summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2017-01-19 14:26:35 +0100
committerAndrey Andreev <narf@devilix.net>2017-01-19 14:26:35 +0100
commitc0c74d5201c171cd6d0cdc2133e63077ebe1a407 (patch)
tree0dd88740ced31cfd122b207b3a00559edadcb79c
parentf565212c5aa07a8016394a3bc66874be83c73d4d (diff)
More byte-safety
-rw-r--r--system/core/Log.php10
-rw-r--r--system/core/Output.php10
-rw-r--r--system/core/compat/password.php8
-rw-r--r--system/libraries/Email.php10
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php8
-rw-r--r--system/libraries/Zip.php10
-rw-r--r--user_guide_src/source/changelog.rst3
7 files changed, 31 insertions, 28 deletions
diff --git a/system/core/Log.php b/system/core/Log.php
index 3e11b35f5..d443aedb8 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -105,11 +105,11 @@ class CI_Log {
protected $_levels = array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4);
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
// --------------------------------------------------------------------
@@ -122,7 +122,7 @@ class CI_Log {
{
$config =& get_config();
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
$this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
$this->_file_ext = (isset($config['log_file_extension']) && $config['log_file_extension'] !== '')
@@ -264,7 +264,7 @@ class CI_Log {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -281,7 +281,7 @@ class CI_Log {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/system/core/Output.php b/system/core/Output.php
index 349955cd2..6ddded22a 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -123,11 +123,11 @@ class CI_Output {
public $parse_exec_vars = TRUE;
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
/**
* Class constructor
@@ -145,7 +145,7 @@ class CI_Output {
&& extension_loaded('zlib')
);
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
// Get mime types for later
$this->mimes =& get_mimes();
@@ -817,7 +817,7 @@ class CI_Output {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -834,7 +834,7 @@ class CI_Output {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index b209cbe70..8176f0088 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -94,8 +94,8 @@ if ( ! function_exists('password_hash'))
*/
function password_hash($password, $algo, array $options = array())
{
- static $func_override;
- isset($func_override) OR $func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ static $func_overload;
+ isset($func_overload) OR $func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
if ($algo !== 1)
{
@@ -109,7 +109,7 @@ if ( ! function_exists('password_hash'))
return NULL;
}
- if (isset($options['salt']) && ($saltlen = ($func_override ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22)
+ if (isset($options['salt']) && ($saltlen = ($func_overload ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22)
{
trigger_error('password_hash(): Provided salt is too short: '.$saltlen.' expecting 22', E_USER_WARNING);
return NULL;
@@ -144,7 +144,7 @@ if ( ! function_exists('password_hash'))
is_php('5.4') && stream_set_chunk_size($fp, 16);
$options['salt'] = '';
- for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
+ for ($read = 0; $read < 16; $read = ($func_overload) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
{
if (($read = fread($fp, 16 - $read)) === FALSE)
{
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 117c4845f..955787d28 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -375,11 +375,11 @@ class CI_Email {
);
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
// --------------------------------------------------------------------
@@ -397,7 +397,7 @@ class CI_Email {
$this->initialize($config);
$this->_safe_mode = ( ! is_php('5.4') && ini_get('safe_mode'));
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
log_message('info', 'Email Class Initialized');
}
@@ -2442,7 +2442,7 @@ class CI_Email {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -2459,7 +2459,7 @@ class CI_Email {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index 6016e094e..8860ef667 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -84,11 +84,11 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
protected $_sid_regexp;
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
// ------------------------------------------------------------------------
@@ -115,7 +115,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
$this->_sid_regexp = $this->_config['_sid_regexp'];
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
}
// ------------------------------------------------------------------------
@@ -399,7 +399,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php
index 46f6c145d..2c71e1fbe 100644
--- a/system/libraries/Zip.php
+++ b/system/libraries/Zip.php
@@ -106,11 +106,11 @@ class CI_Zip {
public $compression_level = 2;
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
/**
* Initialize zip compression class
@@ -119,7 +119,7 @@ class CI_Zip {
*/
public function __construct()
{
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
$this->now = time();
log_message('info', 'Zip Compression Class Initialized');
@@ -500,7 +500,7 @@ class CI_Zip {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -517,7 +517,7 @@ class CI_Zip {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 17069ca32..7d1302b3a 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -12,6 +12,7 @@ Release Date: Not Released
- Updated :doc:`Encrypt Library <libraries/encrypt>` (DEPRECATED) to call ``mcrypt_create_iv()`` with ``MCRYPT_DEV_URANDOM``.
- Fixed byte-safety issues in :doc:`Encrypt Library <libraries/encrypt>` (DEPRECATED) when ``mbstring.func_overload`` is enabled.
- Fixed byte-safety issues in :doc:`Encryption Library <libraries/encryption>` when ``mbstring.func_overload`` is enabled.
+ - Fixed byte-safety issues in :doc:`compatibility function <general/compatibility_functions>` ``password_hash()`` when ``mbstring.func_overload`` is enabled.
- General Changes
@@ -25,6 +26,8 @@ Bug fixes for 3.1.4
- Fixed a regression where the :doc:`Session Library <libraries/sessions>` would fail on a ``session_regenerate_id(TRUE)`` call with the 'database' driver.
- Fixed a bug (#4987) - :doc:`Query Builder <database/query_builder>` caching didn't keep track of table aliases.
- Fixed a bug where :doc:`Text Helper <helpers/text_helper>` function ``ascii_to_entities()`` wasn't byte-safe when ``mbstring.func_overload`` is enabled.
+- Fixed a bug where ``CI_Log``, ``CI_Output``, ``CI_Email`` and ``CI_Zip`` didn't handle strings in a byte-safe manner when ``mbstring.func_overload`` is enabled.
+- Fixed a bug where :doc:`Session Library <libraries/sessions>` didn't read session data in a byte-safe manner when ``mbstring.func_overload`` is enabled.
Version 3.1.3
=============