php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 08:12:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix various instances of memcpy null ub

Browse Source
This commit is contained in:
Nikita Popov
2019-06-19 16:53:42 +02:00
parent 7cbd4f31c4
commit 608097a901
4 changed files with 24 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ext/intl/converter/converter.c
View File

@@ -231,8 +231,16 @@ static void php_converter_to_u_callback(const void *context,
zval zargs[4];
ZVAL_LONG(&zargs[0], reason);
ZVAL_STRINGL(&zargs[1], args->source, args->sourceLimit - args->source);
ZVAL_STRINGL(&zargs[2], codeUnits, length);
if (args->source) {
ZVAL_STRINGL(&zargs[1], args->source, args->sourceLimit - args->source);
} else {
ZVAL_EMPTY_STRING(&zargs[1]);
}
if (codeUnits) {
ZVAL_STRINGL(&zargs[2], codeUnits, length);
} else {
ZVAL_EMPTY_STRING(&zargs[2]);
}
ZVAL_LONG(&zargs[3], *pErrorCode);
objval->to_cb.param_count = 4;

4
ext/soap/php_sdl.c
View File

@@ -116,7 +116,9 @@ encodePtr get_encoder(sdlPtr sdl, const char *ns, const char *type)
int len = ns_len + type_len + 1;
nscat = emalloc(len + 1);
memcpy(nscat, ns, ns_len);
if (ns) {
memcpy(nscat, ns, ns_len);
}
nscat[ns_len] = ':';
memcpy(nscat+ns_len+1, type, type_len);
nscat[len] = '\0';

8
ext/spl/spl_directory.c
View File

@@ -619,7 +619,7 @@ static HashTable *spl_filesystem_object_get_debug_info(zval *object, int *is_tem
pnstr = spl_gen_private_prop_name(spl_ce_SplFileInfo, "pathName", sizeof("pathName")-1);
path = spl_filesystem_object_get_pathname(intern, &path_len);
ZVAL_STRINGL(&tmp, path, path_len);
ZVAL_STRINGL(&tmp, path ? path : "", path_len);
zend_symtable_update(rv, pnstr, &tmp);
zend_string_release_ex(pnstr, 0);
@@ -891,7 +891,11 @@ SPL_METHOD(SplFileInfo, getPath)
}
path = spl_filesystem_object_get_path(intern, &path_len);
RETURN_STRINGL(path, path_len);
if (path) {
RETURN_STRINGL(path, path_len);
} else {
RETURN_EMPTY_STRING();
}
}
/* }}} */

6
ext/tidy/tidy.c
View File

@@ -783,7 +783,11 @@ static int tidy_doc_cast_handler(zval *in, zval *out, int type)
obj = Z_TIDY_P(in);
tidyBufInit(&output);
tidySaveBuffer (obj->ptdoc->doc, &output);
ZVAL_STRINGL(out, (char *) output.bp, output.size ? output.size-1 : 0);
if (output.size) {
ZVAL_STRINGL(out, (char *) output.bp, output.size-1);
} else {
ZVAL_EMPTY_STRING(out);
}
tidyBufFree(&output);
break;