File: CVE-2015-7804.patch.org

package info (click to toggle)

php5 5.3.3.1-7%2Bsqueeze29

links: PTS, VCS
area: main
in suites: squeeze-lts
size: 123,520 kB
ctags: 55,742
sloc: ansic: 633,963; php: 19,620; sh: 11,344; xml: 5,816; cpp: 2,400; yacc: 1,745; exp: 1,514; makefile: 1,019; pascal: 623; awk: 537; sql: 22

file content (26 lines) | stat: -rw-r--r-- 1,033 bytes

From e78ac461dbefb7c4a3e9fde78d50fbc56b7b0183 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Mon, 28 Sep 2015 17:12:35 -0700
Subject: [PATCH] FIx bug #70433 - Uninitialized pointer in phar_make_dirstream
 when zip entry filename is "/"

---
 ext/phar/dirstream.c         |   2 +-
 3 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 ext/phar/tests/bug70433.phpt
 create mode 100755 ext/phar/tests/bug70433.zip

diff --git a/ext/phar/dirstream.c b/ext/phar/dirstream.c
index 75cf049..4728e29 100644
--- a/ext/phar/dirstream.c
+++ b/ext/phar/dirstream.c
@@ -207,7 +207,7 @@ static php_stream *phar_make_dirstream(char *dir, HashTable *manifest TSRMLS_DC)
 	zend_hash_internal_pointer_reset(manifest);
 
 	while (FAILURE != zend_hash_has_more_elements(manifest)) {
-		if (HASH_KEY_NON_EXISTENT == zend_hash_get_current_key_ex(manifest, &key, &keylen, &unused, 0, NULL)) {
+		if (HASH_KEY_IS_STRING != zend_hash_get_current_key_ex(manifest, &key, &keylen, &unused, 0, NULL)) {
 			break;
 		}