iliaa Wed Oct 29 20:41:44 2008 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/gettext gettext.c
/php-src NEWS
Log:
MFB: Fixed bug #44938 (gettext functions crash with overly long domain).
http://cvs.php.net/viewvc.cgi/php-src/ext/gettext/gettext.c?r1=1.46.2.2.2.5&r2=1.46.2.2.2.6&diff_format=u
Index: php-src/ext/gettext/gettext.c
diff -u php-src/ext/gettext/gettext.c:1.46.2.2.2.5
php-src/ext/gettext/gettext.c:1.46.2.2.2.6
--- php-src/ext/gettext/gettext.c:1.46.2.2.2.5 Mon Dec 31 07:20:06 2007
+++ php-src/ext/gettext/gettext.c Wed Oct 29 20:41:43 2008
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: gettext.c,v 1.46.2.2.2.5 2007/12/31 07:20:06 sebastian Exp $ */
+/* $Id: gettext.c,v 1.46.2.2.2.6 2008/10/29 20:41:43 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -144,6 +144,13 @@
ZEND_GET_MODULE(php_gettext)
#endif
+#define PHP_GETTEXT_MAX_DOMAIN_LENGTH 1024
+#define PHP_GETTEXT_DOMAIN_LENGTH_CHECK \
+ if (domain_len > PHP_GETTEXT_MAX_DOMAIN_LENGTH) { \
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too
long"); \
+ RETURN_FALSE; \
+ }
+
PHP_MINFO_FUNCTION(php_gettext)
{
php_info_print_table_start();
@@ -155,18 +162,17 @@
Set the textdomain to "domain". Returns the current domain */
PHP_NAMED_FUNCTION(zif_textdomain)
{
- zval **domain;
- char *domain_name, *retval;
- char *val;
-
- if (ZEND_NUM_ARGS() != 1 || zend_get_parameters_ex(1, &domain) ==
FAILURE) {
- WRONG_PARAM_COUNT;
- }
- convert_to_string_ex(domain);
-
- val = Z_STRVAL_PP(domain);
- if (strcmp(val, "") && strcmp(val, "0")) {
- domain_name = val;
+ char *domain, *domain_name, *retval;
+ int domain_len;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &domain,
&domain_len) == FAILURE) {
+ return;
+ }
+
+ PHP_GETTEXT_DOMAIN_LENGTH_CHECK
+
+ if (strcmp(domain, "") && strcmp(domain, "0")) {
+ domain_name = domain;
} else {
domain_name = NULL;
}
@@ -181,15 +187,14 @@
Return the translation of msgid for the current domain, or msgid unaltered
if a translation does not exist */
PHP_NAMED_FUNCTION(zif_gettext)
{
- zval **msgid;
- char *msgstr;
+ char *msgid, *msgstr;
+ int msgid_len;
- if (ZEND_NUM_ARGS() != 1 || zend_get_parameters_ex(1, &msgid) ==
FAILURE) {
- WRONG_PARAM_COUNT;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &msgid,
&msgid_len) == FAILURE) {
+ return;
}
- convert_to_string_ex(msgid);
- msgstr = gettext(Z_STRVAL_PP(msgid));
+ msgstr = gettext(msgid);
RETURN_STRING(msgstr, 1);
}
@@ -199,16 +204,16 @@
Return the translation of msgid for domain_name, or msgid unaltered if a
translation does not exist */
PHP_NAMED_FUNCTION(zif_dgettext)
{
- zval **domain_name, **msgid;
- char *msgstr;
+ char *domain, *msgid, *msgstr;
+ int domain_len, msgid_len;
- if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &domain_name,
&msgid) == FAILURE) {
- WRONG_PARAM_COUNT;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &domain,
&domain_len, &msgid, &msgid_len) == FAILURE) {
+ return;
}
- convert_to_string_ex(domain_name);
- convert_to_string_ex(msgid);
- msgstr = dgettext(Z_STRVAL_PP(domain_name), Z_STRVAL_PP(msgid));
+ PHP_GETTEXT_DOMAIN_LENGTH_CHECK
+
+ msgstr = dgettext(domain, msgid);
RETURN_STRING(msgstr, 1);
}
@@ -218,17 +223,17 @@
Return the translation of msgid for domain_name and category, or msgid
unaltered if a translation does not exist */
PHP_NAMED_FUNCTION(zif_dcgettext)
{
- zval **domain_name, **msgid, **category;
- char *msgstr;
+ char *domain, *msgid, *msgstr;
+ int domain_len, msgid_len;
+ long category;
- if (ZEND_NUM_ARGS() != 3 || zend_get_parameters_ex(3, &domain_name,
&msgid, &category) == FAILURE) {
- WRONG_PARAM_COUNT;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssl", &domain,
&domain_len, &msgid, &msgid_len, &category) == FAILURE) {
+ return;
}
- convert_to_string_ex(domain_name);
- convert_to_string_ex(msgid);
- convert_to_long_ex(category);
- msgstr = dcgettext(Z_STRVAL_PP(domain_name), Z_STRVAL_PP(msgid),
Z_LVAL_PP(category));
+ PHP_GETTEXT_DOMAIN_LENGTH_CHECK
+
+ msgstr = dcgettext(domain, msgid, category);
RETURN_STRING(msgstr, 1);
}
@@ -238,29 +243,30 @@
Bind to the text domain domain_name, looking for translations in dir.
Returns the current domain */
PHP_NAMED_FUNCTION(zif_bindtextdomain)
{
- zval **domain_name, **dir;
+ char *domain, *dir;
+ int domain_len, dir_len;
char *retval, dir_name[MAXPATHLEN];
- if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &domain_name,
&dir) == FAILURE) {
- WRONG_PARAM_COUNT;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &domain,
&domain_len, &dir, &dir_len) == FAILURE) {
+ return;
}
- convert_to_string_ex(domain_name);
- convert_to_string_ex(dir);
- if (Z_STRVAL_PP(domain_name)[0] == '\0') {
+ PHP_GETTEXT_DOMAIN_LENGTH_CHECK
+
+ if (domain[0] == '\0') {
php_error(E_WARNING, "The first parameter of bindtextdomain
must not be empty");
RETURN_FALSE;
}
- if (Z_STRVAL_PP(dir)[0] != '\0' && strcmp(Z_STRVAL_PP(dir), "0")) {
- if (!VCWD_REALPATH(Z_STRVAL_PP(dir), dir_name)) {
+ if (dir[0] != '\0' && strcmp(dir, "0")) {
+ if (!VCWD_REALPATH(dir, dir_name)) {
RETURN_FALSE;
}
} else if (!VCWD_GETCWD(dir_name, MAXPATHLEN)) {
RETURN_FALSE;
}
- retval = bindtextdomain(Z_STRVAL_PP(domain_name), dir_name);
+ retval = bindtextdomain(domain, dir_name);
RETURN_STRING(retval, 1);
}
@@ -271,22 +277,17 @@
Plural version of gettext() */
PHP_NAMED_FUNCTION(zif_ngettext)
{
- zval **msgid1, **msgid2, **count;
- char *msgstr;
+ char *msgid1, *msgid2, *msgstr;
+ int msgid1_len, msgid2_len;
+ long count;
- RETVAL_FALSE;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssl", &msgid1,
&msgid1_len, &msgid2, &msgid2_len, &count) == FAILURE) {
+ return;
+ }
- if (ZEND_NUM_ARGS() != 3 || zend_get_parameters_ex(3, &msgid1, &msgid2,
&count) == FAILURE) {
- WRONG_PARAM_COUNT;
- } else {
- convert_to_string_ex(msgid1);
- convert_to_string_ex(msgid2);
- convert_to_long_ex(count);
-
- msgstr = ngettext(Z_STRVAL_PP(msgid1), Z_STRVAL_PP(msgid2),
Z_LVAL_PP(count));
- if (msgstr) {
- RETVAL_STRING (msgstr, 1);
- }
+ msgstr = ngettext(msgid1, msgid2, count);
+ if (msgstr) {
+ RETVAL_STRING(msgstr, 1);
}
}
/* }}} */
@@ -297,24 +298,20 @@
Plural version of dgettext() */
PHP_NAMED_FUNCTION(zif_dngettext)
{
- zval **domain, **msgid1, **msgid2, **count;
+ char *domain, *msgid1, *msgid2, *msgstr = NULL;
+ int domain_len, msgid1_len, msgid2_len;
+ long count;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sssl", &domain,
&domain_len,
+ &msgid1, &msgid1_len, &msgid2, &msgid2_len, &count) == FAILURE)
{
+ return;
+ }
- RETVAL_FALSE;
+ PHP_GETTEXT_DOMAIN_LENGTH_CHECK
- if (ZEND_NUM_ARGS() != 4 || zend_get_parameters_ex(4, &domain, &msgid1,
&msgid2, &count) == FAILURE) {
- WRONG_PARAM_COUNT;
- } else {
- char *msgstr;
-
- convert_to_string_ex(domain);
- convert_to_string_ex(msgid1);
- convert_to_string_ex(msgid2);
- convert_to_long_ex(count);
-
- msgstr = dngettext(Z_STRVAL_PP(domain), Z_STRVAL_PP(msgid1),
Z_STRVAL_PP(msgid2), Z_LVAL_PP(count));
- if (msgstr) {
- RETVAL_STRING(msgstr, 1);
- }
+ msgstr = dngettext(domain, msgid1, msgid2, count);
+ if (msgstr) {
+ RETVAL_STRING(msgstr, 1);
}
}
/* }}} */
@@ -325,26 +322,23 @@
Plural version of dcgettext() */
PHP_NAMED_FUNCTION(zif_dcngettext)
{
- zval **domain, **msgid1, **msgid2, **count, **category;
+ char *domain, *msgid1, *msgid2, *msgstr = NULL;
+ int domain_len, msgid1_len, msgid2_len;
+ long count, category;
RETVAL_FALSE;
- if (ZEND_NUM_ARGS() != 5 || zend_get_parameters_ex(5, &domain, &msgid1,
&msgid2, &count, &category) == FAILURE) {
- WRONG_PARAM_COUNT;
- } else {
- char* msgstr = NULL;
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sssll", &domain,
&domain_len,
+ &msgid1, &msgid1_len, &msgid2, &msgid2_len, &count, &category)
== FAILURE) {
+ return;
+ }
- convert_to_string_ex(domain);
- convert_to_string_ex(msgid1);
- convert_to_string_ex(msgid2);
- convert_to_long_ex(count);
- convert_to_long_ex(category);
+ PHP_GETTEXT_DOMAIN_LENGTH_CHECK
- msgstr = dcngettext(Z_STRVAL_PP(domain), Z_STRVAL_PP(msgid1),
Z_STRVAL_PP(msgid2), Z_LVAL_PP(count), Z_LVAL_PP(category));
+ msgstr = dcngettext(domain, msgid1, msgid2, count, category);
- if (msgstr) {
- RETVAL_STRING(msgstr, 1);
- }
+ if (msgstr) {
+ RETVAL_STRING(msgstr, 1);
}
}
/* }}} */
@@ -356,22 +350,21 @@
Specify the character encoding in which the messages from the DOMAIN
message catalog will be returned. */
PHP_NAMED_FUNCTION(zif_bind_textdomain_codeset)
{
- zval **domain, **codeset;
- char *retval;
-
- if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &domain,
&codeset) == FAILURE) {
- WRONG_PARAM_COUNT;
- } else {
- convert_to_string_ex(domain);
- convert_to_string_ex(codeset);
-
- retval = bind_textdomain_codeset(Z_STRVAL_PP(domain),
Z_STRVAL_PP(codeset));
+ char *domain, *codeset, *retval = NULL;
+ int domain_len, codeset_len;
- if (!retval) {
- RETURN_FALSE;
- }
- RETURN_STRING(retval, 1);
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &domain,
&domain_len, &codeset, &codeset_len) == FAILURE) {
+ return;
}
+
+ PHP_GETTEXT_DOMAIN_LENGTH_CHECK
+
+ retval = bind_textdomain_codeset(domain, codeset);
+
+ if (!retval) {
+ RETURN_FALSE;
+ }
+ RETURN_STRING(retval, 1);
}
/* }}} */
#endif
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1284&r2=1.2027.2.547.2.1285&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1284 php-src/NEWS:1.2027.2.547.2.1285
--- php-src/NEWS:1.2027.2.547.2.1284 Wed Oct 29 20:17:33 2008
+++ php-src/NEWS Wed Oct 29 20:41:43 2008
@@ -15,6 +15,8 @@
dynamicly created property). (Felipe)
- Fixed bug #45529 (new DateTimeZone() and date_create()->getTimezone() behave
different). (Derick)
+- Fixed bug #44938 (gettext functions crash with overly long domain).
+ (Christian Schneider, Ilia)
- Fixed bug #43452 (strings containing a weekday, or a number plus weekday
behaved incorrect of the current day-of-week was the same as the one in the
phrase).(Derick)
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
