https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2386

http://git.php.net/?p=php-src.git;a=commit;h=158d8a6b088662ce9d31e0c777c6ebe90efdc854

--- php-5.3.3/ext/phar/tar.c.cve2386
+++ php-5.3.3/ext/phar/tar.c
@@ -38,7 +38,7 @@ static php_uint32 phar_tar_number(char *
 /* }}} */
 
 /* adapted from format_octal() in libarchive
- * 
+ *
  * Copyright (c) 2003-2009 Tim Kientzle
  * All rights reserved.
  *
@@ -161,7 +161,7 @@ static int phar_tar_process_metadata(pha
 	size_t save = php_stream_tell(fp), read;
 	phar_entry_info *mentry;
 
-	metadata = (char *) emalloc(entry->uncompressed_filesize + 1);
+	metadata = (char *) safe_emalloc(1, entry->uncompressed_filesize, 1);
 
 	read = php_stream_read(fp, metadata, entry->uncompressed_filesize);
 	if (read != entry->uncompressed_filesize) {
@@ -367,7 +367,7 @@ bail:
 			}
 
 			read = php_stream_read(fp, buf, sizeof(buf));
-	
+
 			if (read != sizeof(buf)) {
 				efree(entry.filename);
 				if (error) {