standard url.c

Ilia Alshanetsky Wed, 25 May 2005 21:51:41 -0700

iliaa           Wed May 25 23:56:23 2005 EDT

  Modified files:              
    /php-src/ext/standard       url.c 
  Log:
  Added scheme validation for parse_url().
  
  
http://cvs.php.net/diff.php/php-src/ext/standard/url.c?r1=1.84&r2=1.85&ty=u
Index: php-src/ext/standard/url.c
diff -u php-src/ext/standard/url.c:1.84 php-src/ext/standard/url.c:1.85
--- php-src/ext/standard/url.c:1.84     Mon Apr 25 19:47:37 2005
+++ php-src/ext/standard/url.c  Wed May 25 23:56:21 2005
@@ -15,7 +15,7 @@
    | Author: Jim Winstead <[EMAIL PROTECTED]>                                  
|
    +----------------------------------------------------------------------+
  */
-/* $Id: url.c,v 1.84 2005/04/25 23:47:37 iliaa Exp $ */
+/* $Id: url.c,v 1.85 2005/05/26 03:56:21 iliaa Exp $ */
 
 #include <stdlib.h>
 #include <string.h>
@@ -104,6 +104,19 @@
 
        /* parse scheme */
        if ((e = memchr(s, ':', length)) && (e - s)) {
+               /* validate scheme */
+               p = s;
+               while (p < e) {
+                       if (!isalnum(*p)) {
+                               if (e + 1 < ue) {
+                                       goto parse_port;
+                               } else {
+                                       goto just_path;
+                               }
+                       }
+                       p++;
+               }
+       
                if (*(e + 1) == '\0') { /* only scheme is available */
                        ret->scheme = estrndup(s, (e - s));
                        php_replace_controlchars_ex(ret->scheme, (e - s));


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src /ext/standard url.c

Reply via email to