]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8462b35)
Raise compiler warning on octal overflow
authorSara Golemon <pollita@php.net>
Fri, 29 Apr 2016 21:05:06 +0000 (21:05 +0000)
committerSara Golemon <pollita@php.net>
Sat, 14 May 2016 00:20:32 +0000 (00:20 +0000)
Addresses https://bugs.php.net/bug.php?id=71994

NEWS patch | blob | history
Zend/tests/oct_overflow_char.phpt [new file with mode: 0644] patch | blob
Zend/zend_language_scanner.l patch | blob | history

diff --git a/NEWS b/NEWS
index 78b1e53fbdf4e0890bf3d12ac05ba01dfb4c0c60..cfacdb35247cd156bbf3dcf3a9db33b0e2092f54 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -31,6 +31,7 @@ PHP                                                                        NEWS
     respect scientific notation in numeric strings. (Andrea)
   . Implemented the RFC `Catching multiple exception types`. (Bronislaw Bialek,
     Pierrick)
+  . Raise a compile-time warning on octal escape sequence overflow. (Sara)
 
 - FTP:
   . Implemented FR #55651 (Option to ignore the returned FTP PASV address).
diff --git a/Zend/tests/oct_overflow_char.phpt b/Zend/tests/oct_overflow_char.phpt
new file mode 100644 (file)
index 0000000..14a9bb4
--- /dev/null
+++ b/Zend/tests/oct_overflow_char.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Octal overflow in string interpolation
+--FILE--
+<?php
+
+// "abc", ordinarily 'b' would be \142, but we'll deliberately overflow the value by \400
+echo "\141\542\143\n";
+--EXPECTF--
+Warning: Octal escape sequence overflow \542 is greater than \377 in %s/oct_overflow_char.php on line 4
+abc
diff --git a/Zend/zend_language_scanner.l b/Zend/zend_language_scanner.l
index c60fa7c102fa7a4f9ba139ff47e200345b1a1b9a..122c6d4eda65a3cce835022247840e4a09b6c9cd 100644 (file)
--- a/Zend/zend_language_scanner.l
+++ b/Zend/zend_language_scanner.l
@@ -1044,6 +1044,12 @@ static int zend_scan_escape_string(zval *zendlval, char *str, int len, char quot
                                                                Z_STRLEN_P(zendlval)--;
                                                        }
                                                }
+                                               if (octal_buf[2] &&
+                                                   (octal_buf[0] > '3')) {
+                                                       /* 3 octit values must not overflow 0xFF (\377) */
+                                                       zend_error(E_COMPILE_WARNING, "Octal escape sequence overflow \\%s is greater than \\377", octal_buf);
+                                               }
+
                                                *t++ = (char) ZEND_STRTOL(octal_buf, NULL, 8);
                                        } else {
                                                *t++ = '\\';
Unnamed repository; edit this file 'description' to name the repository.