ID: 43589
Updated by: [EMAIL PROTECTED]
Reported By: greg at chiaraquartet dot net
Status: Open
Bug Type: Streams related
Operating System: n/a
PHP Version: 5.3CVS-2007-12-13 (CVS)
New Comment:
bad patch - missing if condition:
Index: ext/bz2/bz2_filter.c
===================================================================
RCS file: /repository/php-src/ext/bz2/bz2_filter.c,v
retrieving revision 1.3.2.2.2.5
diff -u -r1.3.2.2.2.5 bz2_filter.c
--- ext/bz2/bz2_filter.c 9 Aug 2007 23:27:22 -0000
1.3.2.2.2.5
+++ ext/bz2/bz2_filter.c 13 Dec 2007 19:34:48 -0000
@@ -132,6 +132,8 @@
data->strm.avail_out =
data->outbuf_len;
data->strm.next_out = data->outbuf;
exit_status = PSFS_PASS_ON;
+ } elseif (status == BZ_OK) {
+ break;
}
}
}
Previous Comments:
------------------------------------------------------------------------
[2007-12-13 19:32:21] greg at chiaraquartet dot net
Description:
------------
An endless loop is possible in the bz2 stream filter bzip2.decompress
if status == BZ_OK and data->strm.avail_out < data->outbuf_len
Reproduce code:
---------------
Index: ext/bz2/bz2_filter.c
===================================================================
RCS file: /repository/php-src/ext/bz2/bz2_filter.c,v
retrieving revision 1.3.2.2.2.5
diff -u -r1.3.2.2.2.5 bz2_filter.c
--- ext/bz2/bz2_filter.c 9 Aug 2007 23:27:22 -0000
1.3.2.2.2.5
+++ ext/bz2/bz2_filter.c 13 Dec 2007 19:29:27 -0000
@@ -132,6 +132,8 @@
data->strm.avail_out =
data->outbuf_len;
data->strm.next_out = data->outbuf;
exit_status = PSFS_PASS_ON;
+ } else {
+ break;
}
}
}
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=43589&edit=1
