Edit report at https://bugs.php.net/bug.php?id=65776&edit=1
ID: 65776
Updated by: larue...@php.net
Reported by: mrubinsk at horde dot org
Summary: Incorrect line endings causes segfault in
convert.quoted-printable-encode
Status: Open
Type: Bug
Package: Streams related
Operating System: OSX, Ubuntu
PHP Version: 5.4.20
-Assigned To:
+Assigned To: moriyoshi
Block user comment: N
Private report: N
New Comment:
hey Moriyoshi:
seems these codes are obviously wrong, if in_pp is null but the lb_ptr is
smaller than lb_cnt, then it must segfault in the later "*in_pp";
php-5.4/ext/standard/filters.c:805
if ((in_pp == NULL || in_left_p == NULL) && (lb_ptr >=lb_cnt)) {
return PHP_CONV_ERR_SUCCESS;
}
ps = (unsigned char *)(*in_pp);
Previous Comments:
------------------------------------------------------------------------
[2013-09-27 18:50:58] mrubinsk at horde dot org
Description:
------------
When using the convert.quoted-printable-encode stream filter, if the stream
contains a single bare CR line ending at the end of the stream when
line-break-chars is set to CRLF this can cause a segfault with certain values
of line-length.
Changing the line-length in the test script, or setting line-break-chars to
"\r" prevents the segfault.
Test script:
---------------
$data = fopen('php://temp', 'r+');
fwrite($data, "test\r\ntest\r\n\r");
$stream = fopen("php://temp", 'r+');
stream_filter_append($stream, 'convert.quoted-printable-encode',
STREAM_FILTER_WRITE, array('line-length' => 5, 'line-break-chars' => "\r\n"));
rewind($data);
stream_copy_to_stream($data, $stream);
Expected result:
----------------
The data should be copied from the $data stream to the $stream stream, applying
the convert filter.
Actual result:
--------------
Segfault.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=65776&edit=1
