archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

fix datatypes and add range checks

Browse source
This commit is contained in:
Anatol Belski 2016-07-05 15:43:01 +02:00
parent dbe6a23194
commit 28ed30df53
1 changed files with 14 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

18
ext/intl/dateformat/dateformat_parse.c
View file

@ -130,7 +130,7 @@ PHP_FUNCTION(datefmt_parse)
char* text_to_parse = NULL;
size_t text_len =0;
zval* z_parse_pos = NULL;
zend_long parse_pos = -1;
int32_t parse_pos = -1;
DATE_FORMAT_METHOD_INIT_VARS;
@ -147,7 +147,12 @@ PHP_FUNCTION(datefmt_parse)
if (z_parse_pos) {
ZVAL_DEREF(z_parse_pos);
convert_to_long(z_parse_pos);
parse_pos = Z_LVAL_P(z_parse_pos);
if (ZEND_LONG_INT_OVFL(Z_LVAL_P(z_parse_pos))) {
intl_error_set_code(NULL, U_ILLEGAL_ARGUMENT_ERROR);
intl_error_set_custom_msg(NULL, "Input string is too long.", 0);
RETURN_FALSE;
}
parse_pos = (int32_t)Z_LVAL_P(z_parse_pos);
if((size_t)parse_pos > text_len) {
RETURN_FALSE;
}
@ -169,7 +174,7 @@ PHP_FUNCTION(datefmt_localtime)
char* text_to_parse = NULL;
size_t text_len =0;
zval* z_parse_pos = NULL;
zend_long parse_pos = -1;
int32_t parse_pos = -1;
DATE_FORMAT_METHOD_INIT_VARS;
@ -186,7 +191,12 @@ PHP_FUNCTION(datefmt_localtime)
if (z_parse_pos) {
ZVAL_DEREF(z_parse_pos);
convert_to_long(z_parse_pos);
parse_pos = Z_LVAL_P(z_parse_pos);
if (ZEND_LONG_INT_OVFL(Z_LVAL_P(z_parse_pos))) {
intl_error_set_code(NULL, U_ILLEGAL_ARGUMENT_ERROR);
intl_error_set_custom_msg(NULL, "Input string is too long.", 0);
RETURN_FALSE;
}
parse_pos = (int32_t)Z_LVAL_P(z_parse_pos);
if((size_t)parse_pos > text_len) {
RETURN_FALSE;
}