Re: [PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
ah, I thought it was related to #50207 On Mon, Nov 23, 2009 at 3:31 PM, Ilia Alshanetsky wrote: > There is no bug # for this one. > > On 2009-11-23, at 3:32 AM, Pierre Joye wrote: > >> hi Ilia! >> >> On Mon, Nov 23, 2009 at 5:12 AM, Ilia Alshanetsky wrote: >>> iliaa Mon, 23 Nov 2009 04:12:36 + >>> >>> Revision: http://svn.php.net/viewvc?view=revision&revision=291172 >>> >>> Log: >>> Extend the previously added large string concatenation validation >> >> Pls keep using the bug #, it is critical for the RMs :) >> >> Cheers, >> -- >> Pierre >> >> http://blog.thepimp.net | http://www.libgd.org >> >> -- >> PHP CVS Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> > > -- Pierre http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
There is no bug # for this one. On 2009-11-23, at 3:32 AM, Pierre Joye wrote: > hi Ilia! > > On Mon, Nov 23, 2009 at 5:12 AM, Ilia Alshanetsky wrote: >> iliaaMon, 23 Nov 2009 04:12:36 + >> >> Revision: http://svn.php.net/viewvc?view=revision&revision=291172 >> >> Log: >> Extend the previously added large string concatenation validation > > Pls keep using the bug #, it is critical for the RMs :) > > Cheers, > -- > Pierre > > http://blog.thepimp.net | http://www.libgd.org > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
hi Ilia! On Mon, Nov 23, 2009 at 5:12 AM, Ilia Alshanetsky wrote: > iliaa Mon, 23 Nov 2009 04:12:36 + > > Revision: http://svn.php.net/viewvc?view=revision&revision=291172 > > Log: > Extend the previously added large string concatenation validation Pls keep using the bug #, it is critical for the RMs :) Cheers, -- Pierre http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
iliaaMon, 23 Nov 2009 04:12:36 +
Revision: http://svn.php.net/viewvc?view=revision&revision=291172
Log:
Extend the previously added large string concatenation validation
Changed paths:
U php/php-src/branches/PHP_5_2/Zend/zend_operators.c
U php/php-src/branches/PHP_5_3/Zend/zend_operators.c
Modified: php/php-src/branches/PHP_5_2/Zend/zend_operators.c
===
--- php/php-src/branches/PHP_5_2/Zend/zend_operators.c 2009-11-23 04:11:01 UTC
(rev 291171)
+++ php/php-src/branches/PHP_5_2/Zend/zend_operators.c 2009-11-23 04:12:36 UTC
(rev 291172)
@@ -1203,7 +1203,7 @@
if (result==op1) { /* special case, perform operations on result */
uint res_len = op1->value.str.len + op2->value.str.len;
- if (Z_STRLEN_P(result) < 0) {
+ if (Z_STRLEN_P(result) < 0 || (int) (Z_STRLEN_P(op1) +
Z_STRLEN_P(op2)) < 0) {
efree(Z_STRVAL_P(result));
ZVAL_EMPTY_STRING(result);
zend_error(E_ERROR, "String size overflow");
Modified: php/php-src/branches/PHP_5_3/Zend/zend_operators.c
===
--- php/php-src/branches/PHP_5_3/Zend/zend_operators.c 2009-11-23 04:11:01 UTC
(rev 291171)
+++ php/php-src/branches/PHP_5_3/Zend/zend_operators.c 2009-11-23 04:12:36 UTC
(rev 291172)
@@ -1227,7 +1227,7 @@
if (result==op1) { /* special case, perform operations on result */
uint res_len = Z_STRLEN_P(op1) + Z_STRLEN_P(op2);
- if (Z_STRLEN_P(result) < 0) {
+ if (Z_STRLEN_P(result) < 0 || (int) (Z_STRLEN_P(op1) +
Z_STRLEN_P(op2)) < 0) {
efree(Z_STRVAL_P(result));
ZVAL_EMPTY_STRING(result);
zend_error(E_ERROR, "String size overflow");
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
