Skip to content

Commit f81ffd9

Browse files
author
Mark Baker
authored
Additional argument validation for LEFT(), MID() and RIGHT() text functions (#1909)
* Additional argument validation for LEFT(), MID() and RIGHT() text functions
1 parent c4ed0ee commit f81ffd9

File tree

5 files changed

+37
-8
lines changed

5 files changed

+37
-8
lines changed

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ and this project adheres to [Semantic Versioning](https://semver.org).
2626
### Fixed
2727

2828
- Fixed issue with Xlsx@listWorksheetInfo not returning any data
29+
- Fixed invalid arguments triggering mb_substr() error in LEFT(), MID() and RIGHT() text functions. [Issue #640](https://github.com/PHPOffice/PhpSpreadsheet/issues/640)
2930

3031
## 1.17.1 - 2021-03-01
3132

src/PhpSpreadsheet/Calculation/TextData.php

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -299,7 +299,7 @@ public static function LEFT($value = '', $chars = 1)
299299
$value = Functions::flattenSingleValue($value);
300300
$chars = Functions::flattenSingleValue($chars);
301301

302-
if ($chars < 0) {
302+
if (!is_numeric($chars) || $chars < 0) {
303303
return Functions::VALUE();
304304
}
305305

@@ -325,18 +325,14 @@ public static function MID($value = '', $start = 1, $chars = null)
325325
$start = Functions::flattenSingleValue($start);
326326
$chars = Functions::flattenSingleValue($chars);
327327

328-
if (($start < 1) || ($chars < 0)) {
328+
if (!is_numeric($start) || $start < 1 || !is_numeric($chars) || $chars < 0) {
329329
return Functions::VALUE();
330330
}
331331

332332
if (is_bool($value)) {
333333
$value = ($value) ? Calculation::getTRUE() : Calculation::getFALSE();
334334
}
335335

336-
if (empty($chars)) {
337-
return '';
338-
}
339-
340336
return mb_substr($value, --$start, $chars, 'UTF-8');
341337
}
342338

@@ -353,7 +349,7 @@ public static function RIGHT($value = '', $chars = 1)
353349
$value = Functions::flattenSingleValue($value);
354350
$chars = Functions::flattenSingleValue($chars);
355351

356-
if ($chars < 0) {
352+
if (!is_numeric($chars) || $chars < 0) {
357353
return Functions::VALUE();
358354
}
359355

tests/data/Calculation/TextData/LEFT.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,16 @@
1616
'QWERTYUIOP',
1717
-1,
1818
],
19+
[
20+
'#VALUE!',
21+
'QWERTYUIOP',
22+
'NaN',
23+
],
24+
[
25+
'#VALUE!',
26+
'QWERTYUIOP',
27+
null,
28+
],
1929
[
2030
'ABC',
2131
'ABCDEFGHI',

tests/data/Calculation/TextData/MID.php

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,19 @@
2626
-1,
2727
],
2828
[
29-
'',
29+
'#VALUE!',
30+
'QWERTYUIOP',
31+
'NaN',
32+
1,
33+
],
34+
[
35+
'#VALUE!',
36+
'QWERTYUIOP',
37+
2,
38+
'NaN',
39+
],
40+
[
41+
'#VALUE!',
3042
'QWERTYUIOP',
3143
5,
3244
],

tests/data/Calculation/TextData/RIGHT.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,16 @@
1616
'QWERTYUIOP',
1717
-1,
1818
],
19+
[
20+
'#VALUE!',
21+
'QWERTYUIOP',
22+
'NaN',
23+
],
24+
[
25+
'#VALUE!',
26+
'QWERTYUIOP',
27+
null,
28+
],
1929
[
2030
'GHI',
2131
'ABCDEFGHI',

0 commit comments

Comments
 (0)