fix datatype for zpp, yet a followup on bug #73679

weltling · weltling · commit 3473b519c033 · 2016-12-12T01:26:06.000+01:00
diff --git a/ext/com_dotnet/com_com.c b/ext/com_dotnet/com_com.c
@@ -52,23 +52,30 @@ PHP_FUNCTION(com_create_instance)
 		RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE,
 		&authid, EOAC_NONE
 	};
+	zend_long cp = CP_ACP;
 
 	php_com_initialize();
 	obj = CDNO_FETCH(object);
 
 	if (FAILURE == zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET,
 			ZEND_NUM_ARGS(), "s|s!ls",
 			&module_name, &module_name_len, &server_name, &server_name_len,
-			&obj->code_page, &typelib_name, &typelib_name_len) &&
+			&cp, &typelib_name, &typelib_name_len) &&
 		FAILURE == zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET,
 			ZEND_NUM_ARGS(), "sa|ls",
-			&module_name, &module_name_len, &server_params, &obj->code_page,
+			&module_name, &module_name_len, &server_params, &cp,
 			&typelib_name, &typelib_name_len)) {
 
 		php_com_throw_exception(E_INVALIDARG, "Could not create COM object - invalid arguments!");
 		return;
 	}
 
+	if (Z_L(0) > cp || ZEND_LONG_INT_OVFL(cp)) {
+		php_com_throw_exception(E_INVALIDARG, "Could not create COM object - invalid codepage!");
+		return;
+	}
+	obj->code_page = (int)cp;
+
 	if (server_name) {
 		ctx = CLSCTX_REMOTE_SERVER;
 	} else if (server_params) {
