iliaa Tue Jul 12 12:53:34 2005 EDT
Modified files:
/php-src/main main.c SAPI.c
Log:
Fixed double-free in the digest authentication handling.
# Found and Reported by Stefan Esser
http://cvs.php.net/diff.php/php-src/main/main.c?r1=1.635&r2=1.636&ty=u
Index: php-src/main/main.c
diff -u php-src/main/main.c:1.635 php-src/main/main.c:1.636
--- php-src/main/main.c:1.635 Tue Jul 5 10:13:46 2005
+++ php-src/main/main.c Tue Jul 12 12:53:29 2005
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: main.c,v 1.635 2005/07/05 14:13:46 dmitry Exp $ */
+/* $Id: main.c,v 1.636 2005/07/12 16:53:29 iliaa Exp $ */
/* {{{ includes
*/
@@ -1767,13 +1767,19 @@
if (ret == -1) {
SG(request_info).auth_user = SG(request_info).auth_password =
NULL;
+ } else {
+ SG(request_info).auth_digest = NULL;
}
- if (auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7) == 0) {
+ if (ret == -1 && auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7)
== 0) {
SG(request_info).auth_digest = estrdup(auth);
ret = 0;
}
+ if (ret == -1) {
+ SG(request_info).auth_digest = NULL;
+ }
+
return ret;
}
/* }}} */
http://cvs.php.net/diff.php/php-src/main/SAPI.c?r1=1.200&r2=1.201&ty=u
Index: php-src/main/SAPI.c
diff -u php-src/main/SAPI.c:1.200 php-src/main/SAPI.c:1.201
--- php-src/main/SAPI.c:1.200 Mon Apr 4 11:06:27 2005
+++ php-src/main/SAPI.c Tue Jul 12 12:53:30 2005
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: SAPI.c,v 1.200 2005/04/04 15:06:27 hirokawa Exp $ */
+/* $Id: SAPI.c,v 1.201 2005/07/12 16:53:30 iliaa Exp $ */
#include <ctype.h>
#include <sys/stat.h>
@@ -455,7 +455,7 @@
{
SG(server_context) = NULL;
SG(request_info).request_method = NULL;
- SG(request_info).auth_user = SG(request_info).auth_password = NULL;
+ SG(request_info).auth_digest = SG(request_info).auth_user =
SG(request_info).auth_password = NULL;
SG(request_info).content_type_dup = NULL;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
