diff options
Diffstat (limited to 'ext/standard/html.c')
| -rw-r--r-- | ext/standard/html.c | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/ext/standard/html.c b/ext/standard/html.c index d70172c94..ef54f62ca 100644 --- a/ext/standard/html.c +++ b/ext/standard/html.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2006 The PHP Group | + | Copyright (c) 1997-2007 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: html.c,v 1.111.2.2.2.3 2006/11/01 01:55:11 iliaa Exp $ */ +/* $Id: html.c,v 1.111.2.2.2.9 2007/02/27 03:28:16 iliaa Exp $ */ /* * HTML entity resources: @@ -912,12 +912,10 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new if (entity_map[j].table[k - entity_map[j].basechar] == NULL) continue; - entity[0] = '&'; - entity_length = strlen(entity_map[j].table[k - entity_map[j].basechar]); - strncpy(&entity[1], entity_map[j].table[k - entity_map[j].basechar], sizeof(entity) - 2); - entity[entity_length+1] = ';'; - entity[entity_length+2] = '\0'; - entity_length += 2; + entity_length = slprintf(entity, sizeof(entity), "&%s;", entity_map[j].table[k - entity_map[j].basechar]); + if (entity_length >= sizeof(entity)) { + continue; + } /* When we have MBCS entities in the tables above, this will need to handle it */ replacement_len = 0; @@ -948,7 +946,8 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new default: php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot yet handle MBCS!"); - return 0; + efree(ret); + return NULL; } if (php_memnstr(ret, entity, entity_length, ret+retlen)) { @@ -1137,7 +1136,7 @@ PHPAPI char *php_escape_html_entities(unsigned char *old, int oldlen, int *newle } replaced[len++] = '&'; - strcpy(replaced + len, rep); + strlcpy(replaced + len, rep, maxlen); len += l; replaced[len++] = ';'; } @@ -1308,7 +1307,10 @@ PHP_FUNCTION(html_entity_decode) } replaced = php_unescape_html_entities(str, str_len, &len, 1, quote_style, hint_charset TSRMLS_CC); - RETVAL_STRINGL(replaced, len, 0); + if (replaced) { + RETURN_STRINGL(replaced, len, 0); + } + RETURN_FALSE; } /* }}} */ @@ -1350,7 +1352,7 @@ PHP_FUNCTION(get_html_translation_table) continue; /* what about wide chars here ?? */ ind[0] = i + entity_map[j].basechar; - sprintf(buffer, "&%s;", entity_map[j].table[i]); + snprintf(buffer, sizeof(buffer), "&%s;", entity_map[j].table[i]); add_assoc_string(return_value, ind, buffer, 1); } |