diff options
| author | Michael Wallner <mike@php.net> | 2013-09-18 11:12:44 +0200 |
|---|---|---|
| committer | Michael Wallner <mike@php.net> | 2013-09-18 11:12:44 +0200 |
| commit | 33c4b61c7f477994d4f30fff349cb1815680642d (patch) | |
| tree | 2d7bdf6c6df35166eb8b609d03e2e2237a26168c | |
| parent | cdf5d201ab570284d8865a4b8366bddb662410eb (diff) | |
| parent | a34b141e08f02c34a100676080dddf7d9be84544 (diff) | |
| download | php-git-33c4b61c7f477994d4f30fff349cb1815680642d.tar.gz | |
Merge branch 'PHP-5.5'
* PHP-5.5:
fix a very rare case of use of uninitialized value combined with a memleak
| -rw-r--r-- | main/fopen_wrappers.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c index eb33ac7ba1..1d99a4e20e 100644 --- a/main/fopen_wrappers.c +++ b/main/fopen_wrappers.c @@ -775,7 +775,12 @@ PHPAPI char *expand_filepath_with_mode(const char *filepath, char *real_path, co * we cannot cannot getcwd() and the requested, * relatively referenced file is accessible */ copy_len = strlen(filepath) > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : strlen(filepath); - real_path = estrndup(filepath, copy_len); + if (real_path) { + memcpy(real_path, filepath, copy_len); + real_path[copy_len] = '\0'; + } else { + real_path = estrndup(filepath, copy_len); + } close(fdtest); return real_path; } else { |