- fix Fixed NULL pointer dereference in ZipArchive::getArchiveComment, (CVE-2010-3709), report&patch from Maksymilian Arciemowicz

author: Pierre Joye <pajoye@php.net> 2010-10-19 09:55:36 +0000
committer: Pierre Joye <pajoye@php.net> 2010-10-19 09:55:36 +0000
commit: 6ab767262c0fc9269e56cf72746a353d7d4389a9 (patch)
tree: 83e5f1295e166d0ba8a8da6d9f9896c39d79adc2 /ext/zip/php_zip.c
parent: 6a289f4d108e2b9693687a2d60520cb6521445d3 (diff)
download: php-git-6ab767262c0fc9269e56cf72746a353d7d4389a9.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
index 76aa9b7aeb..dc920ef925 100644
--- a/ext/zip/php_zip.c
+++ b/ext/zip/php_zip.c
@@ -1961,6 +1961,9 @@ static ZIPARCHIVE_METHOD(getArchiveComment)
 	}
 
 	comment = zip_get_archive_comment(intern, &comment_len, (int)flags);
+	if(comment==NULL) {
+		RETURN_FALSE;
+	}
 	RETURN_STRINGL((char *)comment, (long)comment_len, 1);
 }
 /* }}} */
author	Pierre Joye <pajoye@php.net>	2010-10-19 09:55:36 +0000
committer	Pierre Joye <pajoye@php.net>	2010-10-19 09:55:36 +0000
commit	6ab767262c0fc9269e56cf72746a353d7d4389a9 (patch)
tree	83e5f1295e166d0ba8a8da6d9f9896c39d79adc2 /ext/zip/php_zip.c
parent	6a289f4d108e2b9693687a2d60520cb6521445d3 (diff)
download	php-git-6ab767262c0fc9269e56cf72746a353d7d4389a9.tar.gz