|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80366 Potential issue in ext/standard/iptc.c: Return Value Not Checked
Submitted: 2020-11-13 19:12 UTC Modified: 2020-11-17 13:48 UTC
From: sagpant at microsoft dot com Assigned: cmb (profile)
Status: Closed Package: GetImageSize related
PHP Version: 7.4.12 OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: sagpant at microsoft dot com
New email:
PHP Version: OS:


 [2020-11-13 19:12 UTC] sagpant at microsoft dot com
In this codebase, you often check the return value of the implicated function when calling it, but at this instance, it appears that you didn’t. Using a consistent return value checking and/or error handling approach can improve code robustness and readability.

File: PHP-7.4.12/ext/standard/iptc.c
Line Number: 220
Function: zend_fstat

Correct reference usage found in main/streams/plain_wrapper.c line: 160

Test script:
Analyzer points out inconsistencies in the code.


iptc_fix.patch (last revision 2020-11-13 19:32 UTC by sagpant at microsoft dot com)
iptc.patch (last revision 2020-11-13 19:12 UTC by sagpant at microsoft dot com)

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2020-11-13 19:23 UTC]
Nits on the patch:

I prefer `== 0` over `!= 1`.
The nested if is unnecessary; combine it with the surrounding if.
 [2020-11-13 19:32 UTC] sagpant at microsoft dot com
The following patch has been added/updated:

Patch Name: iptc_fix.patch
Revision:   1605295925
 [2020-11-17 13:48 UTC]
-Status: Open +Status: Verified -Package: *General Issues +Package: GetImageSize related -Assigned To: +Assigned To: cmb
 [2020-11-17 13:48 UTC]
Thanks for reporting this issue and providing a patch.  I think we
have to bail out of the function if this zend_fstat() call fails,
 [2020-11-17 13:49 UTC]
The following pull request has been associated:

Patch Name: Fix #80366: Return Value of zend_fstat() not Checked
On GitHub:
 [2020-11-24 12:11 UTC]
Automatic comment on behalf of
Log: Fix #80366: Return Value of zend_fstat() not Checked
 [2020-11-24 12:11 UTC]
-Status: Verified +Status: Closed
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Jul 20 18:01:29 2024 UTC