Hi all, On Mon, Mar 28, 2016 at 5:22 PM, Stanislav Malyshev <s...@php.net> wrote: > Commit: 64f42c73efc58e88671ad76b6b6bc8e2b62713e1 > Author: Stanislav Malyshev <s...@php.net> Mon, 28 Mar 2016 > 01:22:37 -0700 > Parents: 95433e8e339dbb6b5d5541473c1661db6ba2c451 > Branches: PHP-5.5 PHP-5.6 PHP-5.6.20 > > Link: > http://git.php.net/?p=php-src.git;a=commitdiff;h=64f42c73efc58e88671ad76b6b6bc8e2b62713e1 > > Log: > Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut > > Bugs: > https://bugs.php.net/71906 > > Changed paths: > M ext/mbstring/libmbfl/mbfl/mbfilter.c
This patch is good enough to fix int overflow issue. However, PHP 7.0 and up supports strings over 2GB. Current libmbfl support strings up to uint (4GB) and APIs use signed int for length which is large enough for PHP older than 7.0. libmbfl's string should be modified to support larger strings. i.e. use size_t for string sizes. This change should be made at some point. Question is it should be 7.0.x or 7.1.0. It seems simply using size_t is OK, but I haven't tried and checked it. Just notifying everyone that there is this task for PHP 7. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
