[PHP-CVS] cvs: php4(PHP_4_3) /main rfc1867.c

Mon, 07 Oct 2002 04:17:50 -0700 

sesser          Mon Oct  7 07:43:55 2002 EDT

  Modified files:              (Branch: PHP_4_3)
    /php4/main  rfc1867.c 
  Log:
  MFH: closing protected variables hole
  
  
  
Index: php4/main/rfc1867.c
diff -u php4/main/rfc1867.c:1.116 php4/main/rfc1867.c:1.116.4.1
--- php4/main/rfc1867.c:1.116   Sat Aug 17 07:48:21 2002
+++ php4/main/rfc1867.c Mon Oct  7 07:43:55 2002
@@ -16,7 +16,7 @@
    |          Jani Taskinen <[EMAIL PROTECTED]>                              |
    +----------------------------------------------------------------------+
  */
-/* $Id: rfc1867.c,v 1.116 2002/08/17 11:48:21 sesser Exp $ */
+/* $Id: rfc1867.c,v 1.116.4.1 2002/10/07 11:43:55 sesser Exp $ */
 
 /*
  *  This product includes software developed by the Apache Group
@@ -70,16 +70,68 @@
        REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_NO_FILE",    UPLOAD_ERROR_D,  CONST_CS 
| CONST_PERSISTENT);
 }
 
+static void normalize_protected_variable(char *varname TSRMLS_DC)
+{
+       char *s=varname, *index=NULL, *indexend=NULL;
+       
+       /* overjump leading space */
+       while (*s == ' ') {
+               s++;
+       }
+       
+       /* and remove it */
+       if (s != varname) {
+               memcpy(varname, s, strlen(s)+1);
+       }
+
+       /* find index */
+       index = strchr(varname, '[');
+       if (index) {
+               index++;
+               s=index;
+       } else {
+               return;
+       }
+
+       /* done? */
+       while (index) {
+               
+               while (*index == ' ' || *index == '\r' || *index == '\n' || 
+*index=='\t') {
+                       index++;
+               }
+               indexend = strchr(index, ']');
+               indexend = indexend ? indexend + 1 : index + strlen(index);
+               
+               if (s != index) {
+                       memcpy(s, index, strlen(s)+1);
+                       s += indexend-index;
+               } else {
+                       s = indexend;
+               }
+
+               if (*s == '[') {
+                       s++;
+                       index = s;
+               } else {
+                       index = NULL;
+               }       
+       }
+       *s++='\0';
+}
+
+
 static void add_protected_variable(char *varname TSRMLS_DC)
 {
        int dummy=1;
 
+       normalize_protected_variable(varname TSRMLS_CC);
        zend_hash_add(&PG(rfc1867_protected_variables), varname, strlen(varname)+1, 
&dummy, sizeof(int), NULL);
 }
 
 
 static zend_bool is_protected_variable(char *varname TSRMLS_DC)
 {
+       normalize_protected_variable(varname TSRMLS_CC);
        return zend_hash_exists(&PG(rfc1867_protected_variables), varname, 
strlen(varname)+1);
 }
 



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to