From: Nikita Popov Date: Wed, 29 Jan 2020 11:49:28 +0000 (+0100) Subject: Fix use of mb_ereg_search_getregs() after invalid pattern X-Git-Tag: php-7.3.15RC1~11 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=392ad206a4f63fedf61d8086e390c73de8b72767;p=php Fix use of mb_ereg_search_getregs() after invalid pattern This segfaulted because we assumed that if there are matches, there must be a regular expression as well. --- diff --git a/ext/mbstring/php_mbregex.c b/ext/mbstring/php_mbregex.c index 47dd41ba05..aa1eec1686 100644 --- a/ext/mbstring/php_mbregex.c +++ b/ext/mbstring/php_mbregex.c @@ -1426,6 +1426,11 @@ _php_mb_regex_ereg_search_exec(INTERNAL_FUNCTION_PARAMETERS, int mode) _php_mb_regex_init_options(arg_options, arg_options_len, &option, &syntax, NULL); } + if (MBREX(search_regs)) { + onig_region_free(MBREX(search_regs), 1); + MBREX(search_regs) = NULL; + } + if (arg_pattern) { /* create regex pattern buffer */ if ((MBREX(search_re) = php_mbregex_compile_pattern(arg_pattern, arg_pattern_len, option, MBREX(current_mbctype), MBREX(regex_default_syntax))) == NULL) { @@ -1451,9 +1456,6 @@ _php_mb_regex_ereg_search_exec(INTERNAL_FUNCTION_PARAMETERS, int mode) RETURN_FALSE; } - if (MBREX(search_regs)) { - onig_region_free(MBREX(search_regs), 1); - } MBREX(search_regs) = onig_region_new(); err = _php_mb_onig_search(MBREX(search_re), str, str + len, str + pos, str + len, MBREX(search_regs), 0); diff --git a/ext/mbstring/tests/mb_ereg_search_invalid_pattern.phpt b/ext/mbstring/tests/mb_ereg_search_invalid_pattern.phpt new file mode 100644 index 0000000000..7fe6d31128 --- /dev/null +++ b/ext/mbstring/tests/mb_ereg_search_invalid_pattern.phpt @@ -0,0 +1,17 @@ +--TEST-- +mb_ereg_search() with invalid pattern should discard old matches +--FILE-- + +--EXPECTF-- +bool(true) + +Warning: mb_ereg_search(): Pattern is not valid under UTF-8 encoding in %s on line %d +bool(false) +bool(false)