Mirrors
/
php
mirror of https://github.com/php/php-src
3
0
Fork 0
Code Releases Activity
Browse Source

fixed a possible null injection caused by missuse of mbstring.substitute_character.

migration/RELEASE_1_0_0
Rui Hirokawa 21 years ago
parent
4a46c50e71
commit
3b5a116511
1 changed files with 9 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      ext/mbstring/mbstring.c

10
ext/mbstring/mbstring.c
View File

@ -688,6 +688,9 @@ static PHP_INI_MH(OnUpdate_mbstring_script_encoding)
/* {{{ static PHP_INI_MH(OnUpdate_mbstring_substitute_character) */
static PHP_INI_MH(OnUpdate_mbstring_substitute_character)
{
int c;
char *endptr = NULL;
if (new_value != NULL) {
if (strcasecmp("none", new_value) == 0) {
MBSTRG(filter_illegal_mode) = MBFL_OUTPUTFILTER_ILLEGAL_MODE_NONE;
@ -695,7 +698,12 @@ static PHP_INI_MH(OnUpdate_mbstring_substitute_character)
MBSTRG(filter_illegal_mode) = MBFL_OUTPUTFILTER_ILLEGAL_MODE_LONG;
} else {
MBSTRG(filter_illegal_mode) = MBFL_OUTPUTFILTER_ILLEGAL_MODE_CHAR;
MBSTRG(filter_illegal_substchar) = zend_atoi(new_value, new_value_length);
if (new_value_length >0) {
c = strtol(new_value, &endptr, 0);
if (*endptr == '\0') {
MBSTRG(filter_illegal_substchar) = c;
}
}
}
}

Write Preview
Loading…
Cancel
Save