From: Ilia Alshanetsky Date: Mon, 12 Mar 2012 16:53:07 +0000 (+0000) Subject: Fixed bug #60222 (time_nanosleep() does validate input params). X-Git-Tag: PHP-5.4.1-RC1~40 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4cccba09e0757760a052a87735f166383c3ce318;p=php Fixed bug #60222 (time_nanosleep() does validate input params). --- diff --git a/NEWS b/NEWS index 2ee543b6a6..1c47a6cc42 100644 --- a/NEWS +++ b/NEWS @@ -87,6 +87,7 @@ PHP NEWS - Standard: . Fixed memory leak in substr_replace. (Pierrick) . Make max_file_uploads ini directive settable outside of php.ini (Rasmus) + . Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia) . Fixed bug #60106 (stream_socket_server silently truncates long unix socket paths). (Ilia) diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 704d599df8..646005ebc7 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -4432,6 +4432,15 @@ PHP_FUNCTION(time_nanosleep) return; } + if (tv_sec < 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "The seconds value must be greater than 0"); + RETURN_FALSE; + } + if (tv_nsec < 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "The nanoseconds value must be greater than 0"); + RETURN_FALSE; + } + php_req.tv_sec = (time_t) tv_sec; php_req.tv_nsec = tv_nsec; if (!nanosleep(&php_req, &php_rem)) { diff --git a/ext/standard/tests/time/bug60222.phpt b/ext/standard/tests/time/bug60222.phpt new file mode 100755 index 0000000000..8053a81dea --- /dev/null +++ b/ext/standard/tests/time/bug60222.phpt @@ -0,0 +1,15 @@ +--TEST-- +Bug #60222 (time_nanosleep() does validate input params) +--FILE-- + +===DONE=== +--EXPECTF-- +Warning: time_nanosleep(): The seconds value must be greater than 0 in %s on line %d +bool(false) + +Warning: time_nanosleep(): The nanoseconds value must be greater than 0 in %s on line %d +bool(false) +===DONE===