Merge branch 'PHP-5.6' into PHP-7.0

* PHP-5.6: More string length checks & fixes
author: Stanislav Malyshev <stas@php.net> 2016-11-03 22:05:25 -0700
committer: Stanislav Malyshev <stas@php.net> 2016-11-03 22:05:25 -0700
commit: 2fa455128c7f6c42eb00a43f8bb28a395af4aeda (patch)
tree: c073bfc97add0bf44444859785684262427cd39a
parent: 6e12e49b5be06b4346e3d7802ea9b09f9f1abd7b (diff)
parent: 1fd18821e08c72e026de30ab915b73ec32dcf0ad (diff)
download: php-git-2fa455128c7f6c42eb00a43f8bb28a395af4aeda.tar.gz
1 files changed, 6 insertions, 4 deletions
diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index 7bd3ef9f7f..7e21bce098 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -482,7 +482,8 @@ PHP_FUNCTION(escapeshellcmd)
 			php_error_docref(NULL, E_ERROR, "Input string contains NULL bytes");
 			return;
 		}
-		RETVAL_STR(php_escape_shell_cmd(command));
+		cmd = php_escape_shell_cmd(command);
+		RETVAL_STRINGL_CHECK(cmd, strlen(cmd), 0);
 	} else {
 		RETVAL_EMPTY_STRING();
 	}
@@ -505,7 +506,8 @@ PHP_FUNCTION(escapeshellarg)
 			php_error_docref(NULL, E_ERROR, "Input string contains NULL bytes");
 			return;
 		}
-		RETVAL_STR(php_escape_shell_arg(argument));
+		cmd = php_escape_shell_arg(argument);
+		RETVAL_STRINGL_CHECK(cmd, strlen(cmd), 0);
 	}
 }
 /* }}} */
@@ -537,8 +539,8 @@ PHP_FUNCTION(shell_exec)
 	ret = php_stream_copy_to_mem(stream, PHP_STREAM_COPY_ALL, 0);
 	php_stream_close(stream);
 
-	if (ret && ZSTR_LEN(ret) > 0) {
-		RETVAL_STR(ret);
+	if (total_readbytes > 0) {
+		RETVAL_STRINGL_CHECK(ret, total_readbytes, 0);
 	}
 }
 /* }}} */
author	Stanislav Malyshev <stas@php.net>	2016-11-03 22:05:25 -0700
committer	Stanislav Malyshev <stas@php.net>	2016-11-03 22:05:25 -0700
commit	2fa455128c7f6c42eb00a43f8bb28a395af4aeda (patch)
tree	c073bfc97add0bf44444859785684262427cd39a
parent	6e12e49b5be06b4346e3d7802ea9b09f9f1abd7b (diff)
parent	1fd18821e08c72e026de30ab915b73ec32dcf0ad (diff)
download	php-git-2fa455128c7f6c42eb00a43f8bb28a395af4aeda.tar.gz