Fix #73203: passing additional_parameters causes mail to fail

We make sure that there's no unsigned underflow, which happened for `y==0`.
author: Christoph M. Becker <cmbecker69@gmx.de> 2016-09-30 11:05:53 +0200
committer: Christoph M. Becker <cmbecker69@gmx.de> 2016-09-30 11:38:09 +0200
commit: e72165bb86aec6fc51dcb4d8d715e18be912ab67 (patch)
tree: d25485e05afa1c5baac23185458148c2478c04a8 /ext/standard/exec.c
parent: 703c247c7d5da38651e9f5551ceecc1e6c1f8a13 (diff)
download: php-git-e72165bb86aec6fc51dcb4d8d715e18be912ab67.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index 38844393e7..e0ca9140f7 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -372,7 +372,7 @@ PHPAPI char *php_escape_shell_cmd(char *str)
 	}
 	cmd[y] = '\0';
 
-	if (y - 1 > cmd_max_len) {
+	if (y > cmd_max_len + 1) {
 		php_error_docref(NULL TSRMLS_CC, E_ERROR, "Escaped command exceeds the allowed length of %d bytes", cmd_max_len);
 		efree(cmd);
 		return NULL;
@@ -459,7 +459,7 @@ PHPAPI char *php_escape_shell_arg(char *str)
 #endif
 	cmd[y] = '\0';
 
-	if (y - 1 > cmd_max_len) {
+	if (y > cmd_max_len + 1) {
 		php_error_docref(NULL TSRMLS_CC, E_ERROR, "Escaped argument exceeds the allowed length of %d bytes", cmd_max_len);
 		efree(cmd);
 		return NULL;
author	Christoph M. Becker <cmbecker69@gmx.de>	2016-09-30 11:05:53 +0200
committer	Christoph M. Becker <cmbecker69@gmx.de>	2016-09-30 11:38:09 +0200
commit	e72165bb86aec6fc51dcb4d8d715e18be912ab67 (patch)
tree	d25485e05afa1c5baac23185458148c2478c04a8 /ext/standard/exec.c
parent	703c247c7d5da38651e9f5551ceecc1e6c1f8a13 (diff)
download	php-git-e72165bb86aec6fc51dcb4d8d715e18be912ab67.tar.gz