iliaa Tue Sep 18 19:49:54 2007 UTC Added files: (Branch: PHP_5_2) /php-src/ext/xmlrpc/tests bug42189.phpt
Modified files: /php-src/ext/xmlrpc xmlrpc-epi-php.c /php-src/ext/xmlrpc/libxmlrpc xmlrpc.c /php-src NEWS Log: Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime values). http://cvs.php.net/viewvc.cgi/php-src/ext/xmlrpc/xmlrpc-epi-php.c?r1=1.39.2.5.2.5&r2=1.39.2.5.2.6&diff_format=u Index: php-src/ext/xmlrpc/xmlrpc-epi-php.c diff -u php-src/ext/xmlrpc/xmlrpc-epi-php.c:1.39.2.5.2.5 php-src/ext/xmlrpc/xmlrpc-epi-php.c:1.39.2.5.2.6 --- php-src/ext/xmlrpc/xmlrpc-epi-php.c:1.39.2.5.2.5 Fri Jan 12 12:32:15 2007 +++ php-src/ext/xmlrpc/xmlrpc-epi-php.c Tue Sep 18 19:49:53 2007 @@ -51,7 +51,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: xmlrpc-epi-php.c,v 1.39.2.5.2.5 2007/01/12 12:32:15 tony2001 Exp $ */ +/* $Id: xmlrpc-epi-php.c,v 1.39.2.5.2.6 2007/09/18 19:49:53 iliaa Exp $ */ /********************************************************************** * BUGS: * @@ -1325,9 +1325,13 @@ if(SUCCESS == zend_hash_update(Z_OBJPROP_P(value), OBJECT_TYPE_ATTR, sizeof(OBJECT_TYPE_ATTR), (void *) &type, sizeof(zval *), NULL)) { bSuccess = zend_hash_update(Z_OBJPROP_P(value), OBJECT_VALUE_TS_ATTR, sizeof(OBJECT_VALUE_TS_ATTR), (void *) &ztimestamp, sizeof(zval *), NULL); } - } + } else { + zval_ptr_dtor(&type); + } XMLRPC_CleanupValue(v); - } + } else { + zval_ptr_dtor(&type); + } } else { convert_to_object(value); http://cvs.php.net/viewvc.cgi/php-src/ext/xmlrpc/libxmlrpc/xmlrpc.c?r1=1.8.4.2&r2=1.8.4.3&diff_format=u Index: php-src/ext/xmlrpc/libxmlrpc/xmlrpc.c diff -u php-src/ext/xmlrpc/libxmlrpc/xmlrpc.c:1.8.4.2 php-src/ext/xmlrpc/libxmlrpc/xmlrpc.c:1.8.4.3 --- php-src/ext/xmlrpc/libxmlrpc/xmlrpc.c:1.8.4.2 Thu Jun 7 09:07:36 2007 +++ php-src/ext/xmlrpc/libxmlrpc/xmlrpc.c Tue Sep 18 19:49:53 2007 @@ -31,7 +31,7 @@ */ -static const char rcsid[] = "#(@) $Id: xmlrpc.c,v 1.8.4.2 2007/06/07 09:07:36 tony2001 Exp $"; +static const char rcsid[] = "#(@) $Id: xmlrpc.c,v 1.8.4.3 2007/09/18 19:49:53 iliaa Exp $"; /****h* ABOUT/xmlrpc @@ -43,6 +43,11 @@ * 9/1999 - 10/2000 * HISTORY * $Log: xmlrpc.c,v $ + * Revision 1.8.4.3 2007/09/18 19:49:53 iliaa + * + * Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime + * values). + * * Revision 1.8.4.2 2007/06/07 09:07:36 tony2001 * MFH: php_localtime_r() checks * @@ -176,7 +181,7 @@ } p++; } - text = buf; + text = buf; } @@ -186,15 +191,19 @@ return -1; } +#define XMLRPC_IS_NUMBER(x) if (x < '0' || x > '9') return -1; + n = 1000; tm.tm_year = 0; for(i = 0; i < 4; i++) { + XMLRPC_IS_NUMBER(text[i]) tm.tm_year += (text[i]-'0')*n; n /= 10; } n = 10; tm.tm_mon = 0; for(i = 0; i < 2; i++) { + XMLRPC_IS_NUMBER(text[i]) tm.tm_mon += (text[i+4]-'0')*n; n /= 10; } @@ -203,6 +212,7 @@ n = 10; tm.tm_mday = 0; for(i = 0; i < 2; i++) { + XMLRPC_IS_NUMBER(text[i]) tm.tm_mday += (text[i+6]-'0')*n; n /= 10; } @@ -210,6 +220,7 @@ n = 10; tm.tm_hour = 0; for(i = 0; i < 2; i++) { + XMLRPC_IS_NUMBER(text[i]) tm.tm_hour += (text[i+9]-'0')*n; n /= 10; } @@ -217,6 +228,7 @@ n = 10; tm.tm_min = 0; for(i = 0; i < 2; i++) { + XMLRPC_IS_NUMBER(text[i]) tm.tm_min += (text[i+12]-'0')*n; n /= 10; } @@ -224,6 +236,7 @@ n = 10; tm.tm_sec = 0; for(i = 0; i < 2; i++) { + XMLRPC_IS_NUMBER(text[i]) tm.tm_sec += (text[i+15]-'0')*n; n /= 10; } http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.953&r2=1.2027.2.547.2.954&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.953 php-src/NEWS:1.2027.2.547.2.954 --- php-src/NEWS:1.2027.2.547.2.953 Tue Sep 18 09:25:03 2007 +++ php-src/NEWS Tue Sep 18 19:49:53 2007 @@ -50,6 +50,8 @@ - Fixed bug #42359 (xsd:list type not parsed). (Dmitry) - Fixed bug #42326 (SoapServer crash). (Dmitry) - Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry) +- Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime + values). (Ilia) - Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic compliant wsdl). (Dmitry) - Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten http://cvs.php.net/viewvc.cgi/php-src/ext/xmlrpc/tests/bug42189.phpt?view=markup&rev=1.1 Index: php-src/ext/xmlrpc/tests/bug42189.phpt +++ php-src/ext/xmlrpc/tests/bug42189.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php