ext/bz2: Reject oversized input in bzdecompress()#22242
Conversation
| <?php | ||
|
|
||
| try { | ||
| $data = str_repeat("A", 4294967296); |
There was a problem hiding this comment.
that is a lot. You, at least, need to guard it with if (!getenv('RUN_RESOURCE_HEAVY_TESTS')) die('skip resource-heavy test');
| bzs.bzfree = NULL; | ||
|
|
||
| if (source_len > UINT_MAX) { | ||
| zend_argument_value_error(1, "must not exceed %u bytes", UINT_MAX); |
There was a problem hiding this comment.
might be best to mirror this error message with the bzcompress counterpart.
There was a problem hiding this comment.
I believe this change has already been implemented at https://github.com/php/php-src/blob/master/ext/bz2/bz2.c#L480
There was a problem hiding this comment.
I meant the message error you added here, would be nicer if it is similar to the one you have in bzcompress.
| bzs.bzalloc = NULL; | ||
| bzs.bzfree = NULL; | ||
|
|
||
| if (source_len >= UINT_MAX) { |
There was a problem hiding this comment.
I think it should be
if (source_len > UINT_MAX) {wdyt ?
| <?php | ||
| if (!getenv('RUN_RESOURCE_HEAVY_TESTS')) die('skip resource-heavy test'); | ||
| if (getenv('SKIP_SLOW_TESTS')) die('skip slow test'); | ||
| if (PHP_INT_SIZE != 8) echo 'skip 64-bit only'; |
There was a problem hiding this comment.
almost did not notice, but die should be used instead of echo here.
| } | ||
| ?> | ||
| --EXPECTF-- | ||
| bzdecompress(): Argument #1 ($data) must have a length less than or equal to %d |
There was a problem hiding this comment.
look like the amount is fixed you might not need EXPECTF here.
2 participants
No description provided.