php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-31 20:53:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix signed integer overflow

Browse Source 
Fixes oss-fuzz #26763.
This commit is contained in:
Nikita Popov
2020-10-30 12:37:22 +01:00
parent 3bd3651bcc
commit 085e16c301
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Zend/zend_execute.c
View File

@@ -1553,7 +1553,7 @@ static zend_never_inline void zend_assign_to_string_offset(zval *str, zval *dim,
if ((size_t)offset >= Z_STRLEN_P(str)) {
/* Extend string if needed */
zend_long old_len = Z_STRLEN_P(str);
ZVAL_NEW_STR(str, zend_string_extend(Z_STR_P(str), offset + 1, 0));
ZVAL_NEW_STR(str, zend_string_extend(Z_STR_P(str), (size_t)offset + 1, 0));
memset(Z_STRVAL_P(str) + old_len, ' ', offset - old_len);
Z_STRVAL_P(str)[offset+1] = 0;
} else if (!Z_REFCOUNTED_P(str)) {