andrei Mon Oct 2 19:58:15 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/standard string.c Log: More offset fixes. Added E_NOTICE where appropriate. http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.20&r2=1.445.2.14.2.21&diff_format=u Index: php-src/ext/standard/string.c diff -u php-src/ext/standard/string.c:1.445.2.14.2.20 php-src/ext/standard/string.c:1.445.2.14.2.21 --- php-src/ext/standard/string.c:1.445.2.14.2.20 Mon Oct 2 19:42:42 2006 +++ php-src/ext/standard/string.c Mon Oct 2 19:58:15 2006 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: string.c,v 1.445.2.14.2.20 2006/10/02 19:42:42 andrei Exp $ */ +/* $Id: string.c,v 1.445.2.14.2.21 2006/10/02 19:58:15 andrei Exp $ */ /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */ @@ -1768,12 +1768,14 @@ if (offset >= 0) { if (offset > haystack_len) { + php_error(E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } p = haystack + offset; e = haystack + haystack_len - needle_len; } else { if (-offset > haystack_len) { + php_error(E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } @@ -1841,12 +1843,17 @@ /* Single character search can shortcut memcmps Can also avoid tolower emallocs */ if (offset >= 0) { + if (offset > haystack_len) { + php_error(E_NOTICE, "Offset is greater than the length of haystack string"); + RETURN_FALSE; + } p = haystack + offset; e = haystack + haystack_len - 1; } else { p = haystack; if (-offset > haystack_len) { - e = haystack + haystack_len - 1; + php_error(E_NOTICE, "Offset is greater than the length of haystack string"); + RETURN_FALSE; } else { e = haystack + haystack_len + offset; } @@ -1868,13 +1875,19 @@ php_strtolower(haystack_dup, haystack_len); if (offset >= 0) { + if (offset > haystack_len) { + php_error(E_NOTICE, "Offset is greater than the length of haystack string"); + RETURN_FALSE; + } p = haystack_dup + offset; e = haystack_dup + haystack_len - needle_len; } else { - p = haystack_dup; if (-offset > haystack_len) { - e = haystack_dup - needle_len; - } else if (needle_len > -offset) { + php_error(E_NOTICE, "Offset is greater than the length of haystack string"); + RETURN_FALSE; + } + p = haystack_dup; + if (needle_len > -offset) { e = haystack_dup + haystack_len - needle_len; } else { e = haystack_dup + haystack_len + offset;
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php