iliaa Tue Jul 13 09:15:32 2004 EDT
Modified files: (Branch: PHP_4_3_7)
/php-src NEWS configure.in
/Zend zend_alloc.c zend_constants.c zend_execute.c zend_hash.c
zend_variables.c
/php-src/ext/imap php_imap.c
/php-src/ext/msession msession.c
/php-src/ext/mssql php_mssql.c
/php-src/ext/mysql php_mysql.c
/php-src/ext/pcntl pcntl.c
/php-src/ext/session mod_mm.c session.c
/php-src/ext/standard ftok.c iptc.c string.c
/php-src/ext/sybase php_sybase_db.c
/php-src/ext/sybase_ct php_sybase_ct.c
/php-src/ext/w32api w32api.c
/php-src/ext/wddx wddx.c
/php-src/main main.c php_version.h rfc1867.c
Log:
4.3.8 patches.
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.673&r2=1.1247.2.673.2.1&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.673 php-src/NEWS:1.1247.2.673.2.1
--- php-src/NEWS:1.1247.2.673 Wed Jun 2 09:25:44 2004
+++ php-src/NEWS Tue Jul 13 09:15:23 2004
@@ -1,5 +1,14 @@
PHP 4 NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
+14 Jul 2004, Version 4.3.8
+- Fixed strip_tags() to correctly handle '\0' characters. (Stefan)
+- Fixed memory_limit during request startup. (Stefan)
+- Replace alloca() with emalloc() for better stack protection. (Ilia)
+- Added missing safe_mode checks inside ftok and itpc. (Ilia)
+- Fixed bug #28963 (Missing space for \0 in address allocation in IMAP). (Ilia)
+- Fixed bug #28632 (Prevent open_basedir bypass via MySQL's LOAD DATA LOCAL).
+ (Ilia)
+
03 Jun 2004, Version 4.3.7
- Upgraded bundled GD library to 2.0.23. (Ilia)
- Changed user error handler mechanism to relay to built-in error handler if it
http://cvs.php.net/diff.php/php-src/configure.in?r1=1.396.2.116.2.1&r2=1.396.2.116.2.2&ty=u
Index: php-src/configure.in
diff -u php-src/configure.in:1.396.2.116.2.1 php-src/configure.in:1.396.2.116.2.2
--- php-src/configure.in:1.396.2.116.2.1 Tue Jul 13 08:58:33 2004
+++ php-src/configure.in Tue Jul 13 09:15:25 2004
@@ -1,4 +1,4 @@
-dnl ## $Id: configure.in,v 1.396.2.116.2.1 2004/07/13 12:58:33 derick Exp $ -*- sh -*-
+dnl ## $Id: configure.in,v 1.396.2.116.2.2 2004/07/13 13:15:25 iliaa Exp $ -*- sh -*-
dnl ## Process this file with autoconf to produce a configure script.
divert(1)
@@ -41,7 +41,7 @@
MAJOR_VERSION=4
MINOR_VERSION=3
RELEASE_VERSION=8
-EXTRA_VERSION="-dev"
+EXTRA_VERSION=""
VERSION="$MAJOR_VERSION.$MINOR_VERSION.$RELEASE_VERSION$EXTRA_VERSION"
dnl Define where extension directories are located in the configure context
http://cvs.php.net/diff.php/Zend/zend_alloc.c?r1=1.105.4.5&r2=1.105.4.5.2.1&ty=u
Index: Zend/zend_alloc.c
diff -u Zend/zend_alloc.c:1.105.4.5 Zend/zend_alloc.c:1.105.4.5.2.1
--- Zend/zend_alloc.c:1.105.4.5 Mon May 17 09:15:14 2004
+++ Zend/zend_alloc.c Tue Jul 13 09:15:26 2004
@@ -67,7 +67,7 @@
#define _CHECK_MEMORY_LIMIT(s, rs, file, lineno) { AG(allocated_memory) += rs;\
if
(AG(memory_limit)<AG(allocated_memory)) {\
int
php_mem_limit = AG(memory_limit); \
- if
(AG(memory_limit)+1048576 > AG(allocated_memory) - rs) { \
+ if
(EG(in_execution) && AG(memory_limit)+1048576 > AG(allocated_memory) - rs) { \
AG(memory_limit) = AG(allocated_memory) + 1048576; \
if
(file) { \
zend_error(E_ERROR,"Allowed memory size of %d bytes exhausted at %s:%d (tried to
allocate %d bytes)", php_mem_limit, file, lineno, s); \
http://cvs.php.net/diff.php/Zend/zend_constants.c?r1=1.42.2.5&r2=1.42.2.5.2.1&ty=u
Index: Zend/zend_constants.c
diff -u Zend/zend_constants.c:1.42.2.5 Zend/zend_constants.c:1.42.2.5.2.1
--- Zend/zend_constants.c:1.42.2.5 Wed May 26 17:02:12 2004
+++ Zend/zend_constants.c Tue Jul 13 09:15:26 2004
@@ -220,8 +220,7 @@
int retval = 1;
if (zend_hash_find(EG(zend_constants), name, name_len+1, (void **) &c) ==
FAILURE) {
- lookup_name = do_alloca(name_len+1);
- memcpy(lookup_name, name, name_len+1);
+ lookup_name = estrndup(name, name_len);
zend_str_tolower(lookup_name, name_len);
if (zend_hash_find(EG(zend_constants), lookup_name, name_len+1, (void
**) &c)==SUCCESS) {
@@ -231,7 +230,7 @@
} else {
retval=0;
}
- free_alloca(lookup_name);
+ efree(lookup_name);
}
if (retval) {
@@ -256,8 +255,7 @@
#endif
if (!(c->flags & CONST_CS)) {
- lowercase_name = do_alloca(c->name_len);
- memcpy(lowercase_name, c->name, c->name_len);
+ lowercase_name = estrndup(c->name, c->name_len);
zend_str_tolower(lowercase_name, c->name_len);
name = lowercase_name;
} else {
@@ -273,7 +271,7 @@
ret = FAILURE;
}
if (lowercase_name) {
- free_alloca(lowercase_name);
+ efree(lowercase_name);
}
return ret;
}
http://cvs.php.net/diff.php/Zend/zend_execute.c?r1=1.316.2.34&r2=1.316.2.34.2.1&ty=u
Index: Zend/zend_execute.c
diff -u Zend/zend_execute.c:1.316.2.34 Zend/zend_execute.c:1.316.2.34.2.1
--- Zend/zend_execute.c:1.316.2.34 Thu Apr 1 17:05:38 2004
+++ Zend/zend_execute.c Tue Jul 13 09:15:26 2004
@@ -1038,7 +1038,7 @@
EX(ce) = NULL;
EX(object).ptr = NULL;
EX(op_array) = op_array;
- EX(Ts) = (temp_variable *) do_alloca(sizeof(temp_variable)*op_array->T);
+ EX(Ts) = (temp_variable *) safe_emalloc(sizeof(temp_variable), op_array->T, 0);
EX(prev_execute_data) = EG(current_execute_data);
EX(original_in_execution)=EG(in_execution);
@@ -1757,7 +1757,7 @@
(*EG(return_value_ptr_ptr))->is_ref = 0;
}
}
- free_alloca(EX(Ts));
+ efree(EX(Ts));
EG(in_execution) = EX(original_in_execution);
EG(current_execute_data) =
EX(prev_execute_data);
return;
http://cvs.php.net/diff.php/Zend/zend_hash.c?r1=1.87.4.5&r2=1.87.4.5.2.1&ty=u
Index: Zend/zend_hash.c
diff -u Zend/zend_hash.c:1.87.4.5 Zend/zend_hash.c:1.87.4.5.2.1
--- Zend/zend_hash.c:1.87.4.5 Tue Aug 12 02:22:05 2003
+++ Zend/zend_hash.c Tue Jul 13 09:15:27 2004
@@ -174,6 +174,7 @@
ZEND_API int zend_hash_init(HashTable *ht, uint nSize, hash_func_t pHashFunction,
dtor_func_t pDestructor, int persistent)
{
uint i = 3;
+ Bucket **tmp;
SET_INCONSISTENT(HT_OK);
@@ -183,14 +184,6 @@
ht->nTableSize = 1 << i;
ht->nTableMask = ht->nTableSize - 1;
-
- /* Uses ecalloc() so that Bucket* == NULL */
- ht->arBuckets = (Bucket **) pecalloc(ht->nTableSize, sizeof(Bucket *),
persistent);
-
- if (!ht->arBuckets) {
- return FAILURE;
- }
-
ht->pDestructor = pDestructor;
ht->pListHead = NULL;
ht->pListTail = NULL;
@@ -200,6 +193,16 @@
ht->persistent = persistent;
ht->nApplyCount = 0;
ht->bApplyProtection = 1;
+ ht->arBuckets = NULL;
+
+ /* Uses ecalloc() so that Bucket* == NULL */
+ tmp = (Bucket **) pecalloc(ht->nTableSize, sizeof(Bucket *), persistent);
+
+ if (!tmp) {
+ return FAILURE;
+ }
+ ht->arBuckets = tmp;
+
return SUCCESS;
}
http://cvs.php.net/diff.php/Zend/zend_variables.c?r1=1.44.2.1&r2=1.44.2.1.6.1&ty=u
Index: Zend/zend_variables.c
diff -u Zend/zend_variables.c:1.44.2.1 Zend/zend_variables.c:1.44.2.1.6.1
--- Zend/zend_variables.c:1.44.2.1 Tue Dec 31 11:23:05 2002
+++ Zend/zend_variables.c Tue Jul 13 09:15:27 2004
@@ -114,27 +114,31 @@
case IS_CONSTANT_ARRAY: {
zval *tmp;
HashTable *original_ht = zvalue->value.ht;
+ HashTable *tmp_ht = NULL;
TSRMLS_FETCH();
if (zvalue->value.ht == &EG(symbol_table)) {
return SUCCESS; /* do nothing */
}
- ALLOC_HASHTABLE_REL(zvalue->value.ht);
- zend_hash_init(zvalue->value.ht, 0, NULL,
ZVAL_PTR_DTOR, 0);
- zend_hash_copy(zvalue->value.ht, original_ht,
(copy_ctor_func_t) zval_add_ref, (void *) &tmp, sizeof(zval *));
+ ALLOC_HASHTABLE_REL(tmp_ht);
+ zend_hash_init(tmp_ht, 0, NULL, ZVAL_PTR_DTOR, 0);
+ zend_hash_copy(tmp_ht, original_ht, (copy_ctor_func_t)
zval_add_ref, (void *) &tmp, sizeof(zval *));
+ zvalue->value.ht = tmp_ht;
}
break;
case IS_OBJECT: {
zval *tmp;
HashTable *original_ht = zvalue->value.obj.properties;
+ HashTable *tmp_ht = NULL;
TSRMLS_FETCH();
if (zvalue->value.obj.properties == &EG(symbol_table))
{
return SUCCESS; /* do nothing */
}
- ALLOC_HASHTABLE_REL(zvalue->value.obj.properties);
- zend_hash_init(zvalue->value.obj.properties, 0, NULL,
ZVAL_PTR_DTOR, 0);
- zend_hash_copy(zvalue->value.obj.properties,
original_ht, (copy_ctor_func_t) zval_add_ref, (void *) &tmp, sizeof(zval *));
+ ALLOC_HASHTABLE_REL(tmp_ht);
+ zend_hash_init(tmp_ht, 0, NULL, ZVAL_PTR_DTOR, 0);
+ zend_hash_copy(tmp_ht, original_ht, (copy_ctor_func_t)
zval_add_ref, (void *) &tmp, sizeof(zval *));
+ zvalue->value.obj.properties = tmp_ht;
}
break;
}
http://cvs.php.net/diff.php/php-src/ext/imap/php_imap.c?r1=1.142.2.23&r2=1.142.2.23.2.1&ty=u
Index: php-src/ext/imap/php_imap.c
diff -u php-src/ext/imap/php_imap.c:1.142.2.23
php-src/ext/imap/php_imap.c:1.142.2.23.2.1
--- php-src/ext/imap/php_imap.c:1.142.2.23 Wed May 12 16:17:21 2004
+++ php-src/ext/imap/php_imap.c Tue Jul 13 09:15:27 2004
@@ -26,7 +26,7 @@
| PHP 4.0 updates: Zeev Suraski <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: php_imap.c,v 1.142.2.23 2004/05/12 20:17:21 iliaa Exp $ */
+/* $Id: php_imap.c,v 1.142.2.23.2.1 2004/07/13 13:15:27 iliaa Exp $ */
#define IMAP41
@@ -3683,7 +3683,7 @@
addresstmp = addresslist;
if ((len = _php_imap_address_size(addresstmp))) {
- tmpstr = (char *) malloc (len);
+ tmpstr = (char *) malloc(len + 1);
tmpstr[0] = '\0';
rfc822_write_address(tmpstr, addresstmp);
*fulladdress = tmpstr;
http://cvs.php.net/diff.php/php-src/ext/msession/msession.c?r1=1.37.4.1&r2=1.37.4.1.2.1&ty=u
Index: php-src/ext/msession/msession.c
diff -u php-src/ext/msession/msession.c:1.37.4.1
php-src/ext/msession/msession.c:1.37.4.1.2.1
--- php-src/ext/msession/msession.c:1.37.4.1 Tue Dec 31 11:34:56 2002
+++ php-src/ext/msession/msession.c Tue Jul 13 09:15:28 2004
@@ -1266,7 +1266,7 @@
{
int port;
int len = strlen(save_path)+1;
- char * path = alloca(len);
+ char * path = emalloc(len);
char * szport;
strcpy(path, save_path);
@@ -1285,7 +1285,13 @@
ELOG( "ps_open_msession");
PS_SET_MOD_DATA((void *)1); /* session.c needs a non-zero here! */
- return PHPMsessionConnect(path, port) ? SUCCESS : FAILURE;
+ if (PHPMsessionConnect(path, port)) {
+ efree(path);
+ return SUCCESS;
+ } else {
+ efree(path);
+ return FAILURE;
+ }
}
PS_CLOSE_FUNC(msession)
http://cvs.php.net/diff.php/php-src/ext/mssql/php_mssql.c?r1=1.86.2.32&r2=1.86.2.32.2.1&ty=u
Index: php-src/ext/mssql/php_mssql.c
diff -u php-src/ext/mssql/php_mssql.c:1.86.2.32
php-src/ext/mssql/php_mssql.c:1.86.2.32.2.1
--- php-src/ext/mssql/php_mssql.c:1.86.2.32 Tue Apr 20 19:31:39 2004
+++ php-src/ext/mssql/php_mssql.c Tue Jul 13 09:15:29 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_mssql.c,v 1.86.2.32 2004/04/20 23:31:39 fmk Exp $ */
+/* $Id: php_mssql.c,v 1.86.2.32.2.1 2004/07/13 13:15:29 iliaa Exp $ */
#ifdef COMPILE_DL_MSSQL
#define HAVE_MSSQL 1
@@ -344,6 +344,7 @@
PHP_RSHUTDOWN_FUNCTION(mssql)
{
STR_FREE(MS_SQL_G(appname));
+ MS_SQL_G(appname) = NULL;
if (MS_SQL_G(server_message)) {
STR_FREE(MS_SQL_G(server_message));
MS_SQL_G(server_message) = NULL;
http://cvs.php.net/diff.php/php-src/ext/mysql/php_mysql.c?r1=1.174.2.25&r2=1.174.2.25.2.1&ty=u
Index: php-src/ext/mysql/php_mysql.c
diff -u php-src/ext/mysql/php_mysql.c:1.174.2.25
php-src/ext/mysql/php_mysql.c:1.174.2.25.2.1
--- php-src/ext/mysql/php_mysql.c:1.174.2.25 Fri Apr 23 13:04:36 2004
+++ php-src/ext/mysql/php_mysql.c Tue Jul 13 09:15:29 2004
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_mysql.c,v 1.174.2.25 2004/04/23 17:04:36 iliaa Exp $ */
+/* $Id: php_mysql.c,v 1.174.2.25.2.1 2004/07/13 13:15:29 iliaa Exp $ */
/* TODO:
*
@@ -259,6 +259,9 @@
*/
static void php_mysql_set_default_link(int id TSRMLS_DC)
{
+ if (MySG(default_link) != -1) {
+ zend_list_delete(MySG(default_link));
+ }
MySG(default_link) = id;
zend_list_addref(id);
}
@@ -590,7 +593,7 @@
break;
}
/* disable local infile option for open_basedir */
- if (PG(open_basedir) && strlen(PG(open_basedir))) {
+ if (PG(open_basedir) && strlen(PG(open_basedir)) && (client_flags &
CLIENT_LOCAL_FILES)) {
client_flags ^= CLIENT_LOCAL_FILES;
}
http://cvs.php.net/diff.php/php-src/ext/pcntl/pcntl.c?r1=1.28.4.4&r2=1.28.4.4.2.1&ty=u
Index: php-src/ext/pcntl/pcntl.c
diff -u php-src/ext/pcntl/pcntl.c:1.28.4.4 php-src/ext/pcntl/pcntl.c:1.28.4.4.2.1
--- php-src/ext/pcntl/pcntl.c:1.28.4.4 Fri Jan 23 02:02:54 2004
+++ php-src/ext/pcntl/pcntl.c Tue Jul 13 09:15:29 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: pcntl.c,v 1.28.4.4 2004/01/23 07:02:54 sniper Exp $ */
+/* $Id: pcntl.c,v 1.28.4.4.2.1 2004/07/13 13:15:29 iliaa Exp $ */
#define PCNTL_DEBUG 0
@@ -386,7 +386,7 @@
args_hash = HASH_OF(args);
argc = zend_hash_num_elements(args_hash);
- argv = alloca((argc+2) * sizeof(char *));
+ argv = safe_emalloc((argc + 2), sizeof(char *), 0);
*argv = path;
for ( zend_hash_internal_pointer_reset(args_hash), current_arg =
argv+1;
(argi < argc && (zend_hash_get_current_data(args_hash, (void
**) &element) == SUCCESS));
@@ -397,7 +397,7 @@
}
*(current_arg) = NULL;
} else {
- argv = alloca(2 * sizeof(char *));
+ argv = emalloc(2 * sizeof(char *));
*argv = path;
*(argv+1) = NULL;
}
@@ -407,13 +407,13 @@
envs_hash = HASH_OF(envs);
envc = zend_hash_num_elements(envs_hash);
- envp = alloca((envc+1) * sizeof(char *));
+ envp = safe_emalloc((envc + 1), sizeof(char *), 0);
for ( zend_hash_internal_pointer_reset(envs_hash), pair = envp;
(envi < envc && (zend_hash_get_current_data(envs_hash, (void
**) &element) == SUCCESS));
(envi++, pair++, zend_hash_move_forward(envs_hash)) ) {
switch (return_val = zend_hash_get_current_key_ex(envs_hash,
&key, &key_length, &key_num, 0, NULL)) {
case HASH_KEY_IS_LONG:
- key = alloca(101);
+ key = emalloc(101);
snprintf(key, 100, "%ld", key_num);
key_length = strlen(key);
break;
@@ -432,7 +432,7 @@
strlcat(*pair, Z_STRVAL_PP(element), pair_length);
/* Cleanup */
- if (return_val == HASH_KEY_IS_LONG) free_alloca(key);
+ if (return_val == HASH_KEY_IS_LONG) efree(key);
}
*(pair) = NULL;
}
@@ -445,10 +445,10 @@
/* Cleanup */
if (envp != NULL) {
for (pair = envp; *pair != NULL; pair++) efree(*pair);
- free_alloca(envp);
+ efree(envp);
}
- free_alloca(argv);
+ efree(argv);
RETURN_FALSE;
}
http://cvs.php.net/diff.php/php-src/ext/session/mod_mm.c?r1=1.39.4.3&r2=1.39.4.3.2.1&ty=u
Index: php-src/ext/session/mod_mm.c
diff -u php-src/ext/session/mod_mm.c:1.39.4.3 php-src/ext/session/mod_mm.c:1.39.4.3.2.1
--- php-src/ext/session/mod_mm.c:1.39.4.3 Tue Dec 31 11:35:20 2002
+++ php-src/ext/session/mod_mm.c Tue Jul 13 09:15:29 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_mm.c,v 1.39.4.3 2002/12/31 16:35:20 sebastian Exp $ */
+/* $Id: mod_mm.c,v 1.39.4.3.2.1 2004/07/13 13:15:29 iliaa Exp $ */
#include "php.h"
@@ -264,7 +264,7 @@
return FAILURE;
/* Directory + '/' + File + Module Name + Effective UID + \0 */
- ps_mm_path =
do_alloca(save_path_len+1+sizeof(PS_MM_FILE)+mod_name_len+strlen(euid)+1);
+ ps_mm_path =
emalloc(save_path_len+1+sizeof(PS_MM_FILE)+mod_name_len+strlen(euid)+1);
memcpy(ps_mm_path, PS(save_path), save_path_len + 1);
if (save_path_len > 0 && ps_mm_path[save_path_len - 1] != DEFAULT_SLASH) {
@@ -277,7 +277,7 @@
ret = ps_mm_initialize(ps_mm_instance, ps_mm_path);
- free_alloca(ps_mm_path);
+ efree(ps_mm_path);
if (ret != SUCCESS) {
free(ps_mm_instance);
http://cvs.php.net/diff.php/php-src/ext/session/session.c?r1=1.336.2.39&r2=1.336.2.39.2.1&ty=u
Index: php-src/ext/session/session.c
diff -u php-src/ext/session/session.c:1.336.2.39
php-src/ext/session/session.c:1.336.2.39.2.1
--- php-src/ext/session/session.c:1.336.2.39 Sat May 8 02:01:11 2004
+++ php-src/ext/session/session.c Tue Jul 13 09:15:29 2004
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: session.c,v 1.336.2.39 2004/05/08 06:01:11 pollita Exp $ */
+/* $Id: session.c,v 1.336.2.39.2.1 2004/07/13 13:15:29 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -503,13 +503,16 @@
static void php_session_track_init(TSRMLS_D)
{
+ zval *session_vars = NULL;
+
/* Unconditionally destroy existing arrays -- possible dirty data */
zend_hash_del(&EG(symbol_table), "HTTP_SESSION_VARS",
sizeof("HTTP_SESSION_VARS"));
zend_hash_del(&EG(symbol_table), "_SESSION", sizeof("_SESSION"));
- MAKE_STD_ZVAL(PS(http_session_vars));
- array_init(PS(http_session_vars));
+ MAKE_STD_ZVAL(session_vars);
+ array_init(session_vars);
+ PS(http_session_vars) = session_vars;
ZEND_SET_GLOBAL_VAR_WITH_LENGTH("HTTP_SESSION_VARS",
sizeof("HTTP_SESSION_VARS"), PS(http_session_vars), 2, 1);
ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"),
PS(http_session_vars), 2, 1);
http://cvs.php.net/diff.php/php-src/ext/standard/ftok.c?r1=1.9.2.1&r2=1.9.2.1.2.1&ty=u
Index: php-src/ext/standard/ftok.c
diff -u php-src/ext/standard/ftok.c:1.9.2.1 php-src/ext/standard/ftok.c:1.9.2.1.2.1
--- php-src/ext/standard/ftok.c:1.9.2.1 Tue Dec 31 11:35:28 2002
+++ php-src/ext/standard/ftok.c Tue Jul 13 09:15:29 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: ftok.c,v 1.9.2.1 2002/12/31 16:35:28 sebastian Exp $ */
+/* $Id: ftok.c,v 1.9.2.1.2.1 2004/07/13 13:15:29 iliaa Exp $ */
#include "php.h"
@@ -51,6 +51,10 @@
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Second argument invalid");
RETURN_LONG(-1);
}
+
+ if ((PG(safe_mode) && (!php_checkuid(Z_STRVAL_PP(pathname), NULL,
CHECKUID_CHECK_FILE_AND_DIR))) || php_check_open_basedir(Z_STRVAL_PP(pathname)
TSRMLS_CC)) {
+ RETURN_LONG(-1);
+ }
k = ftok(Z_STRVAL_PP(pathname),Z_STRVAL_PP(proj)[0]);
http://cvs.php.net/diff.php/php-src/ext/standard/iptc.c?r1=1.41.4.3&r2=1.41.4.3.2.1&ty=u
Index: php-src/ext/standard/iptc.c
diff -u php-src/ext/standard/iptc.c:1.41.4.3 php-src/ext/standard/iptc.c:1.41.4.3.2.1
--- php-src/ext/standard/iptc.c:1.41.4.3 Sat Mar 6 12:41:31 2004
+++ php-src/ext/standard/iptc.c Tue Jul 13 09:15:29 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: iptc.c,v 1.41.4.3 2004/03/06 17:41:31 pajoye Exp $ */
+/* $Id: iptc.c,v 1.41.4.3.2.1 2004/07/13 13:15:29 iliaa Exp $ */
/*
* Functions to parse & compse IPTC data.
@@ -208,6 +208,10 @@
break;
}
+ if (PG(safe_mode) && (!php_checkuid(Z_STRVAL_PP(jpeg_file), NULL,
CHECKUID_CHECK_FILE_AND_DIR))) {
+ RETURN_FALSE;
+ }
+
if (php_check_open_basedir(Z_STRVAL_PP(jpeg_file) TSRMLS_CC)) {
RETURN_FALSE;
}
@@ -347,7 +351,7 @@
inx += 2;
}
- sprintf(key, "%d#%03d", (unsigned int) dataset, (unsigned int) recnum);
+ snprintf(key, sizeof(key), "%d#%03d", (unsigned int) dataset,
(unsigned int) recnum);
if ((len > length) || (inx + len) > length)
break;
http://cvs.php.net/diff.php/php-src/ext/standard/string.c?r1=1.333.2.39&r2=1.333.2.39.2.1&ty=u
Index: php-src/ext/standard/string.c
diff -u php-src/ext/standard/string.c:1.333.2.39
php-src/ext/standard/string.c:1.333.2.39.2.1
--- php-src/ext/standard/string.c:1.333.2.39 Thu May 13 13:44:32 2004
+++ php-src/ext/standard/string.c Tue Jul 13 09:15:30 2004
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: string.c,v 1.333.2.39 2004/05/13 17:44:32 iliaa Exp $ */
+/* $Id: string.c,v 1.333.2.39.2.1 2004/07/13 13:15:30 iliaa Exp $ */
/* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */
@@ -3339,6 +3339,8 @@
while (i < len) {
switch (c) {
+ case '\0':
+ break;
case '<':
if (isspace(*(p + 1))) {
goto reg_char;
http://cvs.php.net/diff.php/php-src/ext/sybase/php_sybase_db.c?r1=1.38.2.16&r2=1.38.2.16.2.1&ty=u
Index: php-src/ext/sybase/php_sybase_db.c
diff -u php-src/ext/sybase/php_sybase_db.c:1.38.2.16
php-src/ext/sybase/php_sybase_db.c:1.38.2.16.2.1
--- php-src/ext/sybase/php_sybase_db.c:1.38.2.16 Fri Apr 16 12:27:57 2004
+++ php-src/ext/sybase/php_sybase_db.c Tue Jul 13 09:15:30 2004
@@ -20,7 +20,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_sybase_db.c,v 1.38.2.16 2004/04/16 16:27:57 thetaphi Exp $ */
+/* $Id: php_sybase_db.c,v 1.38.2.16.2.1 2004/07/13 13:15:30 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
@@ -297,7 +297,9 @@
PHP_RSHUTDOWN_FUNCTION(sybase)
{
efree(php_sybase_module.appname);
+ php_sybase_module.appname = NULL;
STR_FREE(php_sybase_module.server_message);
+ php_sybase_module.server_message = NULL;
return SUCCESS;
}
http://cvs.php.net/diff.php/php-src/ext/sybase_ct/php_sybase_ct.c?r1=1.73.2.16&r2=1.73.2.16.2.1&ty=u
Index: php-src/ext/sybase_ct/php_sybase_ct.c
diff -u php-src/ext/sybase_ct/php_sybase_ct.c:1.73.2.16
php-src/ext/sybase_ct/php_sybase_ct.c:1.73.2.16.2.1
--- php-src/ext/sybase_ct/php_sybase_ct.c:1.73.2.16 Fri May 21 17:00:19 2004
+++ php-src/ext/sybase_ct/php_sybase_ct.c Tue Jul 13 09:15:30 2004
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_sybase_ct.c,v 1.73.2.16 2004/05/21 21:00:19 edink Exp $ */
+/* $Id: php_sybase_ct.c,v 1.73.2.16.2.1 2004/07/13 13:15:30 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
@@ -448,11 +448,13 @@
PHP_RSHUTDOWN_FUNCTION(sybase)
{
efree(SybCtG(appname));
+ SybCtG(appname) = NULL;
if (SybCtG(callback_name)) {
zval_ptr_dtor(&SybCtG(callback_name));
SybCtG(callback_name)= NULL;
}
STR_FREE(SybCtG(server_message));
+ SybCtG(server_message) = NULL;
return SUCCESS;
}
http://cvs.php.net/diff.php/php-src/ext/w32api/w32api.c?r1=1.5.2.2&r2=1.5.2.2.4.1&ty=u
Index: php-src/ext/w32api/w32api.c
diff -u php-src/ext/w32api/w32api.c:1.5.2.2 php-src/ext/w32api/w32api.c:1.5.2.2.4.1
--- php-src/ext/w32api/w32api.c:1.5.2.2 Wed Apr 16 16:03:13 2003
+++ php-src/ext/w32api/w32api.c Tue Jul 13 09:15:30 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: w32api.c,v 1.5.2.2 2003/04/16 20:03:13 moriyoshi Exp $ */
+/* $Id: w32api.c,v 1.5.2.2.4.1 2004/07/13 13:15:30 iliaa Exp $ */
/*
* Win32 API Extension for PHP 4
@@ -290,20 +290,26 @@
*/
PHP_RINIT_FUNCTION(w32api)
{
+ HashTable *tmp;
+ WG(funcs) = WG(libraries) = WG(callbacks) = WG(types) = NULL;
+
/* Allocate Request Specific HT's here
*/
- ALLOC_HASHTABLE(WG(funcs));
- zend_hash_init(WG(funcs), 1, NULL, php_w32api_hash_func_dtor, 1);
-
- ALLOC_HASHTABLE(WG(libraries));
- zend_hash_init(WG(libraries), 1, NULL, php_w32api_hash_lib_dtor, 1);
-
- ALLOC_HASHTABLE(WG(callbacks));
- zend_hash_init(WG(callbacks), 1, NULL, php_w32api_hash_callback_dtor, 1);
-
- ALLOC_HASHTABLE(WG(types));
- zend_hash_init(WG(types), 1, NULL, php_w32api_hash_type_dtor, 1);
-
+ ALLOC_HASHTABLE(tmp);
+ zend_hash_init(tmp, 1, NULL, php_w32api_hash_func_dtor, 1);
+ WG(funcs) = tmp;
+
+ ALLOC_HASHTABLE(tmp);
+ zend_hash_init(tmp, 1, NULL, php_w32api_hash_lib_dtor, 1);
+ WG(libraries) = tmp;
+
+ ALLOC_HASHTABLE(tmp);
+ zend_hash_init(tmp, 1, NULL, php_w32api_hash_callback_dtor, 1);
+ WG(callbacks) = tmp;
+
+ ALLOC_HASHTABLE(tmp);
+ zend_hash_init(tmp, 1, NULL, php_w32api_hash_type_dtor, 1);
+ WG(types) = tmp;
return SUCCESS;
@@ -330,6 +336,7 @@
zend_hash_destroy(WG(types));
FREE_HASHTABLE(WG(types));
+ WG(funcs) = WG(libraries) = WG(callbacks) = WG(types) = NULL;
return SUCCESS;
}
http://cvs.php.net/diff.php/php-src/ext/wddx/wddx.c?r1=1.96.2.5&r2=1.96.2.5.2.1&ty=u
Index: php-src/ext/wddx/wddx.c
diff -u php-src/ext/wddx/wddx.c:1.96.2.5 php-src/ext/wddx/wddx.c:1.96.2.5.2.1
--- php-src/ext/wddx/wddx.c:1.96.2.5 Mon Oct 20 11:42:10 2003
+++ php-src/ext/wddx/wddx.c Tue Jul 13 09:15:30 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: wddx.c,v 1.96.2.5 2003/10/20 15:42:10 moriyoshi Exp $ */
+/* $Id: wddx.c,v 1.96.2.5.2.1 2004/07/13 13:15:30 iliaa Exp $ */
#include "php.h"
#include "php_wddx.h"
@@ -1069,7 +1069,7 @@
case ST_DATETIME: {
char *tmp;
- tmp = do_alloca(len + 1);
+ tmp = emalloc(len + 1);
memcpy(tmp, s, len);
tmp[len] = '\0';
@@ -1080,7 +1080,7 @@
Z_STRLEN_P(ent->data) = len;
Z_STRVAL_P(ent->data) = estrndup(s, len);
}
- free_alloca(tmp);
+ efree(tmp);
}
default:
break;
http://cvs.php.net/diff.php/php-src/main/main.c?r1=1.512.2.53&r2=1.512.2.53.2.1&ty=u
Index: php-src/main/main.c
diff -u php-src/main/main.c:1.512.2.53 php-src/main/main.c:1.512.2.53.2.1
--- php-src/main/main.c:1.512.2.53 Sun Feb 8 23:05:56 2004
+++ php-src/main/main.c Tue Jul 13 09:15:31 2004
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: main.c,v 1.512.2.53 2004/02/09 04:05:56 iliaa Exp $ */
+/* $Id: main.c,v 1.512.2.53.2.1 2004/07/13 13:15:31 iliaa Exp $ */
/* {{{ includes
*/
@@ -1369,6 +1369,7 @@
int _gpc_flags[5] = {0, 0, 0, 0, 0};
zend_bool have_variables_order;
zval *dummy_track_vars_array = NULL;
+ zval *env_vars = NULL;
zend_bool initialized_dummy_track_vars_array=0;
int i;
char *variables_order;
@@ -1401,9 +1402,10 @@
} else {
variables_order = PG(gpc_order);
have_variables_order=0;
- ALLOC_ZVAL(PG(http_globals)[TRACK_VARS_ENV]);
- array_init(PG(http_globals)[TRACK_VARS_ENV]);
- INIT_PZVAL(PG(http_globals)[TRACK_VARS_ENV]);
+ ALLOC_ZVAL(env_vars);
+ array_init(env_vars);
+ INIT_PZVAL(env_vars);
+ PG(http_globals)[TRACK_VARS_ENV] = env_vars;
php_import_environment_variables(PG(http_globals)[TRACK_VARS_ENV]
TSRMLS_CC);
if (PG(register_globals)) {
php_autoglobal_merge(&EG(symbol_table),
Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_ENV]) TSRMLS_CC);
@@ -1446,9 +1448,10 @@
case 'E':
if (!_gpc_flags[3]) {
if (have_variables_order) {
-
ALLOC_ZVAL(PG(http_globals)[TRACK_VARS_ENV]);
-
array_init(PG(http_globals)[TRACK_VARS_ENV]);
-
INIT_PZVAL(PG(http_globals)[TRACK_VARS_ENV]);
+ ALLOC_ZVAL(env_vars);
+ array_init(env_vars);
+ INIT_PZVAL(env_vars);
+ PG(http_globals)[TRACK_VARS_ENV] =
env_vars;
php_import_environment_variables(PG(http_globals)[TRACK_VARS_ENV] TSRMLS_CC);
if (PG(register_globals)) {
php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_ENV])
TSRMLS_CC);
http://cvs.php.net/diff.php/php-src/main/php_version.h?r1=1.66.2.59.2.2&r2=1.66.2.59.2.3&ty=u
Index: php-src/main/php_version.h
diff -u php-src/main/php_version.h:1.66.2.59.2.2
php-src/main/php_version.h:1.66.2.59.2.3
--- php-src/main/php_version.h:1.66.2.59.2.2 Tue Jul 13 08:59:59 2004
+++ php-src/main/php_version.h Tue Jul 13 09:15:31 2004
@@ -3,5 +3,5 @@
#define PHP_MAJOR_VERSION 4
#define PHP_MINOR_VERSION 3
#define PHP_RELEASE_VERSION 8
-#define PHP_EXTRA_VERSION "-dev"
-#define PHP_VERSION "4.3.8-dev"
+#define PHP_EXTRA_VERSION ""
+#define PHP_VERSION "4.3.8"
http://cvs.php.net/diff.php/php-src/main/rfc1867.c?r1=1.122.2.21&r2=1.122.2.21.2.1&ty=u
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.122.2.21 php-src/main/rfc1867.c:1.122.2.21.2.1
--- php-src/main/rfc1867.c:1.122.2.21 Sun May 23 06:15:24 2004
+++ php-src/main/rfc1867.c Tue Jul 13 09:15:31 2004
@@ -16,7 +16,7 @@
| Jani Taskinen <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: rfc1867.c,v 1.122.2.21 2004/05/23 10:15:24 sesser Exp $ */
+/* $Id: rfc1867.c,v 1.122.2.21.2.1 2004/07/13 13:15:31 iliaa Exp $ */
/*
* This product includes software developed by the Apache Group
@@ -760,7 +760,7 @@
char *boundary, *s=NULL, *boundary_end = NULL, *start_arr=NULL,
*array_index=NULL;
char *temp_filename=NULL, *lbuf=NULL, *abuf=NULL;
int boundary_len=0, total_bytes=0, cancel_upload=0, is_arr_upload=0,
array_len=0, max_file_size=0, skip_upload=0;
- zval *http_post_files=NULL;
+ zval *http_post_files=NULL; HashTable *uploaded_files=NULL;
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL;
char **val_list = NULL;
@@ -811,8 +811,9 @@
/* Initialize $_FILES[] */
zend_hash_init(&PG(rfc1867_protected_variables), 5, NULL, NULL, 0);
- ALLOC_HASHTABLE(SG(rfc1867_uploaded_files));
- zend_hash_init(SG(rfc1867_uploaded_files), 5, NULL, (dtor_func_t)
free_estring, 0);
+ ALLOC_HASHTABLE(uploaded_files);
+ zend_hash_init(uploaded_files, 5, NULL, (dtor_func_t) free_estring, 0);
+ SG(rfc1867_uploaded_files) = uploaded_files;
ALLOC_ZVAL(http_post_files);
array_init(http_post_files);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
