File php-CVE-2015-4022.patch of Package php5.14673
From ac2832935435556dc593784cd0087b5e576bbe4d Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Wed, 29 Apr 2015 21:57:33 -0700
Subject: [PATCH] Fix bug #69545 - avoid overflow when reading list
--- ext/ftp/ftp.c
+++ ext/ftp/ftp.c
@@ -1615,8 +1615,8 @@ ftp_genlist(ftpbuf_t *ftp, const char *cmd, const char *path TSRMLS_DC)
databuf_t *data = NULL;
char *ptr;
int ch, lastch;
- int size, rcvd;
- int lines;
+ size_t size, rcvd;
+ size_t lines;
char **ret = NULL;
char **entry;
char *text;
@@ -1658,7 +1658,7 @@ ftp_genlist(ftpbuf_t *ftp, const char *cmd, const char *path TSRMLS_DC)
lines = 0;
lastch = 0;
while ((rcvd = my_recv(ftp, data->fd, data->buf, FTP_BUFSIZE))) {
- if (rcvd == -1) {
+ if (rcvd == -1 || rcvd > ((size_t)(-1))-size) {
goto bail;
}