fix crash when parsing invalid hostnames/IPs

diff --git a/ext/standard/tests/file/stream_002.phpt b/ext/standard/tests/file/stream_002.phpt
new file mode 100644 (file)
index 0000000..23bed66
--- /dev/null
+++ b/ext/standard/tests/file/stream_002.phpt
@@ -0,0 +1,84 @@
+--TEST--
+stream_socket_client() and invalid arguments
+--FILE--
+<?php
+
+$a = NULL;
+$b = NULL;
+var_dump(stream_socket_client("", $a, $b));
+var_dump($a, $b);
+var_dump(stream_socket_client("[", $a, $b));
+var_dump($a, $b);
+var_dump(stream_socket_client("[ ", $a, $b));
+var_dump($a, $b);
+var_dump(stream_socket_client(".", $a, $b));
+var_dump($a, $b);
+var_dump(stream_socket_client(1, $a, $b));
+var_dump($a, $b);
+var_dump(stream_socket_client(array(), $a, $b));
+var_dump($a, $b);
+
+echo "Done\n";
+?>
+--EXPECTF--    
+Warning: stream_socket_client(): unable to connect to  (Failed to parse address "") in %s on line %d
+bool(false)
+int(0)
+string(26) "Failed to parse address """
+
+Warning: stream_socket_client(): unable to connect to [ (Failed to parse address "[") in %s on line %d
+bool(false)
+int(0)
+string(27) "Failed to parse address "[""
+
+Warning: stream_socket_client(): unable to connect to [  (Failed to parse IPv6 address "[ ") in %s on line %d
+bool(false)
+int(0)
+string(33) "Failed to parse IPv6 address "[ ""
+
+Warning: stream_socket_client(): unable to connect to . (Failed to parse address ".") in %s on line %d
+bool(false)
+int(0)
+string(27) "Failed to parse address ".""
+
+Warning: stream_socket_client(): unable to connect to 1 (Failed to parse address "1") in %s on line %d
+bool(false)
+int(0)
+string(27) "Failed to parse address "1""
+
+Warning: stream_socket_client() expects parameter 1 to be string, array given in %s on line %d
+bool(false)
+int(0)
+string(27) "Failed to parse address "1""
+Done
+--UEXPECTF--
+Warning: stream_socket_client(): unable to connect to  (Failed to parse address "") in %s on line %d
+bool(false)
+int(0)
+unicode(26) "Failed to parse address """
+
+Warning: stream_socket_client(): unable to connect to [ (Failed to parse address "[") in %s on line %d
+bool(false)
+int(0)
+unicode(27) "Failed to parse address "[""
+
+Warning: stream_socket_client(): unable to connect to [  (Failed to parse IPv6 address "[ ") in %s on line %d
+bool(false)
+int(0)
+unicode(33) "Failed to parse IPv6 address "[ ""
+
+Warning: stream_socket_client(): unable to connect to . (Failed to parse address ".") in %s on line %d
+bool(false)
+int(0)
+unicode(27) "Failed to parse address ".""
+
+Warning: stream_socket_client(): unable to connect to 1 (Failed to parse address "1") in %s on line %d
+bool(false)
+int(0)
+unicode(27) "Failed to parse address "1""
+
+Warning: stream_socket_client() expects parameter 1 to be binary string, array given in %s on line %d
+bool(false)
+int(0)
+unicode(27) "Failed to parse address "1""
+Done

diff --git a/main/streams/xp_socket.c b/main/streams/xp_socket.c
index 307399dbe3c859640a3cfbed86b91b0749dd73ec..86c9e5283aadc1da75eb75424aa9604faef8bf3a 100644 (file)
--- a/main/streams/xp_socket.c
+++ b/main/streams/xp_socket.c
@@ -495,7 +495,7 @@ static inline char *parse_ip_address_ex(const char *str, int str_len, int *portn
 #ifdef HAVE_IPV6
        char *p;
 
-       if (*(str) == '[') {
+       if (*(str) == '[' && str_len > 1) {
                /* IPV6 notation to specify raw address with port (i.e. [fe80::1]:80) */
                p = memchr(str + 1, ']', str_len - 2);
                if (!p || *(p + 1) != ':') {
@@ -508,8 +508,11 @@ static inline char *parse_ip_address_ex(const char *str, int str_len, int *portn
                return estrndup(str + 1, p - str - 1);
        }
 #endif
-
-       colon = memchr(str, ':', str_len - 1);
+       if (str_len) {
+               colon = memchr(str, ':', str_len - 1);
+       } else {
+               colon = NULL;
+       }
        if (colon) {
                *portno = atoi(colon + 1);
                host = estrndup(str, colon - str);