diff options
Diffstat (limited to 'vendor/sabre')
-rw-r--r-- | vendor/sabre/http/CHANGELOG.md | 6 | ||||
-rw-r--r-- | vendor/sabre/http/lib/Sapi.php | 12 | ||||
-rw-r--r-- | vendor/sabre/http/lib/Version.php | 2 |
3 files changed, 17 insertions, 3 deletions
diff --git a/vendor/sabre/http/CHANGELOG.md b/vendor/sabre/http/CHANGELOG.md index a087453fa..e300aad09 100644 --- a/vendor/sabre/http/CHANGELOG.md +++ b/vendor/sabre/http/CHANGELOG.md @@ -1,6 +1,12 @@ ChangeLog ========= +5.0.5 (2019-11-28) +------------------------- + +* #138: Fixed possible infinite loop (@dpakach, @vfreex, @phil-davis) +* #136: Improvement regex content-range (@ho4ho) + 5.0.4 (2019-10-08) ------------------------- diff --git a/vendor/sabre/http/lib/Sapi.php b/vendor/sabre/http/lib/Sapi.php index 80254f3f3..73674a5a1 100644 --- a/vendor/sabre/http/lib/Sapi.php +++ b/vendor/sabre/http/lib/Sapi.php @@ -99,7 +99,7 @@ class Sapi // If this is a partial response, flush the beginning bytes until the first position that is a multiple of the page size. $contentRange = $response->getHeader('Content-Range'); // Matching "Content-Range: bytes 1234-5678/7890" - if (null !== $contentRange && preg_match('/^bytes\s([0-9]*)-([0-9]*)\//i', $contentRange, $matches) && '' !== $matches[1]) { + if (null !== $contentRange && preg_match('/^bytes\s([0-9]+)-([0-9]+)\//i', $contentRange, $matches)) { // 4kB should be the default page size on most architectures $pageSize = 4096; $offset = (int) $matches[1]; @@ -109,7 +109,15 @@ class Sapi } } while ($left > 0) { - $left -= stream_copy_to_stream($body, $output, min($left, $chunk_size)); + $copied = stream_copy_to_stream($body, $output, min($left, $chunk_size)); + // stream_copy_to_stream($src, $dest, $maxLength) must return the number of bytes copied or false in case of failure + // But when the $maxLength is greater than the total number of bytes remaining in the stream, + // It returns the negative number of bytes copied + // So break the loop in such cases. + if ($copied <= 0) { + break; + } + $left -= $copied; } } else { // workaround for 32 Bit systems to avoid stream_copy_to_stream diff --git a/vendor/sabre/http/lib/Version.php b/vendor/sabre/http/lib/Version.php index 20a401773..655753acf 100644 --- a/vendor/sabre/http/lib/Version.php +++ b/vendor/sabre/http/lib/Version.php @@ -16,5 +16,5 @@ class Version /** * Full version number. */ - const VERSION = '5.0.4'; + const VERSION = '5.0.5'; } |