From 9d7e6090df409c266580760044bb894313ad2240 Mon Sep 17 00:00:00 2001 From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> Date: Sun, 28 Jul 2024 13:53:30 +0200 Subject: [PATCH] Fix GH-15137: Unexpected null pointer in Zend/zend_smart_str.h (#15138) This regressed when I optimized $wholeText. The previous code used xmlStrcat which implicitly checked for a NULL argument, but now it's a direct memcpy which you shouldn't pass null pointers to, although it won't result in a crash because memcpy doesn't do anything if the length is 0. --- ext/dom/tests/gh15137.phpt | 11 +++++++++++ ext/dom/text.c | 4 +++- 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 ext/dom/tests/gh15137.phpt diff --git a/ext/dom/tests/gh15137.phpt b/ext/dom/tests/gh15137.phpt new file mode 100644 index 00000000000..c5ce1aca75b --- /dev/null +++ b/ext/dom/tests/gh15137.phpt @@ -0,0 +1,11 @@ +--TEST-- +GH-15137: Unexpected null pointer in Zend/zend_smart_str.h +--EXTENSIONS-- +dom +--FILE-- +wholeText); +?> +--EXPECT-- +string(0) "" + diff --git a/ext/dom/text.c b/ext/dom/text.c index fe0cc8cd5a5..ca8fcf63d3a 100644 --- a/ext/dom/text.c +++ b/ext/dom/text.c @@ -77,7 +77,9 @@ zend_result dom_text_whole_text_read(dom_object *obj, zval *retval) /* concatenate all adjacent text and cdata nodes */ while (node && ((node->type == XML_TEXT_NODE) || (node->type == XML_CDATA_SECTION_NODE))) { - smart_str_appends(&str, (const char *) node->content); + if (node->content) { + smart_str_appends(&str, (const char *) node->content); + } node = node->next; }