dmitry Tue Jul 10 14:16:40 2007 UTC Modified files: /php-src/ext/standard string.c /php-src/ext/standard/tests/strings strripos_offset.phpt Log: Fixed limit warnings in non-unicode mode http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.646&r2=1.647&diff_format=u Index: php-src/ext/standard/string.c diff -u php-src/ext/standard/string.c:1.646 php-src/ext/standard/string.c:1.647 --- php-src/ext/standard/string.c:1.646 Fri Jun 29 14:53:02 2007 +++ php-src/ext/standard/string.c Tue Jul 10 14:16:40 2007 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: string.c,v 1.646 2007/06/29 14:53:02 dmitry Exp $ */ +/* $Id: string.c,v 1.647 2007/07/10 14:16:40 dmitry Exp $ */ /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */ @@ -2788,6 +2788,7 @@ if (offset >= 0) { U16_FWD_N(haystack.u, cu_offset, haystack_len, offset); if (cu_offset > haystack_len - needle_len) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } u_p = haystack.u + cu_offset; @@ -2795,11 +2796,13 @@ } else { u_p = haystack.u; if (-offset > haystack_len) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } else { cu_offset = haystack_len; U16_BACK_N(haystack.u, 0, cu_offset, -offset); if (cu_offset == 0) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } if (needle_len > haystack_len - cu_offset) { @@ -2823,12 +2826,14 @@ } else { if (offset >= 0) { if (offset > haystack_len) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } p = haystack.s + offset; e = haystack.s + haystack_len - needle_len; } else { if (-offset > haystack_len) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } @@ -2913,6 +2918,7 @@ if (offset >= 0) { U16_FWD_N(haystack.u, cu_offset, haystack_len, offset); if (cu_offset > haystack_len - needle_len) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } u_p = haystack.u + cu_offset; @@ -2920,11 +2926,13 @@ } else { u_p = haystack.u; if (-offset > haystack_len || offset < -INT_MAX) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } else { cu_offset = haystack_len; U16_BACK_N(haystack.u, 0, cu_offset, -offset); if (cu_offset == 0) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } if (needle_len > haystack_len - cu_offset) { @@ -2951,6 +2959,7 @@ Can also avoid tolower emallocs */ if (offset >= 0) { if (offset > haystack_len) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } p = haystack.s + offset; @@ -2958,6 +2967,7 @@ } else { p = haystack.s; if (-offset > haystack_len || offset < INT_MAX) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } else { e = haystack.s + haystack_len + offset; @@ -2983,6 +2993,7 @@ if (offset > haystack_len) { efree(haystack_dup); efree(needle_dup); + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } p = haystack_dup + offset; @@ -2991,6 +3002,7 @@ if (-offset > haystack_len || offset < -INT_MAX) { efree(haystack_dup); efree(needle_dup); + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Offset is greater than the length of haystack string"); RETURN_FALSE; } p = haystack_dup; @@ -3269,9 +3281,10 @@ /* {{{ php_adjust_limits */ -PHPAPI void php_adjust_limits(zval **str, int *f, int *l) +static int php_adjust_limits(zval **str, int *f, int *l) { int str_codepts; + int ret = 1; if (Z_TYPE_PP(str) == IS_UNICODE) { str_codepts = u_countChar32(Z_USTRVAL_PP(str), Z_USTRLEN_PP(str)); @@ -3297,9 +3310,15 @@ *l = 0; } } + if (*f > str_codepts || (*f < 0 && -(*f) > str_codepts)) { + ret = 0; + } else if (*l > str_codepts || (*l < 0 && -(*l) > str_codepts)) { + ret = 0; + } if (((unsigned)(*f) + (unsigned)(*l)) > str_codepts) { *l = str_codepts - *f; } + return ret; } /* }}} */ @@ -3436,7 +3455,9 @@ convert_to_explicit_type_ex(str, str_type); convert_to_explicit_type_ex(tmp_repl, str_type); } - php_adjust_limits(str, &f, &l); + if (!php_adjust_limits(str, &f, &l)) { + RETURN_FALSE; + } result_len = php_do_substr_replace(&result, str, tmp_repl, f, l TSRMLS_CC); if (Z_TYPE_PP(str) == IS_UNICODE) { http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/strings/strripos_offset.phpt?r1=1.1&r2=1.2&diff_format=u Index: php-src/ext/standard/tests/strings/strripos_offset.phpt diff -u php-src/ext/standard/tests/strings/strripos_offset.phpt:1.1 php-src/ext/standard/tests/strings/strripos_offset.phpt:1.2 --- php-src/ext/standard/tests/strings/strripos_offset.phpt:1.1 Thu May 10 22:08:35 2007 +++ php-src/ext/standard/tests/strings/strripos_offset.phpt Tue Jul 10 14:16:40 2007 @@ -16,28 +16,30 @@ echo "Done\n"; ?> --EXPECTF-- -bool(false) -bool(false) -bool(false) +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) -Warning: strripos() expects parameter 1 to be string (Unicode or binary), array given in %s on line %d -bool(false) -bool(false) -bool(false) -bool(false) -bool(false) -Done ---UEXPECTF-- -bool(false) +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) + +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) + +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) Warning: strripos() expects parameter 1 to be string (Unicode or binary), array given in %s on line %d bool(false) + +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) + +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) + +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) + +Notice: strripos(): Offset is greater than the length of haystack string in %s on line %d bool(false) Done
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php