Index: ext/posix/posix.c =================================================================== RCS file: /repository/php-src/ext/posix/posix.c,v retrieving revision 1.70.2.3.2.11 diff -u -p -d -r1.70.2.3.2.11 posix.c --- ext/posix/posix.c 11 Jan 2007 02:33:07 -0000 1.70.2.3.2.11 +++ ext/posix/posix.c 11 Jan 2007 08:40:55 -0000 @@ -575,6 +575,10 @@ PHP_FUNCTION(posix_ttyname) } #if HAVE_TTYNAME_R buflen = sysconf(_SC_TTY_NAME_MAX); + + if (buflen < 0) { + RETURN_FALSE; + } p = emalloc(buflen); if (ttyname_r(fd, p, buflen)) { @@ -834,6 +838,10 @@ PHP_FUNCTION(posix_getgrnam) #if HAVE_GETGRNAM_R buflen = sysconf(_SC_GETGR_R_SIZE_MAX); + + if (buflen < 0) { + RETURN_FALSE; + } buf = emalloc(buflen); g = &gbuf; @@ -881,6 +889,10 @@ PHP_FUNCTION(posix_getgrgid) #ifdef HAVE_GETGRGID_R grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); + + if (grbuflen < 0) { + RETURN_FALSE; + } grbuf = emalloc(grbuflen); ret = getgrgid_r(gid, &_g, grbuf, grbuflen, &retgrptr); @@ -944,6 +956,10 @@ PHP_FUNCTION(posix_getpwnam) #if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) buflen = sysconf(_SC_GETPW_R_SIZE_MAX); + + if (buflen < 0) { + RETURN_FALSE; + } buf = emalloc(buflen); pw = &pwbuf; @@ -990,6 +1006,10 @@ PHP_FUNCTION(posix_getpwuid) } #if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWUID_R) pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); + + if (pwbuflen < 0) { + RETURN_FALSE; + } pwbuf = emalloc(pwbuflen); ret = getpwuid_r(uid, &_pw, pwbuf, pwbuflen, &retpwptr); Index: main/safe_mode.c =================================================================== RCS file: /repository/php-src/main/Attic/safe_mode.c,v retrieving revision 1.62.2.1.2.6 diff -u -p -d -r1.62.2.1.2.6 safe_mode.c --- main/safe_mode.c 9 Jan 2007 23:27:22 -0000 1.62.2.1.2.6 +++ main/safe_mode.c 11 Jan 2007 08:40:55 -0000 @@ -228,11 +228,16 @@ PHPAPI char *php_get_current_user() return SG(request_info).current_user; #else struct passwd *pwd; -#ifdef HAVE_GETPWUID_R +#if defined(_SC_GETPW_R_SIZE_MAX) && defined(HAVE_GETPWNAM_R) struct passwd _pw; struct passwd *retpwptr = NULL; int pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); - char *pwbuf = emalloc(pwbuflen); + char *pwbuf; + + if (pwbuflen < 0) { + pwbuflen = 2048; + } + pwbuf = emalloc(pwbuflen); if (getpwuid_r(pstat->st_uid, &_pw, pwbuf, pwbuflen, &retpwptr) != 0) { efree(pwbuf); Index: ext/standard/filestat.c =================================================================== RCS file: /repository/php-src/ext/standard/filestat.c,v retrieving revision 1.136.2.8.2.8 diff -u -p -d -r1.136.2.8.2.8 filestat.c --- ext/standard/filestat.c 11 Jan 2007 02:33:07 -0000 1.136.2.8.2.8 +++ ext/standard/filestat.c 11 Jan 2007 08:40:56 -0000 @@ -369,6 +369,11 @@ static void php_do_chgrp(INTERNAL_FUNCTI int grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); char *grbuf = emalloc(grbuflen); + if (grbuflen < 0) { + grbuflen = 2048; + } + grbuf = emalloc(grbuflen); + if (getgrnam_r(Z_STRVAL_PP(group), &gr, grbuf, grbuflen, &retgrptr) != 0 || retgrptr == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find gid for %s", Z_STRVAL_PP(group)); efree(grbuf); @@ -458,7 +463,12 @@ static void php_do_chown(INTERNAL_FUNCTI struct passwd pw; struct passwd *retpwptr = NULL; int pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); - char *pwbuf = emalloc(pwbuflen); + char *pwbuf; + + if (pwbuflen < 0) { + pwbuflen = 2048; + } + pwbuf = emalloc(pwbuflen); if (getpwnam_r(Z_STRVAL_PP(user), &pw, pwbuf, pwbuflen, &retpwptr) != 0 || retpwptr == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to find uid for %s", Z_STRVAL_PP(user));