Home / exploits PHP 7.0.8, 5.6.23 and 5.5.37 out-of-bounds write in bzread
Posted on 30 November -0001
<HTML><HEAD><TITLE>PHP 7.0.8, 5.6.23 and 5.5.37 out-of-bounds write in bzread()</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>PHP 7.0.8, 5.6.23 and 5.5.37 does not perform adequate error handling in its `bzread()' function: php-7.0.8/ext/bz2/bz2.c ,---- | 364 static PHP_FUNCTION(bzread) | 365 { | ... | 382 ZSTR_LEN(data) = php_stream_read(stream, ZSTR_VAL(data), ZSTR_LEN(data)); | 383 ZSTR_VAL(data)[ZSTR_LEN(data)] = '