[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/win32/readdir.c trunk/win32/readdir.c

Mon, 10 Jan 2011 00:08:24 -0800 

pajoye                                   Mon, 10 Jan 2011 08:07:38 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=307329

Log:
- possible NULL deref

Changed paths:
    U   php/php-src/branches/PHP_5_3/win32/readdir.c
    U   php/php-src/trunk/win32/readdir.c

Modified: php/php-src/branches/PHP_5_3/win32/readdir.c
===================================================================
--- php/php-src/branches/PHP_5_3/win32/readdir.c        2011-01-10 06:21:53 UTC 
(rev 307328)
+++ php/php-src/branches/PHP_5_3/win32/readdir.c        2011-01-10 08:07:38 UTC 
(rev 307329)
@@ -33,6 +33,9 @@
        }

        filespec = (char *)malloc(strlen(resolved_path_buff) + 2 + 1);
+       if (filespec == NULL) {
+               return NULL;
+       }
        strcpy(filespec, resolved_path_buff);
        index = strlen(filespec) - 1;
        if (index >= 0 && (filespec[index] == '/' ||
@@ -41,6 +44,9 @@
        strcat(filespec, "\\*");

        dp = (DIR *) malloc(sizeof(DIR));
+       if (dp == NULL) {
+               return NULL;
+       }
        dp->offset = 0;
        dp->finished = 0;

@@ -140,6 +146,10 @@
        dp->finished = 0;

        filespec = (char *)malloc(strlen(dp->dir) + 2 + 1);
+       if (filespec == NULL) {
+               return -1;
+       }
+
        strcpy(filespec, dp->dir);
        index = strlen(filespec) - 1;
        if (index >= 0 && (filespec[index] == '/' ||

Modified: php/php-src/trunk/win32/readdir.c
===================================================================
--- php/php-src/trunk/win32/readdir.c   2011-01-10 06:21:53 UTC (rev 307328)
+++ php/php-src/trunk/win32/readdir.c   2011-01-10 08:07:38 UTC (rev 307329)
@@ -33,6 +33,9 @@
        }

        filespec = (char *)malloc(strlen(resolved_path_buff) + 2 + 1);
+       if (filespec == NULL) {
+               return NULL;
+       }
        strcpy(filespec, resolved_path_buff);
        index = strlen(filespec) - 1;
        if (index >= 0 && (filespec[index] == '/' ||
@@ -41,6 +44,9 @@
        strcat(filespec, "\\*");

        dp = (DIR *) malloc(sizeof(DIR));
+       if (dp == NULL) {
+               return NULL;
+       }
        dp->offset = 0;
        dp->finished = 0;

@@ -140,6 +146,10 @@
        dp->finished = 0;

        filespec = (char *)malloc(strlen(dp->dir) + 2 + 1);
+       if (filespec == NULL) {
+               return -1;
+       }
+
        strcpy(filespec, dp->dir);
        index = strlen(filespec) - 1;
        if (index >= 0 && (filespec[index] == '/' ||


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to