php ZipArchive::addGlob() crashes on invalid flags

[Tomas Hoger <thoger () redhat com>]

Hi!

Following PHP bug is marked as security and lists CVE-2011-1657:

https://bugs.php.net/bug.php?id=54681
http://svn.php.net/viewvc/?view=revision&revision=310814

The fix is committed, hence should be released with 5.3.7.

Reporter mentions this really was an underlying glob() implementation
flaw, but that's not entirely true.  Maybe there are some flags that
are not recognized by glob() and still cause it to crash, but the
crashes I've been able to reproduce were due to the use of flags
supported by glob() that require some glob_t struct setup before
calling glob() (such as GLOB_ALTDIRFUNC).

-- 
Tomas Hoger / Red Hat Security Response Team