diff options
author | Anatol Belski <ab@php.net> | 2018-08-04 16:56:08 +0200 |
---|---|---|
committer | Anatol Belski <ab@php.net> | 2018-08-04 16:56:08 +0200 |
commit | e1af7a794a25949a7929e7e77bfc215900b4e2a0 (patch) | |
tree | 143d79d32eb1a0e6f8ad51bbeaeeb73d80873ee5 /ext/fileinfo/libmagic | |
parent | 655658bbfa91cfc96569c85109577358c43db5e1 (diff) | |
download | php-git-e1af7a794a25949a7929e7e77bfc215900b4e2a0.tar.gz |
Fix possible stack buffer overflow
Diffstat (limited to 'ext/fileinfo/libmagic')
-rw-r--r-- | ext/fileinfo/libmagic/funcs.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/ext/fileinfo/libmagic/funcs.c b/ext/fileinfo/libmagic/funcs.c index 972d8d6c40..651fc15c19 100644 --- a/ext/fileinfo/libmagic/funcs.c +++ b/ext/fileinfo/libmagic/funcs.c @@ -239,8 +239,15 @@ file_buffer(struct magic_set *ms, php_stream *stream, const char *inname, const } /* Check if we have a CDF file */ - if ((ms->flags & MAGIC_NO_CHECK_CDF) == 0) { - if (stream && SUCCESS == php_stream_cast(stream, PHP_STREAM_AS_FD, (void **)&fd, 0)) { + if ((ms->flags & MAGIC_NO_CHECK_CDF) == 0 && stream) { +#ifdef _WIN64 + php_socket_t _fd = fd; + int _ret = php_stream_cast(stream, PHP_STREAM_AS_FD, (void **)&_fd, 0); + fd = (int)_fd; +#else + int _ret = php_stream_cast(stream, PHP_STREAM_AS_FD, (void **)&fd, 0); +#endif + if (SUCCESS == _ret) { m = file_trycdf(ms, &b); if ((ms->flags & MAGIC_DEBUG) != 0) (void)fprintf(stderr, "[try cdf %d]\n", m); |