X-Git-Url: https://git.m6w6.name/?p=m6w6%2Fext-http;a=blobdiff_plain;f=http_api.c;h=3760d310ee0c92f33375e27eb81292254415530c;hp=1a1dfead13c9c035a655a79d312662c90605a94f;hb=38cfd6ad8dfc1bdb602993a138537de569a5ccab;hpb=f6108ad70bc06292d0982532f82b77d6e97d7e01

diff --git a/http_api.c b/http_api.c
index 1a1dfea..3760d31 100644
--- a/http_api.c
+++ b/http_api.c
@@ -286,7 +286,7 @@ static int check_tzone(char *tzone)
 char *pretty_key(char *key, size_t key_len, zend_bool uctitle, zend_bool xhyphen)
 {
 	if (key && key_len) {
-		int i, wasalpha;
+		unsigned i, wasalpha;
 		if (wasalpha = isalpha(key[0])) {
 			key[0] = uctitle ? toupper(key[0]) : tolower(key[0]);
 		}
@@ -1159,7 +1159,8 @@ PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_
 					{
 						/* "0-12345" */
 						case -10:
-							if (length <= end) {
+							/* "0-", "0-0" or overflow */
+							if (end == -1 || end == -10 || length <= end) {
 								return RANGE_ERR;
 							}
 							begin = 0;
@@ -1167,7 +1168,8 @@ PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_
 
 						/* "-12345" */
 						case -1:
-							if (length <= end) {
+							/* "-", "-0" or overflow */
+							if (end == -1 || end == -10 || length <= end) {
 								return RANGE_ERR;
 							}
 							begin = length - end;
@@ -1178,6 +1180,11 @@ PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_
 						default:
 							switch (end)
 							{
+								/* "12345-0" */
+								case -10:
+									return RANGE_ERR;
+								break;
+								
 								/* "12345-" */
 								case -1:
 									if (length <= begin) {
@@ -1387,7 +1394,7 @@ PHP_HTTP_API STATUS _http_send_stream_ex(php_stream *file, zend_bool close_strea
 /* }}} */
 
 /* {{{ STATUS http_chunked_decode(char *, size_t, char **, size_t *) */
-PHP_HTTP_API STATUS _http_chunked_decode(const char *encoded, size_t encoded_len, 
+PHP_HTTP_API STATUS _http_chunked_decode(const char *encoded, size_t encoded_len,
 	char **decoded, size_t *decoded_len TSRMLS_DC)
 {
 	const char *e_ptr;
@@ -1605,12 +1612,12 @@ PHP_HTTP_API STATUS _http_urlencode_hash_ex(HashTable *hash, zend_bool override_
 
 	if (SUCCESS != http_urlencode_hash_implementation(hash, qstr, arg_sep)) {
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Couldn't encode query data");
-		phpstr_dtor(qstr);
+		phpstr_free(qstr);
 		return FAILURE;
 	}
 
 	phpstr_data(qstr, encoded_data, encoded_len);
-	phpstr_dtor(qstr);
+	phpstr_free(qstr);
 
 	return SUCCESS;
 }
@@ -1674,7 +1681,7 @@ PHP_HTTP_API STATUS _http_urlencode_hash_implementation_ex(
 	ulong idx;
 	zval **zdata = NULL, *copyzval;
 
-	if (!ht) {
+	if (!ht || !formstr) {
 		return FAILURE;
 	}
 
@@ -1766,7 +1773,7 @@ PHP_HTTP_API STATUS _http_urlencode_hash_implementation_ex(
 				*p = '\0';
 			}
 			ht->nApplyCount++;
-			http_urlencode_hash_implementation_ex(HASH_OF(*zdata), formstr, arg_sep, 
+			http_urlencode_hash_implementation_ex(HASH_OF(*zdata), formstr, arg_sep,
 				NULL, 0, newprefix, newprefix_len, "]", 1, (Z_TYPE_PP(zdata) == IS_OBJECT ? *zdata : NULL));
 			ht->nApplyCount--;
 			efree(newprefix);