Commit 4eaa6f9

committed

Merge branch 'PHP-8.2' into PHP-8.3

* PHP-8.2: Fix GH-16998: UBSAN warning in rfc1867

2 parents 65070bb + aab7842 commit 4eaa6f9Copy full SHA for 4eaa6f9

File tree

+53

-1

lines changed

+53

-1

lines changed

Lines changed: 3 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,9 @@ PHP NEWS`
`67`	`67`	`. Fixed bug GH-15208 (Segfault with breakpoint map and phpdbg_clear()).`
`68`	`68`	`(nielsdos)`
`69`	`69`
	`70`	`+- SAPI:`
	`71`	`+ . Fixed bug GH-16998 (UBSAN warning in rfc1867). (nielsdos)`
	`72`	`+`
`70`	`73`	`- SimpleXML:`
`71`	`74`	`. Fixed bug GH-16808 (Segmentation fault in RecursiveIteratorIterator`
`72`	`75`	`->current() with a xml element input). (nielsdos)`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -318,8 +318,8 @@ static char next_line(multipart_buffer self)`
`318`	`318`	`}`
`319`	`319`	`/* return entire buffer as a partial line */`
`320`	`320`	`line[self->bufsize] = 0;`
`321`		`- self->buf_begin = ptr;`
`322`	`321`	`self->bytes_in_buffer = 0;`
	`322`	`+ /* Let fill_buffer() handle the reset of self->buf_begin */`
`323`	`323`	`}`
`324`	`324`
`325`	`325`	`return line;`

Lines changed: 49 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,49 @@`
	`1`	`+--TEST--`
	`2`	`+GH-16998 (UBSAN warning in rfc1867)`
	`3`	`+--SKIPIF--`
	`4`	`+<?php`
	`5`	`+if (!getenv('TEST_PHP_CGI_EXECUTABLE')) {`
	`6`	`+ die("skip php-cgi not available");`
	`7`	`+}`
	`8`	`+?>`
	`9`	`+--FILE--`
	`10`	`+<?php`
	`11`	`+const FILLUNIT = 5 * 1024;`
	`12`	`+$cmd = [`
	`13`	`+ getenv('TEST_PHP_CGI_EXECUTABLE'),`
	`14`	`+ '-C',`
	`15`	`+ '-n',`
	`16`	`+ __DIR__ . '/GHSA-9pqp-7h25-4f32.inc',`
	`17`	`+];`
	`18`	`+$boundary = str_repeat('A', FILLUNIT);`
	`19`	`+$body = ""`
	`20`	`+ . "--$boundary\r\n"`
	`21`	`+ . "Content-Disposition: form-data; name=\"koko\"\r\n"`
	`22`	`+ . "\r\n"`
	`23`	`+ . "BBB\r\n--" . substr($boundary, 0, -1) . "CCC\r\n"`
	`24`	`+ . "--$boundary--\r\n"`
	`25`	`+ ;`
	`26`	`+$env = array_merge($_ENV, [`
	`27`	`+ 'REDIRECT_STATUS' => '1',`
	`28`	`+ 'CONTENT_TYPE' => "multipart/form-data; boundary=",`
	`29`	`+ 'CONTENT_LENGTH' => strlen($body),`
	`30`	`+ 'REQUEST_METHOD' => 'POST',`
	`31`	`+ 'SCRIPT_FILENAME' => __DIR__ . '/GHSA-9pqp-7h25-4f32.inc',`
	`32`	`+]);`
	`33`	`+$spec = [`
	`34`	`+ 0 => ['pipe', 'r'],`
	`35`	`+ 1 => STDOUT,`
	`36`	`+ 2 => STDOUT,`
	`37`	`+];`
	`38`	`+$pipes = [];`
	`39`	`+$handle = proc_open($cmd, $spec, $pipes, getcwd(), $env);`
	`40`	`+fwrite($pipes[0], $body);`
	`41`	`+proc_close($handle);`
	`42`	`+?>`
	`43`	`+--EXPECTF--`
	`44`	`+X-Powered-By: PHP/%s`
	`45`	`+Content-type: text/html; charset=UTF-8`
	`46`	`+`
	`47`	`+Hello world`
	`48`	`+array(0) {`
	`49`	`+}`

Comments

(0)