File php-CVE-2016-5770.patch of Package php7.16129
Index: php-7.0.7/ext/spl/spl_directory.c
===================================================================
--- php-7.0.7.orig/ext/spl/spl_directory.c 2016-06-27 10:46:10.365172459 +0200
+++ php-7.0.7/ext/spl/spl_directory.c 2016-06-27 10:48:32.743505068 +0200
@@ -2916,6 +2916,11 @@ SPL_METHOD(SplFileObject, fread)
RETURN_FALSE;
}
+ if (length > INT_MAX) {
+ php_error_docref(NULL, E_WARNING, "Length parameter must be no more than %d", INT_MAX);
+ RETURN_FALSE;
+ }
+
ZVAL_NEW_STR(return_value, zend_string_alloc(length, 0));
Z_STRLEN_P(return_value) = php_stream_read(intern->u.file.stream, Z_STRVAL_P(return_value), length);