Sorry but your list does not like hushmail attachments
Sammy Nolz
--- rfc1867.c.unpatched 2002-01-01 02:02:11.000000000 +0100
+++ rfc1867.c 2002-01-01 02:04:55.000000000 +0100
@@ -230,6 +230,13 @@
}
}
+static void safe_php_register_binary_variable(char *var, char *strval,
int strlen, zval *track_vars_array, zend_bool override_protection TSRMLS_DC)
+{
+ if (override_protection || !is_protected_variable(var TSRMLS_CC)) {
+ php_register_variable_safe(var, strval, strlen, track_vars_array
TSRMLS_CC);
+ }
+}
+
static void register_http_post_files_variable(char *strvar, char *val,
zval *http_post_files, zend_bool override_protection TSRMLS_DC)
{
@@ -761,7 +768,7 @@
SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
{
- char *boundary, *s=NULL, *boundary_end = NULL, *start_arr=NULL,
*array_index=NULL;
+ char *boundary, *s=NULL, *boundary_end = NULL, *start_arr=NULL, *end_arr=NULL,
*array_index=NULL;
char *temp_filename=NULL, *lbuf=NULL, *abuf=NULL;
int boundary_len=0, total_bytes=0, cancel_upload=0, is_arr_upload=0,
array_len=0;
int max_file_size=0, skip_upload=0, anonindex=0, is_anonymous;
@@ -883,23 +890,24 @@
/* Normal form variable, safe to read all data into memory */
if (!filename && param) {
- char *value = multipart_buffer_read_body(mbuff
TSRMLS_CC);
+ int length = 0;
+ char *value = multipart_buffer_read_body(mbuff,
&length TSRMLS_CC);
unsigned int new_val_len; /* Dummy variable */
if (!value) {
value = estrdup("");
}
- if (sapi_module.input_filter(PARSE_POST, param,
&value, strlen(value),
&new_val_len TSRMLS_CC)) {
+ if (sapi_module.input_filter(PARSE_POST, param,
&value, length,
&new_val_len TSRMLS_CC)) {
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
if (php_mb_encoding_translation(TSRMLS_C)) {
php_mb_gpc_stack_variable(param,
value, &val_list, &len_list,
&num_vars, &num_vars_max TSRMLS_CC);
} else {
- safe_php_register_variable(param,
value, array_ptr, 0 TSRMLS_CC);
+
safe_php_register_binary_variable(param, value, new_val_len, array_ptr,
0 TSRMLS_CC);
}
#else
- safe_php_register_variable(param, value,
array_ptr, 0 TSRMLS_CC);
+ safe_php_register_binary_variable(param,
value, new_val_len, array_ptr,
0 TSRMLS_CC);
#endif
}
if (!strcasecmp(param, "MAX_FILE_SIZE")) {
@@ -1000,9 +1008,14 @@
/* is_arr_upload is true when name of file upload field
* ends in [.*]
- * start_arr is set to point to 1st [
+ * start_arr is set to point to 1st [ and
+ * end_arr is set to point to last ]
*/
- is_arr_upload = (start_arr = strchr(param,'[')) &&
(param[strlen(param)-
1] == ']');
+ is_arr_upload = (end_arr = strrchr(param, ']')) && (start_arr
= strchr(param,
'[')) && (end_arr > start_arr);
+ /* cut away garbage after ] */
+ if (is_arr_upload && end_arr) {
+ end_arr[1] = '\0';
+ }
/* handle unterminated [ */
if (!is_arr_upload && start_arr) {
*start_arr = '_';
@@ -1014,6 +1027,8 @@
efree(array_index);
}
array_index = estrndup(start_arr+1, array_len-2);
+ start_arr = NULL;
+ end_arr = NULL;
}
/* Add $foo_name */
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
