cgi cgi_main.c

Ilia Alshanetsky Wed, 27 Feb 2008 16:52:25 -0800

iliaa           Thu Feb 28 00:52:11 2008 UTC

  Modified files:              
    /php-src/sapi/cgi   cgi_main.c 
  Log:
  MFB:  Fixed security issue detailed in CVE-2008-0599
  
  
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.349&r2=1.350&diff_format=u
Index: php-src/sapi/cgi/cgi_main.c
diff -u php-src/sapi/cgi/cgi_main.c:1.349 php-src/sapi/cgi/cgi_main.c:1.350
--- php-src/sapi/cgi/cgi_main.c:1.349   Fri Feb 15 14:51:52 2008
+++ php-src/sapi/cgi/cgi_main.c Thu Feb 28 00:52:11 2008
@@ -21,7 +21,7 @@
    +----------------------------------------------------------------------+
 */
 
-/* $Id: cgi_main.c,v 1.349 2008/02/15 14:51:52 dmitry Exp $ */
+/* $Id: cgi_main.c,v 1.350 2008/02/28 00:52:11 iliaa Exp $ */
 
 #include "php.h"
 #include "php_globals.h"
@@ -1111,7 +1111,7 @@
                                                ) {
                                                        /* PATH_TRANSLATED = 
PATH_TRANSLATED - SCRIPT_NAME + PATH_INFO */
                                                        int ptlen = strlen(pt) 
- strlen(env_script_name);
-                                                       int path_translated_len 
= ptlen + env_path_info ? strlen(env_path_info) : 0;
+                                                       int path_translated_len 
= ptlen + (env_path_info ? strlen(env_path_info) : 0);
                                                        char *path_translated = 
NULL;
 
                                                        path_translated = (char 
*) emalloc(path_translated_len + 1);


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src /sapi/cgi cgi_main.c

Reply via email to