Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
php5.639
php-CVE-2014-5120.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2014-5120.patch of Package php5.639
X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fgd%2Fgd_ctx.c;h=253b6648f35e19aeec2bcd06edc7bfb2c8eb4c8d;hp=59eff80443685ffc99516423f47beb1ace4910eb;hb=1daa4c0090b7cd8178dcaa96287234c69ac6ca18;hpb=fbceec5861e08b10e75af36a097da35d9f808ef6 diff --git a/ext/gd/gd_ctx.c b/ext/gd/gd_ctx.c index 59eff80..253b664 100644 --- ext/gd/gd_ctx.c +++ ext/gd/gd_ctx.c @@ -124,6 +124,11 @@ static void _php_image_output_ctx(INTERNAL_FUNCTION_PARAMETERS, int image_type, RETURN_FALSE; } } else if (Z_TYPE_P(to_zval) == IS_STRING) { + if (CHECK_ZVAL_NULL_PATH(to_zval)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid 2nd parameter, filename must not contain null bytes"); + RETURN_FALSE; + } + stream = php_stream_open_wrapper(Z_STRVAL_P(to_zval), "wb", REPORT_ERRORS|IGNORE_PATH|IGNORE_URL_WIN, NULL); if (stream == NULL) { RETURN_FALSE;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor