Commit:    29300b1f9dab068d477b241d8fd872e3a7c829b3
Author:    Rasmus Lerdorf <ras...@php.net>         Thu, 3 May 2012 15:51:52 
+0200
Committer: Johannes Schlüter <johan...@php.net>      Thu, 3 May 2012 15:51:52 
+0200
Parents:   704bbb3263d0ec9a6b4a767bbc516e55388f4b0e
Branches:  PHP-5.3.12

Link:       
http://git.php.net/?p=php-src.git;a=commitdiff;h=29300b1f9dab068d477b241d8fd872e3a7c829b3

Log:
Fix for CVE-2012-1823

Changed paths:
  M  sapi/cgi/cgi_main.c


Diff:
diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index dfd77e4..bb37aba 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -70,6 +70,7 @@
 #include "php_main.h"
 #include "fopen_wrappers.h"
 #include "ext/standard/php_standard.h"
+#include "ext/standard/url.h"
 
 #ifdef PHP_WIN32
 # include <io.h>
@@ -1507,6 +1508,9 @@ int main(int argc, char *argv[])
 #ifndef PHP_WIN32
        int status = 0;
 #endif
+       char *query_string;
+       char *decoded_query_string;
+       int skip_getopt = 0;
 
 #if 0 && defined(PHP_DEBUG)
        /* IIS is always making things more difficult.  This allows
@@ -1556,7 +1560,16 @@ int main(int argc, char *argv[])
                }
        }
 
-       while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 
0, 2)) != -1) {
+       if(query_string = getenv("QUERY_STRING")) {
+               decoded_query_string = strdup(query_string);
+               php_url_decode(decoded_query_string, 
strlen(decoded_query_string));
+               if(*decoded_query_string == '-' && strchr(decoded_query_string, 
'=') == NULL) {
+                       skip_getopt = 1;
+               }
+               free(decoded_query_string);
+       }
+
+       while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, 
&php_optarg, &php_optind, 0, 2)) != -1) {
                switch (c) {
                        case 'c':
                                if (cgi_sapi_module.php_ini_path_override) {


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to