diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | ext/standard/file.c | 5 |
2 files changed, 7 insertions, 0 deletions
@@ -17,6 +17,8 @@ PHP NEWS - Fixed altering $this via argument named "this". (Dmitry) - Fixed PHP CLI to use the php.ini from the binary location. (Hannes) - Fixed segfault in strripos(). (Tony, Joxean Koret) +- Fixed bug #41430 (Fatal error with negative values of maxlen parameter of + file_get_contents()). (Tony) - Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults). (Tony, Dmitry) - Fixed bug #41403 (json_decode cannot decode floats if localeconv diff --git a/ext/standard/file.c b/ext/standard/file.c index 993842e17a..1b61f17804 100644 --- a/ext/standard/file.c +++ b/ext/standard/file.c @@ -545,6 +545,11 @@ PHP_FUNCTION(file_get_contents) RETURN_FALSE; } + if (maxlen < 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Length must be greater than or equal to zero"); + RETURN_FALSE; + } + if (offset > 0 && php_stream_seek(stream, offset, SEEK_SET) < 0) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to seek to position %ld in the stream", offset); php_stream_close(stream); |