From: Nikita Popov Date: Wed, 29 Apr 2020 16:42:25 +0000 (+0200) Subject: Treat invalid characters in basename() consistently X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=90705d44e3da1d0aa7b8b4fd921ec597391eccb2;p=php Treat invalid characters in basename() consistently Always simply ignore (pass through) them. Previously the behavior depended on where the invalid character occurred, as it messed up the state management. --- diff --git a/ext/standard/string.c b/ext/standard/string.c index 3d2dda4606..a3b743474b 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -1515,11 +1515,6 @@ PHPAPI zend_string *php_basename(const char *s, size_t len, char *suffix, size_t int inc_len = (*s == '\0' ? 1 : php_mblen(s, len)); switch (inc_len) { - case -2: - case -1: - inc_len = 1; - php_mb_reset(); - break; case 0: goto quit_loop; case 1: @@ -1553,6 +1548,11 @@ PHPAPI zend_string *php_basename(const char *s, size_t len, char *suffix, size_t } break; default: + if (inc_len < 0) { + /* If character is invalid, treat it like other non-significant characters. */ + inc_len = 1; + php_mb_reset(); + } if (state == 0) { basename_start = s; state = 1; diff --git a/ext/standard/tests/strings/basename_invalid_path.phpt b/ext/standard/tests/strings/basename_invalid_path.phpt index 573f8f014a..7ede6a9473 100644 --- a/ext/standard/tests/strings/basename_invalid_path.phpt +++ b/ext/standard/tests/strings/basename_invalid_path.phpt @@ -13,9 +13,12 @@ if((substr(PHP_OS, 0, 3) == "WIN")) If the filename ends in suffix this will also be cut off. */ -var_dump(basename(chr(-1))); +setlocale(LC_CTYPE, "C"); +var_dump(bin2hex(basename("\xff"))); +var_dump(bin2hex(basename("a\xffb"))); echo "Done\n"; --EXPECT-- -string(0) "" +string(2) "ff" +string(6) "61ff62" Done