dsp Wed, 27 Jul 2011 14:17:45 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=313781
Log:
Check if given string is long enough in zend_*_strtod
Changed paths:
U php/php-src/branches/PHP_5_4/Zend/zend_strtod.c
U php/php-src/trunk/Zend/zend_strtod.c
Modified: php/php-src/branches/PHP_5_4/Zend/zend_strtod.c
===================================================================
--- php/php-src/branches/PHP_5_4/Zend/zend_strtod.c 2011-07-27 14:04:39 UTC
(rev 313780)
+++ php/php-src/branches/PHP_5_4/Zend/zend_strtod.c 2011-07-27 14:17:45 UTC
(rev 313781)
@@ -2585,6 +2585,11 @@
int any = 0;
double value = 0;
+ if (strlen(str) < 2) {
+ *endptr = str;
+ return 0.0;
+ }
+
if (*s == '0' && (s[1] == 'x' || s[1] == 'X')) {
s += 2;
}
@@ -2618,6 +2623,11 @@
double value = 0;
int any = 0;
+ if (strlen(str) < 1) {
+ *endptr = str;
+ return 0.0;
+ }
+
/* skip leading zero */
s++;
@@ -2646,6 +2656,11 @@
double value = 0;
int any = 0;
+ if (strlen(str) < 2) {
+ *endptr = str;
+ return 0.0;
+ }
+
if ('0' == *s && ('b' == s[1] || 'B' == s[1])) {
s += 2;
}
Modified: php/php-src/trunk/Zend/zend_strtod.c
===================================================================
--- php/php-src/trunk/Zend/zend_strtod.c 2011-07-27 14:04:39 UTC (rev
313780)
+++ php/php-src/trunk/Zend/zend_strtod.c 2011-07-27 14:17:45 UTC (rev
313781)
@@ -2585,6 +2585,11 @@
int any = 0;
double value = 0;
+ if (strlen(str) < 2) {
+ *endptr = str;
+ return 0.0;
+ }
+
if (*s == '0' && (s[1] == 'x' || s[1] == 'X')) {
s += 2;
}
@@ -2618,6 +2623,11 @@
double value = 0;
int any = 0;
+ if (strlen(str) < 1) {
+ *endptr = str;
+ return 0.0;
+ }
+
/* skip leading zero */
s++;
@@ -2646,6 +2656,11 @@
double value = 0;
int any = 0;
+ if (strlen(str) < 2) {
+ *endptr = str;
+ return 0.0;
+ }
+
if ('0' == *s && ('b' == s[1] || 'B' == s[1])) {
s += 2;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
