Subject: Fixed bug#53579 (stream_get_contents() segfaults on ziparchive streams)
  Also added the filename being access to the stream_get_meta_data() array
Origin: http://svn.php.net/viewvc?view=revision&revision=306493

CVE-2011-1470

Patch differs from upstream commit in that it drops the added entry to
the NEWS file to reduce patch conflicts.

--- /dev/null
+++ b/ext/zip/tests/bug53579.phpt
@@ -0,0 +1,44 @@
+--TEST--
+Bug #53579 (stream_get_contents() segfaults on ziparchive streams)
+--SKIPIF--
+<?php
+/* $Id: oo_stream.phpt 260091 2008-05-21 09:27:41Z pajoye $ */
+if(!extension_loaded('zip')) die('skip');
+?>
+--FILE--
+<?php
+$dirname = dirname(__FILE__) . '/';
+$file = $dirname . 'test_with_comment.zip';
+include $dirname . 'utils.inc';
+$zip = new ZipArchive;
+if (!$zip->open($file)) {
+	exit('failed');
+}
+$fp = $zip->getStream('foo');
+
+var_dump($fp);
+if(!$fp) exit("\n");
+$contents = stream_get_contents($fp);
+
+fclose($fp);
+$zip->close();
+var_dump($contents);
+
+
+$fp = fopen('zip://' . dirname(__FILE__) . '/test_with_comment.zip#foo', 'rb');
+if (!$fp) {
+  exit("cannot open\n");
+}
+$contents = stream_get_contents($fp);
+var_dump($contents);
+fclose($fp);
+
+?>
+--EXPECTF--
+resource(%d) of type (stream)
+string(5) "foo
+
+"
+string(5) "foo
+
+"
--- a/ext/zip/zip_stream.c
+++ b/ext/zip/zip_stream.c
@@ -141,6 +141,7 @@ php_stream *php_stream_zip_open(char *fi
 			self->stream = NULL;
 			self->cursor = 0;
 			stream = php_stream_alloc(&php_stream_zipio_ops, self, NULL, mode);
+			stream->orig_path = estrdup(path);
 		} else {
 			zip_close(stream_za);
 		}