lbarnaud Mon Oct 20 18:42:58 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/main rfc1867.c Log: Better fix for #46313 http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?r1=1.173.2.1.2.9.2.6&r2=1.173.2.1.2.9.2.7&diff_format=u Index: php-src/main/rfc1867.c diff -u php-src/main/rfc1867.c:1.173.2.1.2.9.2.6 php-src/main/rfc1867.c:1.173.2.1.2.9.2.7 --- php-src/main/rfc1867.c:1.173.2.1.2.9.2.6 Mon Oct 20 17:09:10 2008 +++ php-src/main/rfc1867.c Mon Oct 20 18:42:58 2008 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: rfc1867.c,v 1.173.2.1.2.9.2.6 2008/10/20 17:09:10 lbarnaud Exp $ */ +/* $Id: rfc1867.c,v 1.173.2.1.2.9.2.7 2008/10/20 18:42:58 lbarnaud Exp $ */ /* * This product includes software developed by the Apache Group @@ -789,7 +789,6 @@ int str_len = 0, num_vars = 0, num_vars_max = 2*10, *len_list = NULL; char **val_list = NULL; #endif - zend_bool magic_quotes_gpc; multipart_buffer *mbuff; zval *array_ptr = (zval *) arg; int fd=-1; @@ -1280,12 +1279,18 @@ } s = ""; + { + /* store temp_filename as-is (without magic_quotes_gpc-ing it, in case upload_tmp_dir + * contains escapeable characters. escape only the variable name.) */ + zval zfilename; + /* Initialize variables */ add_protected_variable(param TSRMLS_CC); /* if param is of form xxx[.*] this will cut it to xxx */ if (!is_anonymous) { - safe_php_register_variable(param, temp_filename, strlen(temp_filename), NULL, 1 TSRMLS_CC); + ZVAL_STRING(&zfilename, temp_filename, 1); + safe_php_register_variable_ex(param, &zfilename, NULL, 1 TSRMLS_CC); } /* Add $foo[tmp_name] */ @@ -1295,7 +1300,9 @@ snprintf(lbuf, llen, "%s[tmp_name]", param); } add_protected_variable(lbuf TSRMLS_CC); - register_http_post_files_variable(lbuf, temp_filename, http_post_files, 1 TSRMLS_CC); + ZVAL_STRING(&zfilename, temp_filename, 1); + register_http_post_files_variable_ex(lbuf, &zfilename, http_post_files, 1 TSRMLS_CC); + } { zval file_size, error_type;
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php