lbarnaud Sat Sep 6 08:22:25 2008 UTC Modified files: /php-src/main rfc1867.c Log: Fix mem leak and invalid frees in rfc1867 post handler http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?r1=1.193&r2=1.194&diff_format=u Index: php-src/main/rfc1867.c diff -u php-src/main/rfc1867.c:1.193 php-src/main/rfc1867.c:1.194 --- php-src/main/rfc1867.c:1.193 Fri Mar 14 13:10:22 2008 +++ php-src/main/rfc1867.c Sat Sep 6 08:22:25 2008 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: rfc1867.c,v 1.193 2008/03/14 13:10:22 tony2001 Exp $ */ +/* $Id: rfc1867.c,v 1.194 2008/09/06 08:22:25 lbarnaud Exp $ */ /* * This product includes software developed by the Apache Group @@ -1300,13 +1300,13 @@ if (cancel_upload != UPLOAD_ERROR_E) { /* file creation failed */ unlink(ascii_temp_filename); } - efree(ascii_temp_filename); efree(temp_filename); } temp_filename = EMPTY_STR; } else { zend_u_hash_add(SG(rfc1867_uploaded_files), IS_UNICODE, ZSTR(temp_filename), u_strlen(temp_filename) + 1, &temp_filename, sizeof(UChar *), NULL); } + efree(ascii_temp_filename); /* is_arr_upload is true when name of file upload field * ends in [.*] @@ -1372,7 +1372,7 @@ /* Possible Content-Type: */ if (cancel_upload || !(cd = php_mime_get_hdr_value(header, "Content-Type"))) { - ucd = EMPTY_STR; + ucd = ecalloc(1, UBYTES(1)); ucd_len = 0; } else { ucd = php_ap_to_unicode(cd, strlen(cd), &ucd_len TSRMLS_CC); @@ -1470,7 +1470,6 @@ register_u_http_post_files_variable_ex(lbuf, &file_size, http_post_files, 0 TSRMLS_CC); } efree(param); - efree(filename); } }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php