On Tue, December 10, 2013 13:55, Nikita Popov wrote:
On Tue, Dec 10, 2013 at 1:41 PM, Anatol Belski a...@php.net wrote:
Commit:a697297f5f328442994c6321c9661d1351036c4e
Author:Anatol Belski a...@php.net Tue, 10 Dec 2013 13:41:49
+0100
Parents: 5acc0c0c5bf5afbd2b103a99adf51539874ccc48
Branches: str_size_and_int64
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=a697297f5f328442994c632
1c9661d1351036c4e
Log:
more range checks for ext/tidy
Changed paths:
M ext/tidy/tidy.c
Diff:
diff --git a/ext/tidy/tidy.c b/ext/tidy/tidy.c index 94daef4..69cd19e
100644
--- a/ext/tidy/tidy.c
+++ b/ext/tidy/tidy.c
@@ -604,6 +604,11 @@ static void
php_tidy_quick_repair(INTERNAL_FUNCTION_PARAMETERS, zend_bool is_fil if
(data) {
TidyBuffer buf;
+ if (data_len UINT_MAX) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
Input
data is too long); + RETVAL_FALSE;
+ }
RETVAL over RETURN intentional?
Nikita
uups, of course not. Thanks for keeping eye on that :)
Regards
anatol
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php