From 9a07245b728714de09361ea16b9c6fcf70cb5685 Mon Sep 17 00:00:00 2001 From: Anatol Belski Date: Tue, 5 Jan 2016 18:53:04 +0100 Subject: [PATCH] Fixed bug #71273 A wrong ext directory setup in php.ini leads to crash --- main/main.c | 19 ++++++++++++++++--- tests/basic/bug71273.phpt | 21 +++++++++++++++++++++ 2 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 tests/basic/bug71273.phpt diff --git a/main/main.c b/main/main.c index dfba949351c..bc978d9ae31 100644 --- a/main/main.c +++ b/main/main.c @@ -723,9 +723,20 @@ PHPAPI ZEND_COLD void php_verror(const char *docref, const char *params, int typ if (PG(html_errors)) { replace_buffer = php_escape_html_entities((unsigned char*)buffer, buffer_len, 0, ENT_COMPAT, NULL); + /* Retry with substituting invalid chars on fail. */ + if (!replace_buffer) { + replace_buffer = php_escape_html_entities((unsigned char*)buffer, buffer_len, 0, ENT_COMPAT | ENT_HTML_SUBSTITUTE_ERRORS, NULL); + } + efree(buffer); - buffer = ZSTR_VAL(replace_buffer); - buffer_len = (int)ZSTR_LEN(replace_buffer); + + if (replace_buffer) { + buffer = ZSTR_VAL(replace_buffer); + buffer_len = (int)ZSTR_LEN(replace_buffer); + } else { + buffer = ""; + buffer_len = 0; + } } /* which function caused the problem if any at all */ @@ -878,7 +889,9 @@ PHPAPI ZEND_COLD void php_verror(const char *docref, const char *params, int typ if (replace_buffer) { zend_string_free(replace_buffer); } else { - efree(buffer); + if (buffer_len > 0) { + efree(buffer); + } } php_error(type, "%s", message); diff --git a/tests/basic/bug71273.phpt b/tests/basic/bug71273.phpt new file mode 100644 index 00000000000..d0cd72577ec --- /dev/null +++ b/tests/basic/bug71273.phpt @@ -0,0 +1,21 @@ +--TEST-- +Bug #71273 A wrong ext directory setup in php.ini leads to crash +--SKIPIF-- + +--FILE-- +&1"; + $out = shell_exec($cmd); + + var_dump(preg_match(",.+a[\\/].+[\\/]w.php_kartoffelbrei.dll.+,s", $out)); +?> +==DONE== +--EXPECTF-- +int(1) +==DONE==