From db848e1482c1871d8b2a4185f0c6ac261069e4bd Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Thu, 12 Mar 2020 13:04:04 +0100
Subject: Fix #79371: mb_strtolower (UTF-32LE): stack-buffer-overflow

We make sure that negative values are properly compared.
---
 ext/mbstring/php_unicode.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ext/mbstring/php_unicode.c')

diff --git a/ext/mbstring/php_unicode.c b/ext/mbstring/php_unicode.c
index 664f760fc3..4fa650d894 100644
--- a/ext/mbstring/php_unicode.c
+++ b/ext/mbstring/php_unicode.c
@@ -315,7 +315,7 @@ static int convert_case_filter(int c, void *void_data)
 
 	/* Handle invalid characters early, as we assign special meaning to
 	 * codepoints above 0xffffff. */
-	if (UNEXPECTED(c > 0xffffff)) {
+	if (UNEXPECTED((unsigned) c > 0xffffff)) {
 		(*data->next_filter->filter_function)(c, data->next_filter);
 		return 0;
 	}
-- 
cgit v1.2.1