NULL byte should be escaped to \000 instead of \0 in case it is followed

by an octal digit. (found by Jeffrey Friedl)

diff --git a/ext/pcre/php_pcre.c b/ext/pcre/php_pcre.c
index b5793158b7661cc9a6673c021eadb0966a7a3498..95487d0289451c7015fe0e810c493a29545c35b2 100644 (file)
--- a/ext/pcre/php_pcre.c
+++ b/ext/pcre/php_pcre.c
@@ -1466,7 +1466,7 @@ PHP_FUNCTION(preg_quote)
        
        /* Allocate enough memory so that even if each character
           is quoted, we won't run out of room */
-       out_str = safe_emalloc(2, Z_STRLEN_PP(in_str_arg), 1);
+       out_str = safe_emalloc(4, Z_STRLEN_PP(in_str_arg), 1);
        
        /* Go through the string and quote necessary characters */
        for(p = in_str, q = out_str; p != in_str_end; p++) {
@@ -1498,6 +1498,8 @@ PHP_FUNCTION(preg_quote)
                        case '\0':
                                *q++ = '\\';
                                *q++ = '0';
+                               *q++ = '0';
+                               *q++ = '0';
                                break;
 
                        default: