1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
--- /dev/null
+++ b/ext/tidy/tests/bug54682.phpt
@@ -0,0 +1,13 @@
+--TEST--
+Tidy::diagnose() NULL pointer dereference
+--SKIPIF--
+<?php if (!extension_loaded("tidy")) print "skip"; ?>
+--FILE--
+<?php
+
+$nx = new Tidy("*");
+$nx->diagnose();
+
+?>
+--EXPECTF--
+Warning: tidy::__construct(): Cannot Load '*' into memory in %s on line %d
--- a/ext/tidy/tidy.c
+++ b/ext/tidy/tidy.c
@@ -1284,7 +1284,7 @@ static PHP_FUNCTION(tidy_diagnose)
{
TIDY_FETCH_OBJECT;
- if (tidyRunDiagnostics(obj->ptdoc->doc) >= 0) {
+ if (tidyStatus(obj->ptdoc->doc) != 0 && tidyRunDiagnostics(obj->ptdoc->doc) >= 0) {
tidy_doc_update_properties(obj TSRMLS_CC);
RETURN_TRUE;
}
|
