tests gzinflate-bug42663.phpt gzinflate_length.phpt

Arnaud Le Blanc Thu, 24 Jul 2008 08:20:12 -0700

lbarnaud                Thu Jul 24 14:39:58 2008 UTC

  Modified files:              
    /php-src/ext/zlib/tests     gzinflate-bug42663.phpt 
                                gzinflate_length.phpt 
  Log:
  MFB: Added tests for #42663
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/zlib/tests/gzinflate-bug42663.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/zlib/tests/gzinflate-bug42663.phpt
diff -u /dev/null php-src/ext/zlib/tests/gzinflate-bug42663.phpt:1.2
--- /dev/null   Thu Jul 24 14:39:58 2008
+++ php-src/ext/zlib/tests/gzinflate-bug42663.phpt      Thu Jul 24 14:39:58 2008
@@ -0,0 +1,23 @@
+--TEST--
+Bug #42663 (gzinflate() try to allocate all memory with truncated $data)
+--SKIPIF--
+<?php if (!extension_loaded("zlib")) print "skip"; ?>
+--FILE--
+<?php
+// build a predictable string
+$string = b'';
+for($i=0; $i<30000; ++$i) $string .= (binary)$i . b' ';
+var_dump(strlen($string));
+// deflate string
+$deflated = gzdeflate($string,9);
+var_dump(strlen($deflated));
+// truncate $deflated string
+$truncated = substr($deflated, 0, 65535);
+var_dump(strlen($truncated));
+// inflate $truncated string (check if it will not eat all memory)
+gzinflate($truncated);
+?>
+--EXPECT--
+int(168890)
+int(66743)
+int(65535)
http://cvs.php.net/viewvc.cgi/php-src/ext/zlib/tests/gzinflate_length.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/zlib/tests/gzinflate_length.phpt
diff -u /dev/null php-src/ext/zlib/tests/gzinflate_length.phpt:1.2
--- /dev/null   Thu Jul 24 14:39:58 2008
+++ php-src/ext/zlib/tests/gzinflate_length.phpt        Thu Jul 24 14:39:58 2008
@@ -0,0 +1,26 @@
+--TEST--
+gzinflate() and $length argument
+--SKIPIF--
+<?php if (!extension_loaded("zlib")) print "skip"; ?>
+--FILE--
+<?php
+$original = b'aaaaaaaaaaaaaaa';
+$packed=gzdeflate($original);
+echo strlen($packed)." ".strlen($original)."\n";
+$unpacked=gzinflate($packed, strlen($original));
+if (strcmp($original,$unpacked)==0) echo "Strings are equal\n";
+
+$unpacked=gzinflate($packed, strlen($original)*10);
+if (strcmp($original,$unpacked)==0) echo "Strings are equal\n";
+
+$unpacked=gzinflate($packed, 1);
+if ($unpacked === false) echo "Failed (as expected)\n";
+?>
+--EXPECTF--
+5 15
+Strings are equal
+Strings are equal
+
+Warning: gzinflate(): insufficient memory in %s on line %d
+Failed (as expected)
+




-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src /ext/zlib/tests gzinflate-bug42663.phpt gzinflate_length.phpt

Reply via email to