From: [EMAIL PROTECTED] Operating system: linux PHP version: 4.1.0 PHP Bug Type: ZZiplib Related Bug description: segfault when reading a zip file
ext/zip/zip.c crashes on the first zip_read(). The fix is at http://pfft.net/robin/pub/zip.4.1.0.patch and I'm including it below. diff -ru php-4.1.0/ext/zip/zip.c php-4.1.0-new/ext/zip/zip.c --- php-4.1.0/ext/zip/zip.c Fri Oct 19 03:04:24 2001 +++ php-4.1.0-new/ext/zip/zip.c Sun Dec 16 19:26:20 2001 @@ -142,7 +142,7 @@ Returns the next file in the archive */ PHP_FUNCTION(zip_read) { - zval **zzip_dp; + zval *zzip_dp; ZZIP_DIR *archive_p = NULL; php_zzip_dirent *entry = NULL; int @@ -186,14 +186,14 @@ */ static void php_zzip_get_entry(INTERNAL_FUNCTION_PARAMETERS, int opt) { - zval **zzip_ent; + zval *zzip_ent; php_zzip_dirent *entry = NULL; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &zzip_ent) == FAILURE) { return; } - ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, zzip_ent, -1, le_zip_entry_name, le_zip_entry); + ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, &zzip_ent, -1, le_zip_entry_name, le_zip_entry); switch (opt) { case 0: @@ -248,17 +248,18 @@ Open a Zip File, pointed by the resource entry */ PHP_FUNCTION(zip_entry_open) { - zval **zzip_dp; - zval **zzip_ent; + zval *zzip_dp; + zval *zzip_ent; ZZIP_DIR *archive_p = NULL; php_zzip_dirent *entry = NULL; - int mode; + char *mode; + int mode_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr|l", &zzip_dp, &zzip_ent, &mode) == FAILURE) + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rr|s", &zzip_dp, &zzip_ent, &mode, &mode_len) == FAILURE) return; - ZEND_FETCH_RESOURCE(archive_p, ZZIP_DIR *, zzip_dp, -1, le_zip_dir_name, le_zip_dir); - ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, zzip_ent, -1, le_zip_entry_name, le_zip_entry); + ZEND_FETCH_RESOURCE(archive_p, ZZIP_DIR *, &zzip_dp, -1, le_zip_dir_name, le_zip_dir); + ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, &zzip_ent, -1, le_zip_entry_name, le_zip_entry); entry->fp = zzip_file_open(archive_p, entry->dirent.d_name, O_RDONLY | O_BINARY); ret@@ -274,7 +275,7 @@ Read X bytes from an opened zip entry */ PHP_FUNCTION(zip_entry_read) { - zval **zzip_ent; + zval *zzip_ent; php_zzip_dirent *entry = NULL; char *buf = NULL; int len = 1024; @@ -284,7 +285,7 @@ return; } - ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, zzip_ent, -1, le_zip_entry_name, le_zip_entry); + ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, &zzip_ent, -1, le_zip_entry_name, le_zip_entry); buf = emalloc(len + 1); ret = zzip_read(entry->fp, buf, len); @@ -300,16 +301,16 @@ Close a zip entry */ PHP_FUNCTION(zip_entry_close) { - zval **zzip_ent; + zval *zzip_ent; php_zzip_dirent *entry = NULL; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &zzip_ent) == FAILURE) { return; } - ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, zzip_ent, -1, le_zip_entry_name, le_zip_entry); + ZEND_FETCH_RESOURCE(entry, php_zzip_dirent *, &zzip_ent, -1, le_zip_entry_name, le_zip_entry); - zend_list_delete(Z_LVAL_PP(zzip_ent)); + zend_list_delete(Z_LVAL_PP(&zzip_ent)); } /* }}} */ ; @@ -151,7 +151,7 @@ return; } - ZEND_FETCH_RESOURCE(archive_p, ZZIP_DIR *, zzip_dp, -1, le_zip_dir_name, le_zip_dir); + ZEND_FETCH_RESOURCE(archive_p, ZZIP_DIR *, &zzip_dp, -1, le_zip_dir_name, le_zip_dir); entry = emalloc(sizeof(php_zzip_dirent)); ret = zzip_dir_read(archive_p, &entry->dirent); @@ -169,16 +169,16 @@ Close a Zip archive */ PHP_FUNCTION(zip_close) { - zval **zzip_dp; + zval *zzip_dp; ZZIP_DIR *archive_p = NULL; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &zzip_dp) == FAILURE) { return; } - ZEND_FETCH_RESOURCE(archive_p, ZZIP_DIR *, zzip_dp, -1, le_zip_dir_name, le_zip_dir); + ZEND_FETCH_RESOURCE(archive_p, ZZIP_DIR *, &zzip_dp, -1, le_zip_dir_name, le_zip_dir); - zend_list_delete(Z_LVAL_PP(zzip_dp)); + zend_list_delete(Z_LVAL_PP(&zzip_dp)); } /* }}} */ -- Edit bug report at: http://bugs.php.net/?id=14554&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
