Fix possible stack buffer overflow

author: Anatol Belski <ab@php.net> 2018-08-04 16:56:08 +0200
committer: Anatol Belski <ab@php.net> 2018-08-04 16:56:08 +0200
commit: e1af7a794a25949a7929e7e77bfc215900b4e2a0 (patch)
tree: 143d79d32eb1a0e6f8ad51bbeaeeb73d80873ee5 /ext/fileinfo/libmagic
parent: 655658bbfa91cfc96569c85109577358c43db5e1 (diff)
download: php-git-e1af7a794a25949a7929e7e77bfc215900b4e2a0.tar.gz
1 files changed, 9 insertions, 2 deletions
diff --git a/ext/fileinfo/libmagic/funcs.c b/ext/fileinfo/libmagic/funcs.c
index 972d8d6c40..651fc15c19 100644
--- a/ext/fileinfo/libmagic/funcs.c
+++ b/ext/fileinfo/libmagic/funcs.c
@@ -239,8 +239,15 @@ file_buffer(struct magic_set *ms, php_stream *stream, const char *inname, const
 	}
 
 	/* Check if we have a CDF file */
-	if ((ms->flags & MAGIC_NO_CHECK_CDF) == 0) {
-		if (stream && SUCCESS == php_stream_cast(stream, PHP_STREAM_AS_FD, (void **)&fd, 0)) {
+	if ((ms->flags & MAGIC_NO_CHECK_CDF) == 0 && stream) {
+#ifdef _WIN64
+		php_socket_t _fd = fd;
+		int _ret = php_stream_cast(stream, PHP_STREAM_AS_FD, (void **)&_fd, 0);
+		fd = (int)_fd;
+#else
+		int _ret = php_stream_cast(stream, PHP_STREAM_AS_FD, (void **)&fd, 0);
+#endif
+		if (SUCCESS == _ret) {
 			m = file_trycdf(ms, &b);
 			if ((ms->flags & MAGIC_DEBUG) != 0)
 				(void)fprintf(stderr, "[try cdf %d]\n", m);
author	Anatol Belski <ab@php.net>	2018-08-04 16:56:08 +0200
committer	Anatol Belski <ab@php.net>	2018-08-04 16:56:08 +0200
commit	e1af7a794a25949a7929e7e77bfc215900b4e2a0 (patch)
tree	143d79d32eb1a0e6f8ad51bbeaeeb73d80873ee5 /ext/fileinfo/libmagic
parent	655658bbfa91cfc96569c85109577358c43db5e1 (diff)
download	php-git-e1af7a794a25949a7929e7e77bfc215900b4e2a0.tar.gz