d317de0f 100644 --- a/ext/zip/php_zip.c +++ b/ext/zip/php_zip.c @@ -1954,6 +1954,9 @@ static ZIPARCHIVE_METHOD(getCommentIndex) PHP_ZIP_STAT_INDEX(intern, index, 0, sb); comment = zip_get_file_comment(intern, index, &comment_len, (int)flags); + if(comment==NULL) { + RETURN_FALSE; + } RETURN_STRINGL((char *)comment, (long)comment_len, 1); } /* }}} */ |