From f6079e3c56eabe03565faceaef9de12728d278bf Mon Sep 17 00:00:00 2001 From: "Christoph M. Becker" Date: Mon, 12 Nov 2018 23:00:25 +0100 Subject: [PATCH] Fix #77141: Signedness issue in SOAP when precision=-1 According to php_gcvt(), we assume at most 17 fractional digits for negative precision. --- NEWS | 1 + ext/soap/php_encoding.c | 2 +- ext/soap/tests/bugs/bug77141.phpt | 27 +++++++++++++++++++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 ext/soap/tests/bugs/bug77141.phpt diff --git a/NEWS b/NEWS index d13846840ec..a31a6fa4f21 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,7 @@ PHP NEWS - SOAP: . Fixed bug #76348 (WSDL_CACHE_MEMORY causes Segmentation fault). (cmb) + . Fixed bug #77141 (Signedness issue in SOAP when precision=-1). (cmb) 08 Nov 2018, PHP 7.1.24 diff --git a/ext/soap/php_encoding.c b/ext/soap/php_encoding.c index 1198eaf601a..6fc2c198171 100644 --- a/ext/soap/php_encoding.c +++ b/ext/soap/php_encoding.c @@ -1098,7 +1098,7 @@ static xmlNodePtr to_xml_double(encodeTypePtr type, zval *data, int style, xmlNo ZVAL_DOUBLE(&tmp, zval_get_double(data)); - str = (char *) safe_emalloc(EG(precision), 1, MAX_LENGTH_OF_DOUBLE + 1); + str = (char *) safe_emalloc(EG(precision) >= 0 ? EG(precision) : 17, 1, MAX_LENGTH_OF_DOUBLE + 1); php_gcvt(Z_DVAL(tmp), EG(precision), '.', 'E', str); xmlNodeSetContentLen(ret, BAD_CAST(str), strlen(str)); efree(str); diff --git a/ext/soap/tests/bugs/bug77141.phpt b/ext/soap/tests/bugs/bug77141.phpt new file mode 100644 index 00000000000..fa38cc6959d --- /dev/null +++ b/ext/soap/tests/bugs/bug77141.phpt @@ -0,0 +1,27 @@ +--TEST-- +Bug #77141 (Signedness issue in SOAP when precision=-1) +--SKIPIF-- + +--FILE-- + "http://localhost/soap.php", + 'uri' => "http://localhost/", + 'style' => SOAP_RPC, + 'trace' => true, + 'exceptions' => false, + ) +); +ini_set('precision', -1); +$soap->call(1.1); +echo $soap->__getLastRequest(); +?> +===DONE=== +--EXPECT-- + +1.1 +===DONE===