File php5-CVE-2019-11048.patch of Package php5.16119

X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=main%2Frfc1867.c;h=783eab4175d58301eba03817c9179b0652db9c63;hp=bd01b34cf070fa0d9a41b9d6771280a920a74551;hb=1c9bd513ac5c7c1d13d7f0dfa7c16a7ad2ce0f87;hpb=bef96b9d2c7330909f43faf4f8ff12c7723bf857

Index: php-5.5.14/main/rfc1867.c
===================================================================
--- php-5.5.14.orig/main/rfc1867.c	2020-05-25 11:24:35.617601350 +0200
+++ php-5.5.14/main/rfc1867.c	2020-05-25 11:38:10.786033834 +0200
@@ -604,9 +604,9 @@ static void *php_ap_memstr(char *haystac
 }
 
 /* read until a boundary condition */
-static int multipart_buffer_read(multipart_buffer *self, char *buf, int bytes, int *end TSRMLS_DC)
+static size_t multipart_buffer_read(multipart_buffer *self, char *buf, size_t bytes, int *end TSRMLS_DC)
 {
-	int len, max;
+	size_t len, max;
 	char *bound;
 
 	/* fill buffer if needed */
@@ -653,7 +653,7 @@ static int multipart_buffer_read(multipa
 static char *multipart_buffer_read_body(multipart_buffer *self, unsigned int *len TSRMLS_DC)
 {
 	char buf[FILLUNIT], *out=NULL;
-	int total_bytes=0, read_bytes=0;
+	size_t total_bytes=0, read_bytes=0;
 
 	while((read_bytes = multipart_buffer_read(self, buf, sizeof(buf), NULL TSRMLS_CC))) {
 		out = erealloc(out, total_bytes + read_bytes + 1);
@@ -679,7 +679,8 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_
 {
 	char *boundary, *s = NULL, *boundary_end = NULL, *start_arr = NULL, *array_index = NULL;
 	char *temp_filename = NULL, *lbuf = NULL, *abuf = NULL;
-	int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0, array_len = 0;
+	int boundary_len = 0, cancel_upload = 0, is_arr_upload = 0;
+	size_t array_len = 0;
 	off_t total_bytes = 0, max_file_size = 0;
 	int skip_upload = 0, anonindex = 0, is_anonymous;
 	zval *http_post_files = NULL;