--- /dev/null
+--TEST--
+foreach() by-ref bug
+--FILE--
+<?php
+$foo = array(1,2,3,4);
+foreach($foo as $key => &$val) {
+ if($val == 3) {
+ $foo[$key] = 0;
+ } else {
+ $val++;
+ }
+}
+var_dump($foo);
+?>
+--EXPECT--
+array(4) {
+ [0]=>
+ int(2)
+ [1]=>
+ int(3)
+ [2]=>
+ int(0)
+ [3]=>
+ &int(5)
+}
--- /dev/null
+--TEST--
+PMOPB-45-2007:PHP ext/filter Email Validation Vulnerability
+--SKIPIF--
+<?php if (!extension_loaded("filter")) die("skip"); ?>
+--FILE--
+<?php
+ $var = "test@example.com\n";
+ var_dump(filter_var($var, FILTER_VALIDATE_EMAIL));
+?>
+--EXPECT--
+bool(false)
--- /dev/null
+--TEST--
+Bug #40854 (imap_mail_compose() creates an invalid terminator for multipart e-mails)
+--SKIPIF--
+<?php
+ if (!extension_loaded("imap")) {
+ die("skip imap extension not available");
+ }
+?>
+--FILE--
+<?php
+$envelope["from"]= "joe@example.com";
+$envelope["to"] = "foo@example.com";
+$envelope["cc"] = "bar@example.com";
+
+$part1["type"] = TYPEMULTIPART;
+$part1["subtype"] = "mixed";
+
+$part2["type"] = TYPEAPPLICATION;
+$part2["encoding"] = ENCBINARY;
+$part2["subtype"] = "octet-stream";
+$part2["description"] = 'a.txt';
+$part2["contents.data"] = '';
+
+$part3["type"] = TYPETEXT;
+$part3["subtype"] = "plain";
+$part3["description"] = "description3";
+$part3["contents.data"] = "contents.data3\n\n\n\t";
+
+$body[1] = $part1;
+$body[2] = $part2;
+$body[3] = $part3;
+
+echo imap_mail_compose($envelope, $body);
+?>
+--EXPECTF--
+From: joe@example.com
+To: foo@example.com
+cc: bar@example.com
+MIME-Version: 1.0
+Content-Type: MULTIPART/mixed; BOUNDARY="%s"
+
+--%s
+Content-Type: APPLICATION/octet-stream
+Content-Transfer-Encoding: BASE64
+Content-Description: a.txt
+
+
+
+--%s
+Content-Type: TEXT/plain; CHARSET=US-ASCII
+Content-Description: description3
+
+contents.data3
+
+
+
+--%s--
\ No newline at end of file
char *table_name, *pg_delim = NULL, *pg_null_as = NULL;
int table_name_len, pg_delim_len, pg_null_as_len;
char *query;
- char *query_template = "COPY \"\" TO STDOUT DELIMITERS ':' WITH NULL AS ''";
int id = -1;
PGconn *pgsql;
PGresult *pgsql_result;
pg_null_as = safe_estrdup("\\\\N");
}
- query = (char *)emalloc(strlen(query_template) + strlen(table_name) + strlen(pg_null_as) + 1);
- sprintf(query, "COPY \"%s\" TO STDOUT DELIMITERS '%c' WITH NULL AS '%s'",
- table_name, *pg_delim, pg_null_as);
+ spprintf(&query, 0, "COPY \"%s\" TO STDOUT DELIMITERS '%c' WITH NULL AS '%s'", table_name, *pg_delim, pg_null_as);
while ((pgsql_result = PQgetResult(pgsql))) {
PQclear(pgsql_result);
int table_name_len, pg_delim_len, pg_null_as_len;
int pg_null_as_free = 0;
char *query;
- char *query_template = "COPY \"\" FROM STDIN DELIMITERS ':' WITH NULL AS ''";
HashPosition pos;
int id = -1;
PGconn *pgsql;
ZEND_FETCH_RESOURCE2(pgsql, PGconn *, &pgsql_link, id, "PostgreSQL link", le_link, le_plink);
- query = (char *)emalloc(strlen(query_template) + strlen(table_name) + strlen(pg_null_as) + 1);
- sprintf(query, "COPY \"%s\" FROM STDIN DELIMITERS '%c' WITH NULL AS '%s'",
- table_name, *pg_delim, pg_null_as);
+ spprintf(&query, 0, "COPY \"%s\" FROM STDIN DELIMITERS '%c' WITH NULL AS '%s'", table_name, *pg_delim, pg_null_as);
while ((pgsql_result = PQgetResult(pgsql))) {
PQclear(pgsql_result);
}
if (extension_dir && extension_dir[0]){
int extension_dir_len = strlen(extension_dir);
- libpath = emalloc(extension_dir_len+filename_len+2);
-
if (IS_SLASH(extension_dir[extension_dir_len-1])) {
- sprintf(libpath, "%s%s", extension_dir, filename); /* SAFE */
+ spprintf(libpath, 0, "%s%s", extension_dir, filename); /* SAFE */
} else {
- sprintf(libpath, "%s%c%s", extension_dir, DEFAULT_SLASH, filename); /* SAFE */
+ spprintf(libpath, 0, "%s%c%s", extension_dir, DEFAULT_SLASH, filename); /* SAFE */
}
} else {
libpath = estrndup(filename, filename_len);
}
convert_to_string_ex(yyhost);
host = Z_STRVAL_PP(yyhost);
- hashed_details_length = Z_STRLEN_PP(yyhost)+6+5;
- hashed_details = (char *) emalloc(hashed_details_length+1);
- sprintf(hashed_details,"sybase_%s____", Z_STRVAL_PP(yyhost));
+ hashed_details_length = spprintf(&hashed_details, 0, "sybase_%s____", Z_STRVAL_PP(yyhost));
}
break;
case 2: {
convert_to_string_ex(yyuser);
host = Z_STRVAL_PP(yyhost);
user = Z_STRVAL_PP(yyuser);
- hashed_details_length = Z_STRLEN_PP(yyhost)+Z_STRLEN_PP(yyuser)+6+5;
- hashed_details = (char *) emalloc(hashed_details_length+1);
- sprintf(hashed_details,"sybase_%s_%s___",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser));
+ hashed_details_length = spprintf(&hashed_details, 0, "sybase_%s_%s___", Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser));
}
break;
case 3: {
host = Z_STRVAL_PP(yyhost);
user = Z_STRVAL_PP(yyuser);
passwd = Z_STRVAL_PP(yypasswd);
- hashed_details_length = Z_STRLEN_PP(yyhost)+Z_STRLEN_PP(yyuser)+Z_STRLEN_PP(yypasswd)+6+5;
- hashed_details = (char *) emalloc(hashed_details_length+1);
- sprintf(hashed_details,"sybase_%s_%s_%s__",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd)); /* SAFE */
+ hashed_details_length = spprintf(&hashed_details, 0, "sybase_%s_%s_%s__", Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd));
}
break;
case 4: {
user = Z_STRVAL_PP(yyuser);
passwd = Z_STRVAL_PP(yypasswd);
charset = Z_STRVAL_PP(yycharset);
- hashed_details_length = Z_STRLEN_PP(yyhost)+Z_STRLEN_PP(yyuser)+Z_STRLEN_PP(yypasswd)+Z_STRLEN_PP(yycharset)+6+5;
- hashed_details = (char *) emalloc(hashed_details_length+1);
- sprintf(hashed_details,"sybase_%s_%s_%s_%s_",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd),Z_STRVAL_PP(yycharset)); /* SAFE */
+ hashed_details_length = spprintf(&hashed_details, 0, "sybase_%s_%s_%s_%s_", Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd), Z_STRVAL_PP(yycharset));
}
break;
case 5: {
passwd = Z_STRVAL_PP(yypasswd);
charset = Z_STRVAL_PP(yycharset);
appname = Z_STRVAL_PP(yyappname);
- hashed_details_length = Z_STRLEN_PP(yyhost)+Z_STRLEN_PP(yyuser)+Z_STRLEN_PP(yypasswd)+Z_STRLEN_PP(yycharset)+Z_STRLEN_PP(yyappname)+6+5;
- hashed_details = (char *) emalloc(hashed_details_length+1);
- sprintf(hashed_details,"sybase_%s_%s_%s_%s_%s",Z_STRVAL_PP(yyhost),Z_STRVAL_PP(yyuser),Z_STRVAL_PP(yypasswd),Z_STRVAL_PP(yycharset),Z_STRVAL_PP(yyappname)); /* SAFE */
+ hashed_details_length = spprintf(hashed_details, 0, "sybase_%s_%s_%s_%s_%s", Z_STRVAL_PP(yyhost), Z_STRVAL_PP(yyuser), Z_STRVAL_PP(yypasswd), Z_STRVAL_PP(yycharset), Z_STRVAL_PP(yyappname));
}
break;
default:
var_dump($tidy->value);
?>
---EXPECT--
-string(117) "<html>
+--EXPECTF--
+string(11%d) "<html>
<head>
<title></title>
</head>
<body>
-<wps:block>
-<wps:var>
-<wps:value></wps:var>
-</wps:block>
-</body>
-</html>"
---UEXPECT--
-unicode(117) "<html>
-<head>
-<title></title>
-</head>
-<body>
-<wps:block>
-<wps:var>
-<wps:value></wps:var>
-</wps:block>
+<wps:block>%w<wps:var>
+<wps:value></wps:var>%w</wps:block>
</body>
</html>"
b->data = NULL;
}
-void base64_encode(struct buffer_st *b, const char *source, int length)
+void base64_encode_xmlrpc(struct buffer_st *b, const char *source, int length)
{
int i, hiteof = 0;
int offset = 0;
buffer_add(b, '\n');
}
-void base64_decode(struct buffer_st *bfr, const char *source, int length)
+void base64_decode_xmlrpc(struct buffer_st *bfr, const char *source, int length)
{
int i;
int offset = 0;
void buffer_add(struct buffer_st *b, char c);
void buffer_delete(struct buffer_st *b);
-void base64_encode(struct buffer_st *b, const char *source, int length);
-void base64_decode(struct buffer_st *b, const char *source, int length);
+void base64_encode_xmlrpc(struct buffer_st *b, const char *source, int length);
+void base64_decode_xmlrpc(struct buffer_st *b, const char *source, int length);
/*
#define DEBUG_MALLOC
if ((flags & STREAM_XPORT_SERVER) == 0) {
/* client */
- if (flags & STREAM_XPORT_CONNECT) {
+ if (flags & (STREAM_XPORT_CONNECT|STREAM_XPORT_CONNECT_ASYNC)) {
if (-1 == php_stream_xport_connect(stream, name, namelen,
flags & STREAM_XPORT_CONNECT_ASYNC ? 1 : 0,
timeout, &error_text, error_code TSRMLS_CC)) {
projects / php / commitdiff