iliaa Tue Aug 5 16:16:47 2003 EDT
Modified files: (Branch: PHP_4_3)
/php-src NEWS
/php-src/ext/standard exec.c
Log:
MFH: Fixed bug #18291 (escapeshellcmd() can now handle quoted arguments)
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.326 php-src/NEWS:1.1247.2.327
--- php-src/NEWS:1.1247.2.326 Tue Aug 5 16:05:16 2003
+++ php-src/NEWS Tue Aug 5 16:16:47 2003
@@ -13,6 +13,7 @@
- Fixed bug #22072 (Apache2 sapis do not detect aborted connections). (Ilia)
- Fixed bug #21611 (version_compare() does not support "p" as suffix).
(Stefan Walk)
+- Fixed bug #18291 (escapeshellcmd() can now handle quoted arguments). (Ilia)
- Fixed bug #17414 (pthreads bug workaround). (timo.teras[at]iki.fi)
30 Jul 2003, Version 4.3.3RC2
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.84.2.9 php-src/ext/standard/exec.c:1.84.2.10
--- php-src/ext/standard/exec.c:1.84.2.9 Sun Jul 13 15:46:39 2003
+++ php-src/ext/standard/exec.c Tue Aug 5 16:16:47 2003
@@ -15,7 +15,7 @@
| Author: Rasmus Lerdorf |
+----------------------------------------------------------------------+
*/
-/* $Id: exec.c,v 1.84.2.9 2003/07/13 19:46:39 moriyoshi Exp $ */
+/* $Id: exec.c,v 1.84.2.10 2003/08/05 20:16:47 iliaa Exp $ */
#include <stdio.h>
#include "php.h"
@@ -401,18 +401,28 @@
char *php_escape_shell_cmd(char *str) {
register int x, y, l;
char *cmd;
+ char *p = NULL;
l = strlen(str);
cmd = emalloc(2 * l + 1);
for (x = 0, y = 0; x < l; x++) {
switch (str[x]) {
+ case '"':
+ case '\'':
+ if (!p && (p = memchr(str + x + 1, str[x], l - x -
1))) {
+ /* noop */
+ } else if (p && *p == str[x]) {
+ p = NULL;
+ } else {
+ cmd[y++] = '\\';
+ }
+ cmd[y++] = str[x];
+ break;
case '#': /* This is character-set independent */
case '&':
case ';':
case '`':
- case '\'':
- case '"':
case '|':
case '*':
case '?':
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
