fix segfault in import_request_variables() and its test

I'm not completely sure it's correct to import numeric vars like _POST["1"] etc.

2 files changed, 64 insertions, 11 deletions

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 36b84f9d7e..582cf38cb6 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -6363,9 +6363,15 @@ PHP_FUNCTION(import_request_variables)
 		return;
 	}
 
-	convert_to_text(prefix);
-	if (Z_UNILEN_P(prefix) == 0) {
-		php_error_docref(NULL TSRMLS_CC, E_NOTICE, "No prefix specified - possible security hazard");
+	if (ZEND_NUM_ARGS() > 1) {
+		convert_to_text(prefix);
+
+		if (Z_UNILEN_P(prefix) == 0) {
+			php_error_docref(NULL TSRMLS_CC, E_NOTICE, "No prefix specified - possible security hazard");
+		}
+	} else {
+		MAKE_STD_ZVAL(prefix);
+		ZVAL_EMPTY_TEXT(prefix);
 	}
 
 	for (p = types; p && *p; p++) {
@@ -6388,6 +6394,10 @@ PHP_FUNCTION(import_request_variables)
 				break;
 		}
 	}
+
+	if (ZEND_NUM_ARGS() < 2) {
+		zval_ptr_dtor(&prefix);
+	}
 }
 /* }}} */
 
diff --git a/ext/standard/tests/general_functions/import_request.phpt b/ext/standard/tests/general_functions/import_request.phpt
index 23dc049db2..809bca4bfa 100644
--- a/ext/standard/tests/general_functions/import_request.phpt
+++ b/ext/standard/tests/general_functions/import_request.phpt
@@ -26,10 +26,8 @@ var_dump($r_a, $r_b, $r_c, $r_ap);
 echo "Done\n";
 ?>
 --EXPECTF--	
-Warning: Wrong parameter count for import_request_variables() in %s on line %d
+Warning: import_request_variables() expects at least 1 parameter, 0 given in %s on line %d
 NULL
-
-Notice: import_request_variables(): No prefix specified - possible security hazard in %s on line %d
 NULL
 
 Notice: import_request_variables(): No prefix specified - possible security hazard in %s on line %d
@@ -37,9 +35,9 @@ NULL
 
 Notice: import_request_variables(): No prefix specified - possible security hazard in %s on line %d
 
-Warning: import_request_variables(): Attempted GLOBALS variable overwrite. in %s on line %d
+Warning: import_request_variables(): Attempted GLOBALS variable overwrite in %s on line %d
 
-Warning: import_request_variables(): Numeric key detected - possible security hazard. in %s on line %d
+Warning: import_request_variables(): Numeric key detected - possible security hazard in %s on line %d
 NULL
 
 Notice: Undefined variable: ap in %s on line %d
@@ -50,13 +48,11 @@ NULL
 NULL
 
 Notice: Undefined variable: g_ap in %s on line %d
-
-Notice: Undefined variable: g_1 in %s on line %d
 string(1) "1"
 string(3) "heh"
 string(1) "3"
 NULL
-NULL
+string(2) "hm"
 NULL
 string(1) "1"
 string(3) "heh"
@@ -76,3 +72,50 @@ string(3) "heh"
 string(1) "3"
 NULL
 Done
+--UEXPECTF--
+Warning: import_request_variables() expects at least 1 parameter, 0 given in %s on line %d
+NULL
+NULL
+
+Notice: import_request_variables(): No prefix specified - possible security hazard in %s on line %d
+NULL
+
+Notice: import_request_variables(): No prefix specified - possible security hazard in %s on line %d
+
+Warning: import_request_variables(): Attempted GLOBALS variable overwrite in %s on line %d
+
+Warning: import_request_variables(): Numeric key detected - possible security hazard in %s on line %d
+NULL
+
+Notice: Undefined variable: ap in %s on line %d
+unicode(1) "1"
+unicode(3) "heh"
+unicode(1) "3"
+NULL
+NULL
+
+Notice: Undefined variable: g_ap in %s on line %d
+unicode(1) "1"
+unicode(3) "heh"
+unicode(1) "3"
+NULL
+unicode(2) "hm"
+NULL
+unicode(1) "1"
+unicode(3) "heh"
+unicode(1) "3"
+unicode(2) "25"
+unicode(4) "test"
+unicode(5) "blah3"
+array(1) {
+  [0]=>
+  unicode(2) "ar"
+}
+NULL
+
+Notice: Undefined variable: r_ap in %s on line %d
+unicode(1) "1"
+unicode(3) "heh"
+unicode(1) "3"
+NULL
+Done