tony2001 Thu Mar 15 23:19:22 2007 UTC
Modified files: (Branch: PHP_4_4)
/php-src NEWS
/php-src/ext/curl curl.c
Log:
fix #40831 (cURL extension doesn't clean up the buffer of reused handle)
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.209&r2=1.1247.2.920.2.210&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.920.2.209 php-src/NEWS:1.1247.2.920.2.210
--- php-src/NEWS:1.1247.2.920.2.209 Wed Mar 14 19:42:59 2007
+++ php-src/NEWS Thu Mar 15 23:19:21 2007
@@ -8,6 +8,8 @@
- Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre)
- Fixed CVE-2007-0455, Buffer overflow in gdImageStringFTEx (used by imagettf
function) (Kees Cook, Pierre)
+- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused
+ handle). (Tony)
- Fixed bug #40747 (possible crash in session when save_path is out of
open_basedir). (Tony)
- Fixed MOPB-8, XSS in phpinfo() (Joe Orton, Stas)
http://cvs.php.net/viewvc.cgi/php-src/ext/curl/curl.c?r1=1.124.2.30.2.18&r2=1.124.2.30.2.19&diff_format=u
Index: php-src/ext/curl/curl.c
diff -u php-src/ext/curl/curl.c:1.124.2.30.2.18
php-src/ext/curl/curl.c:1.124.2.30.2.19
--- php-src/ext/curl/curl.c:1.124.2.30.2.18 Mon Feb 26 09:14:41 2007
+++ php-src/ext/curl/curl.c Thu Mar 15 23:19:21 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: curl.c,v 1.124.2.30.2.18 2007/02/26 09:14:41 tony2001 Exp $ */
+/* $Id: curl.c,v 1.124.2.30.2.19 2007/03/15 23:19:21 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -1262,10 +1262,6 @@
static void
cleanup_handle(php_curl *ch)
{
- if (ch->uses < 1) {
- return;
- }
-
if (ch->handlers->write->buf.len > 0) {
smart_str_free(&ch->handlers->write->buf);
ch->handlers->write->buf.len = 0;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
