Don't allow smart_str to overflow int

Orvid · Hhvm Bot · commit c09791222fcc · 2016-08-15T14:37:55.000-07:00
Summary: Don't allow smart_str to overflow int in the zend portability layer.

Reviewed By: paulbiss

Differential Revision: D3664307

fbshipit-source-id: eeed6fdc6f55ff3ac0c1cfd1f3f690eb0a4b213a
diff --git a/hphp/runtime/ext_zend_compat/php-src/ext/standard/php_smart_str.h b/hphp/runtime/ext_zend_compat/php-src/ext/standard/php_smart_str.h
@@ -68,6 +68,9 @@
     newlen = (d)->len + (n);                  \
     if (newlen >= (d)->a) {                    \
       (d)->a = newlen + SMART_STR_PREALLOC;          \
+      if (UNEXPECTED((d)->a >= INT_MAX)) {       \
+        HPHP::raise_error("String size overflow");     \
+      }                                          \
       SMART_STR_DO_REALLOC(d, what);              \
     }                              \
   }                                \
