Fixed crash in zip extract method (possible CWE-170)

author: Pierre Joye <pajoye@php.net> 2010-11-30 11:04:06 +0000
committer: Pierre Joye <pajoye@php.net> 2010-11-30 11:04:06 +0000
commit: 61924ece78a323bd8cc915f21affb04fceef0841 (patch)
tree: 28cc016dd6a1bf96c28130985e538447f1f56255 /ext/zip/php_zip.c
parent: b010e9fd50a8c560663012de0859c47f17136021 (diff)
download: php-git-61924ece78a323bd8cc915f21affb04fceef0841.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index a6d317de0f..eb75ef1af5 100644
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -413,6 +413,9 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 		return 0;
 	}
 	path_cleaned =  php_zip_make_relative_path(new_state.cwd, new_state.cwd_length);
+	if(!path_cleaned) {
+		return 0;
+	}
 	path_cleaned_len = strlen(path_cleaned);
 
 	if (path_cleaned_len >= MAXPATHLEN || zip_stat(za, file, 0, &sb) != 0) {
author	Pierre Joye <pajoye@php.net>	2010-11-30 11:04:06 +0000
committer	Pierre Joye <pajoye@php.net>	2010-11-30 11:04:06 +0000
commit	61924ece78a323bd8cc915f21affb04fceef0841 (patch)
tree	28cc016dd6a1bf96c28130985e538447f1f56255 /ext/zip/php_zip.c
parent	b010e9fd50a8c560663012de0859c47f17136021 (diff)
download	php-git-61924ece78a323bd8cc915f21affb04fceef0841.tar.gz