- Updated PCRE to provide better error handling in certain cases. (Andrei)
- NSAPI: added "bucket" parameter to list of non-php.ini-keys of php4_execute
for doing performance stats without warnings in server-log. (Uwe Schindler)
+- Fixed bug #29049 (array sorting via user function/method does not validate
+ it). (Ilia)
- Fixed bug #29034 (wordwrap() returns a boolean when passed empty string).
(Ilia)
- Fixed bug #28963 (Missing space for \0 in address allocation). (Ilia)
}
}
+/* check is comparison function is valid */
+#define PHP_ARRAY_CMP_FUNC_CHECK(func_name) \
+ if (!zend_is_callable(*func_name, 0, NULL)) { \
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid comparison function."); \
+ BG(user_compare_func_name) = old_compare_func; \
+ RETURN_FALSE; \
+ } \
+
/* {{{ proto bool usort(array array_arg, string cmp_function)
Sort an array by values using a user-defined comparison function */
PHP_FUNCTION(usort)
BG(user_compare_func_name) = old_compare_func;
RETURN_FALSE;
}
+
+ PHP_ARRAY_CMP_FUNC_CHECK(BG(user_compare_func_name))
+
if (zend_hash_sort(target_hash, zend_qsort, array_user_compare, 1 TSRMLS_CC) == FAILURE) {
BG(user_compare_func_name) = old_compare_func;
RETURN_FALSE;
BG(user_compare_func_name) = old_compare_func;
RETURN_FALSE;
}
+
+ PHP_ARRAY_CMP_FUNC_CHECK(BG(user_compare_func_name))
+
if (zend_hash_sort(target_hash, zend_qsort, array_user_compare, 0 TSRMLS_CC) == FAILURE) {
BG(user_compare_func_name) = old_compare_func;
RETURN_FALSE;
BG(user_compare_func_name) = old_compare_func;
RETURN_FALSE;
}
+
+ PHP_ARRAY_CMP_FUNC_CHECK(BG(user_compare_func_name))
+
if (zend_hash_sort(target_hash, zend_qsort, array_user_key_compare, 0 TSRMLS_CC) == FAILURE) {
BG(user_compare_func_name) = old_compare_func;
RETURN_FALSE;
projects / php / commitdiff