From: Ilia Alshanetsky <iliaa@php.net>
Date: Thu, 2 Jan 2003 19:49:30 +0000 (+0000)
Subject: Fixed bug #21338 (crash inside html_entity_decode() when "" is passed).
X-Git-Tag: PHP_5_0_dev_before_13561_fix~524
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0ff59a1353fcf232a73c8946746fa7d93e5e1096;p=php

Fixed bug #21338 (crash inside html_entity_decode() when "" is passed).
Added test case for the bug.
---

diff --git a/ext/standard/html.c b/ext/standard/html.c
index 5385d5609c..4e7d51be59 100644
--- a/ext/standard/html.c
+++ b/ext/standard/html.c
@@ -674,6 +674,9 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new
 	
 	ret = estrdup(old);
 	retlen = oldlen;
+	if (!retlen) {
+		goto empty_source;
+	}
 	
 	if (all) {
 		/* look for a match in the maps for this charset */
@@ -722,7 +725,7 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new
 		efree(ret);
 		ret = replaced;
 	}
-	
+empty_source:	
 	*newlen = retlen;
 	return ret;
 }
diff --git a/ext/standard/tests/strings/bug21338.phpt b/ext/standard/tests/strings/bug21338.phpt
new file mode 100644
index 0000000000..c84576563e
--- /dev/null
+++ b/ext/standard/tests/strings/bug21338.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Bug #20934 (html_entity_decode() crash when "" is passed)
+--FILE--
+<?php
+	var_dump(html_entity_decode(NULL));
+	var_dump(html_entity_decode(""));
+?>
+--EXPECT--
+string(0) ""
+string(0) ""