[PATCH] str_pad allows pad_length to be negative

18 years ago by Mattias Bengtsson — view source — reply

unread

As stated in the manual for str_pad() "If the value of pad_length is
negative or less than the length of the input string, no padding takes
place.".

By using a very low negative value it is possible to bypass the check.

Please see attachment.

Cheers, Mattias Bengtsson

18 years ago by Jani Taskinen — view source — reply

unread

Patch applied to both PHP_5_2 and HEAD. Thanks!

--Jani

As stated in the manual for str_pad() "If the value of pad_length is
negative or less than the length of the input string, no padding takes
place.".

By using a very low negative value it is possible to bypass the check.

Please see attachment.

Cheers, Mattias Bengtsson