File php-CVE-2019-11039.patch of Package php7

X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Ficonv%2Ficonv.c;h=b4a2abe08d9a02e9e6c07f51a8f4ebe895f0d003;hp=f86d0ae031987a12d45b9c10efc255f58262966b;hb=7cf7148a8f8f4f55fb04de2a517d740bb6253eac;hpb=ed6dee9a198c904ad5e03113e58a2d2c200f5184

diff --git a/ext/iconv/iconv.c b/ext/iconv/iconv.c
index f86d0ae..b4a2abe 100644
--- a/ext/iconv/iconv.c
+++ b/ext/iconv/iconv.c
@@ -1673,7 +1673,9 @@ static php_iconv_err_t _php_iconv_mime_decode(smart_str *pretval, const char *st
 							 * we can do at this point. */
 							if (*(p1 + 1) == '=') {
 								++p1;
-								--str_left;
+								if (str_left > 1) {
+									--str_left;
+								}
 							}
 
 							err = _php_iconv_appendl(pretval, encoded_word, (size_t)((p1 + 1) - encoded_word), cd_pl);
openSUSE Build Service is sponsored by