pajoye Wed, 27 Jul 2011 14:23:06 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=313782
Log: - Fix #55295, check if malloc failed Bug: https://bugs.php.net/55295 (error getting bug information) Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c U php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c U php/php-src/trunk/TSRM/tsrm_win32.c Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2011-07-27 14:17:45 UTC (rev 313781) +++ php/php-src/branches/PHP_5_3/NEWS 2011-07-27 14:23:06 UTC (rev 313782) @@ -10,6 +10,10 @@ . On blocking SSL sockets respect the timeout option where possible. (Scott) +- Core + . Fix bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow + (Pierre) + 14 Jul 2011, PHP 5.3.7 RC3 - Zend Engine: . Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even Modified: php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c =================================================================== --- php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c 2011-07-27 14:17:45 UTC (rev 313781) +++ php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c 2011-07-27 14:23:06 UTC (rev 313782) @@ -532,6 +532,10 @@ } cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c ")+2); + if (!cmd) { + return NULL; + } + sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command); if (asuser) { res = CreateProcessAsUser(token_user, NULL, cmd, &security, &security, security.bInheritHandle, dwCreateFlags, env, cwd, &startup, &process); Modified: php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c =================================================================== --- php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c 2011-07-27 14:17:45 UTC (rev 313781) +++ php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c 2011-07-27 14:23:06 UTC (rev 313782) @@ -530,6 +530,10 @@ } cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c ")+2); + if (!cmd) { + return NULL; + } + sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command); if (asuser) { res = CreateProcessAsUser(token_user, NULL, cmd, &security, &security, security.bInheritHandle, dwCreateFlags, env, cwd, &startup, &process); Modified: php/php-src/trunk/TSRM/tsrm_win32.c =================================================================== --- php/php-src/trunk/TSRM/tsrm_win32.c 2011-07-27 14:17:45 UTC (rev 313781) +++ php/php-src/trunk/TSRM/tsrm_win32.c 2011-07-27 14:23:06 UTC (rev 313782) @@ -530,6 +530,10 @@ } cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c ")+2); + if (!cmd) { + return NULL; + } + sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command); if (asuser) { res = CreateProcessAsUser(token_user, NULL, cmd, &security, &security, security.bInheritHandle, dwCreateFlags, env, cwd, &startup, &process);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php