diff options
| author | Christoph M. Becker <cmb@php.net> | 2015-08-17 19:28:46 +0200 |
|---|---|---|
| committer | Christoph M. Becker <cmb@php.net> | 2015-08-17 19:28:46 +0200 |
| commit | 61591ea636313a8f3807fc5f4950b7917cbb85a4 (patch) | |
| tree | fe9d0585e8add5a9423505b073395321da9b288b | |
| parent | aae9004ebdf42fbebafa461902009a936285415c (diff) | |
| parent | 3ed58fb5d76813860fa96c020174c223e3b6d63e (diff) | |
| download | php-git-61591ea636313a8f3807fc5f4950b7917cbb85a4.tar.gz | |
Merge branch 'PHP-5.6'
* PHP-5.6:
Fix #70277: new DateTimeZone($foo) is ignoring text after null byte
Resolved conflicts:
ext/date/php_date.c
| -rw-r--r-- | ext/date/php_date.c | 13 | ||||
| -rw-r--r-- | ext/date/tests/bug70277.phpt | 17 |
2 files changed, 26 insertions, 4 deletions
diff --git a/ext/date/php_date.c b/ext/date/php_date.c index ee30071f54..a8229c5777 100644 --- a/ext/date/php_date.c +++ b/ext/date/php_date.c @@ -3601,12 +3601,17 @@ PHP_FUNCTION(date_diff) } /* }}} */ -static int timezone_initialize(php_timezone_obj *tzobj, /*const*/ char *tz) /* {{{ */ +static int timezone_initialize(php_timezone_obj *tzobj, /*const*/ char *tz, size_t tz_len) /* {{{ */ { timelib_time *dummy_t = ecalloc(1, sizeof(timelib_time)); int dst, not_found; char *orig_tz = tz; + if (strlen(tz) != tz_len) { + php_error_docref(NULL, E_WARNING, "Timezone must not contain null bytes"); + return FAILURE; + } + dummy_t->z = timelib_parse_zone(&tz, &dst, dummy_t, ¬_found, DATE_TIMEZONEDB, php_date_parse_tzfile_wrapper); if (not_found) { php_error_docref(NULL, E_WARNING, "Unknown or bad timezone (%s)", orig_tz); @@ -3633,7 +3638,7 @@ PHP_FUNCTION(timezone_open) RETURN_FALSE; } tzobj = Z_PHPTIMEZONE_P(php_date_instantiate(date_ce_timezone, return_value)); - if (SUCCESS != timezone_initialize(tzobj, tz)) { + if (SUCCESS != timezone_initialize(tzobj, tz, tz_len)) { zval_ptr_dtor(return_value); RETURN_FALSE; } @@ -3656,7 +3661,7 @@ PHP_METHOD(DateTimeZone, __construct) zend_replace_error_handling(EH_THROW, NULL, &error_handling); tzobj = Z_PHPTIMEZONE_P(getThis()); - timezone_initialize(tzobj, tz); + timezone_initialize(tzobj, tz, tz_len); zend_restore_error_handling(&error_handling); } /* }}} */ @@ -3674,7 +3679,7 @@ static int php_date_timezone_initialize_from_hash(zval **return_value, php_timez if (Z_TYPE_P(z_timezone) != IS_STRING) { return FAILURE; } - if (SUCCESS == timezone_initialize(*tzobj, Z_STRVAL_P(z_timezone))) { + if (SUCCESS == timezone_initialize(*tzobj, Z_STRVAL_P(z_timezone), Z_STRLEN_P(z_timezone))) { return SUCCESS; } } diff --git a/ext/date/tests/bug70277.phpt b/ext/date/tests/bug70277.phpt new file mode 100644 index 0000000000..b6522dff1a --- /dev/null +++ b/ext/date/tests/bug70277.phpt @@ -0,0 +1,17 @@ +--TEST-- +Bug #70277 (new DateTimeZone($foo) is ignoring text after null byte) +--FILE-- +<?php +$timezone = "Europe/Zurich\0Foo"; +var_dump(timezone_open($timezone)); +var_dump(new DateTimeZone($timezone)); +?> +--EXPECTF-- +Warning: timezone_open(): Timezone must not contain null bytes in %sbug70277.php on line %d +bool(false) + +Fatal error: Uncaught exception 'Exception' with message 'DateTimeZone::__construct(): Timezone must not contain null bytes' in %sbug70277.php:%d +Stack trace: +#0 %sbug70277.php(%d): DateTimeZone->__construct('Europe/Zurich\x00F...') +#1 {main} + thrown in %sbug70277.php on line %d |