From: Ilia Alshanetsky <iliaa@php.net>
Date: Mon, 17 Mar 2008 23:01:27 +0000 (+0000)
Subject: Properly address incomplete multibyte chars inside escapeshellcmd()
X-Git-Tag: BEFORE_NEW_PARAMETER_PARSE~556
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9227974ddb44f367b2ed7b0885f3b39169597ca7;p=php

Properly address incomplete multibyte chars inside escapeshellcmd()
---

diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index aedfa94ce2..32e0f693ea 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -271,6 +271,11 @@ PHPAPI char *php_escape_shell_cmd(char *str)
 	cmd = safe_emalloc(2, l, 1);
 
 	for (x = 0, y = 0; x < l; x++) {
+		/* skip non-valid multibyte characters */
+		if (php_mblen(str + x, (l - x)) < 0) {
+			continue;
+		}
+
 		switch (str[x]) {
 			case '"':
 			case '\'':