[wp-trac] [WordPress Trac] #11154: fread() code in pclzip doesn't check the result size

WordPress Trac wp-trac at lists.automattic.com
Tue Nov 17 09:55:46 UTC 2009


#11154: fread() code in pclzip doesn't check the result size
-----------------------------+----------------------------------------------
 Reporter:  dobesv           |       Owner:            
     Type:  defect (bug)     |      Status:  new       
 Priority:  normal           |   Milestone:  Unassigned
Component:  Upgrade/Install  |     Version:            
 Severity:  normal           |    Keywords:            
-----------------------------+----------------------------------------------

Comment(by dd32):

 > This would be a bit more defensive in case of unusual environments,
 since as documented fread() and fwrite() are *not* guaranteed to read or
 write the full amount requested/provided.

 In the scenario used by PclZip however, The output is specified to follow
 a certain path. Either, A. Return x bytes, or B. Return x-y bytes in the
 event that a EOF is hit.

 A EOF doesnt worry PclZip, as that's an error condition anyway.. IMO, Your
 PHP implementation is broken and should be fixed instead..

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/11154#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list