Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions ext/standard/filters.c
Original file line number Diff line number Diff line change
Expand Up @@ -1949,6 +1949,11 @@ static php_stream_filter_status_t php_chunked_filter(
*bytes_consumed = consumed;
}

if ((flags & PSFS_FLAG_FLUSH_CLOSE) && data->state != CHUNK_TRAILER) {
php_error_docref(NULL, E_WARNING, "Stream filter (dechunk): unexpected end of stream");
return PSFS_ERR_FATAL;
}

return PSFS_PASS_ON;
}

Expand Down
2 changes: 1 addition & 1 deletion ext/standard/tests/filters/chunked_002.phpt
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ fclose($buffer);
$buffer = fopen('php://temp', 'w+');
stream_filter_append($buffer, 'dechunk', STREAM_FILTER_WRITE);

fwrite($buffer, "5\r\nHello\r\n");
fwrite($buffer, "5\r\nHello\r\n0\r\n");
$data = stream_get_contents($buffer, -1, 0);
var_dump($data);

Expand Down
53 changes: 53 additions & 0 deletions ext/standard/tests/filters/chunked_invalid.phpt
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
--TEST--
Chunked encoding with invalid values
--SKIPIF--
<?php
$filters = stream_get_filters();
if(! in_array( "dechunk", $filters )) die( "skip Chunked filter not available." );
?>
--INI--
allow_url_fopen=1
--FILE--
<?php
$streams = array(
"data://text/plain,1\r\n",
"data://text/plain,1\r\n0\r\n",
"data://text/plain,1\r\nab\r\n0\r\n",
"data://text/plain,a\r\n",
"data://text/plain,z\r\n",
"data://text/plain,z\r\n0\r\n",
"data://text/plain,a string that starts with a valid hex character\r\n0\r\n",
"data://text/plain,some string that does not start with a hex character\r\n0\r\n",
);
foreach ($streams as $name) {
$fp = fopen($name, "r");
stream_filter_append($fp, "dechunk", STREAM_FILTER_READ);
var_dump(stream_get_contents($fp));
fclose($fp);
}
?>
--EXPECTF--

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""

Warning: stream_get_contents(): Stream filter (dechunk): unexpected end of stream in %s on line %d
string(0) ""
Loading