From 3257dc09eb06cc6efcf0b5de79c0f39382f180a6 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Wed, 16 Apr 2014 22:42:15 +0400
Subject: [PATCH] Prevented modification of interned string

---
 ext/standard/file.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/ext/standard/file.c b/ext/standard/file.c
index 536cdfb269..7dbd8fdf1a 100644
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -1084,10 +1084,11 @@ PHPAPI PHP_FUNCTION(fgetss)
 	size_t actual_len, retval_len;
 	char *buf = NULL, *retval;
 	php_stream *stream;
+	zend_string *allowed = NULL;
 	char *allowed_tags=NULL;
 	int allowed_tags_len=0;
 
-	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|ls", &fd, &bytes, &allowed_tags, &allowed_tags_len) == FAILURE) {
+	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|lS", &fd, &bytes, &allowed) == FAILURE) {
 		RETURN_FALSE;
 	}
 
@@ -1112,8 +1113,24 @@ PHPAPI PHP_FUNCTION(fgetss)
 		RETURN_FALSE;
 	}
 
+	if (allowed != NULL) {
+// TODO: reimplement to avoid reallocation ???
+		if (IS_INTERNED(allowed)) {
+			allowed_tags = estrndup(allowed->val, allowed->len);
+			allowed_tags_len = allowed->len;
+		} else {
+			allowed_tags = allowed->val;
+			allowed_tags_len = allowed->len;
+		}
+	}
+
 	retval_len = php_strip_tags(retval, actual_len, &stream->fgetss_state, allowed_tags, allowed_tags_len);
 
+// TODO: reimplement to avoid reallocation ???
+	if (allowed && IS_INTERNED(allowed)) {
+		efree(allowed_tags);
+	}
+
 	// TODO: avoid reallocation ???
 	RETVAL_STRINGL(retval, retval_len);
 	efree(retval);
-- 
2.40.0