diff options
| author | Stanislav Malyshev <stas@php.net> | 2016-07-19 00:53:08 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2016-07-19 00:53:08 -0700 |
| commit | 4d0565b5bad444b0652379668c5116b74ee13747 (patch) | |
| tree | 922cc7fbcf1c456bc89b2467c3e1f97d0708de3b /ext/zip | |
| parent | 1a886926920acd6168cdff9f097bc20fc839a7f7 (diff) | |
| parent | f0a17b3a862399a77e54460b7f1b800bed4d6a69 (diff) | |
| download | php-git-4d0565b5bad444b0652379668c5116b74ee13747.tar.gz | |
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
fix #72519, possible OOB using imagegif
fix #72512, invalid read or write for palette image when invalid transparent index is used
Apparently some envs miss SIZE_MAX
Fix tests
Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
Fix bug #72562 - destroy var_hash properly
Fix bug #72533 (locale_accept_from_http out-of-bounds access)
Fix fir bug #72520
Fix for bug #72513
CS fix and comments with bug ID
Fix for HTTP_PROXY issue.
add tests for bug #72512
Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
Fixed bug #72479 - same as #72434
Conflicts:
ext/bz2/bz2.c
main/SAPI.c
main/php_variables.c
Diffstat (limited to 'ext/zip')
| -rw-r--r-- | ext/zip/zip_stream.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ext/zip/zip_stream.c b/ext/zip/zip_stream.c index 1cd134ecfb..2095ddf838 100644 --- a/ext/zip/zip_stream.c +++ b/ext/zip/zip_stream.c @@ -229,7 +229,7 @@ php_stream *php_stream_zip_open(const char *filename, const char *path, const ch self = emalloc(sizeof(*self)); self->za = stream_za; - self->zf = zf; + self->zf = zf; self->stream = NULL; self->cursor = 0; stream = php_stream_alloc(&php_stream_zipio_ops, self, NULL, mode); @@ -256,7 +256,7 @@ php_stream *php_stream_zip_opener(php_stream_wrapper *wrapper, char **opened_path, php_stream_context *context STREAMS_DC TSRMLS_DC) { - int path_len; + size_t path_len; char *file_basename; size_t file_basename_len; @@ -265,7 +265,7 @@ php_stream *php_stream_zip_opener(php_stream_wrapper *wrapper, struct zip *za; struct zip_file *zf = NULL; char *fragment; - int fragment_len; + size_t fragment_len; int err; php_stream *stream = NULL; @@ -308,7 +308,7 @@ php_stream *php_stream_zip_opener(php_stream_wrapper *wrapper, self = emalloc(sizeof(*self)); self->za = za; - self->zf = zf; + self->zf = zf; self->stream = NULL; self->cursor = 0; stream = php_stream_alloc(&php_stream_zipio_ops, self, NULL, mode); |