Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff -Naur php-5.4.4/main/streams/streams.c php-5.4.5/main/streams/streams.c
- --- php-5.4.4/main/streams/streams.c 2012-06-13 06:54:23.000000000 +0200
- +++ php-5.4.5/main/streams/streams.c 2012-07-18 08:19:16.000000000 +0200
- @@ -2332,8 +2332,8 @@
- php_stream *stream;
- php_stream_dirent sdp;
- char **vector = NULL;
- - int vector_size = 0;
- - int nfiles = 0;
- + unsigned int vector_size = 0;
- + unsigned int nfiles = 0;
- if (!namelist) {
- return FAILURE;
- @@ -2349,14 +2349,24 @@
- if (vector_size == 0) {
- vector_size = 10;
- } else {
- + if(vector_size*2 < vector_size) {
- + /* overflow */
- + efree(vector);
- + return FAILURE;
- + }
- vector_size *= 2;
- }
- - vector = (char **) erealloc(vector, vector_size * sizeof(char *));
- + vector = (char **) safe_erealloc(vector, vector_size, sizeof(char *), 0);
- }
- vector[nfiles] = estrdup(sdp.d_name);
- nfiles++;
- + if(vector_size < 10 || nfiles == 0) {
- + /* overflow */
- + efree(vector);
- + return FAILURE;
- + }
- }
- php_stream_closedir(stream);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
