Fix GH-22167: reject out-of-range SOAP schema integers#22178
Fix GH-22167: reject out-of-range SOAP schema integers#22178LamentXU123 wants to merge 2 commits into
Conversation
|
High level note ; I'd target master rather than 8.4. It's a correct change, but it turns input that currently parses (silently truncated by atoi) into a fatal SOAP-ERROR, so a WSDL |
This is rather like a new feature than a bug fix, we have lots of similar fixes before (i.e. rejecting NUL bytes in some functions) targeting the master branch so this should be targeting it too. |
|
take your time I ll (re)review it saturday at earliest. |
| return node_is_equal_ex_one_of(node, name, ns); | ||
| } | ||
|
|
||
| static int schema_parse_int(const xmlChar *value, const char *name, bool allow_negative) |
There was a problem hiding this comment.
workflow correct, can be possibly optimised/simplified like this
static int schema_parse_int(const xmlChar *value, const char *name, bool allow_negative)
{
const char *str = (const char *) value;
zend_long lval = 0;
int oflow_info = 0;
uint8_t type = is_numeric_string_ex(str, strlen(str), &lval, NULL, true, &oflow_info, NULL);
if (type != IS_LONG) {
errno = 0;
lval = ZEND_STRTOL(str, NULL, 10);
if (oflow_info || (errno == ERANGE && lval != 0)) {
soap_error1(E_ERROR, "Parsing Schema: %s value is out of range", name);
}
}
if (ZEND_LONG_EXCEEDS_INT(lval) || (!allow_negative && lval < 0)) {
soap_error1(E_ERROR, "Parsing Schema: %s value is out of range", name);
}
return (int) lval;
}wdyt ?
3 participants
Fixed #22167
I also add logic to deal with numeric-strings. Now, both
2147483648and2147483648abcwill not be accepted (also added tests). Other behaviors remain the same.I don't sure if we can write the helper function in simpler ways using existing Zend API.