diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-01-31 23:52:10 -0800 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-01-31 23:52:10 -0800 |
| commit | 911f0ea4178a82c1cf16f0296a9ac25378f5315e (patch) | |
| tree | da41432aabd94c2ccd0e6d150335cd232bd745d4 | |
| parent | 50703c900f3b75af2e2973dfd53c05f69cddec91 (diff) | |
| parent | 662184095182b2b9c23313350d99beda25eb3c39 (diff) | |
| download | php-git-911f0ea4178a82c1cf16f0296a9ac25378f5315e.tar.gz | |
Merge branch 'pull-request/1012'
* pull-request/1012:
Fix uninitalized variables reads. See CWE-457 for more info.
| -rw-r--r-- | ext/mbstring/mbstring.c | 8 | ||||
| -rw-r--r-- | ext/reflection/php_reflection.c | 1 | ||||
| -rw-r--r-- | main/main.c | 1 |
3 files changed, 6 insertions, 4 deletions
diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c index 7f2209fb12..504a5e697f 100644 --- a/ext/mbstring/mbstring.c +++ b/ext/mbstring/mbstring.c @@ -3891,7 +3891,7 @@ static int _php_mbstr_parse_mail_headers(HashTable *ht, const char *str, size_t int state = 0; int crlf_state = -1; char *token = NULL; - size_t token_pos; + size_t token_pos = 0; zend_string *fld_name, *fld_val; ps = str; @@ -3917,7 +3917,7 @@ static int _php_mbstr_parse_mail_headers(HashTable *ht, const char *str, size_t } if (state == 0 || state == 1) { - if(token) { + if(token && token_pos > 0) { fld_name = zend_string_init(token, token_pos, 0); } state = 2; @@ -3983,7 +3983,7 @@ static int _php_mbstr_parse_mail_headers(HashTable *ht, const char *str, size_t case 3: if (crlf_state == -1) { - if(token) { + if(token && token_pos > 0) { fld_val = zend_string_init(token, token_pos, 0); } @@ -4032,7 +4032,7 @@ out: state = 3; } if (state == 3) { - if(token) { + if(token && token_pos > 0) { fld_val = zend_string_init(token, token_pos, 0); } if (fld_name != NULL && fld_val != NULL) { diff --git a/ext/reflection/php_reflection.c b/ext/reflection/php_reflection.c index 5dddd05cea..9f5ad8cdd4 100644 --- a/ext/reflection/php_reflection.c +++ b/ext/reflection/php_reflection.c @@ -3996,6 +3996,7 @@ static int _adddynproperty(zval *ptr, int num_args, va_list args, zend_hash_key if (zend_get_property_info(ce, hash_key->key, 1) == NULL) { zend_property_info property_info; + property_info.doc_comment = NULL; property_info.flags = ZEND_ACC_IMPLICIT_PUBLIC; property_info.name = hash_key->key; property_info.ce = ce; diff --git a/main/main.c b/main/main.c index 538e8fe7d2..1312528def 100644 --- a/main/main.c +++ b/main/main.c @@ -2255,6 +2255,7 @@ int php_module_startup(sapi_module_struct *sf, zend_module_entry *additional_mod zuv.html_errors = 1; zuv.import_use_extension = ".php"; + zuv.import_use_extension_length = (uint)strlen(zuv.import_use_extension); php_startup_auto_globals(); zend_set_utility_values(&zuv); php_startup_sapi_content_types(); |