dmitry Tue Sep 2 13:22:27 2008 UTC Modified files: /php-src/sapi/cgi cgi_main.c /php-src/sapi/cgi/tests 010.phpt Log: Fixed bug #45860 (header() function fails to correctly replace all Status lines) http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.364&r2=1.365&diff_format=u Index: php-src/sapi/cgi/cgi_main.c diff -u php-src/sapi/cgi/cgi_main.c:1.364 php-src/sapi/cgi/cgi_main.c:1.365 --- php-src/sapi/cgi/cgi_main.c:1.364 Tue Aug 26 15:37:38 2008 +++ php-src/sapi/cgi/cgi_main.c Tue Sep 2 13:22:27 2008 @@ -21,7 +21,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: cgi_main.c,v 1.364 2008/08/26 15:37:38 rasmus Exp $ */ +/* $Id: cgi_main.c,v 1.365 2008/09/02 13:22:27 dmitry Exp $ */ #include "php.h" #include "php_globals.h" @@ -375,6 +375,7 @@ char buf[SAPI_CGI_MAX_HEADER_LENGTH]; sapi_header_struct *h; zend_llist_position pos; + zend_bool ignore_status = 0; if (SG(request_info).no_headers == 1) { return SAPI_HEADER_SENT_SUCCESSFULLY; @@ -431,6 +432,7 @@ if (!has_status) { PHPWRITE_H(buf, len); + ignore_status = 1; } } @@ -438,8 +440,17 @@ while (h) { /* prevent CRLFCRLF */ if (h->header_len) { - PHPWRITE_H(h->header, h->header_len); - PHPWRITE_H("\r\n", 2); + if (h->header_len > sizeof("Status:")-1 && + strncasecmp(h->header, "Status:", sizeof("Status:")-1) == 0) { + if (!ignore_status) { + ignore_status = 1; + PHPWRITE_H(h->header, h->header_len); + PHPWRITE_H("\r\n", 2); + } + } else { + PHPWRITE_H(h->header, h->header_len); + PHPWRITE_H("\r\n", 2); + } } h = (sapi_header_struct*)zend_llist_get_next_ex(&sapi_headers->headers, &pos); } http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/tests/010.phpt?r1=1.1&r2=1.2&diff_format=u Index: php-src/sapi/cgi/tests/010.phpt diff -u /dev/null php-src/sapi/cgi/tests/010.phpt:1.2 --- /dev/null Tue Sep 2 13:22:27 2008 +++ php-src/sapi/cgi/tests/010.phpt Tue Sep 2 13:22:27 2008 @@ -0,0 +1,53 @@ +--TEST-- +Bug #45860 (header() function fails to correctly replace all Status lines) +--SKIPIF-- +<?php include "skipif.inc"; ?> +--FILE-- +<?php + +include "include.inc"; + +$php = get_cgi_path(); +reset_env_vars(); + +$f = tempnam(sys_get_temp_dir(), 'cgitest'); + +putenv("TRANSLATED_PATH=".$f."/x"); +putenv("SCRIPT_FILENAME=".$f."/x"); +file_put_contents($f, '<?php +header("HTTP/1.1 403 Forbidden"); +header("Status: 403 Also Forbidden"); +?>'); + +echo (`$php -n $f`); + +file_put_contents($f, '<?php +header("HTTP/1.1 403 Forbidden"); +?>'); + +echo (`$php -n $f`); + +file_put_contents($f, '<?php +header("Status: 403 Also Forbidden"); +?>'); + +echo (`$php -n $f`); + +echo "Done\n"; + [EMAIL PROTECTED]($f); +?> +--EXPECTF-- +Status: 403 Forbidden +X-Powered-By: PHP/%s +Content-type: text/html%s + +Status: 403 Forbidden +X-Powered-By: PHP/%s +Content-type: text/html%s + +X-Powered-By: PHP/%s +Status: 403 Also Forbidden +Content-type: text/html%s + +Done
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php