Fix use of mb_ereg_search_getregs() after invalid pattern

This segfaulted because we assumed that if there are matches,
there must be a regular expression as well.

diff --git a/ext/mbstring/php_mbregex.c b/ext/mbstring/php_mbregex.c
index 47dd41ba05290f5d38fc9e62e3617056977a707f..aa1eec168611e4b7e096160935feacc682deb033 100644 (file)
--- a/ext/mbstring/php_mbregex.c
+++ b/ext/mbstring/php_mbregex.c
@@ -1426,6 +1426,11 @@ _php_mb_regex_ereg_search_exec(INTERNAL_FUNCTION_PARAMETERS, int mode)
                _php_mb_regex_init_options(arg_options, arg_options_len, &option, &syntax, NULL);
        }
 
+       if (MBREX(search_regs)) {
+               onig_region_free(MBREX(search_regs), 1);
+               MBREX(search_regs) = NULL;
+       }
+
        if (arg_pattern) {
                /* create regex pattern buffer */
                if ((MBREX(search_re) = php_mbregex_compile_pattern(arg_pattern, arg_pattern_len, option, MBREX(current_mbctype), MBREX(regex_default_syntax))) == NULL) {
@@ -1451,9 +1456,6 @@ _php_mb_regex_ereg_search_exec(INTERNAL_FUNCTION_PARAMETERS, int mode)
                RETURN_FALSE;
        }
 
-       if (MBREX(search_regs)) {
-               onig_region_free(MBREX(search_regs), 1);
-       }
        MBREX(search_regs) = onig_region_new();
 
        err = _php_mb_onig_search(MBREX(search_re), str, str + len, str + pos, str  + len, MBREX(search_regs), 0);

diff --git a/ext/mbstring/tests/mb_ereg_search_invalid_pattern.phpt b/ext/mbstring/tests/mb_ereg_search_invalid_pattern.phpt
new file mode 100644 (file)
index 0000000..7fe6d31
--- /dev/null
+++ b/ext/mbstring/tests/mb_ereg_search_invalid_pattern.phpt
@@ -0,0 +1,17 @@
+--TEST--
+mb_ereg_search() with invalid pattern should discard old matches
+--FILE--
+<?php
+
+mb_ereg_search_init('');
+var_dump(mb_ereg_search(''));
+var_dump(mb_ereg_search("\xff"));
+var_dump(mb_ereg_search_getregs());
+
+?>
+--EXPECTF--
+bool(true)
+
+Warning: mb_ereg_search(): Pattern is not valid under UTF-8 encoding in %s on line %d
+bool(false)
+bool(false)