From: Michael Wallner Date: Wed, 23 Mar 2005 13:11:19 +0000 (+0000) Subject: - improved range checking X-Git-Tag: RELEASE_0_7_0~11 X-Git-Url: https://git.m6w6.name/?a=commitdiff_plain;h=38cfd6ad8dfc1bdb602993a138537de569a5ccab;p=m6w6%2Fext-http - improved range checking --- diff --git a/http_api.c b/http_api.c index ff7468d..3760d31 100644 --- a/http_api.c +++ b/http_api.c @@ -286,7 +286,7 @@ static int check_tzone(char *tzone) char *pretty_key(char *key, size_t key_len, zend_bool uctitle, zend_bool xhyphen) { if (key && key_len) { - int i, wasalpha; + unsigned i, wasalpha; if (wasalpha = isalpha(key[0])) { key[0] = uctitle ? toupper(key[0]) : tolower(key[0]); } @@ -1159,7 +1159,8 @@ PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_ { /* "0-12345" */ case -10: - if (length <= end) { + /* "0-", "0-0" or overflow */ + if (end == -1 || end == -10 || length <= end) { return RANGE_ERR; } begin = 0; @@ -1167,7 +1168,8 @@ PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_ /* "-12345" */ case -1: - if (length <= end) { + /* "-", "-0" or overflow */ + if (end == -1 || end == -10 || length <= end) { return RANGE_ERR; } begin = length - end; @@ -1178,6 +1180,11 @@ PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_ default: switch (end) { + /* "12345-0" */ + case -10: + return RANGE_ERR; + break; + /* "12345-" */ case -1: if (length <= begin) {