File php-CVE-2014-9767.patch of Package php5.openSUSE_Leap_42.1_Update

X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fzip%2Fphp_zip.c;h=6c872ebfb022206b0cc2a183c7a388c7b6ad8685;hp=abc21c7f1559e732dba6db94c69ecf638ae5fa3f;hb=f9c2bf73adb2ede0a486b0db466c264f2b27e0bb;hpb=ce2c67c8e88ede70a3fe837a484fddc77aba4bb2

Index: ext/zip/php_zip.c
===================================================================
--- ext/zip/php_zip.c.orig	2016-03-23 07:34:48.564870213 +0100
+++ ext/zip/php_zip.c	2016-03-23 07:36:30.264869042 +0100
@@ -200,7 +200,7 @@
 
 	/* it is a directory only, see #40228 */
 	if (path_cleaned_len > 1 && IS_SLASH(path_cleaned[path_cleaned_len - 1])) {
-		len = spprintf(&file_dirname_fullpath, 0, "%s/%s", dest, file);
+		len = spprintf(&file_dirname_fullpath, 0, "%s/%s", dest, path_cleaned);
 		is_dir_only = 1;
 	} else {
 		memcpy(file_dirname, path_cleaned, path_cleaned_len);