Merge branch 'PHP-7.4'

* PHP-7.4: Fix bug #79465 - use unsigneds as indexes. Fix bug #79330 - make all execution modes consistent in rejecting \0
author: Stanislav Malyshev <stas@php.net> 2020-04-13 21:09:23 -0700
committer: Stanislav Malyshev <stas@php.net> 2020-04-13 21:09:23 -0700
commit: d3fbdf0048cd0d99a57720c589b8d7a1d5f223af (patch)
tree: 04ea59b267f22ffc43047eeb9987b07ef90755ef /ext/standard/exec.c
parent: 83004588140dbf360e92c53779715b1a2c16f286 (diff)
parent: 864d69bef784d303e2664c943c4281d34f62b09d (diff)
download: php-git-d3fbdf0048cd0d99a57720c589b8d7a1d5f223af.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index b8b64b6aa2..9935e2b34c 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -529,6 +529,15 @@ PHP_FUNCTION(shell_exec)
 		Z_PARAM_STRING(command, command_len)
 	ZEND_PARSE_PARAMETERS_END();
 
+	if (!command_len) {
+		php_error_docref(NULL, E_WARNING, "Cannot execute a blank command");
+		RETURN_FALSE;
+	}
+	if (strlen(command) != command_len) {
+		php_error_docref(NULL, E_WARNING, "NULL byte detected. Possible attack");
+		RETURN_FALSE;
+	}
+
 #ifdef PHP_WIN32
 	if ((in=VCWD_POPEN(command, "rt"))==NULL) {
 #else
author	Stanislav Malyshev <stas@php.net>	2020-04-13 21:09:23 -0700
committer	Stanislav Malyshev <stas@php.net>	2020-04-13 21:09:23 -0700
commit	d3fbdf0048cd0d99a57720c589b8d7a1d5f223af (patch)
tree	04ea59b267f22ffc43047eeb9987b07ef90755ef /ext/standard/exec.c
parent	83004588140dbf360e92c53779715b1a2c16f286 (diff)
parent	864d69bef784d303e2664c943c4281d34f62b09d (diff)
download	php-git-d3fbdf0048cd0d99a57720c589b8d7a1d5f223af.tar.gz