diff --git a/ext/standard/filters.c b/ext/standard/filters.c index c0741b46074e..127d7c144416 100644 --- a/ext/standard/filters.c +++ b/ext/standard/filters.c @@ -1949,6 +1949,11 @@ static php_stream_filter_status_t php_chunked_filter( *bytes_consumed = consumed; } + if ((flags & PSFS_FLAG_FLUSH_CLOSE) && data->state != CHUNK_TRAILER) { + php_error_docref(NULL, E_WARNING, "Stream filter (dechunk): unexpected end of stream"); + return PSFS_ERR_FATAL; + } + return PSFS_PASS_ON; } diff --git a/ext/standard/tests/filters/chunked_002.phpt b/ext/standard/tests/filters/chunked_002.phpt index 7114e278e3bd..c68bd19e801b 100644 --- a/ext/standard/tests/filters/chunked_002.phpt +++ b/ext/standard/tests/filters/chunked_002.phpt @@ -39,7 +39,7 @@ fclose($buffer); $buffer = fopen('php://temp', 'w+'); stream_filter_append($buffer, 'dechunk', STREAM_FILTER_WRITE); -fwrite($buffer, "5\r\nHello\r\n"); +fwrite($buffer, "5\r\nHello\r\n0\r\n"); $data = stream_get_contents($buffer, -1, 0); var_dump($data); diff --git a/ext/standard/tests/filters/chunked_invalid.phpt b/ext/standard/tests/filters/chunked_invalid.phpt new file mode 100644 index 000000000000..f6a751b4dd24 --- /dev/null +++ b/ext/standard/tests/filters/chunked_invalid.phpt @@ -0,0 +1,53 @@ +--TEST-- +Chunked encoding with invalid values +--SKIPIF-- + +--INI-- +allow_url_fopen=1 +--FILE-- + +--EXPECTF-- + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) "" + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) "" + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) "" + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) "" + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) "" + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) "" + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) "" + +Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d +string(0) ""