diff options
Diffstat (limited to 'php/src/Google/Protobuf/Internal/InputStream.php')
-rw-r--r-- | php/src/Google/Protobuf/Internal/InputStream.php | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/php/src/Google/Protobuf/Internal/InputStream.php b/php/src/Google/Protobuf/Internal/InputStream.php index de5ca978..8012a225 100644 --- a/php/src/Google/Protobuf/Internal/InputStream.php +++ b/php/src/Google/Protobuf/Internal/InputStream.php @@ -330,6 +330,7 @@ class InputStream * passed unchanged to the corresponding call to popLimit(). * * @param integer $byte_limit + * @throws Exception Fail to push limit. */ public function pushLimit($byte_limit) { @@ -339,19 +340,15 @@ class InputStream // security: byte_limit is possibly evil, so check for negative values // and overflow. - if ($byte_limit >= 0 && $byte_limit <= PHP_INT_MAX - $current_position) { + if ($byte_limit >= 0 && + $byte_limit <= PHP_INT_MAX - $current_position && + $byte_limit <= $this->current_limit - $current_position) { $this->current_limit = $current_position + $byte_limit; + $this->recomputeBufferLimits(); } else { - // Negative or overflow. - $this->current_limit = PHP_INT_MAX; + throw new GPBDecodeException("Fail to push limit."); } - // We need to enforce all limits, not just the new one, so if the previous - // limit was before the new requested limit, we continue to enforce the - // previous limit. - $this->current_limit = min($this->current_limit, $old_limit); - - $this->recomputeBufferLimits(); return $old_limit; } @@ -370,7 +367,7 @@ class InputStream } public function incrementRecursionDepthAndPushLimit( - $byte_limit, &$old_limit, &$recursion_budget) + $byte_limit, &$old_limit, &$recursion_budget) { $old_limit = $this->pushLimit($byte_limit); $recursion_limit = --$this->recursion_limit; |