summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ext/xmlreader/php_xmlreader.c5
-rw-r--r--ext/xmlwriter/php_xmlwriter.c5
2 files changed, 4 insertions, 6 deletions
diff --git a/ext/xmlreader/php_xmlreader.c b/ext/xmlreader/php_xmlreader.c
index 05d1bb9a51..d5eca3d167 100644
--- a/ext/xmlreader/php_xmlreader.c
+++ b/ext/xmlreader/php_xmlreader.c
@@ -260,9 +260,8 @@ char *_xmlreader_get_valid_file_path(char *source, char *resolved_path, int reso
file_dest = source;
if ((uri->scheme == NULL || isFileUri)) {
- /* XXX possible buffer overflow if VCWD_REALPATH does not know size of resolved_path */
- if (! VCWD_REALPATH(source, resolved_path)) {
- expand_filepath(source, resolved_path TSRMLS_CC);
+ if (!VCWD_REALPATH(source, resolved_path) && !expand_filepath(source, resolved_path TSRMLS_CC)) {
+ return NULL;
}
file_dest = resolved_path;
}
diff --git a/ext/xmlwriter/php_xmlwriter.c b/ext/xmlwriter/php_xmlwriter.c
index 5628b2c7a1..6baa512046 100644
--- a/ext/xmlwriter/php_xmlwriter.c
+++ b/ext/xmlwriter/php_xmlwriter.c
@@ -272,9 +272,8 @@ char *_xmlwriter_get_valid_file_path(char *source, char *resolved_path, int reso
file_dest = source;
if ((uri->scheme == NULL || isFileUri)) {
- /* XXX possible buffer overflow if VCWD_REALPATH does not know size of resolved_path */
- if (! VCWD_REALPATH(source, resolved_path)) {
- expand_filepath(source, resolved_path TSRMLS_CC);
+ if (!VCWD_REALPATH(source, resolved_path) && !expand_filepath(source, resolved_path TSRMLS_CC)) {
+ return NULL;
}
file_dest = resolved_path;
}
View Lorry Controller Status