Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:41564 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 64779 invoked from network); 29 Oct 2008 21:02:46 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 29 Oct 2008 21:02:46 -0000 Authentication-Results: pb1.pair.com header.from=ilia@prohost.org; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=ilia@prohost.org; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain prohost.org from 216.239.58.188 cause and error) X-PHP-List-Original-Sender: ilia@prohost.org X-Host-Fingerprint: 216.239.58.188 gv-out-0910.google.com Received: from [216.239.58.188] ([216.239.58.188:5681] helo=gv-out-0910.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id FE/E0-58116-47FC8094 for ; Wed, 29 Oct 2008 16:02:45 -0500 Received: by gv-out-0910.google.com with SMTP id e6so119355gvc.37 for ; Wed, 29 Oct 2008 14:02:41 -0700 (PDT) Received: by 10.65.121.5 with SMTP id y5mr9770560qbm.64.1225314160019; Wed, 29 Oct 2008 14:02:40 -0700 (PDT) Received: from ?192.168.1.139? (TOROON63-1279386825.sdsl.bell.ca [76.65.228.201]) by mx.google.com with ESMTPS id p30sm601390qbp.14.2008.10.29.14.02.37 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 29 Oct 2008 14:02:38 -0700 (PDT) Cc: jani.taskinen@iki.fi, PHP internals Message-ID: <5319EDC7-F3DB-45C5-BBBB-39E8176CA652@prohost.org> To: Christian Schneider In-Reply-To: <4908845C.4010603@cschneid.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v929.2) Date: Wed, 29 Oct 2008 17:02:36 -0400 References: <7A1407E0-56A2-4C8A-A964-86616311B928@prohost.org> <49085D70.3030400@sci.fi> <4908845C.4010603@cschneid.com> X-Mailer: Apple Mail (2.929.2) Subject: Re: [PHP-DEV] PHP 5.2.7RC3 Reminder From: ilia@prohost.org (Ilia Alshanetsky) Christian, Your patch with slight revisions just went in. On 29-Oct-08, at 11:42 AM, Christian Schneider wrote: > Jani Taskinen wrote: >> http://bugs.php.net/bug.php?id=44938&edit=1 >> >> Marked critical but propably isn't. Also depatable whether it's a PHP >> bug at all.. > > Probably the library exhausting memory using alloca I'd say. > > I whipped together a little patch against HEAD which restricts the > length of a text domain string to 10000 bytes to avoid problems in the > underlying library. > > Note: I haven't been able to compile HEAD right now so I couldn't test > the patch really. But it compiles and should be rather trivial to > review/test. > > - Chris > Index: ext/gettext/gettext.c > =================================================================== > RCS file: /repository/php-src/ext/gettext/gettext.c,v > retrieving revision 1.58 > diff -u -r1.58 gettext.c > --- ext/gettext/gettext.c 24 Oct 2008 14:34:13 -0000 1.58 > +++ ext/gettext/gettext.c 29 Oct 2008 13:47:15 -0000 > @@ -30,6 +30,8 @@ > #include "ext/standard/info.h" > #include "php_gettext.h" > > +#define MAX_DOMAIN_LENGTH 10000 /* Maximum length of textdomain > name length */ > + > /* {{{ arginfo */ > ZEND_BEGIN_ARG_INFO(arginfo_textdomain, 0) > ZEND_ARG_INFO(0, domain) > @@ -162,6 +164,10 @@ > return; > } > > + if (domain_len > MAX_DOMAIN_LENGTH) { > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too > long, ignoring"); > + domain_str = NULL; > + } > if (!domain_len || (domain_len == 1 && *domain_str == '0')) { > domain_str = NULL; > } > @@ -193,6 +199,10 @@ > if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, > "s&s&", &domain_str, &domain_len, > ZEND_U_CONVERTER(UG(filesystem_encoding_conv)), &msgid_str, > &msgid_len, UG(ascii_conv))) { > return; > } > + if (domain_len > MAX_DOMAIN_LENGTH) { > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too > long, ignoring"); > + domain_str = NULL; > + } > RETURN_STRING(dgettext(domain_str, msgid_str), ZSTR_DUPLICATE); > } > /* }}} */ > @@ -208,6 +218,10 @@ > if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, > "s&s&l", &domain_str, &domain_len, > ZEND_U_CONVERTER(UG(filesystem_encoding_conv)), &msgid_str, > &msgid_len, UG(ascii_conv), &category)) { > return; > } > + if (domain_len > MAX_DOMAIN_LENGTH) { > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too > long, ignoring"); > + domain_str = NULL; > + } > RETURN_STRING(dcgettext(domain_str, msgid_str, category), > ZSTR_DUPLICATE); > } > /* }}} */ > @@ -223,6 +237,10 @@ > return; > } > > + if (domain_len > MAX_DOMAIN_LENGTH) { > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too > long"); > + RETURN_FALSE; > + } > if (!domain_len) { > php_error_docref(NULL TSRMLS_CC, E_WARNING, "the first parameter > must not be empty"); > RETURN_FALSE; > @@ -273,6 +291,10 @@ > RETURN_FALSE; > } > > + if (domain_len > MAX_DOMAIN_LENGTH) { > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too > long, ignoring"); > + domain_str = NULL; > + } > if ((msgstr = dngettext(domain_str, msgid_str1, msgid_str2, > count))) { > RETURN_STRING(msgstr, ZSTR_DUPLICATE); > } else { > @@ -295,6 +317,10 @@ > RETURN_FALSE; > } > > + if (domain_len > MAX_DOMAIN_LENGTH) { > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too > long, ignoring"); > + domain_str = NULL; > + } > if ((msgstr = dcngettext(domain_str, msgid_str1, msgid_str2, count, > category))) { > RETURN_STRING(msgstr, ZSTR_DUPLICATE); > } else { > @@ -316,6 +342,10 @@ > return; > } > > + if (domain_len > MAX_DOMAIN_LENGTH) { > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "domain passed too > long"); > + RETURN_FALSE; > + } > if (!codeset_len) { > codeset_str = NULL; > } > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php Ilia Alshanetsky