dmitry Tue Sep 2 13:22:27 2008 UTC
Modified files:
/php-src/sapi/cgi cgi_main.c
/php-src/sapi/cgi/tests 010.phpt
Log:
Fixed bug #45860 (header() function fails to correctly replace all Status
lines)
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.364&r2=1.365&diff_format=u
Index: php-src/sapi/cgi/cgi_main.c
diff -u php-src/sapi/cgi/cgi_main.c:1.364 php-src/sapi/cgi/cgi_main.c:1.365
--- php-src/sapi/cgi/cgi_main.c:1.364 Tue Aug 26 15:37:38 2008
+++ php-src/sapi/cgi/cgi_main.c Tue Sep 2 13:22:27 2008
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: cgi_main.c,v 1.364 2008/08/26 15:37:38 rasmus Exp $ */
+/* $Id: cgi_main.c,v 1.365 2008/09/02 13:22:27 dmitry Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -375,6 +375,7 @@
char buf[SAPI_CGI_MAX_HEADER_LENGTH];
sapi_header_struct *h;
zend_llist_position pos;
+ zend_bool ignore_status = 0;
if (SG(request_info).no_headers == 1) {
return SAPI_HEADER_SENT_SUCCESSFULLY;
@@ -431,6 +432,7 @@
if (!has_status) {
PHPWRITE_H(buf, len);
+ ignore_status = 1;
}
}
@@ -438,8 +440,17 @@
while (h) {
/* prevent CRLFCRLF */
if (h->header_len) {
- PHPWRITE_H(h->header, h->header_len);
- PHPWRITE_H("\r\n", 2);
+ if (h->header_len > sizeof("Status:")-1 &&
+ strncasecmp(h->header, "Status:",
sizeof("Status:")-1) == 0) {
+ if (!ignore_status) {
+ ignore_status = 1;
+ PHPWRITE_H(h->header, h->header_len);
+ PHPWRITE_H("\r\n", 2);
+ }
+ } else {
+ PHPWRITE_H(h->header, h->header_len);
+ PHPWRITE_H("\r\n", 2);
+ }
}
h =
(sapi_header_struct*)zend_llist_get_next_ex(&sapi_headers->headers, &pos);
}
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/tests/010.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/sapi/cgi/tests/010.phpt
diff -u /dev/null php-src/sapi/cgi/tests/010.phpt:1.2
--- /dev/null Tue Sep 2 13:22:27 2008
+++ php-src/sapi/cgi/tests/010.phpt Tue Sep 2 13:22:27 2008
@@ -0,0 +1,53 @@
+--TEST--
+Bug #45860 (header() function fails to correctly replace all Status lines)
+--SKIPIF--
+<?php include "skipif.inc"; ?>
+--FILE--
+<?php
+
+include "include.inc";
+
+$php = get_cgi_path();
+reset_env_vars();
+
+$f = tempnam(sys_get_temp_dir(), 'cgitest');
+
+putenv("TRANSLATED_PATH=".$f."/x");
+putenv("SCRIPT_FILENAME=".$f."/x");
+file_put_contents($f, '<?php
+header("HTTP/1.1 403 Forbidden");
+header("Status: 403 Also Forbidden");
+?>');
+
+echo (`$php -n $f`);
+
+file_put_contents($f, '<?php
+header("HTTP/1.1 403 Forbidden");
+?>');
+
+echo (`$php -n $f`);
+
+file_put_contents($f, '<?php
+header("Status: 403 Also Forbidden");
+?>');
+
+echo (`$php -n $f`);
+
+echo "Done\n";
+
[EMAIL PROTECTED]($f);
+?>
+--EXPECTF--
+Status: 403 Forbidden
+X-Powered-By: PHP/%s
+Content-type: text/html%s
+
+Status: 403 Forbidden
+X-Powered-By: PHP/%s
+Content-type: text/html%s
+
+X-Powered-By: PHP/%s
+Status: 403 Also Forbidden
+Content-type: text/html%s
+
+Done
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
