summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStanislav Malyshev <stas@php.net>2012-06-08 08:23:07 (GMT)
committerStanislav Malyshev <stas@php.net>2012-06-08 08:23:07 (GMT)
commitc83457ed13deabd296dcfb17f3e104572878763e (patch)
tree7c5fefd92d8d0cc94b3fd560ffddedd740028e14
parent426ccd3e7f9aabc5d4e3b97a51d2c19ba44871d5 (diff)
parent59eaa7c877e6bacb4783f929b924e2582c4a82f1 (diff)
downloadphp-c83457ed13deabd296dcfb17f3e104572878763e.tar.gz
Merge branch 'PHP-5.4'
* PHP-5.4: improve overflow checks add NEWS fix potential overflow in _php_stream_scandir
-rwxr-xr-xmain/streams/streams.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/main/streams/streams.c b/main/streams/streams.c
index 1945724..81bf594 100755
--- a/main/streams/streams.c
+++ b/main/streams/streams.c
@@ -2280,6 +2280,11 @@ PHPAPI int _php_stream_scandir(char *dirname, char **namelist[], int flags, php_
if (vector_size == 0) {
vector_size = 10;
} else {
+ if(vector_size*2 < vector_size) {
+ /* overflow */
+ efree(vector);
+ return FAILURE;
+ }
vector_size *= 2;
}
vector = (char **) safe_erealloc(vector, vector_size, sizeof(char *), 0);