cmb69/.patch Secret

## .patch
From d1883044498be17ed80e15d3b03182d64383ad4b Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Fri, 20 Sep 2019 19:02:22 +0200
Subject: [PATCH] Fix #78559: Heap buffer overflow in mb_eregi

We backport kkos/oniguruma@d3e402928b6eb3327f8f7d59a9edfa622fec557b.
---
 ext/mbstring/oniguruma/src/regexec.c |  1 +
 ext/mbstring/tests/bug78559.phpt     | 15 +++++++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 ext/mbstring/tests/bug78559.phpt

diff --git a/ext/mbstring/oniguruma/src/regexec.c b/ext/mbstring/oniguruma/src/regexec.c
index f957b75923..32c750b1f1 100644
--- a/ext/mbstring/oniguruma/src/regexec.c
+++ b/ext/mbstring/oniguruma/src/regexec.c
@@ -4196,6 +4196,7 @@ str_lower_case_match(OnigEncoding enc, int case_fold_flag,
     lowlen = ONIGENC_MBC_CASE_FOLD(enc, case_fold_flag, &p, end, lowbuf);
     q = lowbuf;
     while (lowlen > 0) {
+      if (t >= tend)    return 0;
       if (*t++ != *q++) return 0;
       lowlen--;
     }
diff --git a/ext/mbstring/tests/bug78559.phpt b/ext/mbstring/tests/bug78559.phpt
new file mode 100644
index 0000000000..afe412c141
--- /dev/null
+++ b/ext/mbstring/tests/bug78559.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Bug #78559 (#78559	Heap buffer overflow in mb_eregi)
+--SKIPIF--
+<?php
+if (!extension_loaded('mbstring')) die('skip mbstring extension not available');
+if (!function_exists('mb_ereg')) die('skip mb_ereg() not available');
+?>
+--FILE--
+<?php
+$str = "5b5b5b5b5b5b5b492a5bce946b5c4b5d5c6b5c4b5d5c4b5d1cceb04b5d1cceb07a73717e4b1c52525252525252525252525252525252525252525252525252492a5bce946b5c4b5d5c6b5c4b5d5c4b5d1cceb04b5d1cceb07a73717e4b1c1cceb04b5d1cceb07a73717e4b1c302c36303030ceb07b7bd2a15c305c30663f436f6e74655c5238416711087b363030302c36303030ceb07b7b7b7b7b7b7b363030302c36303030ceb07b7b7b7b7b7b7b4a01";
+$str = hex2bin($str);
+var_dump(mb_eregi($str, $str));
+?>
+--EXPECT--
+bool(false)
--
2.23.0.windows.1
	From d1883044498be17ed80e15d3b03182d64383ad4b Mon Sep 17 00:00:00 2001
	From: "Christoph M. Becker" <cmbecker69@gmx.de>
	Date: Fri, 20 Sep 2019 19:02:22 +0200
	Subject: [PATCH] Fix #78559: Heap buffer overflow in mb_eregi

	We backport kkos/oniguruma@d3e402928b6eb3327f8f7d59a9edfa622fec557b.
	---
	ext/mbstring/oniguruma/src/regexec.c \| 1 +
	ext/mbstring/tests/bug78559.phpt \| 15 +++++++++++++++
	2 files changed, 16 insertions(+)
	create mode 100644 ext/mbstring/tests/bug78559.phpt

	diff --git a/ext/mbstring/oniguruma/src/regexec.c b/ext/mbstring/oniguruma/src/regexec.c
	index f957b75923..32c750b1f1 100644
	--- a/ext/mbstring/oniguruma/src/regexec.c
	+++ b/ext/mbstring/oniguruma/src/regexec.c
	@@ -4196,6 +4196,7 @@ str_lower_case_match(OnigEncoding enc, int case_fold_flag,
	lowlen = ONIGENC_MBC_CASE_FOLD(enc, case_fold_flag, &p, end, lowbuf);
	q = lowbuf;
	while (lowlen > 0) {
	+ if (t >= tend) return 0;
	if (t++ != q++) return 0;
	lowlen--;
	}
	diff --git a/ext/mbstring/tests/bug78559.phpt b/ext/mbstring/tests/bug78559.phpt
	new file mode 100644
	index 0000000000..afe412c141
	--- /dev/null
	+++ b/ext/mbstring/tests/bug78559.phpt
	@@ -0,0 +1,15 @@
	+--TEST--
	+Bug #78559 (#78559 Heap buffer overflow in mb_eregi)
	+--SKIPIF--
	+<?php
	+if (!extension_loaded('mbstring')) die('skip mbstring extension not available');
	+if (!function_exists('mb_ereg')) die('skip mb_ereg() not available');
	+?>
	+--FILE--
	+<?php
	+$str = "5b5b5b5b5b5b5b492a5bce946b5c4b5d5c6b5c4b5d5c4b5d1cceb04b5d1cceb07a73717e4b1c52525252525252525252525252525252525252525252525252492a5bce946b5c4b5d5c6b5c4b5d5c4b5d1cceb04b5d1cceb07a73717e4b1c1cceb04b5d1cceb07a73717e4b1c302c36303030ceb07b7bd2a15c305c30663f436f6e74655c5238416711087b363030302c36303030ceb07b7b7b7b7b7b7b363030302c36303030ceb07b7b7b7b7b7b7b4a01";
	+$str = hex2bin($str);
	+var_dump(mb_eregi($str, $str));
	+?>
	+--EXPECT--
	+bool(false)
	--
	2.23.0.windows.1