From fe4d7248cc09cf4d4f7b289e6db8299e8d7ac6d2 Mon Sep 17 00:00:00 2001
From: johnstevenson <john-stevenson@blueyonder.co.uk>
Date: Fri, 1 Feb 2019 19:45:20 +0000
Subject: Fix #77552: Uninitialized buffer in stat functions

---
 NEWS                                  |  4 ++++
 ext/standard/tests/file/bug77552.phpt | 32 ++++++++++++++++++++++++++++++++
 main/streams/streams.c                |  2 ++
 3 files changed, 38 insertions(+)
 create mode 100644 ext/standard/tests/file/bug77552.phpt

diff --git a/NEWS b/NEWS
index 181bb429eb..f823f484b9 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,10 @@ PHP                                                                        NEWS
   . Support Oracle Database tracing attributes ACTION, MODULE,
     CLIENT_INFO, and CLIENT_IDENTIFIER. (Cameron Porter)
 
+- Standard:
+  . Fixed bug #77552 (Unintialized php_stream_statbuf in stat functions).
+    (John Stevenson)
+
 07 Feb 2019, PHP 7.2.15
 
 - Core:
diff --git a/ext/standard/tests/file/bug77552.phpt b/ext/standard/tests/file/bug77552.phpt
new file mode 100644
index 0000000000..9404b8e09f
--- /dev/null
+++ b/ext/standard/tests/file/bug77552.phpt
@@ -0,0 +1,32 @@
+--TEST--
+Bug #77552 Unintialized php_stream_statbuf in stat functions 
+--SKIPIF--
+<?php
+if (substr(PHP_OS, 0, 3) != 'WIN') {
+    die('skip windows only test');
+}
+?>
+--FILE--
+<?php
+// Check lstat on a Windows junction to ensure that st_mode is zero
+$tmpDir = __DIR__.'/test-bug77552';
+
+$target = $tmpDir.'/folder/target';
+mkdir($target, 0777, true);
+
+$junction = $tmpDir.'/junction';
+$cmd = sprintf('mklink /J "%s" "%s"', $junction, $target); 
+exec($cmd);
+
+$stat = lstat($junction);
+var_dump($stat['mode']);
+
+?>
+--CLEAN--
+<?php
+$tmpDir = __DIR__.'/test-bug77552';
+$cmd = sprintf('rmdir /S /Q "%s"', $tmpDir);
+exec($cmd);
+?>
+--EXPECT--
+int(0)
diff --git a/main/streams/streams.c b/main/streams/streams.c
index 3cf0c7ec97..9daae57433 100644
--- a/main/streams/streams.c
+++ b/main/streams/streams.c
@@ -1887,6 +1887,8 @@ PHPAPI int _php_stream_stat_path(const char *path, int flags, php_stream_statbuf
 	const char *path_to_open = path;
 	int ret;
 
+	memset(ssb, 0, sizeof(*ssb));
+
 	if (!(flags & PHP_STREAM_URL_STAT_NOCACHE)) {
 		/* Try to hit the cache first */
 		if (flags & PHP_STREAM_URL_STAT_LINK) {
-- 
cgit v1.2.1