From: Hannes Magnusson Date: Tue, 24 Jul 2007 22:57:13 +0000 (+0000) Subject: MFH: Fixed bug#42090 (json_decode causes segmentation fault) X-Git-Tag: php-5.2.4RC1~52 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e3b8cf0f66bdb2765c17b633c4d9df4a51e6e025;p=php MFH: Fixed bug#42090 (json_decode causes segmentation fault) --- diff --git a/NEWS b/NEWS index 5572655ab5..e1795f0ea2 100644 --- a/NEWS +++ b/NEWS @@ -64,6 +64,7 @@ PHP NEWS - Fixed PECL bug #11216 (crash in ZipArchive::addEmptyDir when a directory already exists). (Pierre) +- Fixed bug #42090 (json_decode causes segmentation fault). (Hannes) - Fixed bug #42072 (No warning message for clearstatcache() with arguments). (Ilia) - Fixed bug #42071 (ini scanner allows using NULL as option name). (Jani) diff --git a/ext/json/json.c b/ext/json/json.c index 5044f50b34..283021b365 100644 --- a/ext/json/json.c +++ b/ext/json/json.c @@ -470,7 +470,7 @@ static PHP_FUNCTION(json_decode) RETURN_DOUBLE(d); } } - if (*parameter == '"' && parameter[parameter_len-1] == '"') { + if (parameter_len > 1 && *parameter == '"' && parameter[parameter_len-1] == '"') { RETURN_STRINGL(parameter+1, parameter_len-2, 1); } else if (*parameter == '{' || *parameter == '[') { /* invalid JSON string */ RETURN_NULL(); diff --git a/ext/json/tests/bug42090.phpt b/ext/json/tests/bug42090.phpt new file mode 100644 index 0000000000..bccd28aba0 --- /dev/null +++ b/ext/json/tests/bug42090.phpt @@ -0,0 +1,25 @@ +--TEST-- +Bug#42090 (json_decode causes segmentation fault) +--SKIPIF-- + +--FILE-- + +--EXPECT-- +string(0) "" +string(5) "".."." +string(1) """ +string(2) """" +string(4) ""\""" +string(1) """ +string(2) """" +