A reproductible crash in UConverter when given invalid encoding

Bug #66873	A reproductible crash in UConverter when given invalid encoding
Submitted:	2014-03-09 20:22 UTC	Modified:	2014-03-17 08:21 UTC
From:	contact at dimitrifourny dot com	Assigned:	stas (profile)
Status:	Closed	Package:	Reproducible crash
PHP Version:	5.6.0alpha3	OS:	*
Private report:	No	CVE-ID:	None

[2014-03-09 20:22 UTC] contact at dimitrifourny dot com

Description:
------------
Hello!

I have found a possible security issues.
Can you fix it to make a more stable PHP version please?

Thank you for your good job!

Expected result:
----------------
<?php
    $o = new UConverter(1, 1);
    $o->toUCallback(1, 1, 1, $b);
?>


Actual result:
--------------
A nice crash on Windows 7 x64.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-03-10 06:24 UTC] pajoye@php.net

-Status: Open +Status: Assigned -Assigned To: +Assigned To: stas

[2014-03-11 01:21 UTC] stas@php.net

-Operating System: Windows7 x64 +Operating System: *

[2014-03-11 01:21 UTC] stas@php.net

Reproducible on Mac OS X too.

[2014-03-17 08:20 UTC] stas@php.net

-Status: Assigned +Status: Closed

[2014-03-17 08:21 UTC] stas@php.net

-Summary: A reproductible crash in PHP 5.6 (5.6.0alpha3) +Summary: A reproductible crash in UConverter when given invalid encoding -Status: Closed +Status: Assigned

[2014-03-17 08:21 UTC] stas@php.net

-Status: Assigned +Status: Closed

[2014-03-17 08:21 UTC] stas@php.net

The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.