Conversation
…ions Fixes GHSA-m8rr-4c36-8gq4 Fixes CVE-2026-7258 (cherry picked from commit 8bdee7e)
…array offset Fixes GHSA-96wq-48vp-hh57 Fixes CVE-2026-7568 (cherry picked from commit dd77cfe)
…b_check_encoding() via mb_ereg_search_init() Fixes GHSA-wm6j-2649-pv75 Fixes CVE-2026-7259 (cherry picked from commit df8ae9c)
Fixes GHSA-7qg2-v9fj-4mwv Fixes CVE-2026-6735 (cherry picked from commit 13e72d1)
Fixes GHSA-hmxp-6pc4-f3vv Fixes CVE-2026-7262 (cherry picked from commit 9992b81)
…ailure with SOAP_PERSISTENCE_SESSION Fixes GHSA-m33r-qmcv-p97q Fixes CVE-2026-7261 (cherry picked from commit b9f81de)
…th Apache Map Fixes GHSA-85c2-q967-79q5 Fixes CVE-2026-6722 (cherry picked from commit 84e3004)
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request implements extensive security hardening and bug fixes across the PHP core and various extensions. The primary change involves casting arguments to unsigned char for character classification and transformation functions to avoid undefined behavior. It also addresses several critical vulnerabilities, including null pointer dereferences in mbstring and SOAP, use-after-free and reference counting issues in SOAP, integer overflows in metaphone, and an XSS vulnerability in the FPM status page. Feedback indicates that several calls to isxdigit, isspace, and isdigit in ext/standard/filters.c and ext/standard/strnatcmp.c were missed and should be updated with the appropriate casts for consistency.
| } | ||
|
|
||
| if (!isxdigit((int) *ps)) { | ||
| if (!isxdigit(*ps)) { |
There was a problem hiding this comment.
The isxdigit() function expects an int that is representable as an unsigned char or is EOF. Passing a signed char directly can lead to undefined behavior if the value is negative. To be consistent with the rest of the changes in this pull request, this should be cast to unsigned char.
if (!isxdigit((unsigned char)*ps)) {|
|
||
| /* Skip consecutive whitespace */ | ||
| while (isspace((int)(unsigned char)ca)) { | ||
| while (isspace(ca)) { |
There was a problem hiding this comment.
The isspace() function expects an int that is representable as an unsigned char or is EOF. Since ca is a char, it should be cast to unsigned char before being passed to isspace(). This is inconsistent with the correct changes made on lines 106 and 110 of this same file.
while (isspace((unsigned char)ca)) {| } | ||
|
|
||
| while (isspace((int)(unsigned char)cb)) { | ||
| while (isspace(cb)) { |
There was a problem hiding this comment.
The isspace() function expects an int that is representable as an unsigned char or is EOF. Since cb is a char, it should be cast to unsigned char before being passed to isspace().
while (isspace((unsigned char)cb)) {|
|
||
| /* process run of digits */ | ||
| if (isdigit((int)(unsigned char)ca) && isdigit((int)(unsigned char)cb)) { | ||
| if (isdigit(ca) && isdigit(cb)) { |
There was a problem hiding this comment.
The isdigit() function expects an int that is representable as an unsigned char or is EOF. Since ca and cb are chars, they should be cast to unsigned char before being passed to isdigit().
if (isdigit((unsigned char)ca) && isdigit((unsigned char)cb)) {5 participants
WIP for Alpinelinux