Fix #79078: Hypothetical use-after-free in curl_multi_add_handle()

To avoid this, we have to verify the handlers already in `curl_multi_add_handle()`, not only in `curl_multi_exec()`.
author: Christoph M. Becker <cmbecker69@gmx.de> 2020-01-08 11:52:24 +0100
committer: Christoph M. Becker <cmbecker69@gmx.de> 2020-01-08 18:29:10 +0100
commit: 0dda4a844e63ccbcff1053fff65649dab0fd348f (patch)
tree: 083f3e8916d38ebeca80429ebc0416345365e1fa /ext/curl/multi.c
parent: 38c0a53b60059e06128f61a28573d6c10b60d1d2 (diff)
download: php-git-0dda4a844e63ccbcff1053fff65649dab0fd348f.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/ext/curl/multi.c b/ext/curl/multi.c
index d10a03f741..af31e28adf 100644
--- a/ext/curl/multi.c
+++ b/ext/curl/multi.c
@@ -92,6 +92,8 @@ PHP_FUNCTION(curl_multi_add_handle)
 		RETURN_FALSE;
 	}
 
+	_php_curl_verify_handlers(ch, 1);
+
 	_php_curl_cleanup_handle(ch);
 
 	GC_ADDREF(Z_RES_P(z_ch));
author	Christoph M. Becker <cmbecker69@gmx.de>	2020-01-08 11:52:24 +0100
committer	Christoph M. Becker <cmbecker69@gmx.de>	2020-01-08 18:29:10 +0100
commit	0dda4a844e63ccbcff1053fff65649dab0fd348f (patch)
tree	083f3e8916d38ebeca80429ebc0416345365e1fa /ext/curl/multi.c
parent	38c0a53b60059e06128f61a28573d6c10b60d1d2 (diff)
download	php-git-0dda4a844e63ccbcff1053fff65649dab0fd348f.tar.gz