Fixed bug #76127

Per documentation, and consistent with other preg functions, we
should return false if an error occurred.

diff --git a/NEWS b/NEWS
index 6f211b34d78434b32e408a832ec1c433a2e390d4..b9219a9a86cf5e420a034b9ced36521d36d07b94 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -41,6 +41,10 @@ PHP                                                                        NEWS
   . Fixed bug #77743 (Incorrect pi node insertion for jmpznz with identical
     successors). (Nikita)
 
+- PCRE:
+  . Fixed bug #76127 (preg_split does not raise an error on invalid UTF-8).
+    (Nikita)
+
 - Phar:
   . Fxied bug #77697 (Crash on Big_Endian platform). (Laruence)
 

diff --git a/ext/pcre/php_pcre.c b/ext/pcre/php_pcre.c
index a7c1a93646dc3c8f5acc8315585db074a1f4f1f6..db469a576f4abc91697c2aa9e6bbaa1b9c001b36 100644 (file)
--- a/ext/pcre/php_pcre.c
+++ b/ext/pcre/php_pcre.c
@@ -2517,7 +2517,8 @@ PHPAPI void php_pcre_split_impl(pcre_cache_entry *pce, zend_string *subject_str,
                match_data = pcre2_match_data_create_from_pattern(pce->re, gctx);
                if (!match_data) {
                        PCRE_G(error_code) = PHP_PCRE_INTERNAL_ERROR;
-                       return;
+                       zval_ptr_dtor(return_value);
+                       RETURN_FALSE;
                }
        }
 
@@ -2637,6 +2638,11 @@ error:
                pcre2_match_data_free(match_data);
        }
 
+       if (PCRE_G(error_code) != PHP_PCRE_NO_ERROR) {
+               zval_ptr_dtor(return_value);
+               RETURN_FALSE;
+       }
+
 last:
        start_offset = (last_match - ZSTR_VAL(subject_str)); /* the offset might have been incremented, but without further successful matches */
 

diff --git a/ext/pcre/tests/bug70345.phpt b/ext/pcre/tests/bug70345.phpt
index 0947ba3daad5ddc982a844f3d319fc40b3ef99e3..187a3e1e6face39cf235024757e15b9ac1c23c02 100644 (file)
--- a/ext/pcre/tests/bug70345.phpt
+++ b/ext/pcre/tests/bug70345.phpt
@@ -5,8 +5,7 @@ Bug #70345 (Multiple vulnerabilities related to PCRE functions)
 $regex = '/(?=xyz\K)/';
 $subject = "aaaaxyzaaaa";
 
-$v = preg_split($regex, $subject);
-print_r($v);
+var_dump(preg_split($regex, $subject));
 
 $regex = '/(a(?=xyz\K))/';
 $subject = "aaaaxyzaaaa";
@@ -14,10 +13,7 @@ preg_match($regex, $subject, $matches);
 
 var_dump($matches);
 --EXPECTF--
-Array
-(
-    [0] => aaaaxyzaaaa
-)
+bool(false)
 
 Warning: preg_match(): Get subpatterns list failed in %s on line %d
 array(0) {

diff --git a/ext/pcre/tests/bug76127.phpt b/ext/pcre/tests/bug76127.phpt
new file mode 100644 (file)
index 0000000..710a221
--- /dev/null
+++ b/ext/pcre/tests/bug76127.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Bug #76127: preg_split does not raise an error on invalid UTF-8
+--FILE--
+<?php
+var_dump(preg_split("/a/u", "a\xff"));
+var_dump(preg_last_error() == PREG_BAD_UTF8_ERROR);
+?>
+--EXPECT--
+bool(false)
+bool(true)

diff --git a/ext/pcre/tests/split2.phpt b/ext/pcre/tests/split2.phpt
index b0411e6df2dc1781d81878035a6abd96679042ea..5c77c6d1bcea4a03f6de98f6ed8f7d65f606ba1f 100644 (file)
--- a/ext/pcre/tests/split2.phpt
+++ b/ext/pcre/tests/split2.phpt
@@ -310,8 +310,5 @@ array(6) {
 Warning: preg_last_error() expects exactly 0 parameters, 1 given in %s on line %d
 NULL
 bool(true)
-array(1) {
-  [0]=>
-  string(6) "ab2c3u"
-}
+bool(false)
 bool(true)