Fix new conversion filter for QPrint (same order of check as legacy code)

Because of checking for maximum line length *before* certain other checks,
the new conversion filter for QPrint could produce different results from
the old one in some cases. This was discovered while fuzzing the new
implementation of mb_decode_numericentity.

Author: alexdowad

ext/mbstring/libmbfl/filters/mbfilter_qprint.c

@@ -318,24 +318,29 @@ static void mb_wchar_to_qprint(uint32_t *in, size_t len, mb_convert_buf *buf, bo
 		 * but raw bytes from 0x00-0xFF */
 		uint32_t w = *in++;
 
-		/* QPrint actually mandates that line length should not be more than 76 characters,
-		 * but mbstring stops slightly short of that */
-		if (chars_output >= 72) {
-			MB_CONVERT_BUF_ENSURE(buf, out, limit, len + 4);
-			out = mb_convert_buf_add3(out, '=', '\r', '\n');
-			chars_output = 0;
-		}
-
 		if (!w) {
 			out = mb_convert_buf_add(out, '\0');
 			chars_output = 0;
+			continue;
 		} else if (w == '\n') {
 			MB_CONVERT_BUF_ENSURE(buf, out, limit, len + 2);
 			out = mb_convert_buf_add2(out, '\r', '\n');
 			chars_output = 0;
+			continue;
 		} else if (w == '\r') {
 			/* No output */
-		} else if (w >= 0x80 || w == '=') {
+			continue;
+		}
+
+		/* QPrint actually mandates that line length should not be more than 76 characters,
+		 * but mbstring stops slightly short of that */
+		if (chars_output >= 72) {
+			MB_CONVERT_BUF_ENSURE(buf, out, limit, len + 4);
+			out = mb_convert_buf_add3(out, '=', '\r', '\n');
+			chars_output = 0;
+		}
+
+		if (w >= 0x80 || w == '=') {
 			/* Not ASCII */
 			MB_CONVERT_BUF_ENSURE(buf, out, limit, len + 3);
 			out = mb_convert_buf_add3(out, '=', qprint_enc_nibble((w >> 4) & 0xF), qprint_enc_nibble(w & 0xF));

ext/mbstring/tests/qprint_encoding.phpt

@@ -23,12 +23,17 @@ testConversion('あ', '=E3=81=82');
 testConversion("J'interdis aux marchands de vanter trop leurs marchandises. Car ils se font vite pédagogues et t'enseignent comme but ce qui n'est par essence qu'un moyen, et te trompant ainsi sur la route à suivre les voilà bientôt qui te dégradent, car si leur musique est vulgaire ils te fabriquent pour te la vendre une âme vulgaire.
 —\xE2\x80\x89Antoine de Saint-Exupéry, Citadelle", "J'interdis aux marchands de vanter trop leurs marchandises. Car ils se f=\r\nont vite p=C3=A9dagogues et t'enseignent comme but ce qui n'est par esse=\r\nnce qu'un moyen, et te trompant ainsi sur la route =C3=A0 suivre les voi=\r\nl=C3=A0 bient=C3=B4t qui te d=C3=A9gradent, car si leur musique est vulg=\r\naire ils te fabriquent pour te la vendre une =C3=A2me vulgaire.\r\n=E2=80=94=E2=80=89Antoine de Saint-Exup=C3=A9ry, Citadelle");
 
+// Regression test, found by a fuzzer
+testConversion("***,*-S,\xac,,\xb7,l,,,,\xb6UTF7,\xb5\xb5\xb5\xb5\xb5\xb5K\xb5\xb5!\xa4\xa4\xa4\xa4\xa4\xbd\xb5,\xb5\xb5\xb5\xb5\xb5\xb5\xb5\xb5\xb5&", "***,*-S,=AC,,=B7,l,,,,=B6UTF7,=B5=B5=B5=B5=B5=B5K=B5=B5!=A4=A4=A4=A4=A4=BD=\r\n=B5,=B5=B5=B5=B5=B5=B5=B5=B5=B5&");
+
 echo "Done!\n";
 ?>
 --EXPECTF--
 Deprecated: mb_convert_encoding(): Handling QPrint via mbstring is deprecated; use quoted_printable_encode/quoted_printable_decode instead in %s
 
 Deprecated: mb_convert_encoding(): Handling QPrint via mbstring is deprecated; use quoted_printable_encode/quoted_printable_decode instead in %s
 
+Deprecated: mb_convert_encoding(): Handling QPrint via mbstring is deprecated; use quoted_printable_encode/quoted_printable_decode instead in %s
+
 Deprecated: mb_convert_encoding(): Handling QPrint via mbstring is deprecated; use quoted_printable_encode/quoted_printable_decode instead in %s
 Done!