[PHP-CVS] cvs: php-src /ext/standard exec.c

Mon, 17 Mar 2008 16:02:50 -0700 

iliaa           Mon Mar 17 23:02:35 2008 UTC

  Modified files:              
    /php-src/ext/standard       exec.c 
  Log:
  
  MFB: Properly address incomplete multibyte chars inside escapeshellcmd()
  
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.126&r2=1.127&diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.126 php-src/ext/standard/exec.c:1.127
--- php-src/ext/standard/exec.c:1.126   Mon Dec 31 07:12:15 2007
+++ php-src/ext/standard/exec.c Mon Mar 17 23:02:35 2008
@@ -16,7 +16,7 @@
    |         Ilia Alshanetsky <[EMAIL PROTECTED]>                             |
    +----------------------------------------------------------------------+
  */
-/* $Id: exec.c,v 1.126 2007/12/31 07:12:15 sebastian Exp $ */
+/* $Id: exec.c,v 1.127 2008/03/17 23:02:35 iliaa Exp $ */
 
 #include <stdio.h>
 #include "php.h"
@@ -256,6 +256,11 @@
        cmd = safe_emalloc(2, l, 1);
 
        for (x = 0, y = 0; x < l; x++) {
+               /* skip non-valid multibyte characters */
+               if (php_mblen(str + x, (l - x)) < 0) {
+                       continue;
+               }
+
                switch (str[x]) {
                        case '"':
                        case '\'':



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to