From: Felipe Pena <felipe@php.net>
Date: Tue, 24 May 2011 23:49:26 +0000 (+0000)
Subject: - Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode filter)
X-Git-Tag: php-5.5.0alpha1~2043
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b2780241d7354d9282a88e6bc615eb8b13e2af59;p=php

- Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode filter)
  Patch by: slusarz at curecanti dot org
---

diff --git a/ext/standard/filters.c b/ext/standard/filters.c
index 2685405347..2f1e3dc706 100644
--- a/ext/standard/filters.c
+++ b/ext/standard/filters.c
@@ -1050,20 +1050,16 @@ static php_conv_err_t php_conv_qprint_decode_convert(php_conv_qprint_decode *ins
 				}
 			} /* break is missing intentionally */
 
-			case 2: {
-				unsigned int nbl;
-	
+			case 2: {	
 				if (icnt <= 0) {
 					goto out;
 				}
-				nbl = (*ps >= 'A' ? *ps - 0x37 : *ps - 0x30);
 
-				if (nbl > 15) {
+				if (!isxdigit((int) *ps)) {
 					err = PHP_CONV_ERR_INVALID_SEQ;
 					goto out;
 				}
-				next_char = (next_char << 4) | nbl;
-
+				next_char = (next_char << 4) | (*ps >= 'A' ? *ps - 0x37 : *ps - 0x30);
 				scan_stat++;
 				ps++, icnt--;
 				if (scan_stat != 3) {
diff --git a/ext/standard/tests/filters/bug50363.phpt b/ext/standard/tests/filters/bug50363.phpt
new file mode 100644
index 0000000000..3395edebc4
--- /dev/null
+++ b/ext/standard/tests/filters/bug50363.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Bug #50363 (Invalid parsing in convert.quoted-printable-decode filter)
+--FILE--
+<?php
+
+$foo = "Sauvegarder=C3=A9ussi(e) n=C3=A3o N=C3=83O\n";
+$foo .= "Sauvegarder=c3=a9ussi(e) n=c3=a3o N=c3=83O\n"; // Does not work!
+$b = fopen('php://temp', 'w+');
+stream_filter_append($b, 'convert.quoted-printable-decode', STREAM_FILTER_WRITE);
+fwrite($b, $foo);
+rewind($b);
+fpassthru($b);
+
+?>
+--EXPECTF--
+Sauvegarderéussi(e) não NÃO
+Sauvegarderéussi(e) não NÃO