Re: [PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
ah, I thought it was related to #50207 On Mon, Nov 23, 2009 at 3:31 PM, Ilia Alshanetsky wrote: > There is no bug # for this one. > > On 2009-11-23, at 3:32 AM, Pierre Joye wrote: > >> hi Ilia! >> >> On Mon, Nov 23, 2009 at 5:12 AM, Ilia Alshanetsky wrote: >>> iliaa Mon, 23 Nov 2009 04:12:36 + >>> >>> Revision: http://svn.php.net/viewvc?view=revision&revision=291172 >>> >>> Log: >>> Extend the previously added large string concatenation validation >> >> Pls keep using the bug #, it is critical for the RMs :) >> >> Cheers, >> -- >> Pierre >> >> http://blog.thepimp.net | http://www.libgd.org >> >> -- >> PHP CVS Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> > > -- Pierre http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
There is no bug # for this one. On 2009-11-23, at 3:32 AM, Pierre Joye wrote: > hi Ilia! > > On Mon, Nov 23, 2009 at 5:12 AM, Ilia Alshanetsky wrote: >> iliaaMon, 23 Nov 2009 04:12:36 + >> >> Revision: http://svn.php.net/viewvc?view=revision&revision=291172 >> >> Log: >> Extend the previously added large string concatenation validation > > Pls keep using the bug #, it is critical for the RMs :) > > Cheers, > -- > Pierre > > http://blog.thepimp.net | http://www.libgd.org > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
hi Ilia! On Mon, Nov 23, 2009 at 5:12 AM, Ilia Alshanetsky wrote: > iliaa Mon, 23 Nov 2009 04:12:36 + > > Revision: http://svn.php.net/viewvc?view=revision&revision=291172 > > Log: > Extend the previously added large string concatenation validation Pls keep using the bug #, it is critical for the RMs :) Cheers, -- Pierre http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] svn: /php/php-src/branches/ PHP_5_2/Zend/zend_operators.c PHP_5_3/Zend/zend_operators.c
iliaaMon, 23 Nov 2009 04:12:36 + Revision: http://svn.php.net/viewvc?view=revision&revision=291172 Log: Extend the previously added large string concatenation validation Changed paths: U php/php-src/branches/PHP_5_2/Zend/zend_operators.c U php/php-src/branches/PHP_5_3/Zend/zend_operators.c Modified: php/php-src/branches/PHP_5_2/Zend/zend_operators.c === --- php/php-src/branches/PHP_5_2/Zend/zend_operators.c 2009-11-23 04:11:01 UTC (rev 291171) +++ php/php-src/branches/PHP_5_2/Zend/zend_operators.c 2009-11-23 04:12:36 UTC (rev 291172) @@ -1203,7 +1203,7 @@ if (result==op1) { /* special case, perform operations on result */ uint res_len = op1->value.str.len + op2->value.str.len; - if (Z_STRLEN_P(result) < 0) { + if (Z_STRLEN_P(result) < 0 || (int) (Z_STRLEN_P(op1) + Z_STRLEN_P(op2)) < 0) { efree(Z_STRVAL_P(result)); ZVAL_EMPTY_STRING(result); zend_error(E_ERROR, "String size overflow"); Modified: php/php-src/branches/PHP_5_3/Zend/zend_operators.c === --- php/php-src/branches/PHP_5_3/Zend/zend_operators.c 2009-11-23 04:11:01 UTC (rev 291171) +++ php/php-src/branches/PHP_5_3/Zend/zend_operators.c 2009-11-23 04:12:36 UTC (rev 291172) @@ -1227,7 +1227,7 @@ if (result==op1) { /* special case, perform operations on result */ uint res_len = Z_STRLEN_P(op1) + Z_STRLEN_P(op2); - if (Z_STRLEN_P(result) < 0) { + if (Z_STRLEN_P(result) < 0 || (int) (Z_STRLEN_P(op1) + Z_STRLEN_P(op2)) < 0) { efree(Z_STRVAL_P(result)); ZVAL_EMPTY_STRING(result); zend_error(E_ERROR, "String size overflow"); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php