iliaa Tue Oct 4 20:43:39 2005 EDT Modified files: (Branch: PHP_5_1) /php-src/sapi/apache2handler sapi_apache2.c /php-src NEWS Log: MFH: Fixed possible INI setting leak via virtual() in Apache 2 sapi. http://cvs.php.net/diff.php/php-src/sapi/apache2handler/sapi_apache2.c?r1=1.57.2.2&r2=1.57.2.3&ty=u Index: php-src/sapi/apache2handler/sapi_apache2.c diff -u php-src/sapi/apache2handler/sapi_apache2.c:1.57.2.2 php-src/sapi/apache2handler/sapi_apache2.c:1.57.2.3 --- php-src/sapi/apache2handler/sapi_apache2.c:1.57.2.2 Fri Sep 2 09:51:47 2005 +++ php-src/sapi/apache2handler/sapi_apache2.c Tue Oct 4 20:43:38 2005 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: sapi_apache2.c,v 1.57.2.2 2005/09/02 13:51:47 sniper Exp $ */ +/* $Id: sapi_apache2.c,v 1.57.2.3 2005/10/05 00:43:38 iliaa Exp $ */ #define ZEND_INCLUDE_FULL_WINDOWS_HEADERS @@ -453,6 +453,11 @@ request_rec *parent_req = NULL; TSRMLS_FETCH(); +#define PHPAP_INI_OFF \ + if (strcmp(r->protocol, "INCLUDED")) { \ + zend_try { zend_ini_deactivate(TSRMLS_C); } zend_end_try(); \ + } \ + conf = ap_get_module_config(r->per_dir_config, &php5_module); /* apply_config() needs r in some cases, so allocate server_context early */ @@ -475,9 +480,7 @@ if (strcmp(r->handler, PHP_MAGIC_TYPE) && strcmp(r->handler, PHP_SOURCE_MAGIC_TYPE) && strcmp(r->handler, PHP_SCRIPT)) { /* Check for xbithack in this case. */ if (!AP2(xbithack) || strcmp(r->handler, "text/html") || !(r->finfo.protection & APR_UEXECUTE)) { - zend_try { - zend_ini_deactivate(TSRMLS_C); - } zend_end_try(); + PHPAP_INI_OFF; return DECLINED; } } @@ -486,32 +489,24 @@ * the configuration; default behaviour is to accept. */ if (r->used_path_info == AP_REQ_REJECT_PATH_INFO && r->path_info && r->path_info[0]) { - zend_try { - zend_ini_deactivate(TSRMLS_C); - } zend_end_try(); + PHPAP_INI_OFF; return HTTP_NOT_FOUND; } /* handle situations where user turns the engine off */ if (!AP2(engine)) { - zend_try { - zend_ini_deactivate(TSRMLS_C); - } zend_end_try(); + PHPAP_INI_OFF; return DECLINED; } if (r->finfo.filetype == 0) { php_apache_sapi_log_message_ex("script '%s' not found or unable to stat", r); - zend_try { - zend_ini_deactivate(TSRMLS_C); - } zend_end_try(); + PHPAP_INI_OFF; return HTTP_NOT_FOUND; } if (r->finfo.filetype == APR_DIR) { php_apache_sapi_log_message_ex("attempt to invoke directory '%s' as script", r); - zend_try { - zend_ini_deactivate(TSRMLS_C); - } zend_end_try(); + PHPAP_INI_OFF; return HTTP_FORBIDDEN; } http://cvs.php.net/diff.php/php-src/NEWS?r1=1.2027.2.92&r2=1.2027.2.93&ty=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.92 php-src/NEWS:1.2027.2.93 --- php-src/NEWS:1.2027.2.92 Tue Oct 4 16:48:17 2005 +++ php-src/NEWS Tue Oct 4 20:43:38 2005 @@ -30,6 +30,7 @@ . ext/oracle (Jani, Derick) . ext/ovrimos (Jani, Derick, Pierre) . ext/pfpro (Jani, Derick, Pierre) +- Fixed possible INI setting leak via virtual() in Apache 2 sapi. (Ilia) - Fixed potential GLOBALS overwrite via import_request_variables() and possible crash and/or memory corruption. (Ilia) - Fixed possible GLOBALS variable override when register_globals are ON.
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php