Guys,
I think this is the last problem which is holding up RC3 and hopefully 4.0.7.
Does anyone here know the code in rfc1867? I don't know it well enough in
order to decide if this patch is OK or not.
If no one answers I'll apply it and we should as the QA guys to test file
uploads extensively in RC3.
Andi
>Date: Tue, 18 Sep 2001 17:22:41 +0200 (CEST)
>From: Jani Taskinen <[EMAIL PROTECTED]>
>Sender: <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: [PHP-DEV] Bug id #11998 - source code patch - Dont Use Previous (fwd)
>
>
>Could someone who knows the current code better
>check this out and apply this patch?
>
>My work for the other issues is not done yet..and it's too
>big of a change for this release.
>
>--Jani
>
>
>
>---------- Forwarded message ----------
>Date: Tue, 18 Sep 2001 03:21:52 +0200 (MEST)
>From: Ralf Bolte <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Cc: [EMAIL PROTECTED]
>Subject: Bug id #11998 - source code patch - Dont Use Previous
>
>Sorry Sorry Sorry,
>
>about an hour ago i send you my patch for the critical BUG with the ID
>11998.
>Unfourtunately, i sent a totally fucked up patch (file). DO NOT APPLY it.
>Here is the correct patch, with some additional checks and with the
>header end check finally working. Sorry for my mistake ;) My only apology
>is, that
>it is deep midnight here in germany *g*
>
>Yours,
>Ralf
>
>PS: as a side effect of my patch, the 30 files crash bug is fixed, too :)
>
>
>--- Weitergeleitete Nachricht / Forwarded Message ---
>Date: Tue, 18 Sep 2001 02:05:42 +0200 (MEST)
>From: Ralf Bolte <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Bug id #11998 - source code patch
>
> > Hello,
> >
> > today i browsed through the php bug database on the search for critical
> > bugs.
> > I then saw Bug id #11998 which speaks of some bugs in rfc1867.c. Due to
> > the
> > fact i saw several flaws in the source code some time ago, i patched my
> > version.
> > I now send you my patch and the patch applied to the cvs snapshot of
> > today,
> > that fixes several bugs...
> >
> > first and foremost the "fix" that went into 4.0.6 was not only broken, but
> > also
> > implemented a possible NULL pointer dereference. The main problem with
> > that
> > fix
> > was, that it applied the "search end of headers" functionality to the
> > wrong
> > place.
> > The array upload was also crashable by simply using a name like
> > "invalid]["
> > as var name.
> > I fixed it by correcting the IF clause that decides if it is an array
> > upload
> > or not.
> > In fact my fix consists of several stability fixes that also make the
> > upload
> > more
> > robust against browsers that are not 100% rfc conform.
> >
> > Hope my patch helps you to improve php even more. I really like the whole
> > idea of
> > php and would be lucky if my contribution helps to make it even better
> > than
> > it already is.
> >
> > Yours,
> > Ralf Bolte
> >
> > --
> > GMX - Die Kommunikationsplattform im Internet.
> > http://www.gmx.net
>
>--
>GMX - Die Kommunikationsplattform im Internet.
>http://www.gmx.net
>
>
>--
>PHP Development Mailing List <http://www.php.net/>
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
rfc1867-real-bugfix.tar.gz
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
