diff options
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | TSRM/tsrm_win32.c | 4 |
2 files changed, 8 insertions, 0 deletions
@@ -10,6 +10,10 @@ PHP NEWS . On blocking SSL sockets respect the timeout option where possible. (Scott) +- Core + . Fix bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow + (Pierre) + 14 Jul 2011, PHP 5.3.7 RC3 - Zend Engine: . Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even diff --git a/TSRM/tsrm_win32.c b/TSRM/tsrm_win32.c index c61607b552..8603a9039e 100644 --- a/TSRM/tsrm_win32.c +++ b/TSRM/tsrm_win32.c @@ -532,6 +532,10 @@ TSRM_API FILE *popen_ex(const char *command, const char *type, const char *cwd, } cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c ")+2); + if (!cmd) { + return NULL; + } + sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command); if (asuser) { res = CreateProcessAsUser(token_user, NULL, cmd, &security, &security, security.bInheritHandle, dwCreateFlags, env, cwd, &startup, &process); |