Commit e6d35d8

committed

Fix GH-19685: Segfault when bzip2 filter has invalid parameters

1 parent bd88a54 commit e6d35d8Copy full SHA for e6d35d8

File tree

3 files changed

+58

-0

lines changed

NEWS
ext/bz2
- bz2_filter.c
- tests
  - bz2_filter_invalid_params.phpt

3 files changed

+58

-0

lines changed

`‎NEWS`

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,10 @@ PHP NEWS`
`2`	`2`	`\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|\|`
`3`	`3`	`?? ??? ????, PHP 8.3.26`
`4`	`4`
	`5`	`+- Bz2:`
	`6`	`+ . Fixed bug GH-19685 (Segfault when bzip2 filter has invalid parameters).`
	`7`	`+ (alexandre-daubois)`
	`8`	`+`
`5`	`9`	`- Core:`
`6`	`10`	`. Fixed bug GH-18850 (Repeated inclusion of file with __halt_compiler()`
`7`	`11`	`triggers "Constant already defined" warning). (ilutov)`

`‎ext/bz2/bz2_filter.c`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -367,6 +367,10 @@ static php_stream_filter php_bz2_filter_create(const char filtername, zval *fi`
`367`	`367`	`zend_long blocks = zval_get_long(tmpzval);`
`368`	`368`	`if (blocks < 1 \|\| blocks > 9) {`
`369`	`369`	`php_error_docref(NULL, E_WARNING, "Invalid parameter given for number of blocks to allocate (" ZEND_LONG_FMT ")", blocks);`
	`370`	`+ pefree(data->strm.next_in, persistent);`
	`371`	`+ pefree(data->strm.next_out, persistent);`
	`372`	`+ pefree(data, persistent);`
	`373`	`+ return NULL;`
`370`	`374`	`} else {`
`371`	`375`	`blockSize100k = (int) blocks;`
`372`	`376`	`}`
`@@ -377,6 +381,10 @@ static php_stream_filter php_bz2_filter_create(const char filtername, zval *fi`
`377`	`381`	`zend_long work = zval_get_long(tmpzval);`
`378`	`382`	`if (work < 0 \|\| work > 250) {`
`379`	`383`	`php_error_docref(NULL, E_WARNING, "Invalid parameter given for work factor (" ZEND_LONG_FMT ")", work);`
	`384`	`+ pefree(data->strm.next_in, persistent);`
	`385`	`+ pefree(data->strm.next_out, persistent);`
	`386`	`+ pefree(data, persistent);`
	`387`	`+ return NULL;`
`380`	`388`	`} else {`
`381`	`389`	`workFactor = (int) work;`
`382`	`390`	`}`

`‎ext/bz2/tests/bz2_filter_invalid_params.phpt`

Lines changed: 46 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,46 @@`
	`1`	`+--TEST--`
	`2`	`+GH-19685: bzip2.compress filter with invalid parameters should fail gracefully`
	`3`	`+--EXTENSIONS--`
	`4`	`+bz2`
	`5`	`+--FILE--`
	`6`	`+<?php`
	`7`	`+$stream = fopen('php://memory', 'w+');`
	`8`	`+`
	`9`	`+// too low`
	`10`	`+$filter = stream_filter_append($stream, 'bzip2.compress', STREAM_FILTER_WRITE, array('blocks' => 0));`
	`11`	`+var_dump($filter);`
	`12`	`+`
	`13`	`+// too high`
	`14`	`+$filter = stream_filter_append($stream, 'bzip2.compress', STREAM_FILTER_WRITE, array('blocks' => 10));`
	`15`	`+var_dump($filter);`
	`16`	`+`
	`17`	`+// too low work`
	`18`	`+$filter = stream_filter_append($stream, 'bzip2.compress', STREAM_FILTER_WRITE, array('work' => -1));`
	`19`	`+var_dump($filter);`
	`20`	`+`
	`21`	`+// too high work`
	`22`	`+$filter = stream_filter_append($stream, 'bzip2.compress', STREAM_FILTER_WRITE, array('work' => 251));`
	`23`	`+var_dump($filter);`
	`24`	`+`
	`25`	`+fclose($stream);`
	`26`	`+?>`
	`27`	`+--EXPECTF--`
	`28`	`+Warning: stream_filter_append(): Invalid parameter given for number of blocks to allocate (0) in %s on line %d`
	`29`	`+`
	`30`	`+Warning: stream_filter_append(): Unable to create or locate filter "bzip2.compress" in %s on line %d`
	`31`	`+bool(false)`
	`32`	`+`
	`33`	`+Warning: stream_filter_append(): Invalid parameter given for number of blocks to allocate (10) in %s on line %d`
	`34`	`+`
	`35`	`+Warning: stream_filter_append(): Unable to create or locate filter "bzip2.compress" in %s on line %d`
	`36`	`+bool(false)`
	`37`	`+`
	`38`	`+Warning: stream_filter_append(): Invalid parameter given for work factor (-1) in %s on line %d`
	`39`	`+`
	`40`	`+Warning: stream_filter_append(): Unable to create or locate filter "bzip2.compress" in %s on line %d`
	`41`	`+bool(false)`
	`42`	`+`
	`43`	`+Warning: stream_filter_append(): Invalid parameter given for work factor (251) in %s on line %d`
	`44`	`+`
	`45`	`+Warning: stream_filter_append(): Unable to create or locate filter "bzip2.compress" in %s on line %d`
	`46`	`+bool(false)`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit e6d35d8

File tree

3 files changed

3 files changed

`‎NEWS`

`‎ext/bz2/bz2_filter.c`

`‎ext/bz2/tests/bz2_filter_invalid_params.phpt`

0 commit comments