From e6c213b8ea7ee8fe7a09f6315b1d133491655c6f Mon Sep 17 00:00:00 2001 From: Stanislav Malyshev Date: Fri, 19 Nov 2010 23:22:55 +0000 Subject: [PATCH] Fix invalid args bugs by Maksymilian Arciemowicz --- ext/intl/dateformat/dateformat_attr.c | 1 + ext/intl/formatter/formatter_attr.c | 9 +++++++-- ext/intl/tests/dateformat_get_locale.phpt | 6 ++++++ ext/intl/tests/formatter_get_set_symbol.phpt | 7 ++++++- 4 files changed, 20 insertions(+), 3 deletions(-) diff --git a/ext/intl/dateformat/dateformat_attr.c b/ext/intl/dateformat/dateformat_attr.c index 51012896ed..7c6cef9536 100755 --- a/ext/intl/dateformat/dateformat_attr.c +++ b/ext/intl/dateformat/dateformat_attr.c @@ -309,6 +309,7 @@ PHP_FUNCTION( datefmt_get_locale ) DATE_FORMAT_METHOD_FETCH_OBJECT; loc = (char *)udat_getLocaleByType(DATE_FORMAT_OBJECT(dfo), loc_type,&INTL_DATA_ERROR_CODE(dfo)); + INTL_METHOD_CHECK_STATUS(dfo, "Error getting locale"); RETURN_STRING(loc, 1); } /* }}} */ diff --git a/ext/intl/formatter/formatter_attr.c b/ext/intl/formatter/formatter_attr.c index d9b67dda3a..851b2b310e 100755 --- a/ext/intl/formatter/formatter_attr.c +++ b/ext/intl/formatter/formatter_attr.c @@ -250,7 +250,7 @@ PHP_FUNCTION( numfmt_get_symbol ) long symbol; UChar value_buf[4]; UChar *value = value_buf; - int length = USIZE(value); + int length = USIZE(value_buf); FORMATTER_METHOD_INIT_VARS; /* Parse parameters. */ @@ -262,12 +262,17 @@ PHP_FUNCTION( numfmt_get_symbol ) RETURN_FALSE; } + + if(symbol >= UNUM_FORMAT_SYMBOL_COUNT || symbol < 0) { + intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "numfmt_get_symbol: invalid symbol value", 0 TSRMLS_CC ); + RETURN_FALSE; + } /* Fetch the object. */ FORMATTER_METHOD_FETCH_OBJECT; length = unum_getSymbol(FORMATTER_OBJECT(nfo), symbol, value_buf, length, &INTL_DATA_ERROR_CODE(nfo)); - if(INTL_DATA_ERROR_CODE(nfo) == U_BUFFER_OVERFLOW_ERROR && length >= USIZE( value )) { + if(INTL_DATA_ERROR_CODE(nfo) == U_BUFFER_OVERFLOW_ERROR && length >= USIZE( value_buf )) { ++length; /* to avoid U_STRING_NOT_TERMINATED_WARNING */ INTL_DATA_ERROR_CODE(nfo) = U_ZERO_ERROR; value = eumalloc(length); diff --git a/ext/intl/tests/dateformat_get_locale.phpt b/ext/intl/tests/dateformat_get_locale.phpt index 2626972618..17fcca3551 100755 --- a/ext/intl/tests/dateformat_get_locale.phpt +++ b/ext/intl/tests/dateformat_get_locale.phpt @@ -29,6 +29,12 @@ function ut_main() $res_str .= "\nAfter call to get_locale : locale= $locale"; $res_str .= "\n"; } + $badvals = array(100, -1, 4294901761); + foreach($badvals as $badval) { + if(ut_datefmt_get_locale($fmt, $badval)) { + $res_str .= "datefmt_get_locale should return false for bad argument $badval\n"; + } + } return $res_str; diff --git a/ext/intl/tests/formatter_get_set_symbol.phpt b/ext/intl/tests/formatter_get_set_symbol.phpt index a1a430244f..40bbd25aef 100755 --- a/ext/intl/tests/formatter_get_set_symbol.phpt +++ b/ext/intl/tests/formatter_get_set_symbol.phpt @@ -73,7 +73,12 @@ function ut_main() // Restore attribute's symbol. ut_nfmt_set_symbol( $fmt, $symb, $orig_val ); } - + $badvals = array(2147483648, -2147483648, -1, 4294901761); + foreach($badvals as $badval) { + if(ut_nfmt_get_symbol( $fmt, 2147483648 )) { + $res_str .= "Bad value $badval should return false!\n"; + } + } return $res_str; } -- 2.40.0