[PHP-DEV] Patch for range()

Fri, 22 Nov 2002 22:37:00 -0800 

Hi,

I've just found range() behaves unexpectedly in some special cases.

For instance, please try the following script.

<?php
echo count(range('a', 'z', 12));
?>

will give 45 while it should return an array that consists of 3 elements. 
That is because the counting may exceed the upper limit of positive char 
value during the loop.

The attached patch is a fix for this issue. I'll commit this if there are 
no objections.

Moriyoshi


Index: ext/standard/array.c
===================================================================
RCS file: /repository/php4/ext/standard/array.c,v
retrieving revision 1.201
diff -u -r1.201 array.c
--- ext/standard/array.c        15 Nov 2002 02:16:41 -0000      1.201
+++ ext/standard/array.c        23 Nov 2002 06:20:16 -0000
@@ -1435,19 +1435,29 @@
 
        /* If the range is given as strings, generate an array of characters. */
        if (Z_TYPE_P(zlow) == IS_STRING && Z_TYPE_P(zhigh) == IS_STRING) {
-               char *low, *high;
+               unsigned char *low, *high;
 
                convert_to_string_ex(&zlow);
                convert_to_string_ex(&zhigh);
-               low = Z_STRVAL_P(zlow);
-               high = Z_STRVAL_P(zhigh);
+               low = (unsigned char *)Z_STRVAL_P(zlow);
+               high = (unsigned char *)Z_STRVAL_P(zhigh);
 
                if (*low > *high) {             /* Negative steps */
-                       for (; *low >= *high; (*low) -= step) {
+                       if (*low - *high < step || step < 0) {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "step 
+exceeds the specified range");
+                               zval_dtor(return_value);
+                               RETURN_FALSE;
+                       }
+                       for (; *low >= *high; (*low) -= (unsigned int)step) {
                                add_next_index_stringl(return_value, low, 1, 1);
                        }
                } else {                                /* Positive steps */
-                       for (; *low <= *high; (*low) += step) {
+                       if (*high - *low < step || step < 0) {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "step 
+exceeds the specified range");
+                               zval_dtor(return_value);
+                               RETURN_FALSE;
+                       }
+                       for (; *low <= *high; (*low) += (unsigned int)step) {
                                add_next_index_stringl(return_value, low, 1, 1);
                        }
                }
@@ -1460,10 +1470,20 @@
                high = Z_LVAL_P(zhigh);
 
                if (low > high) {               /* Negative steps */
+                       if (low - high < step || step < 0) {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "step 
+exceeds the specified range");
+                               zval_dtor(return_value);
+                               RETURN_FALSE;
+                       }
                        for (; low >= high; low -= step) {
                                add_next_index_long(return_value, low);
                        }       
                } else {                                /* Positive steps */
+                       if (high - low < step || step < 0) {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "step 
+exceeds the specified range");
+                               zval_dtor(return_value);
+                               RETURN_FALSE;
+                       }
                        for (; low <= high; low += step) {
                                add_next_index_long(return_value, low);
                        }       

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to