[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/NEWS branches/PHP_5_3/TSRM/tsrm_win32.c branches/PHP_5_4/TSRM/tsrm_win32.c trunk/TSRM/tsrm_win32.c

Wed, 27 Jul 2011 07:23:31 -0700 

pajoye                                   Wed, 27 Jul 2011 14:23:06 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=313782

Log:
- Fix #55295, check if malloc failed

Bug: https://bugs.php.net/55295 (error getting bug information)
      
Changed paths:
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c
    U   php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c
    U   php/php-src/trunk/TSRM/tsrm_win32.c

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2011-07-27 14:17:45 UTC (rev 313781)
+++ php/php-src/branches/PHP_5_3/NEWS   2011-07-27 14:23:06 UTC (rev 313782)
@@ -10,6 +10,10 @@
   . On blocking SSL sockets respect the timeout option where possible.
     (Scott)

+- Core
+  . Fix bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow
+    (Pierre)
+
 14 Jul 2011, PHP 5.3.7 RC3
 - Zend Engine:
   . Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even

Modified: php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c
===================================================================
--- php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c      2011-07-27 14:17:45 UTC 
(rev 313781)
+++ php/php-src/branches/PHP_5_3/TSRM/tsrm_win32.c      2011-07-27 14:23:06 UTC 
(rev 313782)
@@ -532,6 +532,10 @@
        }

        cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c 
")+2);
+       if (!cmd) {
+               return NULL;
+       }
+
        sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command);
        if (asuser) {
                res = CreateProcessAsUser(token_user, NULL, cmd, &security, 
&security, security.bInheritHandle, dwCreateFlags, env, cwd, &startup, 
&process);

Modified: php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c
===================================================================
--- php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c      2011-07-27 14:17:45 UTC 
(rev 313781)
+++ php/php-src/branches/PHP_5_4/TSRM/tsrm_win32.c      2011-07-27 14:23:06 UTC 
(rev 313782)
@@ -530,6 +530,10 @@
        }

        cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c 
")+2);
+       if (!cmd) {
+               return NULL;
+       }
+
        sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command);
        if (asuser) {
                res = CreateProcessAsUser(token_user, NULL, cmd, &security, 
&security, security.bInheritHandle, dwCreateFlags, env, cwd, &startup, 
&process);

Modified: php/php-src/trunk/TSRM/tsrm_win32.c
===================================================================
--- php/php-src/trunk/TSRM/tsrm_win32.c 2011-07-27 14:17:45 UTC (rev 313781)
+++ php/php-src/trunk/TSRM/tsrm_win32.c 2011-07-27 14:23:06 UTC (rev 313782)
@@ -530,6 +530,10 @@
        }

        cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c 
")+2);
+       if (!cmd) {
+               return NULL;
+       }
+
        sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command);
        if (asuser) {
                res = CreateProcessAsUser(token_user, NULL, cmd, &security, 
&security, security.bInheritHandle, dwCreateFlags, env, cwd, &startup, 
&process);


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to