Fix memcpy null arg UB

author Nikita Popov <nikita.ppv@gmail.com>

Wed, 19 Jun 2019 11:11:07 +0000 (13:11 +0200)

committer Nikita Popov <nikita.ppv@gmail.com>

Wed, 19 Jun 2019 13:09:00 +0000 (15:09 +0200)
author Nikita Popov <nikita.ppv@gmail.com>
Wed, 19 Jun 2019 11:11:07 +0000 (13:11 +0200)
committer Nikita Popov <nikita.ppv@gmail.com>
Wed, 19 Jun 2019 13:09:00 +0000 (15:09 +0200)
diff --git a/ext/standard/http.c b/ext/standard/http.c

index 3ec6d3b932c4eccccde738c55c36efc37c828860..dbd71add817bc27e1bf51c3b0439056049983182 100644 (file)
--- a/ext/standard/http.c
+++ b/ext/standard/http.c
@@ -130,8 +130,10 @@ PHPAPI int php_url_encode_hash_ex(HashTable *ht, smart_str *formstr,
                                         p += key_prefix_len;
                                 }
  
-                               memcpy(p, num_prefix, num_prefix_len);
-                               p += num_prefix_len;
+                               if (num_prefix) {
+                                       memcpy(p, num_prefix, num_prefix_len);
+                                       p += num_prefix_len;
+                               }
  
                                 memcpy(p, ekey, ekey_len);
                                 p += ekey_len;
@@ -162,7 +164,9 @@ PHPAPI int php_url_encode_hash_ex(HashTable *ht, smart_str *formstr,
                                 smart_str_appendl(formstr, arg_sep, arg_sep_len);
                         }
                         /* Simple key=value */
-                       smart_str_appendl(formstr, key_prefix, key_prefix_len);
+                       if (key_prefix) {
+                               smart_str_appendl(formstr, key_prefix, key_prefix_len);
+                       }
                         if (key) {
                                 zend_string *ekey;
                                 if (enc_type == PHP_QUERY_RFC3986) {
@@ -179,7 +183,9 @@ PHPAPI int php_url_encode_hash_ex(HashTable *ht, smart_str *formstr,
                                 }
                                 smart_str_append_long(formstr, idx);
                         }
-                       smart_str_appendl(formstr, key_suffix, key_suffix_len);
+                       if (key_suffix) {
+                               smart_str_appendl(formstr, key_suffix, key_suffix_len);
+                       }
                         smart_str_appendl(formstr, "=", 1);
                         switch (Z_TYPE_P(zdata)) {
                                 case IS_STRING: {
author	Nikita Popov <nikita.ppv@gmail.com>
	Wed, 19 Jun 2019 11:11:07 +0000 (13:11 +0200)
committer	Nikita Popov <nikita.ppv@gmail.com>
	Wed, 19 Jun 2019 13:09:00 +0000 (15:09 +0200)