iliaa Thu Jul 27 17:04:16 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/main rfc1867.c
Log:
Binary safe multipart request handling
http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?r1=1.173.2.1.2.1&r2=1.173.2.1.2.2&diff_format=u
Index: php-src/main/rfc1867.c
diff -u php-src/main/rfc1867.c:1.173.2.1.2.1
php-src/main/rfc1867.c:1.173.2.1.2.2
--- php-src/main/rfc1867.c:1.173.2.1.2.1 Sat Jul 22 16:38:29 2006
+++ php-src/main/rfc1867.c Thu Jul 27 17:04:15 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: rfc1867.c,v 1.173.2.1.2.1 2006/07/22 16:38:29 sesser Exp $ */
+/* $Id: rfc1867.c,v 1.173.2.1.2.2 2006/07/27 17:04:15 iliaa Exp $ */
/*
* This product includes software developed by the Apache Group
@@ -40,7 +40,7 @@
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
#include "ext/mbstring/mbstring.h"
-static void safe_php_register_variable(char *var, char *strval, zval
*track_vars_array, zend_bool override_protection TSRMLS_DC);
+static void safe_php_register_variable(char *var, char *strval, int val_len,
zval *track_vars_array, zend_bool override_protection TSRMLS_DC);
#define SAFE_RETURN { \
php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr
TSRMLS_CC); \
@@ -64,7 +64,7 @@
php_mb_gpc_encoding_converter(val_list, len_list,
num_vars, NULL, NULL TSRMLS_CC);
}
for (i=0; i<num_vars; i+=2){
- safe_php_register_variable(val_list[i], val_list[i+1],
array_ptr, 0 TSRMLS_CC);
+ safe_php_register_variable(val_list[i], val_list[i+1],
len_list[i+1], array_ptr, 0 TSRMLS_CC);
efree(val_list[i]);
efree(val_list[i+1]);
}
@@ -223,10 +223,10 @@
}
-static void safe_php_register_variable(char *var, char *strval, zval
*track_vars_array, zend_bool override_protection TSRMLS_DC)
+static void safe_php_register_variable(char *var, char *strval, int val_len,
zval *track_vars_array, zend_bool override_protection TSRMLS_DC)
{
if (override_protection || !is_protected_variable(var TSRMLS_CC)) {
- php_register_variable(var, strval, track_vars_array TSRMLS_CC);
+ php_register_variable_safe(var, strval, val_len,
track_vars_array TSRMLS_CC);
}
}
@@ -244,7 +244,7 @@
int register_globals = PG(register_globals);
PG(register_globals) = 0;
- safe_php_register_variable(strvar, val, http_post_files,
override_protection TSRMLS_CC);
+ safe_php_register_variable(strvar, val, strlen(val), http_post_files,
override_protection TSRMLS_CC);
PG(register_globals) = register_globals;
}
@@ -757,7 +757,7 @@
XXX: this is horrible memory-usage-wise, but we only expect
to do this on small pieces of form data.
*/
-static char *multipart_buffer_read_body(multipart_buffer *self TSRMLS_DC)
+static char *multipart_buffer_read_body(multipart_buffer *self, unsigned int
*len TSRMLS_DC)
{
char buf[FILLUNIT], *out=NULL;
int total_bytes=0, read_bytes=0;
@@ -769,6 +769,7 @@
}
if (out) out[total_bytes] = '\0';
+ *len = total_bytes;
return out;
}
@@ -915,15 +916,15 @@
/* Normal form variable, safe to read all data into
memory */
if (!filename && param) {
-
- char *value = multipart_buffer_read_body(mbuff
TSRMLS_CC);
+ unsigned int value_len;
+ char *value = multipart_buffer_read_body(mbuff,
&value_len TSRMLS_CC);
unsigned int new_val_len; /* Dummy variable */
if (!value) {
value = estrdup("");
}
- if (sapi_module.input_filter(PARSE_POST, param,
&value, strlen(value), &new_val_len TSRMLS_CC)) {
+ if (sapi_module.input_filter(PARSE_POST, param,
&value, value_len, &new_val_len TSRMLS_CC)) {
if (php_rfc1867_callback != NULL) {
multipart_event_formdata
event_formdata;
size_t newlength = 0;
@@ -940,16 +941,16 @@
}
new_val_len = newlength;
}
-
+
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
if
(php_mb_encoding_translation(TSRMLS_C)) {
php_mb_gpc_stack_variable(param, value, &val_list, &len_list,
&num_vars, &num_vars_max TSRMLS_CC);
} else {
-
safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
+
safe_php_register_variable(param, value, new_val_len, array_ptr, 0 TSRMLS_CC);
}
#else
- safe_php_register_variable(param,
value, array_ptr, 0 TSRMLS_CC);
+ safe_php_register_variable(param,
value, new_val_len, array_ptr, 0 TSRMLS_CC);
#endif
}
if (!strcasecmp(param, "MAX_FILE_SIZE")) {
@@ -1198,9 +1199,9 @@
if (!is_anonymous) {
if (s && s > filename) {
- safe_php_register_variable(lbuf, s+1,
NULL, 0 TSRMLS_CC);
+ safe_php_register_variable(lbuf, s+1,
strlen(s+1), NULL, 0 TSRMLS_CC);
} else {
- safe_php_register_variable(lbuf,
filename, NULL, 0 TSRMLS_CC);
+ safe_php_register_variable(lbuf,
filename, strlen(filename), NULL, 0 TSRMLS_CC);
}
}
@@ -1236,7 +1237,7 @@
sprintf(lbuf, "%s_type", param);
}
if (!is_anonymous) {
- safe_php_register_variable(lbuf, cd, NULL, 0
TSRMLS_CC);
+ safe_php_register_variable(lbuf, cd,
strlen(cd), NULL, 0 TSRMLS_CC);
}
/* Add $foo[type] */
@@ -1260,7 +1261,7 @@
PG(magic_quotes_gpc) = 0;
/* if param is of form xxx[.*] this will cut it to xxx
*/
if (!is_anonymous) {
- safe_php_register_variable(param,
temp_filename, NULL, 1 TSRMLS_CC);
+ safe_php_register_variable(param,
temp_filename, strlen(temp_filename), NULL, 1 TSRMLS_CC);
}
/* Add $foo[tmp_name] */
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
