streams memory.c

Marcus Boerger Sun, 21 May 2006 06:35:14 -0700

helly           Sun May 21 13:35:06 2006 UTC

  Added files:                 
    /php-src/ext/standard/tests/file    stream_rfc2397_006.phpt


  Modified files:              
    /php-src/main/streams       memory.c 
  Log:
  - Handle corrupt base64 data in data: url
  
http://cvs.php.net/viewcvs.cgi/php-src/main/streams/memory.c?r1=1.20&r2=1.21&diff_format=u
Index: php-src/main/streams/memory.c
diff -u php-src/main/streams/memory.c:1.20 php-src/main/streams/memory.c:1.21
--- php-src/main/streams/memory.c:1.20  Sun May 14 19:13:17 2006
+++ php-src/main/streams/memory.c       Sun May 21 13:35:06 2006
@@ -16,7 +16,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: memory.c,v 1.20 2006/05/14 19:13:17 helly Exp $ */
+/* $Id: memory.c,v 1.21 2006/05/21 13:35:06 helly Exp $ */
 
 #define _GNU_SOURCE
 #include "php.h"
@@ -652,21 +652,25 @@
        }
        add_assoc_bool(meta, "base64", base64);
 
+       /* skip ',' */
+       comma++;
+       dlen--;
+
+       if (base64) {
+               comma = (char*)php_base64_decode((const unsigned char *)comma, 
dlen, &ilen);
+               if (!comma) {
+                       php_stream_wrapper_log_error(wrapper, options 
TSRMLS_CC, "rfc2397: unable to decode");
+                       return NULL;
+               }
+       } else {
+               comma = estrndup(comma, dlen);
+               ilen = dlen = php_url_decode(comma, dlen);
+       }
+
        if ((stream = php_stream_temp_create_rel(0, ~0u)) != NULL) {
-               /* skip ',' */
-               comma++;
-               dlen--;
                /* store data */
-               if (base64) {
-                       comma = (char*)php_base64_decode((const unsigned char 
*)comma, dlen, &ilen);
-                       php_stream_temp_write(stream, comma, ilen TSRMLS_CC);
-                       efree(comma);
-               } else {
-                       comma = estrndup(comma, dlen);
-                       dlen = php_url_decode(comma, dlen);
-                       php_stream_temp_write(stream, comma, dlen TSRMLS_CC);
-                       efree(comma);
-               }
+               php_stream_temp_write(stream, comma, ilen TSRMLS_CC);
+               efree(comma);
                php_stream_temp_seek(stream, 0, SEEK_SET, &newoffs TSRMLS_CC);
                /* set special stream stuff (enforce exact mode) */
                vlen = strlen(mode);

http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/tests/file/stream_rfc2397_006.phpt?view=markup&rev=1.1
Index: php-src/ext/standard/tests/file/stream_rfc2397_006.phpt
+++ php-src/ext/standard/tests/file/stream_rfc2397_006.phpt
--TEST--
Stream: RFC2397 with corrupt? payload
--FILE--
<?php

$streams = array(
        "data:;base64,\0Zm9vYmFyIGZvb2Jhcg==",
        "data:;base64,Zm9vYmFy\0IGZvb2Jhcg==",
        'data:;base64,#Zm9vYmFyIGZvb2Jhcg==',
        'data:;base64,#Zm9vYmFyIGZvb2Jhc=',
        );

foreach($streams as $stream)
{
        var_dump(file_get_contents($stream));
}

?>
===DONE===
<?php exit(0); ?>
--EXPECTF--
string(0) ""
string(6) "foobar"
string(13) "foobar foobar"

Warning: file_get_contents(data:;base64,#Zm9vYmFyIGZvb2Jhc=): failed to open 
stream: rfc2397: unable to decode in %sstream_rfc2397_006.php on line %d
bool(false)
===DONE===

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src /ext/standard/tests/file stream_rfc2397_006.phpt /main/streams memory.c

Reply via email to