From 7bd365ebc471409f85e6561f7da4f93d7017bfa4 Mon Sep 17 00:00:00 2001
From: xXx-caillou-xXx
Date: Fri, 13 Jul 2018 14:55:23 +0200
Subject: Fix various possible integer overflows

---
 src/sp_utils.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/sp_utils.c')

diff --git a/src/sp_utils.c b/src/sp_utils.c
index a94ab2a..14b7c09 100644
--- a/src/sp_utils.c
+++ b/src/sp_utils.c
@@ -143,6 +143,11 @@ int sp_log_request(const zend_string* folder, const zend_string* text_repr,
 
 static char* zend_string_to_char(const zend_string* zs) {
   // Remove \0 from the middle of a string
+
+  if (ZSTR_LEN(zs) + 1 < ZSTR_LEN(zs)) {
+    sp_log_err("overflow_error", "Overflow tentative detected in zend_string_to_char.");
+    sp_terminate();
+  }
   char* copy = emalloc(ZSTR_LEN(zs) + 1);
 
   copy[ZSTR_LEN(zs)] = 0;
-- 
cgit v1.3