- Bug #49785: take 3 - fixed infinite loop bug (only for 5.2) (reported by T.Komura...

diff --git a/ext/standard/html.c b/ext/standard/html.c
index 9627c945554c9343192f09f1aafb33fd19a39db1..ff01c76cd838c92d1145a6f369c97a12688ba681 100644 (file)
--- a/ext/standard/html.c
+++ b/ext/standard/html.c
@@ -484,15 +484,26 @@ struct basic_entities_dec {
                        }                        \
                        mbseq[mbpos++] = (mbchar); }
 
+/* skip one byte and return */
 #define MB_FAILURE(pos) do { \
+       *newpos = pos + 1; \
        *status = FAILURE; \
        return 0; \
 } while (0)
 
 #define CHECK_LEN(pos, chars_need)                     \
-       if((str_len - (pos)) < chars_need) {    \
-               *status = FAILURE;                                      \
-               return 0;                                                       \
+       if (chars_need < 1) {                                           \
+               if((str_len - (pos)) < chars_need) {    \
+                       *newpos = pos;                                          \
+                       *status = FAILURE;                                      \
+                       return 0;                                                       \
+               }                                                                               \
+       } else {                                                                        \
+               if((str_len - (pos)) < chars_need) {    \
+                       *newpos = pos + 1;                                      \
+                       *status = FAILURE;                                      \
+                       return 0;                                                       \
+               }                                                                               \
        }
 
 /* {{{ get_next_char