MFH: Fixed bug #29226 (ctype_* functions missing validation of numeric

string representations).
author: Ilia Alshanetsky <iliaa@php.net> 2004-07-20 01:03:34 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2004-07-20 01:03:34 +0000
commit: e3a480faf8a24f020707df4db19509ff389f7578 (patch)
tree: 4a070d7a8e5967b61612d7a6bb19835bc13beb44
parent: 53cc10e1c2684ddb42bba0b9d4c716372b1804d3 (diff)
download: php-git-e3a480faf8a24f020707df4db19509ff389f7578.tar.gz
2 files changed, 7 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 2f9b960a03..504bf36380 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,8 @@ PHP 4                                                                      NEWS
 - Updated PCRE to provide better error handling in certain cases. (Andrei)
 - NSAPI: added "bucket" parameter to list of non-php.ini-keys of php4_execute
   for doing performance stats without warnings in server-log. (Uwe Schindler)
+- Fixed bug #29226 (ctype_* functions missing validation of numeric string 
+  representations). (Ilia)
 - Fixed bug #29116 (Zend constant warning uses memory after free). (Marcus,
   jdolecek at NetBSD dot org)
 - Fixed bug #29114 (Potential double free in php_stat). (Sara)
diff --git a/ext/ctype/ctype.c b/ext/ctype/ctype.c
index f755d7e33f..0291979010 100644
--- a/ext/ctype/ctype.c
+++ b/ext/ctype/ctype.c
@@ -97,7 +97,11 @@ PHP_MINFO_FUNCTION(ctype)
 		return; \
  	switch (Z_TYPE_P(c)) { \
 	case IS_LONG: \
-		RETURN_BOOL(iswhat(Z_LVAL_P(c))); \
+		if (Z_LVAL_P(c) < 255 && Z_LVAL_P(c) > -127) {	\
+			RETURN_BOOL(iswhat(Z_LVAL_P(c))); \
+		}	\
+		SEPARATE_ZVAL(&c);	\
+		convert_to_string(c);	\
 	case IS_STRING: \
 		{ \
 			char *p; \
author	Ilia Alshanetsky <iliaa@php.net>	2004-07-20 01:03:34 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2004-07-20 01:03:34 +0000
commit	e3a480faf8a24f020707df4db19509ff389f7578 (patch)
tree	4a070d7a8e5967b61612d7a6bb19835bc13beb44
parent	53cc10e1c2684ddb42bba0b9d4c716372b1804d3 (diff)
download	php-git-e3a480faf8a24f020707df4db19509ff389f7578.tar.gz