php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login | |
Patch issue-77586-buff-overflow.patch for PHAR related Bug #77586Patch version 2019-02-11 21:16 UTC Return to Bug #77586 | Download this patchThis patch is obsolete Obsoleted by patches: This patch renders other patches obsolete Obsolete patches: Patch Revisions:Developer: bishop@php.net--- a/ext/phar/tar.c +++ b/ext/phar/tar.c @@ -762,7 +762,12 @@ static int phar_tar_writeheaders_int(phar_entry_info *entry, void *argument) /* header.typeflag = entry->tar_type; if (entry->link) { - strncpy(header.linkname, entry->link, strlen(entry->link)); + if (strlcpy(header.linkname, entry->link, sizeof(header.linkname)) >= sizeof(header.linkname)) { + if (fp->error) { + spprintf(fp->error, 4096, "tar-based phar \"%s\" cannot be created, link \"%s\" is too long for format", entry->phar->fname, entry->link); + } + return ZEND_HASH_APPLY_STOP; + } } strncpy(header.magic, "ustar", sizeof("ustar")-1); |
Copyright © 2001-2024 The PHP Group All rights reserved. |
Last updated: Tue Oct 15 09:01:26 2024 UTC |