add comp_flags check when passed as userland array option.

devnexen · devnexen · commit 21f8bb6238dc · 2025-11-02T15:24:01.000Z
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c
@@ -374,6 +374,10 @@ static zend_result php_zip_parse_options(HashTable *options, zip_options *opts)
 				php_error_docref(NULL, E_WARNING, "Option \"comp_flags\" must be of type int, %s given",
 					zend_zval_value_name(option));
 			}
+			zend_long comp_flags = zval_get_long(option);
+			if (comp_flags < 0 || comp_flags > USHRT_MAX) {
+				php_error_docref(NULL, E_WARNING, "Option \"comp_flags\" must be between 0 and %u", USHRT_MAX);
+			}
 			opts->comp_flags = zval_get_long(option);
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -374,6 +374,10 @@ static zend_result php_zip_parse_options(HashTable options, zip_options opts)`
`374`	`374`	`php_error_docref(NULL, E_WARNING, "Option \"comp_flags\" must be of type int, %s given",`
`375`	`375`	`zend_zval_value_name(option));`
`376`	`376`	`}`
	`377`	`+ zend_long comp_flags = zval_get_long(option);`
	`378`	`+ if (comp_flags < 0 \|\| comp_flags > USHRT_MAX) {`
	`379`	`+ php_error_docref(NULL, E_WARNING, "Option \"comp_flags\" must be between 0 and %u", USHRT_MAX);`
	`380`	`+ }`
`377`	`381`	`opts->comp_flags = zval_get_long(option);`
`378`	`382`	`}`
`379`	`383`	`}`