]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a58f8d2)
Fixed bug #44242 (metaphone(CMXFXM) crashes PHP)
authorFelipe Pena <felipe@php.net>
Mon, 25 Feb 2008 22:40:45 +0000 (22:40 +0000)
committerFelipe Pena <felipe@php.net>
Mon, 25 Feb 2008 22:40:45 +0000 (22:40 +0000)
NEWS patch | blob | history
ext/standard/metaphone.c patch | blob | history
ext/standard/tests/strings/bug44242.phpt [new file with mode: 0644] patch | blob

diff --git a/NEWS b/NEWS
index 52b68a9972141e251967ab9adec58348d6f7588f..66eee2936009cfaeb2c0214355ed124fa6cfa1bb 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -13,6 +13,7 @@ PHP                                                                        NEWS
 - Upgraded PCRE to version 7.6 (Nuno)
 
 
+- Fixed bug #44242 (metaphone('CMXFXM') crashes PHP). (Felipe)
 - Fixed bug #44216 (strftime segfaults on large negative value). (Derick)
 - Fixed bug #44200 (A crash in PDO when no bound targets exists and yet 
   bound parameters are present). (Ilia)
diff --git a/ext/standard/metaphone.c b/ext/standard/metaphone.c
index e985b67a8b150ee2ad464c5ed58a2ad0a3c7396f..34952d82956996bd5b6b1f34996f995ca58bdfae 100644 (file)
--- a/ext/standard/metaphone.c
+++ b/ext/standard/metaphone.c
@@ -150,7 +150,12 @@ static char Lookahead(char *word, int how_far)
                                                (*phoned_word)[p_idx++] = c; \
                                        }
 /* Slap a null character on the end of the phoned word */
-#define End_Phoned_Word        {(*phoned_word)[p_idx] = '\0';}
+#define End_Phoned_Word        { \
+                                                       if (p_idx == max_buffer_len) { \
+                                                               *phoned_word = erealloc(*phoned_word, max_buffer_len + 1); \
+                                                       } \
+                                                       (*phoned_word)[p_idx] = '\0'; \
+                                               }
 /* How long is the phoned word? */
 #define Phone_Len      (p_idx)
 
diff --git a/ext/standard/tests/strings/bug44242.phpt b/ext/standard/tests/strings/bug44242.phpt
new file mode 100644 (file)
index 0000000..00adda2
--- /dev/null
+++ b/ext/standard/tests/strings/bug44242.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Bug #44242 (metaphone('CMXFXM') crashes PHP)
+--FILE--
+<?php
+
+echo metaphone('CMXFXZ'), "\n";
+echo metaphone('CMXFXV'), "\n";
+echo metaphone('CMXFXZXZ'), "\n";
+
+?>
+--EXPECT--
+KMKSFKSS
+KMKSFKSF
+KMKSFKSSKSS
Unnamed repository; edit this file 'description' to name the repository.