From: Ilia Alshanetsky <iliaa@php.net>
Date: Mon, 17 Mar 2008 23:02:26 +0000 (+0000)
Subject: MFB: Properly address incomplete multibyte chars inside escapeshellcmd()
X-Git-Tag: php-5.2.6RC3~34
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=233c3ade120300c95fa9d90c0880d38d0cb8f40f;p=php

MFB: Properly address incomplete multibyte chars inside escapeshellcmd()
---

diff --git a/NEWS b/NEWS
index fe44da31ee..f246050d22 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? Mar 2008 , PHP 5.2.6
+- Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia,
+  Stefan Esser)
 - Fixed bug #44440 (st_blocks undefined under BeOS). (Felipe)
 - Fixed bug #44394 (Last two bytes missing from output). (Felipe)
 - Fixed bug #44388 (Crash inside exif_read_data() on invalid images) (Ilia)
diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index 682f8291a4..ee6304f68a 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -270,6 +270,11 @@ char *php_escape_shell_cmd(char *str) {
 	cmd = safe_emalloc(2, l, 1);
 	
 	for (x = 0, y = 0; x < l; x++) {
+		/* skip non-valid multibyte characters */
+		if (php_mblen(str + x, (l - x)) < 0) {
+			continue;
+		}
+
 		switch (str[x]) {
 			case '"':
 			case '\'':