diff options
author | Anatol Belski <ab@php.net> | 2016-09-12 18:59:38 +0200 |
---|---|---|
committer | Anatol Belski <ab@php.net> | 2016-09-12 18:59:38 +0200 |
commit | 8cceb012a7aabf3c36ab7c2724a436f976cdd165 (patch) | |
tree | 57d515bdd860bddec627286a8c8c52b92ff4c834 | |
parent | 9528ce73156e2b6a5e96e371068b24a5975f4bcd (diff) | |
download | php-git-8cceb012a7aabf3c36ab7c2724a436f976cdd165.tar.gz |
Add check in fgetcsv in case sizeof(unit) != sizeof(size_t)
(cherry picked from commit 99ac11222cb2a4e9aa6a865f908b28def349c049)
Conflicts:
ext/standard/file.c
-rw-r--r-- | ext/standard/file.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ext/standard/file.c b/ext/standard/file.c index 5b051774c9..6e17dc5d11 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -2336,6 +2336,12 @@ PHPAPI void php_fgetcsv(php_stream *stream, char delimiter, char enclosure, char /* 3. Now pass our field back to php */ *comp_end = '\0'; +#ifndef ZEND_ENABLE_ZVAL_LONG64 + if (UNEXPECTED((comp_end - temp) > ZEND_LONG_MAX)) { + zend_error_noreturn(E_WARNING, "String overflow, max size is " ZEND_LONG_FMT, ZEND_LONG_MAX); + break; + } +#endif add_next_index_stringl(return_value, temp, comp_end - temp); } while (inc_len > 0); |