From 53aaab847c5f906b8bb5da1419dfb6f33feffa3c Mon Sep 17 00:00:00 2001 From: Jenny Tam Date: Wed, 23 Dec 2020 19:23:06 -0800 Subject: [PATCH] Replaced problematic strlen if possible (#1226) --- azure-pipelines.yml | 1 + source/pdo_sqlsrv/pdo_init.cpp | 4 ++-- source/pdo_sqlsrv/pdo_util.cpp | 2 +- source/shared/core_stmt.cpp | 6 +++--- source/shared/localizationimpl.cpp | 19 +++++++++++++++---- 5 files changed, 22 insertions(+), 10 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index e93ed8cd..3ce38ac1 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -84,6 +84,7 @@ jobs: sudo update-alternatives --set php-cgi /usr/bin/php-cgi$(phpver) sudo update-alternatives --set phar.phar /usr/bin/phar.phar$(phpver) sudo update-alternatives --set php-config /usr/bin/php-config$(phpver) + sudo phpdismod xdebug php -version displayName: 'Use PHP version $(phpver)' diff --git a/source/pdo_sqlsrv/pdo_init.cpp b/source/pdo_sqlsrv/pdo_init.cpp index 0c040159..427397c7 100644 --- a/source/pdo_sqlsrv/pdo_init.cpp +++ b/source/pdo_sqlsrv/pdo_init.cpp @@ -279,7 +279,7 @@ namespace { zend_class_entry* zend_class = php_pdo_get_dbh_ce(); SQLSRV_ASSERT( zend_class != NULL, "REGISTER_PDO_SQLSRV_CLASS_CONST_LONG: php_pdo_get_dbh_ce failed"); - zend_declare_class_constant_long(zend_class, const_cast(name), strlen(name), value); + zend_declare_class_constant_long(zend_class, const_cast(name), strnlen_s(name), value); } void REGISTER_PDO_SQLSRV_CLASS_CONST_STRING( _In_z_ char const* name, _In_z_ char const* value ) @@ -287,7 +287,7 @@ namespace { zend_class_entry* zend_class = php_pdo_get_dbh_ce(); SQLSRV_ASSERT( zend_class != NULL, "REGISTER_PDO_SQLSRV_CLASS_CONST_STRING: php_pdo_get_dbh_ce failed"); - zend_declare_class_constant_string(zend_class, const_cast(name), strlen(name), const_cast(value)); + zend_declare_class_constant_string(zend_class, const_cast(name), strnlen_s(name), const_cast(value)); } // array of pdo constants. diff --git a/source/pdo_sqlsrv/pdo_util.cpp b/source/pdo_sqlsrv/pdo_util.cpp index dd5f3179..1613fa38 100644 --- a/source/pdo_sqlsrv/pdo_util.cpp +++ b/source/pdo_sqlsrv/pdo_util.cpp @@ -37,7 +37,7 @@ char EXCEPTION_PROPERTY_ERRORINFO[] = "errorInfo"; const int MAX_DIGITS = 11; // +-2 billion = 10 digits + 1 for the sign if negative // the warning message is not the error message alone; it must take WARNING_TEMPLATE above into consideration without the formats -const int WARNING_MIN_LENGTH = static_cast( strlen( WARNING_TEMPLATE ) - strlen( "%1!s!%2!d!%3!s!" )); +const int WARNING_MIN_LENGTH = static_cast( strnlen_s( WARNING_TEMPLATE ) - strnlen_s( "%1!s!%2!d!%3!s!" )); // Returns a sqlsrv_error for a given error code. sqlsrv_error_const* get_error_message( _In_opt_ unsigned int sqlsrv_error_code); diff --git a/source/shared/core_stmt.cpp b/source/shared/core_stmt.cpp index 1cc35c5a..9e59a7da 100644 --- a/source/shared/core_stmt.cpp +++ b/source/shared/core_stmt.cpp @@ -2356,7 +2356,7 @@ void format_decimal_numbers(_In_ SQLSMALLINT decimals_places, _In_ SQLSMALLINT f char buffer[50] = " "; // A buffer with two blank spaces, as leeway int offset = 1 + is_negative; - int src_length = strlen(src); + int src_length = strnlen_s(src); if (add_leading_zero) { buffer[offset++] = '0'; @@ -3054,7 +3054,7 @@ void adjustDecimalPrecision(_Inout_ zval* param_z, _In_ SQLSMALLINT decimal_digi return; // decimal point not found } - int src_length = strlen(src); + int src_length = strnlen_s(src); int num_decimals = src_length - (pt - src) - 1; if (num_decimals <= decimal_digits) { return; // no need to adjust number of decimals @@ -3151,7 +3151,7 @@ void adjustDecimalPrecision(_Inout_ zval* param_z, _In_ SQLSMALLINT decimal_digi buffer[0] = '-'; } - zend_string* zstr = zend_string_init(buffer, strlen(buffer), 0); + zend_string* zstr = zend_string_init(buffer, strnlen_s(buffer), 0); zend_string_release(Z_STR_P(param_z)); ZVAL_NEW_STR(param_z, zstr); } diff --git a/source/shared/localizationimpl.cpp b/source/shared/localizationimpl.cpp index ce850c81..e0359083 100644 --- a/source/shared/localizationimpl.cpp +++ b/source/shared/localizationimpl.cpp @@ -667,16 +667,22 @@ size_t SystemLocale::Utf8To16Strict( const char *src, SSIZE_T cchSrc, WCHAR *des size_t SystemLocale::ToUtf16( UINT srcCodePage, const char * src, SSIZE_T cchSrc, WCHAR * dest, size_t cchDest, DWORD * pErrorCode ) { + if (cchSrc < 0) { + if (NULL != pErrorCode) + *pErrorCode = ERROR_INVALID_PARAMETER; + return 0; + } + srcCodePage = ExpandSpecialCP( srcCodePage ); if ( dest ) { if ( srcCodePage == CP_UTF8 ) { - return SystemLocale::Utf8To16( src, cchSrc < 0 ? (1+strlen(src)) : cchSrc, dest, cchDest, pErrorCode ); + return SystemLocale::Utf8To16( src, cchSrc, dest, cchDest, pErrorCode ); } else if ( srcCodePage == 1252 ) { - return SystemLocale::CP1252ToUtf16( src, cchSrc < 0 ? (1+strlen(src)) : cchSrc, dest, cchDest, pErrorCode ); + return SystemLocale::CP1252ToUtf16( src, cchSrc, dest, cchDest, pErrorCode ); } } EncodingConverter cvt( CP_UTF16, srcCodePage ); @@ -693,16 +699,21 @@ size_t SystemLocale::ToUtf16( UINT srcCodePage, const char * src, SSIZE_T cchSrc size_t SystemLocale::ToUtf16Strict( UINT srcCodePage, const char * src, SSIZE_T cchSrc, WCHAR * dest, size_t cchDest, DWORD * pErrorCode ) { + if (cchSrc < 0) { + if (NULL != pErrorCode) + *pErrorCode = ERROR_INVALID_PARAMETER; + return 0; + } srcCodePage = ExpandSpecialCP( srcCodePage ); if ( dest ) { if ( srcCodePage == CP_UTF8 ) { - return SystemLocale::Utf8To16Strict( src, cchSrc < 0 ? (1+strlen(src)) : cchSrc, dest, cchDest, pErrorCode ); + return SystemLocale::Utf8To16Strict( src, cchSrc, dest, cchDest, pErrorCode ); } else if ( srcCodePage == 1252 ) { - return SystemLocale::CP1252ToUtf16( src, cchSrc < 0 ? (1+strlen(src)) : cchSrc, dest, cchDest, pErrorCode ); + return SystemLocale::CP1252ToUtf16( src, cchSrc, dest, cchDest, pErrorCode ); } } EncodingConverter cvt( CP_UTF16, srcCodePage );