I am waiting while bug submitter will test patch. Dmitry.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Hannes Magnusson > Sent: Monday, May 22, 2006 2:26 PM > To: Dmitry Stogov > Cc: php-cvs@lists.php.net > Subject: Re: [PHP-CVS] cvs: php-src(PHP_5_2) /sapi/cgi fastcgi.c > > > NEWS entry? > > On 5/22/06, Dmitry Stogov <[EMAIL PROTECTED]> wrote: > > dmitry Mon May 22 09:22:20 2006 UTC > > > > Modified files: (Branch: PHP_5_2) > > /php-src/sapi/cgi fastcgi.c > > Log: > > Fixed bug #37496 (FastCGI output buffer overrun) > > > > > > > http://cvs.php.net/viewcvs.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.4.2.13. > > 2.3&r2=1.4.2.13.2.4&diff_format=u > > Index: php-src/sapi/cgi/fastcgi.c > > diff -u php-src/sapi/cgi/fastcgi.c:1.4.2.13.2.3 > php-src/sapi/cgi/fastcgi.c:1.4.2.13.2.4 > > --- php-src/sapi/cgi/fastcgi.c:1.4.2.13.2.3 Mon May 22 > 06:49:48 2006 > > +++ php-src/sapi/cgi/fastcgi.c Mon May 22 09:22:20 2006 > > @@ -16,7 +16,7 @@ > > > > > +------------------------------------------------------------- > ---------+ > > */ > > > > -/* $Id: fastcgi.c,v 1.4.2.13.2.3 2006/05/22 06:49:48 > tony2001 Exp $ > > */ > > +/* $Id: fastcgi.c,v 1.4.2.13.2.4 2006/05/22 09:22:20 > dmitry Exp $ */ > > > > #include "php.h" > > #include "fastcgi.h" > > @@ -764,15 +764,17 @@ > > if (req->out_hdr && req->out_hdr->type != type) { > > close_packet(req); > > } > > - rest = len; > > #if 0 > > - /* Unoptinmzed, but clear version */ > > + /* Unoptimized, but clear version */ > > + rest = len; > > while (rest > 0) { > > limit = sizeof(req->out_buf) - (req->out_pos - > > req->out_buf); > > > > if (!req->out_hdr) { > > if (limit < sizeof(fcgi_header)) { > > - fcgi_flush(req, 0); > > + if (!fcgi_flush(req, 0)) { > > + return -1; > > + } > > } > > open_packet(req, type); > > } > > @@ -786,32 +788,38 @@ > > req->out_pos += limit; > > rest -= limit; > > str += limit; > > - fcgi_flush(req, 0); > > + if (!fcgi_flush(req, 0)) { > > + return -1; > > + } > > } > > } > > #else > > - /* Optinmzed version */ > > + /* Optimized version */ > > + limit = sizeof(req->out_buf) - (req->out_pos - > req->out_buf); > > if (!req->out_hdr) { > > - rest += sizeof(fcgi_header); > > + limit -= sizeof(fcgi_header); > > } > > - limit = sizeof(req->out_buf) - (req->out_pos - > req->out_buf); > > > > - if (rest < limit) { > > + if (len < limit) { > > if (!req->out_hdr) { > > open_packet(req, type); > > } > > memcpy(req->out_pos, str, len); > > req->out_pos += len; > > - } else if (rest - limit < sizeof(req->out_buf) - > sizeof(fcgi_header)) { > > + } else if (len - limit < sizeof(req->out_buf) - > > + sizeof(fcgi_header)) { > > if (!req->out_hdr) { > > open_packet(req, type); > > } > > memcpy(req->out_pos, str, limit); > > req->out_pos += limit; > > - fcgi_flush(req, 0); > > - open_packet(req, type); > > - memcpy(req->out_pos, str + limit, len - limit); > > - req->out_pos += len - limit; > > + if (!fcgi_flush(req, 0)) { > > + return -1; > > + } > > + if (len > limit) { > > + open_packet(req, type); > > + memcpy(req->out_pos, str + limit, > len - limit); > > + req->out_pos += len - limit; > > + } > > } else { > > int pos = 0; > > int pad; > > @@ -821,7 +829,9 @@ > > open_packet(req, type); > > fcgi_make_header(req->out_hdr, > type, req->id, 0xfff8); > > req->out_hdr = NULL; > > - fcgi_flush(req, 0); > > + if (!fcgi_flush(req, 0)) { > > + return -1; > > + } > > if (safe_write(req, str + pos, > 0xfff8) != 0xfff8) { > > req->keep = 0; > > return -1; > > @@ -835,7 +845,9 @@ > > open_packet(req, type); > > fcgi_make_header(req->out_hdr, type, > req->id, (len - pos) - rest); > > req->out_hdr = NULL; > > - fcgi_flush(req, 0); > > + if (!fcgi_flush(req, 0)) { > > + return -1; > > + } > > if (safe_write(req, str + pos, (len - pos) > - rest) != (len - pos) - rest) { > > req->keep = 0; > > return -1; > > > > -- > > PHP CVS Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
