iliaa Wed Jul 13 16:47:57 2005 EDT
Modified files: (Branch: PHP_4_4)
/php-src NEWS
/php-src/main rfc1867.c
Log:
MFH: Fixed bug #33673 (Added detection for partially uploaded files).
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.920.2.15&r2=1.1247.2.920.2.16&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.920.2.15 php-src/NEWS:1.1247.2.920.2.16
--- php-src/NEWS:1.1247.2.920.2.15 Tue Jul 12 03:17:33 2005
+++ php-src/NEWS Wed Jul 13 16:47:55 2005
@@ -1,6 +1,7 @@
PHP 4 NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2005, Version 4.4.1
+- Fixed bug #33673 (Added detection for partially uploaded files). (Ilia)
- Fixed bug #33156 (cygwin version of setitimer doesn't accept ITIMER_PROF).
(Nuno)
- Fixed bug #31158 (array_splice on $GLOBALS crashes). (Dmitry)
http://cvs.php.net/diff.php/php-src/main/rfc1867.c?r1=1.122.2.34&r2=1.122.2.34.2.1&ty=u
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.122.2.34 php-src/main/rfc1867.c:1.122.2.34.2.1
--- php-src/main/rfc1867.c:1.122.2.34 Mon Apr 4 10:59:58 2005
+++ php-src/main/rfc1867.c Wed Jul 13 16:47:56 2005
@@ -16,7 +16,7 @@
| Jani Taskinen <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: rfc1867.c,v 1.122.2.34 2005/04/04 14:59:58 thetaphi Exp $ */
+/* $Id: rfc1867.c,v 1.122.2.34.2.1 2005/07/13 20:47:56 iliaa Exp $ */
/*
* This product includes software developed by the Apache Group
@@ -127,6 +127,7 @@
#define UPLOAD_ERROR_C 3 /* Partially uploaded */
#define UPLOAD_ERROR_D 4 /* No file uploaded */
#define UPLOAD_ERROR_E 6 /* Missing /tmp or similar directory */
+#define UPLOAD_ERROR_F 7 /* Failed to write file to disk */
void php_rfc1867_register_constants(TSRMLS_D)
{
@@ -136,6 +137,7 @@
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_PARTIAL", UPLOAD_ERROR_C,
CONST_CS | CONST_PERSISTENT);
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_NO_FILE", UPLOAD_ERROR_D,
CONST_CS | CONST_PERSISTENT);
REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_NO_TMP_DIR", UPLOAD_ERROR_E,
CONST_CS | CONST_PERSISTENT);
+ REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_CANT_WRITE", UPLOAD_ERROR_F,
CONST_CS | CONST_PERSISTENT);
}
static void normalize_protected_variable(char *varname TSRMLS_DC)
@@ -700,7 +702,7 @@
/* read until a boundary condition */
-static int multipart_buffer_read(multipart_buffer *self, char *buf, int bytes
TSRMLS_DC)
+static int multipart_buffer_read(multipart_buffer *self, char *buf, int bytes,
int *end TSRMLS_DC)
{
int len, max;
char *bound;
@@ -713,6 +715,9 @@
/* look for a potential boundary match, only read data up to that point
*/
if ((bound = php_ap_memstr(self->buf_begin, self->bytes_in_buffer,
self->boundary_next, self->boundary_next_len, 1))) {
max = bound - self->buf_begin;
+ if (end && php_ap_memstr(self->buf_begin,
self->bytes_in_buffer, self->boundary_next, self->boundary_next_len, 0)) {
+ *end = 1;
+ }
} else {
max = self->bytes_in_buffer;
}
@@ -749,7 +754,7 @@
char buf[FILLUNIT], *out=NULL;
int total_bytes=0, read_bytes=0;
- while((read_bytes = multipart_buffer_read(self, buf, sizeof(buf)
TSRMLS_CC))) {
+ while((read_bytes = multipart_buffer_read(self, buf, sizeof(buf), NULL
TSRMLS_CC))) {
out = erealloc(out, total_bytes + read_bytes + 1);
memcpy(out + total_bytes, buf, read_bytes);
total_bytes += read_bytes;
@@ -853,6 +858,7 @@
if ((cd = php_mime_get_hdr_value(header,
"Content-Disposition"))) {
char *pair=NULL;
+ int end=0;
while (isspace(*cd)) {
++cd;
@@ -981,7 +987,8 @@
cancel_upload = UPLOAD_ERROR_D;
}
- while (!cancel_upload && (blen =
multipart_buffer_read(mbuff, buff, sizeof(buff) TSRMLS_CC)))
+ end = 0;
+ while (!cancel_upload && (blen =
multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC)))
{
if (PG(upload_max_filesize) > 0 && total_bytes
> PG(upload_max_filesize)) {
sapi_module.sapi_error(E_WARNING,
"upload_max_filesize of %ld bytes exceeded - file [%s=%s] not saved",
PG(upload_max_filesize), param, filename);
@@ -994,7 +1001,7 @@
if (wlen < blen) {
sapi_module.sapi_error(E_WARNING, "Only %d bytes were written, expected to
write %d", wlen, blen);
- cancel_upload = UPLOAD_ERROR_C;
+ cancel_upload = UPLOAD_ERROR_F;
} else {
total_bytes += wlen;
}
@@ -1004,6 +1011,13 @@
close(fd);
}
+ if (!cancel_upload && !end) {
+#ifdef DEBUG_FILE_UPLOAD
+ sapi_module.sapi_error(E_NOTICE, "Missing mime
boundary at the end of the data for file %s", strlen(filename) > 0 ? filename :
"");
+#endif
+ cancel_upload = UPLOAD_ERROR_C;
+ }
+
#ifdef DEBUG_FILE_UPLOAD
if(strlen(filename) > 0 && total_bytes == 0 &&
!cancel_upload) {
sapi_module.sapi_error(E_WARNING, "Uploaded
file size 0 - file [%s=%s] not saved", param, filename);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
