mb_ereg_replace historically has not supported escaping backslashes
with backslashes. Go back to that behavior for BC reasons.
. Fixed bug #77385 (buffer overflow in fetch_token). (Stas)
. Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas)
. Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas)
+ . Fixed bug #77428 (mb_ereg_replace() doesn't replace a substitution
+ variable). (Nikita)
- MySQLnd:
. Fixed bug #75684 (In mysqlnd_ext_plugin.h the plugin methods family has
no = onig_name_to_backref_number(regexp, (OnigUChar *)name, (OnigUChar *)name_end, regs);
break;
default:
- p += clen;
+ /* We're not treating \ as an escape character and will interpret something like
+ * \\1 as \ followed by \1, rather than \\ followed by 1. This is because this
+ * function has not supported escaping of backslashes historically. */
smart_str_appendl(pbuf, sp, p - sp);
continue;
}
--- /dev/null
+--TEST--
+Bug #77428: mb_ereg_replace() doesn't replace a substitution variable
+--FILE--
+<?php
+
+// This behavior is broken, but kept for BC reasons
+var_dump(mb_ereg_replace('(%)', '\\\1', 'a%c'));
+// For clarify, the above line is equivalent to:
+var_dump(mb_ereg_replace('(%)', '\\\\1', 'a%c'));
+
+?>
+--EXPECT--
+string(4) "a\%c"
+string(4) "a\%c"
projects / php / commitdiff