iliaa Mon Jul 19 21:03:35 2004 EDT
Modified files: (Branch: PHP_4_3)
/php-src NEWS
/php-src/ext/ctype ctype.c
Log:
MFH: Fixed bug #29226 (ctype_* functions missing validation of numeric
string representations).
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.704&r2=1.1247.2.705&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.704 php-src/NEWS:1.1247.2.705
--- php-src/NEWS:1.1247.2.704 Sun Jul 18 13:29:45 2004
+++ php-src/NEWS Mon Jul 19 21:03:34 2004
@@ -4,6 +4,8 @@
- Updated PCRE to provide better error handling in certain cases. (Andrei)
- NSAPI: added "bucket" parameter to list of non-php.ini-keys of php4_execute
for doing performance stats without warnings in server-log. (Uwe Schindler)
+- Fixed bug #29226 (ctype_* functions missing validation of numeric string
+ representations). (Ilia)
- Fixed bug #29116 (Zend constant warning uses memory after free). (Marcus,
jdolecek at NetBSD dot org)
- Fixed bug #29114 (Potential double free in php_stat). (Sara)
http://cvs.php.net/diff.php/php-src/ext/ctype/ctype.c?r1=1.23.4.2&r2=1.23.4.3&ty=u
Index: php-src/ext/ctype/ctype.c
diff -u php-src/ext/ctype/ctype.c:1.23.4.2 php-src/ext/ctype/ctype.c:1.23.4.3
--- php-src/ext/ctype/ctype.c:1.23.4.2 Fri Oct 3 11:53:47 2003
+++ php-src/ext/ctype/ctype.c Mon Jul 19 21:03:34 2004
@@ -97,7 +97,11 @@
return; \
switch (Z_TYPE_P(c)) { \
case IS_LONG: \
- RETURN_BOOL(iswhat(Z_LVAL_P(c))); \
+ if (Z_LVAL_P(c) < 255 && Z_LVAL_P(c) > -127) { \
+ RETURN_BOOL(iswhat(Z_LVAL_P(c))); \
+ } \
+ SEPARATE_ZVAL(&c); \
+ convert_to_string(c); \
case IS_STRING: \
{ \
char *p; \
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
