Skip to content

Commit 9248a6c

Browse files
ndosschendossche
committed
Merge branch 'PHP-8.4' into PHP-8.5
* PHP-8.4: bz2: Fix truncation of total output size causing erroneous errors
2 parents 7a8a863 + 4ee95fc commit 9248a6c

File tree

3 files changed

+26
-13
lines changed

3 files changed

+26
-13
lines changed

NEWS

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,9 @@ PHP NEWS
22
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
33
?? ??? ????, PHP 8.5.5
44

5+
- Bz2:
6+
. Fix truncation of total output size causing erroneous errors. (ndossche)
7+
58
- Opcache:
69
. Fixed bug GH-21052 (Preloaded constant erroneously propagated to file-cached
710
script). (ilutov)

ext/bz2/bz2.c

Lines changed: 4 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -511,11 +511,7 @@ PHP_FUNCTION(bzdecompress)
511511
size_t source_len;
512512
int error;
513513
bool small = 0;
514-
#ifdef PHP_WIN32
515-
unsigned __int64 size = 0;
516-
#else
517-
unsigned long long size = 0;
518-
#endif
514+
uint64_t size = 0;
519515
bz_stream bzs;
520516

521517
if (FAILURE == zend_parse_parameters(ZEND_NUM_ARGS(), "s|b", &source, &source_len, &small)) {
@@ -541,27 +537,22 @@ PHP_FUNCTION(bzdecompress)
541537
while ((error = BZ2_bzDecompress(&bzs)) == BZ_OK && bzs.avail_in > 0) {
542538
/* compression is better then 2:1, need to allocate more memory */
543539
bzs.avail_out = source_len;
544-
size = (bzs.total_out_hi32 * (unsigned int) -1) + bzs.total_out_lo32;
545-
#ifndef ZEND_ENABLE_ZVAL_LONG64
540+
size = (((uint64_t) bzs.total_out_hi32) << 32U) + bzs.total_out_lo32;
546541
if (size > SIZE_MAX) {
547542
/* no reason to continue if we're going to drop it anyway */
548543
break;
549544
}
550-
#endif
551545
dest = zend_string_safe_realloc(dest, 1, bzs.avail_out+1, (size_t) size, 0);
552546
bzs.next_out = ZSTR_VAL(dest) + size;
553547
}
554548

555549
if (error == BZ_STREAM_END || error == BZ_OK) {
556-
size = (bzs.total_out_hi32 * (unsigned int) -1) + bzs.total_out_lo32;
557-
#ifndef ZEND_ENABLE_ZVAL_LONG64
550+
size = (((uint64_t) bzs.total_out_hi32) << 32U) + bzs.total_out_lo32;
558551
if (UNEXPECTED(size > SIZE_MAX)) {
559552
php_error_docref(NULL, E_WARNING, "Decompressed size too big, max is %zd", SIZE_MAX);
560553
zend_string_efree(dest);
561554
RETVAL_LONG(BZ_MEM_ERROR);
562-
} else
563-
#endif
564-
{
555+
} else {
565556
dest = zend_string_safe_realloc(dest, 1, (size_t)size, 1, 0);
566557
ZSTR_LEN(dest) = (size_t)size;
567558
ZSTR_VAL(dest)[(size_t)size] = '\0';

ext/bz2/tests/gh20807.phpt

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
--TEST--
2+
Truncation of total output size causing erroneous size and data
3+
--EXTENSIONS--
4+
bz2
5+
--INI--
6+
memory_limit=-1
7+
--SKIPIF--
8+
<?php
9+
if (!getenv('RUN_RESOURCE_HEAVY_TESTS')) die('skip resource-heavy test');
10+
if (getenv("SKIP_SLOW_TESTS")) die('skip slow test');
11+
if (PHP_OS === 'FreeBSD') die('skip Worker does not handle OOM gracefully');
12+
if (PHP_INT_SIZE !== 8) die('skip Only for 64-bit systems');
13+
?>
14+
--FILE--
15+
<?php
16+
var_dump(sha1(bzdecompress(base64_decode("QlpoOTFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1not6YPAV+OCADAAAAIIAAwgE1GQqAlqQqAlzFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1not6YPAV+OCADAAAAIIAAwgE1GQqAlqQqAlzFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1not6YPAV+OCADAAAAIIAAwgE1GQqAlqQqAlzFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1not6YPAV+OCADAAAAIIAAwgE1GQqAlqQqAlzFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1not6YPAV+OCADAAAAIIAAwgE1GQqAlqQqAlzFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1not6YPAV+OCADAAAAIIAAwgE1GQqAlqQqAlzFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1not6YPAV+OCADAAAAIIAAwgE1GQqAlqQqAlzFBWSZTWei3pg8BX44IAMAAAAggADCATUZCoCWpCoCXMUFZJlNZ6LemDwFfjggAwAAACCAAMIBNRkKgJakKgJcxQVkmU1kuvJCFAIpSiADgBAAIIABwM00E1SepopKSrpQIKdEKSTZKIArRSUlXCFJJ8xQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWe1u+jQBX44IAKAAAAggADCATUZCoCWpCoCXMUFZJlNZ7W76NAFfjggAoAAACCAAMIBNRkKgJakKgJcxQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWe1u+jQBX44IAKAAAAggADCATUZCoCWpCoCXMUFZJlNZ7W76NAFfjggAoAAACCAAMIBNRkKgJakKgJcxQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWe1u+jQBX44IAKAAAAggADCATUZCoCWpCoCXMUFZJlNZ7W76NAFfjggAoAAACCAAMIBNRkKgJakKgJcxQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWe1u+jQBX44IAKAAAAggADCATUZCoCWpCoCXMUFZJlNZ7W76NAFfjggAoAAACCAAMIBNRkKgJakKgJcxQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWe1u+jQBX44IAKAAAAggADCATUZCoCWpCoCXMUFZJlNZ7W76NAFfjggAoAAACCAAMIBNRkKgJakKgJcxQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWe1u+jQBX44IAKAAAAggADCATUZCoCWpCoCXMUFZJlNZ7W76NAFfjggAoAAACCAAMIBNRkKgJakKgJcxQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWe1u+jQBX44IAKAAAAggADCATUZCoCWpCoCXMUFZJlNZ7W76NAFfjggAoAAACCAAMIBNRkKgJakKgJcxQVkmU1ntbvo0AV+OCACgAAAIIAAwgE1GQqAlqQqAlzFBWSZTWTNWeUMBFKWIALAEAAggAGoKUAUqPTiiRIYRVSqLAlSRtRUgViiRIehKkjzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1njBR55AV+OCACQAAAIIAAwgE1GQqAlqQqAlzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1njBR55AV+OCACQAAAIIAAwgE1GQqAlqQqAlzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1njBR55AV+OCACQAAAIIAAwgE1GQqAlqQqAlzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1njBR55AV+OCACQAAAIIAAwgE1GQqAlqQqAlzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1njBR55AV+OCACQAAAIIAAwgE1GQqAlqQqAlzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1njBR55AV+OCACQAAAIIAAwgE1GQqAlqQqAlzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1njBR55AV+OCACQAAAIIAAwgE1GQqAlqQqAlzFBWSZTWeMFHnkBX44IAJAAAAggADCATUZCoCWpCoCXMUFZJlNZ4wUeeQFfjggAkAAACCAAMIBNRkKgJakKgJcxQVkmU1mtxU0XAD9qCACYBAAIIABwM00ClJ6mklKq6qqFVOqEAjYUoClpJSquEQCPmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKazzbiEhAK/HBABEAAAEEAAYQCajIVAS1IVAS5igrJMprPNuISEAr8cEAEQAAAQQABhAJqMhUBLUhUBLmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKazzbiEhAK/HBABEAAAEEAAYQCajIVAS1IVAS5igrJMprPNuISEAr8cEAEQAAAQQABhAJqMhUBLUhUBLmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKazzbiEhAK/HBABEAAAEEAAYQCajIVAS1IVAS5igrJMprPNuISEAr8cEAEQAAAQQABhAJqMhUBLUhUBLmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKazzbiEhAK/HBABEAAAEEAAYQCajIVAS1IVAS5igrJMprPNuISEAr8cEAEQAAAQQABhAJqMhUBLUhUBLmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKazzbiEhAK/HBABEAAAEEAAYQCajIVAS1IVAS5igrJMprPNuISEAr8cEAEQAAAQQABhAJqMhUBLUhUBLmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKazzbiEhAK/HBABEAAAEEAAYQCajIVAS1IVAS5igrJMprPNuISEAr8cEAEQAAAQQABhAJqMhUBLUhUBLmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKazzbiEhAK/HBABEAAAEEAAYQCajIVAS1IVAS5igrJMprPNuISEAr8cEAEQAAAQQABhAJqMhUBLUhUBLmKCskyms824hIQCvxwQARAAABBAAGEAmoyFQEtSFQEuYoKyTKayOlbYVgGTehABGAgAEEAA4GaaCapPUxBFKcqFISuVSElbRQlVGIIpTpUhJXzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ/9LW4wFfjggAhAAACCAAMIBNRkKgJakKgJcxQVkmU1n/0tbjAV+OCACEAAAIIAAwgE1GQqAlqQqAlzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ/9LW4wFfjggAhAAACCAAMIBNRkKgJakKgJcxQVkmU1n/0tbjAV+OCACEAAAIIAAwgE1GQqAlqQqAlzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ/9LW4wFfjggAhAAACCAAMIBNRkKgJakKgJcxQVkmU1n/0tbjAV+OCACEAAAIIAAwgE1GQqAlqQqAlzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ/9LW4wFfjggAhAAACCAAMIBNRkKgJakKgJcxQVkmU1n/0tbjAV+OCACEAAAIIAAwgE1GQqAlqQqAlzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ/9LW4wFfjggAhAAACCAAMIBNRkKgJakKgJcxQVkmU1n/0tbjAV+OCACEAAAIIAAwgE1GQqAlqQqAlzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ/9LW4wFfjggAhAAACCAAMIBNRkKgJakKgJcxQVkmU1n/0tbjAV+OCACEAAAIIAAwgE1GQqAlqQqAlzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ/9LW4wFfjggAhAAACCAAMIBNRkKgJakKgJcxQVkmU1n/0tbjAV+OCACEAAAIIAAwgE1GQqAlqQqAlzFBWSZTWf/S1uMBX44IAIQAAAggADCATUZCoCWpCoCXMUFZJlNZ9EMghAFUEAgAhgQACCAAUGaaBSk9TQQJJ1CgqqupVSmxKohoIEk4qqU+YoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskyms/QXFbACvxwQAQQAABBAAGEAmoyFQEtSFQEuYoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskyms/QXFbACvxwQAQQAABBAAGEAmoyFQEtSFQEuYoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskyms/QXFbACvxwQAQQAABBAAGEAmoyFQEtSFQEuYoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskyms/QXFbACvxwQAQQAABBAAGEAmoyFQEtSFQEuYoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskyms/QXFbACvxwQAQQAABBAAGEAmoyFQEtSFQEuYoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskyms/QXFbACvxwQAQQAABBAAGEAmoyFQEtSFQEuYoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskyms/QXFbACvxwQAQQAABBAAGEAmoyFQEtSFQEuYoKyTKaz9BcVsAK/HBABBAAAEEAAYQCajIVAS1IVAS5igrJMprP0FxWwAr8cEAEEAAAQQABhAJqMhUBLUhUBLmKCskymsiUnBUgA/akQAQYIABBAAOBmmgmqT1NJIgdAKgXShKqNlEqVJaSRA4oSqj5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms+jA3SoCvxwQAQIAABBAAGEAmoyFQEtSFQEuYoKyTKaz6MDdKgK/HBABAgAAEEAAYQCajIVAS1IVAS5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms+jA3SoCvxwQAQIAABBAAGEAmoyFQEtSFQEuYoKyTKaz6MDdKgK/HBABAgAAEEAAYQCajIVAS1IVAS5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms+jA3SoCvxwQAQIAABBAAGEAmoyFQEtSFQEuYoKyTKaz6MDdKgK/HBABAgAAEEAAYQCajIVAS1IVAS5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms+jA3SoCvxwQAQIAABBAAGEAmoyFQEtSFQEuYoKyTKaz6MDdKgK/HBABAgAAEEAAYQCajIVAS1IVAS5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms+jA3SoCvxwQAQIAABBAAGEAmoyFQEtSFQEuYoKyTKaz6MDdKgK/HBABAgAAEEAAYQCajIVAS1IVAS5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms+jA3SoCvxwQAQIAABBAAGEAmoyFQEtSFQEuYoKyTKaz6MDdKgK/HBABAgAAEEAAYQCajIVAS1IVAS5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms+jA3SoCvxwQAQIAABBAAGEAmoyFQEtSFQEuYoKyTKaz6MDdKgK/HBABAgAAEEAAYQCajIVAS1IVAS5igrJMprPowN0qAr8cEAECAAAQQABhAJqMhUBLUhUBLmKCskyms4qxPEQCEk8QAQMIABBAAOBmmgUpPUwSIg4KpShcUUUm1RRQGCREHSiik+YoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskyms+NyZVwCvxwQAQEAABBAAGEAmoyFQEtSFQEuYoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskyms+NyZVwCvxwQAQEAABBAAGEAmoyFQEtSFQEuYoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskyms+NyZVwCvxwQAQEAABBAAGEAmoyFQEtSFQEuYoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskyms+NyZVwCvxwQAQEAABBAAGEAmoyFQEtSFQEuYoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskyms+NyZVwCvxwQAQEAABBAAGEAmoyFQEtSFQEuYoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskyms+NyZVwCvxwQAQEAABBAAGEAmoyFQEtSFQEuYoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskyms+NyZVwCvxwQAQEAABBAAGEAmoyFQEtSFQEuYoKyTKaz43JlXAK/HBABAQAAEEAAYQCajIVAS1IVAS5igrJMprPjcmVcAr8cEAEBAAAQQABhAJqMhUBLUhUBLmKCskymswVrRDAAZ9gQAQEIABBAAGGYE1TTVECm1KIFPF3JFOFCQLW69vQ"))));
17+
?>
18+
--EXPECT--
19+
string(40) "d4b5e52ed34a774fa645f94369b0c61375436d30"

0 commit comments

Comments
 (0)