File php7-CVE-2020-7060.patch of Package php7

X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fmbstring%2Flibmbfl%2Ffilters%2Fmbfilter_big5.c;h=5e1ca815da31ed68db2baae2b3d38699b546ca83;hp=f5ab8809ce8a799bd40bda74606f181fcef36c75;hb=2bcbc95f033c31b00595ed39f79c3a99b4ed0501;hpb=0f79b1bf301f455967676b5129240140c5c45b09

diff --git a/ext/mbstring/libmbfl/filters/mbfilter_big5.c b/ext/mbstring/libmbfl/filters/mbfilter_big5.c
index f5ab8809ce8..5e1ca815da3 100644
--- a/ext/mbstring/libmbfl/filters/mbfilter_big5.c
+++ b/ext/mbstring/libmbfl/filters/mbfilter_big5.c
@@ -138,6 +138,17 @@ static unsigned short cp950_pua_tbl[][4] = {
 	{0xf70f,0xf848,0xc740,0xc8fe},
 };
 
+static inline int is_in_cp950_pua(int c1, int c) {
+	if ((c1 >= 0xfa && c1 <= 0xfe) || (c1 >= 0x8e && c1 <= 0xa0) ||
+			(c1 >= 0x81 && c1 <= 0x8d) || (c1 >= 0xc7 && c1 <= 0xc8)) {
+		return (c >=0x40 && c <= 0x7e) || (c >= 0xa1 && c <= 0xfe);
+	}
+	if (c1 == 0xc6) {
+		return c >= 0xa1 && c <= 0xfe;
+	}
+	return 0;
+}
+
 /*
  * Big5 => wchar
  */
@@ -186,11 +197,7 @@ mbfl_filt_conv_big5_wchar(int c, mbfl_convert_filter *filter)
 
 			if (filter->from->no_encoding == mbfl_no_encoding_cp950) {
 				/* PUA for CP950 */
-				if (w <= 0 &&
-					(((c1 >= 0xfa && c1 <= 0xfe) || (c1 >= 0x8e && c1 <= 0xa0) ||
-					  (c1 >= 0x81 && c1 <= 0x8d) ||(c1 >= 0xc7 && c1 <= 0xc8))
-					 && ((c > 0x39 && c < 0x7f) || (c > 0xa0 && c < 0xff))) ||
-					((c1 == 0xc6) && (c > 0xa0 && c < 0xff))) {
+				if (w <= 0 && is_in_cp950_pua(c1, c)) {
 					c2 = c1 << 8 | c;
 					for (k = 0; k < sizeof(cp950_pua_tbl)/(sizeof(unsigned short)*4); k++) {
 						if (c2 >= cp950_pua_tbl[k][2] && c2 <= cp950_pua_tbl[k][3]) {
openSUSE Build Service is sponsored by