Mirrors
/
php
mirror of https://github.com/php/php-src
3
0
Fork 0
Code Releases Activity
Browse Source

Fix bug #71897

pull/1838/head
Andrea Faulds 10 years ago
parent
bfef17ab65
commit
660e88c19d
7 changed files with 2602 additions and 2588 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      NEWS
  2. 2
      UPGRADING
  3. 2
      Zend/zend_execute_API.c
  4. 5160
      Zend/zend_language_scanner.c
  5. 6
      Zend/zend_language_scanner.l
  6. 2
      Zend/zend_language_scanner_defs.h
  7. 16
      tests/lang/bug71897.phpt

2
NEWS
View File

@ -12,6 +12,8 @@ PHP NEWS
. Fixed bug #69989 (Generators don't participate in cycle GC). (Nikita)
. Fixed bug #71572 (String offset assignment from an empty string inserts
null byte). (Francois)
. Fixed bug #71897 (ASCII 0x7F Delete control character permitted in
identifiers). (Andrea)
. Implemented the RFC `Support Class Constant Visibility`. (Sean DuBois,
Reeze Xia, Dmitry)
. Added void return type. (Andrea)

2
UPGRADING
View File

@ -25,6 +25,8 @@ PHP 7.1 UPGRADE NOTES
decoct(), dechex(), integer operators and other conversions now always
respect scientific notation in numeric strings.
(RFC: https://wiki.php.net/rfc/invalid_strings_in_arithmetic)
. The ASCII 0x7F Delete control character is no longer permitted in unquoted
identifiers in source code.
- JSON:
. When calling json_encode with JSON_UNESCAPED_UNICODE option, U+2028 and

2
Zend/zend_execute_API.c
View File

@ -969,7 +969,7 @@ ZEND_API zend_class_entry *zend_lookup_class_ex(zend_string *name, const zval *k
}
/* Verify class name before passing it to __autoload() */
if (strspn(ZSTR_VAL(name), "0123456789_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\177\200\201\202\203\204\205\206\207\210\211\212\213\214\215\216\217\220\221\222\223\224\225\226\227\230\231\232\233\234\235\236\237\240\241\242\243\244\245\246\247\250\251\252\253\254\255\256\257\260\261\262\263\264\265\266\267\270\271\272\273\274\275\276\277\300\301\302\303\304\305\306\307\310\311\312\313\314\315\316\317\320\321\322\323\324\325\326\327\330\331\332\333\334\335\336\337\340\341\342\343\344\345\346\347\350\351\352\353\354\355\356\357\360\361\362\363\364\365\366\367\370\371\372\373\374\375\376\377\\") != ZSTR_LEN(name)) {
if (strspn(ZSTR_VAL(name), "0123456789_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\200\201\202\203\204\205\206\207\210\211\212\213\214\215\216\217\220\221\222\223\224\225\226\227\230\231\232\233\234\235\236\237\240\241\242\243\244\245\246\247\250\251\252\253\254\255\256\257\260\261\262\263\264\265\266\267\270\271\272\273\274\275\276\277\300\301\302\303\304\305\306\307\310\311\312\313\314\315\316\317\320\321\322\323\324\325\326\327\330\331\332\333\334\335\336\337\340\341\342\343\344\345\346\347\350\351\352\353\354\355\356\357\360\361\362\363\364\365\366\367\370\371\372\373\374\375\376\377\\") != ZSTR_LEN(name)) {
if (!key) {
zend_string_release(lc_name);
}

5160
Zend/zend_language_scanner.c
File diff suppressed because it is too large
View File

6
Zend/zend_language_scanner.l
View File

@ -116,7 +116,7 @@ do { \
#define SET_DOUBLE_QUOTES_SCANNED_LENGTH(len) SCNG(scanned_string_len) = (len)
#define GET_DOUBLE_QUOTES_SCANNED_LENGTH() SCNG(scanned_string_len)
#define IS_LABEL_START(c) (((c) >= 'a' && (c) <= 'z') || ((c) >= 'A' && (c) <= 'Z') || (c) == '_' || (c) >= 0x7F)
#define IS_LABEL_START(c) (((c) >= 'a' && (c) <= 'z') || ((c) >= 'A' && (c) <= 'Z') || (c) == '_' || (c) >= 0x80)
#define ZEND_IS_OCT(c) ((c)>='0' && (c)<='7')
#define ZEND_IS_HEX(c) (((c)>='0' && (c)<='9') || ((c)>='a' && (c)<='f') || ((c)>='A' && (c)<='F'))
@ -1097,7 +1097,7 @@ DNUM ([0-9]*"."[0-9]+)|([0-9]+"."[0-9]*)
EXPONENT_DNUM (({LNUM}|{DNUM})[eE][+-]?{LNUM})
HNUM "0x"[0-9a-fA-F]+
BNUM "0b"[01]+
LABEL [a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*
LABEL [a-zA-Z_\x80-\xff][a-zA-Z0-9_\x80-\xff]*
WHITESPACE [ \n\r\t]+
TABS_AND_SPACES [ \t]*
TOKENS [;:,.\[\]()|^&+-/*=%!~$<>?@]
@ -1835,7 +1835,7 @@ inline_char_handler:
/* Make sure a label character follows "->", otherwise there is no property
* and "->" will be taken literally
*/
<ST_DOUBLE_QUOTES,ST_HEREDOC,ST_BACKQUOTE>"$"{LABEL}"->"[a-zA-Z_\x7f-\xff] {
<ST_DOUBLE_QUOTES,ST_HEREDOC,ST_BACKQUOTE>"$"{LABEL}"->"[a-zA-Z_\x80-\xff] {
yyless(yyleng - 3);
yy_push_state(ST_LOOKING_FOR_PROPERTY);
zend_copy_value(zendlval, (yytext+1), (yyleng-1));

2
Zend/zend_language_scanner_defs.h
View File

@ -1,4 +1,4 @@
/* Generated by re2c 0.13.5 */
/* Generated by re2c 0.15.3 */
#line 3 "Zend/zend_language_scanner_defs.h"
enum YYCONDTYPE {

16
tests/lang/bug71897.phpt
View File

@ -0,0 +1,16 @@
--TEST--
Bug #71897 (ASCII 0x7F Delete control character permitted in identifiers)
--FILE--
<?php
eval("
\$a\x7Fb = 3;
var_dump(\$a\x7Fb);
");
?>
--EXPECTF--
Warning: Unexpected character in input: '%s' (ASCII=127) state=0 in %s(%d) : eval()'d code on line %d
Parse error: syntax error, unexpected 'b' (T_STRING) in %s(%d) : eval()'d code on line %d
Write Preview
Loading…
Cancel
Save