Overview

File php-CVE-2016-4473.patch of Package php7.16129

Index: php-7.0.7/ext/phar/phar_object.c
===================================================================
--- php-7.0.7.orig/ext/phar/phar_object.c	2016-09-06 13:55:46.208275565 +0200
+++ php-7.0.7/ext/phar/phar_object.c	2016-09-06 13:56:05.132599949 +0200
@@ -4166,14 +4166,14 @@ static int phar_extract_file(zend_bool o
 			if (!php_stream_mkdir(fullpath, entry->flags & PHAR_ENT_PERM_MASK,  PHP_STREAM_MKDIR_RECURSIVE, NULL)) {
 				spprintf(error, 4096, "Cannot extract \"%s\", could not create directory \"%s\"", entry->filename, fullpath);
 				efree(fullpath);
-				free(new_state.cwd);
+                               efree(new_state.cwd);
 				return FAILURE;
 			}
 		} else {
 			if (!php_stream_mkdir(fullpath, 0777,  PHP_STREAM_MKDIR_RECURSIVE, NULL)) {
 				spprintf(error, 4096, "Cannot extract \"%s\", could not create directory \"%s\"", entry->filename, fullpath);
 				efree(fullpath);
-				free(new_state.cwd);
+                               efree(new_state.cwd);
 				return FAILURE;
 			}
 		}
openSUSE Build Service is sponsored by
Places