diff options
| -rw-r--r-- | ext/iconv/iconv.c | 4 | ||||
| -rw-r--r-- | ext/iconv/tests/bug51250.phpt | 29 |
2 files changed, 31 insertions, 2 deletions
diff --git a/ext/iconv/iconv.c b/ext/iconv/iconv.c index 2a272b49ab..c3b6daebab 100644 --- a/ext/iconv/iconv.c +++ b/ext/iconv/iconv.c @@ -1762,10 +1762,10 @@ static php_iconv_err_t _php_iconv_mime_decode(smart_str *pretval, const char *st if ((mode & PHP_ICONV_MIME_DECODE_CONTINUE_ON_ERROR)) { /* pass the entire chunk through the converter */ err = _php_iconv_appendl(pretval, encoded_word, (size_t)(p1 - encoded_word), cd_pl); + encoded_word = NULL; if (err != PHP_ICONV_ERR_SUCCESS) { - goto out; + break; } - encoded_word = NULL; } else { goto out; } diff --git a/ext/iconv/tests/bug51250.phpt b/ext/iconv/tests/bug51250.phpt new file mode 100644 index 0000000000..fd2e53b97a --- /dev/null +++ b/ext/iconv/tests/bug51250.phpt @@ -0,0 +1,29 @@ +--TEST-- +Bug #51250 (iconv_mime_decode() does not ignore malformed Q-encoded words) +--SKIPIF-- +<?php extension_loaded('iconv') or die('skip iconv extension is not available'); ?> +--FILE-- +<?php +$m = ICONV_MIME_DECODE_CONTINUE_ON_ERROR; + +var_dump(iconv_mime_decode("Legal encoded-word: =?utf-8?B?Kg==?= .", $m)); +var_dump(iconv_mime_decode("Legal encoded-word: =?utf-8?Q?*?= .", $m)); +var_dump(iconv_mime_decode("Illegal encoded-word: =?utf-8?B?".chr(0xA1)."?= .", $m)); +var_dump(iconv_mime_decode("Illegal encoded-word: =?utf-8?Q?".chr(0xA1)."?= .", $m)); + +var_dump(iconv_mime_decode("Legal encoded-word: =?utf-8?B?Kg==?= .")); +var_dump(iconv_mime_decode("Legal encoded-word: =?utf-8?Q?*?= .")); +var_dump(iconv_mime_decode("Illegal encoded-word: =?utf-8?B?".chr(0xA1)."?= .")); +var_dump(iconv_mime_decode("Illegal encoded-word: =?utf-8?Q?".chr(0xA1)."?= .")); +?> +--EXPECTF-- +string(23) "Legal encoded-word: * ." +string(23) "Legal encoded-word: * ." +string(24) "Illegal encoded-word: ." +string(23) "Illegal encoded-word: ." +string(23) "Legal encoded-word: * ." +string(23) "Legal encoded-word: * ." +string(24) "Illegal encoded-word: ." + +Notice: iconv_mime_decode(): Detected an illegal character in input string in %s on line %d +bool(false) |