dmitry Fri Nov 28 11:56:50 2008 UTC Modified files: (Branch: PHP_5_2) /php-src NEWS /php-src/sapi/cgi cgi_main.c Log: Fixed bug #46366 (bad cwd with / as pathinfo) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1339&r2=1.2027.2.547.2.1340&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1339 php-src/NEWS:1.2027.2.547.2.1340 --- php-src/NEWS:1.2027.2.547.2.1339 Thu Nov 27 23:51:45 2008 +++ php-src/NEWS Fri Nov 28 11:56:50 2008 @@ -1,6 +1,7 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Dec 2008, PHP 5.2.7 +- Fixed bug #46366 (bad cwd with / as pathinfo). (Dmitry) 27 Nov 2008, PHP 5.2.7RC5 - Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371) (Ilia) http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.65&r2=1.267.2.15.2.66&diff_format=u Index: php-src/sapi/cgi/cgi_main.c diff -u php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.65 php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.66 --- php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.65 Sat Nov 8 22:45:29 2008 +++ php-src/sapi/cgi/cgi_main.c Fri Nov 28 11:56:50 2008 @@ -21,7 +21,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: cgi_main.c,v 1.267.2.15.2.65 2008/11/08 22:45:29 rasmus Exp $ */ +/* $Id: cgi_main.c,v 1.267.2.15.2.66 2008/11/28 11:56:50 dmitry Exp $ */ #include "php.h" #include "php_globals.h" @@ -985,6 +985,9 @@ if (script_path_translated && (script_path_translated_len = strlen(script_path_translated)) > 0 && (script_path_translated[script_path_translated_len-1] == '/' || +#ifdef PHP_WIN32 + script_path_translated[script_path_translated_len-1] == '\\' || +#endif (real_path = tsrm_realpath(script_path_translated, NULL TSRMLS_CC)) == NULL)) { char *pt = estrndup(script_path_translated, script_path_translated_len); int len = script_path_translated_len;
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php