From 27a743b82b0b8d7e8e8154f3cc402204fea0ebd3 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Tue, 30 May 2017 15:39:21 +0200
Subject: Patch from the upstream git
 https://github.com/kkos/oniguruma/issues/59 (CVE-2017-9229)
 b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
---
 ext/mbstring/oniguruma/regexec.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c
index 97d5f32d28..42a31bd12b 100644
--- a/ext/mbstring/oniguruma/regexec.c
+++ b/ext/mbstring/oniguruma/regexec.c
@@ -3205,7 +3205,13 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
     else {
       if (reg->dmax != ONIG_INFINITE_DISTANCE) {
 	*low = p - reg->dmax;
-	if (*low > s) {
+	if (p - str < reg->dmax) {
+	  *low = (UChar* )str;
+	  if (low_prev)
+	    *low_prev = onigenc_get_prev_char_head(reg->enc, str, *low);
+	}
+	else {
+ 	if (*low > s) {
 	  *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s,
 							      *low, (const UChar** )low_prev);
 	  if (low_prev && IS_NULL(*low_prev))
@@ -3218,6 +3224,7 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s,
 					       (pprev ? pprev : str), *low);
 	}
       }
+      }
     }
     /* no needs to adjust *high, *high is used as range check only */
     *high = p - reg->dmin;
-- 
cgit v1.2.1