iliaa Mon Mar 17 23:01:28 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Properly address incomplete multibyte chars inside escapeshellcmd() http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.3&r2=1.113.2.3.2.1.2.4&diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.3 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.4 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.3 Mon Dec 31 07:17:14 2007 +++ php-src/ext/standard/exec.c Mon Mar 17 23:01:27 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.3 2007/12/31 07:17:14 sebastian Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.4 2008/03/17 23:01:27 iliaa Exp $ */ #include <stdio.h> #include "php.h" @@ -271,6 +271,11 @@ cmd = safe_emalloc(2, l, 1); for (x = 0, y = 0; x < l; x++) { + /* skip non-valid multibyte characters */ + if (php_mblen(str + x, (l - x)) < 0) { + continue; + } + switch (str[x]) { case '"': case '\'':
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php