PHP :: Bug #35756 :: ecalloc in fgets() does't not check its return value

Bug #35756	ecalloc in fgets() does't not check its return value
Submitted:	2005-12-21 03:39 UTC	Modified:	2005-12-21 08:50 UTC
From:	sqchen at citiz dot net	Assigned:
Status:	Not a bug	Package:	Filesystem function related
PHP Version:	5.1.1	OS:	redhat 7.3
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2005-12-21 03:39 UTC] sqchen at citiz dot net

Description:
------------
file     ext/standard/file.c
line     1028


buf = ecalloc(len + 1, sizeof(char));
		if (php_stream_get_line(stream, buf, len, &line_len) == NULL) {
			goto exit_failed;
		}


here doesn't check the availablity of 'buf', so if ecalloc doesn't calloc a memory, it will return NULL, it will cause some problem

Reproduce code:
---------------
$fp=fopen("1.txt", "r");
fgets($fp, 2147483640);

on some platform, when ecalloc failed, it will return NULL, so segmentation fault will prompt. 


the same as fread function

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-12-21 08:50 UTC] wez@php.net

ecalloc, emalloc, erealloc and friends will never return NULL.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Apr 23 11:01:33 2024 UTC