moriyoshi Mon, 12 Oct 2009 14:29:45 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=289567
Log: - Bug #49785: take 4 - typo. this flaw is unharmful since the return value of get_next_char() is only used when UTF-8 is specified to the third argument. Bug: http://bugs.php.net/49785 (Closed) htmlspecialchars() should check byte sequence more strictly Changed paths: U php/php-src/branches/PHP_5_2/ext/standard/html.c U php/php-src/branches/PHP_5_3/ext/standard/html.c U php/php-src/trunk/ext/standard/html.c Modified: php/php-src/branches/PHP_5_2/ext/standard/html.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/standard/html.c 2009-10-12 14:26:47 UTC (rev 289566) +++ php/php-src/branches/PHP_5_2/ext/standard/html.c 2009-10-12 14:29:45 UTC (rev 289567) @@ -689,7 +689,7 @@ MB_WRITE(this_char); MB_WRITE(next_char); MB_WRITE(next2_char); - this_char = (this_char << 16) | (next_char << 8) | next_char; + this_char = (this_char << 16) | (next_char << 8) | next2_char; } else { MB_FAILURE(pos); } Modified: php/php-src/branches/PHP_5_3/ext/standard/html.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/standard/html.c 2009-10-12 14:26:47 UTC (rev 289566) +++ php/php-src/branches/PHP_5_3/ext/standard/html.c 2009-10-12 14:29:45 UTC (rev 289567) @@ -688,7 +688,7 @@ MB_WRITE(this_char); MB_WRITE(next_char); MB_WRITE(next2_char); - this_char = (this_char << 16) | (next_char << 8) | next_char; + this_char = (this_char << 16) | (next_char << 8) | next2_char; } else { MB_FAILURE(pos); } Modified: php/php-src/trunk/ext/standard/html.c =================================================================== --- php/php-src/trunk/ext/standard/html.c 2009-10-12 14:26:47 UTC (rev 289566) +++ php/php-src/trunk/ext/standard/html.c 2009-10-12 14:29:45 UTC (rev 289567) @@ -694,7 +694,7 @@ MB_WRITE(this_char); MB_WRITE(next_char); MB_WRITE(next2_char); - this_char = (this_char << 16) | (next_char << 8) | next_char; + this_char = (this_char << 16) | (next_char << 8) | next2_char; } else { MB_FAILURE(pos); }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php