From fa7c07b10c416b887212ec22a75e309861bb8782 Mon Sep 17 00:00:00 2001
From: David Soria Parra <dsp@php.net>
Date: Wed, 27 Jul 2011 14:17:45 +0000
Subject: [PATCH] Check if given string is long enough in zend_*_strtod

---
 Zend/zend_strtod.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/Zend/zend_strtod.c b/Zend/zend_strtod.c
index 3f41f85a28..c43587eef3 100644
--- a/Zend/zend_strtod.c
+++ b/Zend/zend_strtod.c
@@ -2585,6 +2585,11 @@ ZEND_API double zend_hex_strtod(const char *str, const char **endptr)
 	int any = 0;
 	double value = 0;
 
+	if (strlen(str) < 2) {
+		*endptr = str;
+		return 0.0;
+	}
+
 	if (*s == '0' && (s[1] == 'x' || s[1] == 'X')) {
 		s += 2;
 	}
@@ -2618,6 +2623,11 @@ ZEND_API double zend_oct_strtod(const char *str, const char **endptr)
 	double value = 0;
 	int any = 0;
 
+	if (strlen(str) < 1) {
+		*endptr = str;
+		return 0.0;
+	}
+
 	/* skip leading zero */
 	s++;
 
@@ -2646,6 +2656,11 @@ ZEND_API double zend_bin_strtod(const char *str, const char **endptr)
 	double 		value = 0;
 	int 		any = 0;
 
+	if (strlen(str) < 2) {
+		*endptr = str;
+		return 0.0;
+	}
+
 	if ('0' == *s && ('b' == s[1] || 'B' == s[1])) {
 		s += 2;
 	}
-- 
2.40.0