|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
Patchespatch-timlib-c.patch (last revision 2014-05-28 00:53 UTC by al-phpbug at none dot at)Pull RequestsHistoryAllCommentsChangesGit/SVN commits
[2018-07-16 13:31 UTC] cmb@php.net
-Status: Open
+Status: Not a bug
-Type: Feature/Change Request
+Type: Bug
-Assigned To:
+Assigned To: cmb
[2018-07-16 13:31 UTC] cmb@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Dec 14 22:00:01 2025 UTC |
Description: ------------ According to point 9 of php-5.5.12/CODING_STANDARDS the parse_date does not use the emalloc(), efree(), estrdup(), etc. and it does not check if the *alloc was successfully egrep -A3 alloc php-5.5.12/ext/date/lib/parse_date.c ####### uchar *buf = (uchar*) malloc(((s->lim - s->bot) + BSIZE)*sizeof(uchar)); memcpy(buf, s->tok, s->lim - s->tok); s->tok = buf; s->ptr = &buf[s->ptr - s->bot]; -- s->errors->warning_messages = realloc(s->errors->warning_messages, s->errors->warning_count * sizeof(timelib_error_message)); s->errors->warning_messages[s->errors->warning_count - 1].position = s->tok ? s->tok - s->str : 0; s->errors->warning_messages[s->errors->warning_count - 1].character = s->tok ? *s->tok : 0; s->errors->warning_messages[s->errors->warning_count - 1].message = strdup(error); -- s->errors->error_messages = realloc(s->errors->error_messages, s->errors->error_count * sizeof(timelib_error_message)); s->errors->error_messages[s->errors->error_count - 1].position = s->tok ? s->tok - s->str : 0; s->errors->error_messages[s->errors->error_count - 1].character = s->tok ? *s->tok : 0; s->errors->error_messages[s->errors->error_count - 1].message = strdup(error); -- s->errors->warning_messages = realloc(s->errors->warning_messages, s->errors->warning_count * sizeof(timelib_error_message)); s->errors->warning_messages[s->errors->warning_count - 1].position = cptr - sptr; s->errors->warning_messages[s->errors->warning_count - 1].character = *cptr; s->errors->warning_messages[s->errors->warning_count - 1].message = strdup(error); -- s->errors->error_messages = realloc(s->errors->error_messages, s->errors->error_count * sizeof(timelib_error_message)); s->errors->error_messages[s->errors->error_count - 1].position = cptr - sptr; s->errors->error_messages[s->errors->error_count - 1].character = *cptr; s->errors->error_messages[s->errors->error_count - 1].message = strdup(error); -- char *tmp = calloc(1, s->cur - s->tok + 1); memcpy(tmp, s->tok, s->cur - s->tok); return tmp; -- str = calloc(1, end - begin + 1); memcpy(str, begin, end - begin); tmp_nr = strtoll(str, NULL, 10); free(str); -- str = calloc(1, end - begin + 1); memcpy(str, begin, end - begin); if (str[0] == ':') { str[0] = '.'; -- word = calloc(1, end - begin + 1); memcpy(word, begin, end - begin); for (tp = timelib_reltext_lookup; tp->name; tp++) { -- word = calloc(1, end - begin + 1); memcpy(word, begin, end - begin); for (tp = timelib_month_lookup; tp->name; tp++) { -- word = calloc(1, end - begin + 1); memcpy(word, begin, end - begin); for (tp = timelib_relunit_lookup; tp->name; tp++) { -- word = calloc(1, end - begin + 1); memcpy(word, begin, end - begin); if ((tp = zone_search(word, -1, 0))) { -- in.errors = malloc(sizeof(struct timelib_error_container)); in.errors->warning_count = 0; in.errors->warning_messages = NULL; in.errors->error_count = 0; -- in.str = malloc((e - s) + YYMAXFILL); memset(in.str, 0, (e - s) + YYMAXFILL); memcpy(in.str, s, (e - s)); in.lim = in.str + (e - s) + YYMAXFILL; -- in.errors = malloc(sizeof(struct timelib_error_container)); in.errors->warning_count = 0; in.errors->warning_messages = NULL; in.errors->error_count = 0; ####### Maybe it is unimportant but it would be nice if anyone take a look there and say it's ok or not. I think the whole date directory should be reviewed. egrep -r -A3 alloc php-5.5.12/ext/date/*