diff options
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | ext/intl/msgformat/msgformat_parse.c | 1 |
2 files changed, 4 insertions, 0 deletions
@@ -11,6 +11,9 @@ PHP NEWS . Fixed bug #74639 (implement clone for DatePeriod and DateInterval). (andrewnester) +- Intl: + . Fixed bug #73473 (Stack Buffer Overflow in msgfmt_parse_message). (libnex) + - Mbstring: . Add oniguruma upstream fix (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229) (Remi, Mamoru TASAKA) diff --git a/ext/intl/msgformat/msgformat_parse.c b/ext/intl/msgformat/msgformat_parse.c index 349633912b..8562a76e92 100644 --- a/ext/intl/msgformat/msgformat_parse.c +++ b/ext/intl/msgformat/msgformat_parse.c @@ -110,6 +110,7 @@ PHP_FUNCTION( msgfmt_parse_message ) RETURN_FALSE; } + INTL_CHECK_LOCALE_LEN(slocale_len); memset(mfo, 0, sizeof(*mfo)); msgformat_data_init(&mfo->mf_data); |