Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fix bug #79465 - use unsigneds as indexes.
  Fix bug #79330 - make all execution modes consistent in rejecting \0

2 files changed, 11 insertions, 2 deletions

diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index 86b0a0a466..db92ea724b 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -537,6 +537,15 @@ PHP_FUNCTION(shell_exec)
 		Z_PARAM_STRING(command, command_len)
 	ZEND_PARSE_PARAMETERS_END();
 
+	if (!command_len) {
+		php_error_docref(NULL, E_WARNING, "Cannot execute a blank command");
+		RETURN_FALSE;
+	}
+	if (strlen(command) != command_len) {
+		php_error_docref(NULL, E_WARNING, "NULL byte detected. Possible attack");
+		RETURN_FALSE;
+	}
+
 #ifdef PHP_WIN32
 	if ((in=VCWD_POPEN(command, "rt"))==NULL) {
 #else
diff --git a/ext/standard/url.c b/ext/standard/url.c
index c88e7c6902..62ce107f77 100644
--- a/ext/standard/url.c
+++ b/ext/standard/url.c
@@ -543,7 +543,7 @@ PHPAPI size_t php_url_decode(char *str, size_t len)
 #ifndef CHARSET_EBCDIC
 			*dest = (char) php_htoi(data + 1);
 #else
-			*dest = os_toebcdic[(char) php_htoi(data + 1)];
+			*dest = os_toebcdic[(unsigned char) php_htoi(data + 1)];
 #endif
 			data += 2;
 			len -= 2;
@@ -639,7 +639,7 @@ PHPAPI size_t php_raw_url_decode(char *str, size_t len)
 #ifndef CHARSET_EBCDIC
 			*dest = (char) php_htoi(data + 1);
 #else
-			*dest = os_toebcdic[(char) php_htoi(data + 1)];
+			*dest = os_toebcdic[(unsigned char) php_htoi(data + 1)];
 #endif
 			data += 2;
 			len -= 2;