dmitry Tue Mar 31 10:02:40 2009 UTC
Added files: (Branch: PHP_5_3)
/php-src/ext/filter/tests bug47745.phpt
Modified files:
/php-src NEWS
/php-src/ext/filter logical_filters.c
Log:
Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer)
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.965.2.545&r2=1.2027.2.547.2.965.2.546&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.965.2.545
php-src/NEWS:1.2027.2.547.2.965.2.546
--- php-src/NEWS:1.2027.2.547.2.965.2.545 Mon Mar 30 13:57:01 2009
+++ php-src/NEWS Tue Mar 31 10:02:39 2009
@@ -10,6 +10,8 @@
(Matteo)
- Fixed bug #47771 (Exception during object construction from arg call calls
object's destructor). (Dmitry)
+- Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer).
+ (Dmitry)
- Fixed bug #47714 (autoloading classes inside exception_handler leads to
crashes). (Dmitry)
- Fixed bug #47699 (autoload and late static binding). (Dmitry)
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/logical_filters.c?r1=1.1.2.22.2.9&r2=1.1.2.22.2.10&diff_format=u
Index: php-src/ext/filter/logical_filters.c
diff -u php-src/ext/filter/logical_filters.c:1.1.2.22.2.9
php-src/ext/filter/logical_filters.c:1.1.2.22.2.10
--- php-src/ext/filter/logical_filters.c:1.1.2.22.2.9 Wed Mar 25 18:51:44 2009
+++ php-src/ext/filter/logical_filters.c Tue Mar 31 10:02:39 2009
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: logical_filters.c,v 1.1.2.22.2.9 2009/03/25 18:51:44 iliaa Exp $ */
+/* $Id: logical_filters.c,v 1.1.2.22.2.10 2009/03/31 10:02:39 dmitry Exp $ */
#include "php_filter.h"
#include "filter_private.h"
@@ -70,14 +70,12 @@
static int php_filter_parse_int(const char *str, unsigned int str_len, long
*ret TSRMLS_DC) { /* {{{ */
long ctx_value;
- long sign = 1;
+ long sign = 0;
const char *end = str + str_len;
- double dval;
- long overflow;
switch (*str) {
case '-':
- sign = -1;
+ sign = 1;
case '+':
str++;
default:
@@ -91,22 +89,29 @@
return -1;
}
+ if ((end - str > MAX_LENGTH_OF_LONG - 1) /* number too long */
+ || (SIZEOF_LONG == 4 && end - str == MAX_LENGTH_OF_LONG - 1 && *str >
'2')) {
+ /* overflow */
+ return -1;
+ }
+
while (str < end) {
if (*str >= '0' && *str <= '9') {
- ZEND_SIGNED_MULTIPLY_LONG(ctx_value, 10, ctx_value,
dval, overflow);
- if (overflow) {
- return -1;
- }
- ctx_value += ((*(str++)) - '0');
- if (ctx_value & LONG_SIGN_MASK) {
- return -1;
- }
+ ctx_value = (ctx_value * 10) + (*(str++) - '0');
\
} else {
return -1;
}
}
+ if (sign) {
+ ctx_value = -ctx_value;
+ if (ctx_value > 0) { /* overflow */
+ return -1;
+ }
+ } else if (ctx_value < 0) { /* overflow */
+ return -1;
+ }
- *ret = ctx_value * sign;
+ *ret = ctx_value;
return 1;
}
/* }}} */
http://cvs.php.net/viewvc.cgi/php-src/ext/filter/tests/bug47745.phpt?view=markup&rev=1.1
Index: php-src/ext/filter/tests/bug47745.phpt
+++ php-src/ext/filter/tests/bug47745.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
