php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.3'

Browse Source 
* PHP-8.3:
  Fix in-place modification of filename in php_message_handler_for_zend
This commit is contained in:
Ilija Tovilo
2023-11-20 14:13:12 +01:00
parent e0a6dbcbf4 05a815399e
commit a5833577d7
2 changed files with 28 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Zend/tests/oss_fuzz_64209.phpt Normal file
View File

@@ -0,0 +1,13 @@
--TEST--
oss-fuzz #64209: Fix in-place modification of filename in php_message_handler_for_zend
--FILE--
<?php
require '://@';
?>
--EXPECTF--
Warning: require(://@): Failed to open stream: No such file or directory in %s on line %d
Fatal error: Uncaught Error: Failed opening required '://@' (include_path='%s') in %s:%d
Stack trace:
#0 {main}
thrown in %s on line %d

21
main/main.c
View File

@@ -1611,15 +1611,24 @@ static void php_free_request_globals(void)
static ZEND_COLD void php_message_handler_for_zend(zend_long message, const void *data)
{
switch (message) {
case ZMSG_FAILED_INCLUDE_FOPEN:
php_error_docref("function.include", E_WARNING, "Failed opening '%s' for inclusion (include_path='%s')", php_strip_url_passwd((char *) data), STR_PRINT(PG(include_path)));
case ZMSG_FAILED_INCLUDE_FOPEN: {
char *tmp = estrdup((char *) data);
php_error_docref("function.include", E_WARNING, "Failed opening '%s' for inclusion (include_path='%s')", php_strip_url_passwd(tmp), STR_PRINT(PG(include_path)));
efree(tmp);
break;
case ZMSG_FAILED_REQUIRE_FOPEN:
zend_throw_error(NULL, "Failed opening required '%s' (include_path='%s')", php_strip_url_passwd((char *) data), STR_PRINT(PG(include_path)));
}
case ZMSG_FAILED_REQUIRE_FOPEN: {
char *tmp = estrdup((char *) data);
zend_throw_error(NULL, "Failed opening required '%s' (include_path='%s')", php_strip_url_passwd(tmp), STR_PRINT(PG(include_path)));
efree(tmp);
break;
case ZMSG_FAILED_HIGHLIGHT_FOPEN:
php_error_docref(NULL, E_WARNING, "Failed opening '%s' for highlighting", php_strip_url_passwd((char *) data));
}
case ZMSG_FAILED_HIGHLIGHT_FOPEN: {
char *tmp = estrdup((char *) data);
php_error_docref(NULL, E_WARNING, "Failed opening '%s' for highlighting", php_strip_url_passwd(tmp));
efree(tmp);
break;
}
case ZMSG_MEMORY_LEAK_DETECTED:
case ZMSG_MEMORY_LEAK_REPEATED:
#if ZEND_DEBUG