Merge branch 'master' of git.php.net:/php-src

4 files changed, 21 insertions, 17 deletions

diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
index 3232414de7..2fd43359a4 100644
--- a/ext/ldap/ldap.c
+++ b/ext/ldap/ldap.c
@@ -488,7 +488,7 @@ PHP_FUNCTION(ldap_connect)
 		int rc = LDAP_SUCCESS;
 		char	*url = host;
 		if (url && !ldap_is_ldap_url(url)) {
-			int	urllen = hostlen + sizeof( "ldap://:65535" );
+			size_t urllen = hostlen + sizeof( "ldap://:65535" );
 
 			if (port <= 0 || port > 65535) {
 				efree(ld);
@@ -1722,9 +1722,9 @@ PHP_FUNCTION(ldap_delete)
 
 /* {{{ _ldap_str_equal_to_const
  */
-static int _ldap_str_equal_to_const(const char *str, uint32_t str_len, const char *cstr)
+static size_t _ldap_str_equal_to_const(const char *str, size_t str_len, const char *cstr)
 {
-	uint32_t i;
+	size_t i;
 
 	if (strlen(cstr) != str_len)
 		return 0;
@@ -1741,9 +1741,9 @@ static int _ldap_str_equal_to_const(const char *str, uint32_t str_len, const cha
 
 /* {{{ _ldap_strlen_max
  */
-static int _ldap_strlen_max(const char *str, uint32_t max_len)
+static size_t _ldap_strlen_max(const char *str, size_t max_len)
 {
-	uint32_t i;
+	size_t i;
 
 	for (i = 0; i < max_len; ++i) {
 		if (str[i] == '\0') {
@@ -1819,7 +1819,7 @@ PHP_FUNCTION(ldap_modify_batch)
 		zend_ulong tmpUlong;
 
 		/* make sure the DN contains no NUL bytes */
-		if ((size_t)_ldap_strlen_max(dn, dn_len) != dn_len) {
+		if (_ldap_strlen_max(dn, dn_len) != dn_len) {
 			php_error_docref(NULL, E_WARNING, "DN must not contain NUL bytes");
 			RETURN_FALSE;
 		}
@@ -1879,7 +1879,7 @@ PHP_FUNCTION(ldap_modify_batch)
 						RETURN_FALSE;
 					}
 
-					if (Z_STRLEN_P(modinfo) != (size_t)_ldap_strlen_max(Z_STRVAL_P(modinfo), Z_STRLEN_P(modinfo))) {
+					if (Z_STRLEN_P(modinfo) != _ldap_strlen_max(Z_STRVAL_P(modinfo), Z_STRLEN_P(modinfo))) {
 						php_error_docref(NULL, E_WARNING, "A '" LDAP_MODIFY_BATCH_ATTRIB "' value must not contain NUL bytes");
 						RETURN_FALSE;
 					}
@@ -2436,7 +2436,11 @@ PHP_FUNCTION(ldap_set_option)
 			int val;
 
 			convert_to_long_ex(newval);
-			val = Z_LVAL_P(newval);
+			if (ZEND_LONG_EXCEEDS_INT(Z_LVAL_P(newval))) {
+				php_error_docref(NULL, E_WARNING, "Option value is too big");
+				RETURN_FALSE;
+			}
+			val = (int)Z_LVAL_P(newval);
 			if (ldap_set_option(ldap, option, &val)) {
 				RETURN_FALSE;
 			}
@@ -3030,9 +3034,9 @@ static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value,
 	return ret;
 }
 
-static void php_ldap_escape_map_set_chars(zend_bool *map, const char *chars, const int charslen, char escape)
+static void php_ldap_escape_map_set_chars(zend_bool *map, const char *chars, const size_t charslen, char escape)
 {
-	int i = 0;
+	size_t i = 0;
 	while (i < charslen) {
 		map[(unsigned char) chars[i++]] = escape;
 	}
diff --git a/ext/mbstring/mb_gpc.c b/ext/mbstring/mb_gpc.c
index 1cd44c90e0..2a87ecc2e7 100644
--- a/ext/mbstring/mb_gpc.c
+++ b/ext/mbstring/mb_gpc.c
@@ -196,7 +196,7 @@ const mbfl_encoding *_php_mb_encoding_handler_ex(const php_mb_encoding_handler_i
 	const char *s1, *s2;
 	char *strtok_buf = NULL, **val_list = NULL;
 	zval *array_ptr = (zval *) arg;
-	int n, num, *len_list = NULL;
+	size_t n, num, *len_list = NULL;
 	size_t val_len, new_val_len;
 	mbfl_string string, resvar, resval;
 	const mbfl_encoding *from_encoding = NULL;
@@ -225,7 +225,7 @@ const mbfl_encoding *_php_mb_encoding_handler_ex(const php_mb_encoding_handler_i
 	num *= 2; /* need space for variable name and value */
 
 	val_list = (char **)ecalloc(num, sizeof(char *));
-	len_list = (int *)ecalloc(num, sizeof(int));
+	len_list = (size_t *)ecalloc(num, sizeof(size_t));
 
 	/* split and decode the query */
 	n = 0;
@@ -253,7 +253,7 @@ const mbfl_encoding *_php_mb_encoding_handler_ex(const php_mb_encoding_handler_i
 		var = php_strtok_r(NULL, info->separator, &strtok_buf);
 	}
 
-	if (n > (PG(max_input_vars) * 2)) {
+	if (ZEND_SIZE_T_GT_ZEND_LONG(n, (PG(max_input_vars) * 2))) {
 		php_error_docref(NULL, E_WARNING, "Input variables exceeded " ZEND_LONG_FMT ". To increase the limit change max_input_vars in php.ini.", PG(max_input_vars));
 		goto out;
 	}
diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c
index 4f3b7dc08e..cb5fb053ea 100644
--- a/ext/mbstring/mbstring.c
+++ b/ext/mbstring/mbstring.c
@@ -1347,7 +1347,7 @@ static PHP_INI_MH(OnUpdate_mbstring_http_output)
 /* }}} */
 
 /* {{{ static _php_mb_ini_mbstring_internal_encoding_set */
-int _php_mb_ini_mbstring_internal_encoding_set(const char *new_value, uint32_t new_value_length)
+int _php_mb_ini_mbstring_internal_encoding_set(const char *new_value, size_t new_value_length)
 {
 	const mbfl_encoding *encoding;
 
@@ -2932,7 +2932,7 @@ PHP_FUNCTION(mb_strcut)
 		}
 	}
 
-	if ((unsigned int)from > string.len) {
+	if (from > string.len) {
 		RETURN_FALSE;
 	}
 
@@ -4469,7 +4469,7 @@ PHP_FUNCTION(mb_send_mail)
 	/* message body */
 	orig_str.no_language = MBSTRG(language);
 	orig_str.val = (unsigned char *)message;
-	orig_str.len = (unsigned int)message_len;
+	orig_str.len = message_len;
 	orig_str.encoding = MBSTRG(current_internal_encoding);
 
 	if (orig_str.encoding->no_encoding == mbfl_no_encoding_invalid
diff --git a/ext/mbstring/mbstring.h b/ext/mbstring/mbstring.h
index 6d04072506..1b8e618af5 100644
--- a/ext/mbstring/mbstring.h
+++ b/ext/mbstring/mbstring.h
@@ -157,7 +157,7 @@ MBSTRING_API size_t php_mb_stripos(int mode, const char *old_haystack, size_t ol
 MBSTRING_API int php_mb_check_encoding(const char *input, size_t length, const char *enc);
 
 /* internal use only */
-int _php_mb_ini_mbstring_internal_encoding_set(const char *new_value, uint32_t new_value_length);
+int _php_mb_ini_mbstring_internal_encoding_set(const char *new_value, size_t new_value_length);
 
 ZEND_BEGIN_MODULE_GLOBALS(mbstring)
 	char *internal_encoding_name;