On Tue, December 10, 2013 13:55, Nikita Popov wrote:
> On Tue, Dec 10, 2013 at 1:41 PM, Anatol Belski <a...@php.net> wrote:
>
>
>> Commit:    a697297f5f328442994c6321c9661d1351036c4e
>> Author:    Anatol Belski <a...@php.net>         Tue, 10 Dec 2013 13:41:49
>> +0100
>> Parents:   5acc0c0c5bf5afbd2b103a99adf51539874ccc48
>> Branches:  str_size_and_int64
>>
>>
>> Link:
>> http://git.php.net/?p=php-src.git;a=commitdiff;h=a697297f5f328442994c632
>> 1c9661d1351036c4e
>>
>>
>> Log:
>> more range checks for ext/tidy
>>
>> Changed paths:
>> M  ext/tidy/tidy.c
>>
>>
>>
>> Diff:
>> diff --git a/ext/tidy/tidy.c b/ext/tidy/tidy.c index 94daef4..69cd19e
>> 100644
>> --- a/ext/tidy/tidy.c
>> +++ b/ext/tidy/tidy.c
>> @@ -604,6 +604,11 @@ static void
>> php_tidy_quick_repair(INTERNAL_FUNCTION_PARAMETERS, zend_bool is_fil if
>> (data) {
>> TidyBuffer buf;
>>
>>
>> +               if (data_len > UINT_MAX) {
>> +                       php_error_docref(NULL TSRMLS_CC, E_WARNING,
>> "Input
>> data is too long"); +                       RETVAL_FALSE;
>> +               }
>>
>>
>
> RETVAL over RETURN intentional?
>
>
> Nikita
>
>

uups, of course not. Thanks for keeping eye on that :)

Regards

anatol


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to