Refine fix for multibyte char hanling inside command names and args

18 years ago · 74b5cfdea5
1 changed files with 16 additions and 1 deletions
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@ -274,8 +274,13 @@ PHPAPI char *php_escape_shell_cmd(char *str)
 	cmd = safe_emalloc(2, l, 1);

 	for (x = 0, y = 0; x < l; x++) {
+		int mb_len = php_mblen(str + x, (l - x));
+
 		/* skip non-valid multibyte characters */
-		if (php_mblen(str + x, (l - x)) < 0) {
+		if (mb_len < 0) {
+			continue;
+		} else if (mb_len > 1) {
+			x += mb_len - 1;
 			continue;
 		}

@ -356,6 +361,16 @@ PHPAPI char *php_escape_shell_arg(char *str)
 #endif

 	for (x = 0; x < l; x++) {
+		int mb_len = php_mblen(str + x, (l - x));
+
+		/* skip non-valid multibyte characters */
+		if (mb_len < 0) {
+			continue;
+		} else if (mb_len > 1) {
+			x += mb_len - 1;
+			continue;
+		}
+
 		switch (str[x]) {
 #ifdef PHP_WIN32
 		case '"':