Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

php_stream_sock_open_from_socket could return NULL #9017

Closed
zhou1615 opened this issue Jul 15, 2022 · 0 comments
Closed

php_stream_sock_open_from_socket could return NULL #9017

zhou1615 opened this issue Jul 15, 2022 · 0 comments

Comments

@zhou1615
Copy link
Contributor

Description

This bug is reported by a newly developed static tool, therefore it could be a false positive, please confirm.

the function _php_stream_sock_open_from_socket will return NULL once php_stream_alloc_rel returns NULL, however in the function zif_stream_socket_pair of ext/standard/streamsfuncs.c file, the return value of _php_stream_sock_open_from_socket is not checked before dereference, which could lead to NULL pointer dereference.

PHP Version

master

Operating System

No response

hwde added a commit to hwde/php-src that referenced this issue Jul 15, 2022
hwde added a commit to hwde/php-src that referenced this issue Jul 15, 2022
@cmb69 cmb69 closed this as completed in 3b7babf Jul 19, 2022
cmb69 added a commit that referenced this issue Jul 19, 2022
* PHP-8.0:
  Fix GH-9017: php_stream_sock_open_from_socket could return NULL
cmb69 added a commit that referenced this issue Jul 19, 2022
* PHP-8.1:
  Fix GH-9017: php_stream_sock_open_from_socket could return NULL
@cmb69 cmb69 changed the title A possible null pointer dereference. php_stream_sock_open_from_socket could return NULL Jul 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants
@cmb69 @zhou1615 and others