Fixed crash in zip extract method (possible CWE-170)

author: Pierre Joye <pajoye@php.net> 2010-11-30 11:04:06 +0000
committer: Pierre Joye <pajoye@php.net> 2010-11-30 11:04:06 +0000
commit: 761c62267f6099af9c43a68af6156030a6c7a1af (patch)
tree: 91a5ead138a2bf6605f9fe983529a4e4bb55b16d /ext/zip/php_zip.c
parent: f719d3707d5b26709dd85f67de82a7c33781e2e3 (diff)
download: php-git-761c62267f6099af9c43a68af6156030a6c7a1af.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index 5c291381c5..1b42c94457 100644
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -162,6 +162,9 @@ static int php_zip_extract_file(struct zip * za, char *dest, char *file, int fil
 	 */
 	virtual_file_ex(&new_state, file, NULL, CWD_EXPAND);
 	path_cleaned =  php_zip_make_relative_path(new_state.cwd, new_state.cwd_length);
+	if(!path_cleaned) {
+		return 0;
+	}
 	path_cleaned_len = strlen(path_cleaned);
 
 	if (path_cleaned_len >= MAXPATHLEN || zip_stat(za, file, 0, &sb) != 0) {
author	Pierre Joye <pajoye@php.net>	2010-11-30 11:04:06 +0000
committer	Pierre Joye <pajoye@php.net>	2010-11-30 11:04:06 +0000
commit	761c62267f6099af9c43a68af6156030a6c7a1af (patch)
tree	91a5ead138a2bf6605f9fe983529a4e4bb55b16d /ext/zip/php_zip.c
parent	f719d3707d5b26709dd85f67de82a7c33781e2e3 (diff)
download	php-git-761c62267f6099af9c43a68af6156030a6c7a1af.tar.gz