MFB: Properly address incomplete multibyte chars inside escapeshellcmd()

author Ilia Alshanetsky <iliaa@php.net>

Mon, 17 Mar 2008 23:02:26 +0000 (23:02 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Mon, 17 Mar 2008 23:02:26 +0000 (23:02 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Mon, 17 Mar 2008 23:02:26 +0000 (23:02 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Mon, 17 Mar 2008 23:02:26 +0000 (23:02 +0000)
diff --git a/NEWS b/NEWS

index fe44da31ee821fb119f436572fb8ca490ff63fb6..f246050d223c986dd346ec4d4ee0bc1160235674 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
  PHP                                                                        NEWS
  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
  ?? Mar 2008 , PHP 5.2.6
+- Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia,
+  Stefan Esser)
  - Fixed bug #44440 (st_blocks undefined under BeOS). (Felipe)
  - Fixed bug #44394 (Last two bytes missing from output). (Felipe)
  - Fixed bug #44388 (Crash inside exif_read_data() on invalid images) (Ilia)
diff --git a/ext/standard/exec.c b/ext/standard/exec.c

index 682f8291a44bfa4c8c6e12bf62b2914bf1f5921c..ee6304f68aa4ee98ef639d2cf0912583ff7cbe16 100644 (file)
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -270,6 +270,11 @@ char *php_escape_shell_cmd(char *str) {
         cmd = safe_emalloc(2, l, 1);
         
         for (x = 0, y = 0; x < l; x++) {
+               /* skip non-valid multibyte characters */
+               if (php_mblen(str + x, (l - x)) < 0) {
+                       continue;
+               }
+
                 switch (str[x]) {
                         case '"':
                         case '\'':
author	Ilia Alshanetsky <iliaa@php.net>
	Mon, 17 Mar 2008 23:02:26 +0000 (23:02 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Mon, 17 Mar 2008 23:02:26 +0000 (23:02 +0000)
NEWS		patch \| blob \| history
ext/standard/exec.c		patch \| blob \| history