File php-CVE-2016-5770.patch of Package php7.16129

Index: php-7.0.7/ext/spl/spl_directory.c
===================================================================
--- php-7.0.7.orig/ext/spl/spl_directory.c	2016-06-27 10:46:10.365172459 +0200
+++ php-7.0.7/ext/spl/spl_directory.c	2016-06-27 10:48:32.743505068 +0200
@@ -2916,6 +2916,11 @@ SPL_METHOD(SplFileObject, fread)
 		RETURN_FALSE;
 	}
 
+	if (length > INT_MAX) {
+		php_error_docref(NULL, E_WARNING, "Length parameter must be no more than %d", INT_MAX);
+		RETURN_FALSE;
+	}
+
 	ZVAL_NEW_STR(return_value, zend_string_alloc(length, 0));
 	Z_STRLEN_P(return_value) = php_stream_read(intern->u.file.stream, Z_STRVAL_P(return_value), length);
 
openSUSE Build Service is sponsored by