iliaa Tue Oct 4 20:43:39 2005 EDT
Modified files: (Branch: PHP_5_1)
/php-src/sapi/apache2handler sapi_apache2.c
/php-src NEWS
Log:
MFH: Fixed possible INI setting leak via virtual() in Apache 2 sapi.
http://cvs.php.net/diff.php/php-src/sapi/apache2handler/sapi_apache2.c?r1=1.57.2.2&r2=1.57.2.3&ty=u
Index: php-src/sapi/apache2handler/sapi_apache2.c
diff -u php-src/sapi/apache2handler/sapi_apache2.c:1.57.2.2
php-src/sapi/apache2handler/sapi_apache2.c:1.57.2.3
--- php-src/sapi/apache2handler/sapi_apache2.c:1.57.2.2 Fri Sep 2 09:51:47 2005
+++ php-src/sapi/apache2handler/sapi_apache2.c Tue Oct 4 20:43:38 2005
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: sapi_apache2.c,v 1.57.2.2 2005/09/02 13:51:47 sniper Exp $ */
+/* $Id: sapi_apache2.c,v 1.57.2.3 2005/10/05 00:43:38 iliaa Exp $ */
#define ZEND_INCLUDE_FULL_WINDOWS_HEADERS
@@ -453,6 +453,11 @@
request_rec *parent_req = NULL;
TSRMLS_FETCH();
+#define PHPAP_INI_OFF \
+ if (strcmp(r->protocol, "INCLUDED")) { \
+ zend_try { zend_ini_deactivate(TSRMLS_C); } zend_end_try(); \
+ } \
+
conf = ap_get_module_config(r->per_dir_config, &php5_module);
/* apply_config() needs r in some cases, so allocate server_context
early */
@@ -475,9 +480,7 @@
if (strcmp(r->handler, PHP_MAGIC_TYPE) && strcmp(r->handler,
PHP_SOURCE_MAGIC_TYPE) && strcmp(r->handler, PHP_SCRIPT)) {
/* Check for xbithack in this case. */
if (!AP2(xbithack) || strcmp(r->handler, "text/html") ||
!(r->finfo.protection & APR_UEXECUTE)) {
- zend_try {
- zend_ini_deactivate(TSRMLS_C);
- } zend_end_try();
+ PHPAP_INI_OFF;
return DECLINED;
}
}
@@ -486,32 +489,24 @@
* the configuration; default behaviour is to accept. */
if (r->used_path_info == AP_REQ_REJECT_PATH_INFO
&& r->path_info && r->path_info[0]) {
- zend_try {
- zend_ini_deactivate(TSRMLS_C);
- } zend_end_try();
+ PHPAP_INI_OFF;
return HTTP_NOT_FOUND;
}
/* handle situations where user turns the engine off */
if (!AP2(engine)) {
- zend_try {
- zend_ini_deactivate(TSRMLS_C);
- } zend_end_try();
+ PHPAP_INI_OFF;
return DECLINED;
}
if (r->finfo.filetype == 0) {
php_apache_sapi_log_message_ex("script '%s' not found or unable
to stat", r);
- zend_try {
- zend_ini_deactivate(TSRMLS_C);
- } zend_end_try();
+ PHPAP_INI_OFF;
return HTTP_NOT_FOUND;
}
if (r->finfo.filetype == APR_DIR) {
php_apache_sapi_log_message_ex("attempt to invoke directory
'%s' as script", r);
- zend_try {
- zend_ini_deactivate(TSRMLS_C);
- } zend_end_try();
+ PHPAP_INI_OFF;
return HTTP_FORBIDDEN;
}
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.2027.2.92&r2=1.2027.2.93&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.92 php-src/NEWS:1.2027.2.93
--- php-src/NEWS:1.2027.2.92 Tue Oct 4 16:48:17 2005
+++ php-src/NEWS Tue Oct 4 20:43:38 2005
@@ -30,6 +30,7 @@
. ext/oracle (Jani, Derick)
. ext/ovrimos (Jani, Derick, Pierre)
. ext/pfpro (Jani, Derick, Pierre)
+- Fixed possible INI setting leak via virtual() in Apache 2 sapi. (Ilia)
- Fixed potential GLOBALS overwrite via import_request_variables() and
possible crash and/or memory corruption. (Ilia)
- Fixed possible GLOBALS variable override when register_globals are ON.
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
