Patch from the upstream git

https://github.com/kkos/oniguruma/issues/59 (CVE-2017-9229) b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6 Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
author: Remi Collet <remi@php.net> 2017-05-30 15:39:21 +0200
committer: Remi Collet <remi@php.net> 2017-07-05 09:25:57 +0200
commit: 27a743b82b0b8d7e8e8154f3cc402204fea0ebd3 (patch)
tree: e408cc638eefde2dafa358c0d08a8988c137a68b
parent: bdf7393ddb15d0ac522250a9825b685437e2b966 (diff)
download: php-git-27a743b82b0b8d7e8e8154f3cc402204fea0ebd3.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c
index 97d5f32d28..42a31bd12b 100644
--- a/ext/mbstring/oniguruma/regexec.c
+++ b/ext/mbstring/oniguruma/regexec.c
@@ -3205,7 +3205,13 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
     else {
       if (reg->dmax != ONIG_INFINITE_DISTANCE) {
 	*low = p - reg->dmax;
-	if (*low > s) {
+	if (p - str < reg->dmax) {
+	  *low = (UChar* )str;
+	  if (low_prev)
+	    *low_prev = onigenc_get_prev_char_head(reg->enc, str, *low);
+	}
+	else {
+ 	if (*low > s) {
 	  *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s,
 							      *low, (const UChar** )low_prev);
 	  if (low_prev && IS_NULL(*low_prev))
@@ -3218,6 +3224,7 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
 					       (pprev ? pprev : str), *low);
 	}
       }
+      }
     }
     /* no needs to adjust *high, *high is used as range check only */
     *high = p - reg->dmin;
author	Remi Collet <remi@php.net>	2017-05-30 15:39:21 +0200
committer	Remi Collet <remi@php.net>	2017-07-05 09:25:57 +0200
commit	27a743b82b0b8d7e8e8154f3cc402204fea0ebd3 (patch)
tree	e408cc638eefde2dafa358c0d08a8988c137a68b
parent	bdf7393ddb15d0ac522250a9825b685437e2b966 (diff)
download	php-git-27a743b82b0b8d7e8e8154f3cc402204fea0ebd3.tar.gz