- Fixed a possible interruption array leak in trim()

php · Jul 2, 2010 · d71b9d5 · d71b9d5
1 parent 22dcb61
commit d71b9d5
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/NEWS b/NEWS
@@ -6,7 +6,7 @@ PHP                                                                        NEWS
 - Fixed a possible interruption array leak in strrchr(). Reported by
   Péter Veres. (Felipe)
 - Fixed a possible interruption array leak in strchr(), strstr(), substr(), 
-  chunk_split(), strtok(), addcslashes(), str_repeat(). (Felipe)
+  chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
 - Fixed a possible memory corruption in substr_replace() (Dmitry)
 - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
 

diff --git a/ext/standard/string.c b/ext/standard/string.c
@@ -774,6 +774,9 @@ static void php_do_trim(INTERNAL_FUNCTION_PARAMETERS, int mode)
 		WRONG_PARAM_COUNT;
 	}
 
+	if (PZVAL_IS_REF(*str)) {
+		SEPARATE_ZVAL(str);
+	}
 	convert_to_string_ex(str);
 
 	if (argc > 1) {