From 87ab80e2e75eed0ff6ea1e6237908835aa0f5067 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sat, 14 Jun 2025 11:11:38 +0100 Subject: [PATCH 1/3] ext/calendar: jewishtojd overflow on year argument. Upper limit set to the 7th millenium (Messianic Age) in the jewish calendar, around 2239 year in the gregorian calendar. --- ext/calendar/jewish.c | 2 +- ext/calendar/tests/gh16234_2.phpt | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 ext/calendar/tests/gh16234_2.phpt diff --git a/ext/calendar/jewish.c b/ext/calendar/jewish.c index bdfc9b4f91016..2fbdcb059b096 100644 --- a/ext/calendar/jewish.c +++ b/ext/calendar/jewish.c @@ -714,7 +714,7 @@ zend_long JewishToSdn( int yearLength; int lengthOfAdarIAndII; - if (year <= 0 || day <= 0 || day > 30) { + if (year <= 0 || year >= 6000 || day <= 0 || day > 30) { return (0); } switch (month) { diff --git a/ext/calendar/tests/gh16234_2.phpt b/ext/calendar/tests/gh16234_2.phpt new file mode 100644 index 0000000000000..ab49744dddbbd --- /dev/null +++ b/ext/calendar/tests/gh16234_2.phpt @@ -0,0 +1,11 @@ +--TEST-- +GH-16234 jewishtojd overflow on year argument +--EXTENSIONS-- +calendar +--FILE-- + +--EXPECT-- +DONE From a0ee7d65c5ffb1c6ac2232a029f4cc8530d91c5a Mon Sep 17 00:00:00 2001 From: David Carlier Date: Mon, 23 Jun 2025 09:07:25 +0100 Subject: [PATCH 2/3] change from feedback --- ext/calendar/calendar.c | 5 +++++ ext/calendar/tests/gh16234_2.phpt | 8 +++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/ext/calendar/calendar.c b/ext/calendar/calendar.c index 756ce0e90dc98..6da7e69529e2e 100644 --- a/ext/calendar/calendar.c +++ b/ext/calendar/calendar.c @@ -490,6 +490,11 @@ PHP_FUNCTION(jewishtojd) RETURN_THROWS(); } + if (ZEND_LONG_EXCEEDS_INT(year)) { + zend_argument_value_error(3, "must be between %d and %d", INT_MIN, INT_MAX); + RETURN_THROWS(); + } + RETURN_LONG(JewishToSdn(year, month, day)); } /* }}} */ diff --git a/ext/calendar/tests/gh16234_2.phpt b/ext/calendar/tests/gh16234_2.phpt index ab49744dddbbd..0ae03f3877834 100644 --- a/ext/calendar/tests/gh16234_2.phpt +++ b/ext/calendar/tests/gh16234_2.phpt @@ -4,8 +4,14 @@ GH-16234 jewishtojd overflow on year argument calendar --FILE-- getMessage(), PHP_EOL; +} jewishtojd(10, 6, 2147483647); echo "DONE"; ?> ---EXPECT-- +--EXPECTF-- +jewishtojd(): Argument #3 ($year) must be between %i and %d DONE From b2f17d77682c93cfaf7b372203f6c39d1e024c85 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Mon, 23 Jun 2025 11:01:26 +0100 Subject: [PATCH 3/3] fix tests --- ext/calendar/tests/gh16234_2.phpt | 6 ------ ext/calendar/tests/gh16234_2_64.phpt | 21 +++++++++++++++++++++ 2 files changed, 21 insertions(+), 6 deletions(-) create mode 100644 ext/calendar/tests/gh16234_2_64.phpt diff --git a/ext/calendar/tests/gh16234_2.phpt b/ext/calendar/tests/gh16234_2.phpt index 0ae03f3877834..76db2b9abf269 100644 --- a/ext/calendar/tests/gh16234_2.phpt +++ b/ext/calendar/tests/gh16234_2.phpt @@ -4,14 +4,8 @@ GH-16234 jewishtojd overflow on year argument calendar --FILE-- getMessage(), PHP_EOL; -} jewishtojd(10, 6, 2147483647); echo "DONE"; ?> --EXPECTF-- -jewishtojd(): Argument #3 ($year) must be between %i and %d DONE diff --git a/ext/calendar/tests/gh16234_2_64.phpt b/ext/calendar/tests/gh16234_2_64.phpt new file mode 100644 index 0000000000000..7da2546096509 --- /dev/null +++ b/ext/calendar/tests/gh16234_2_64.phpt @@ -0,0 +1,21 @@ +--TEST-- +GH-16234 jewishtojd overflow on year argument +--EXTENSIONS-- +calendar +--SKIPIF-- + +--FILE-- +getMessage(), PHP_EOL; +} +?> +--EXPECTF-- +jewishtojd(): Argument #3 ($year) must be between %i and %d +