Deprecate passing invalid character to base_convert etc

RFC: https://wiki.php.net/rfc/base_convert_improvements
php · Jul 8, 2019 · d90cdbd · d90cdbd
1 parent 550c2aa
commit d90cdbd
Show file tree

Hide file tree

Showing 17 changed files with 470 additions and 20 deletions.
diff --git a/UPGRADING b/UPGRADING
@@ -348,6 +348,13 @@ r SQLite3:
     in the documentation since PHP 7.1, but did not throw a deprecation notice
     for technical reasons.
 
+- Standard:
+  . Passing invalid characters to ''base_convert()'', ''bindec()'', ''octdec()''
+    and ''hexdec()'' will now generate a deprecation notice. The result will
+    still be computed as if the invalid characters did not exist. Leading and
+    trailing whitespace, as well as prefixes of type 0x (depending on base)
+    continue to be allowed.
+
 ========================================
 5. Changed Functions
 ========================================

diff --git a/ext/standard/math.c b/ext/standard/math.c
@@ -850,22 +850,33 @@ PHPAPI int _php_math_basetozval(zval *arg, int base, zval *ret)
 {
 	zend_long num = 0;
 	double fnum = 0;
-	zend_long i;
 	int mode = 0;
-	char c, *s;
+	char c, *s, *e;
 	zend_long cutoff;
 	int cutlim;
+	int invalidchars = 0;
 
 	if (Z_TYPE_P(arg) != IS_STRING || base < 2 || base > 36) {
 		return FAILURE;
 	}
-
 	s = Z_STRVAL_P(arg);
+	e = s + Z_STRLEN_P(arg);
+
+	/* Skip leading whitespace */
+	while (s < e && isspace(*s)) s++;
+	/* Skip trailing whitespace */
+	while (s < e && isspace(*(e-1))) e--;
+
+	if (e - s >= 2) {
+		if (base == 16 && s[0] == '0' && (s[1] == 'x' || s[1] == 'X')) s += 2;
+		if (base == 8 && s[0] == '0' && (s[1] == 'o' || s[1] == 'O')) s += 2;
+		if (base == 2 && s[0] == '0' && (s[1] == 'b' || s[1] == 'B')) s += 2;
+	}
 
 	cutoff = ZEND_LONG_MAX / base;
 	cutlim = ZEND_LONG_MAX % base;
 
-	for (i = Z_STRLEN_P(arg); i > 0; i--) {
+	while (s < e) {
 		c = *s++;
 
 		/* might not work for EBCDIC */
@@ -875,11 +886,15 @@ PHPAPI int _php_math_basetozval(zval *arg, int base, zval *ret)
 			c -= 'A' - 10;
 		else if (c >= 'a' && c <= 'z')
 			c -= 'a' - 10;
-		else
+		else {
+			invalidchars++;
 			continue;
+		}
 
-		if (c >= base)
+		if (c >= base) {
+			invalidchars++;
 			continue;
+		}
 
 		switch (mode) {
 		case 0: /* Integer */
@@ -896,6 +911,10 @@ PHPAPI int _php_math_basetozval(zval *arg, int base, zval *ret)
 		}
 	}
 
+	if (invalidchars > 0) {
+		zend_error(E_DEPRECATED, "Invalid characters passed for attempted conversion, these have been ignored");
+	}
+
 	if (mode == 1) {
 		ZVAL_DOUBLE(ret, fnum);
 	} else {