[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/main/ rfc1867.c

[Arpad Ray]

arpadMon, 29 Aug 2011 21:11:07 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=315742

Log:
fix #55510: $_FILES 'name' missing first character after upload

Bug: https://bugs.php.net/55510 (Verified) $_FILES 'name' missing first 
character after upload.
  
Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-08-29 20:50:33 UTC (rev 
315741)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-08-29 21:11:07 UTC (rev 
315742)
@@ -1210,11 +1210,12 @@
}
 #ifdef PHP_WIN32
if (PG(magic_quotes_gpc)) {
-   s = s ? s : filename;
-   tmp = strrchr(s, '\'');
-   s = tmp  s ? tmp : s;
-   tmp = strrchr(s, '');
-   s = tmp  s ? tmp : s;
+   if ((tmp = strrchr(s ? s : filename, '\''))  
s) {
+   s = tmp;
+   }
+   if ((tmp = strrchr(s ? s : filename, ''))  s) 
{
+   s = tmp;
+   }
}
 #endif


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/rfc1867.c trunk/main/rfc1867.c

[Ilia Alshanetsky]

iliaaWed, 19 Jan 2011 13:09:05 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=307583

Log:
Win32 build fix

Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c
U   php/php-src/trunk/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-19 13:04:12 UTC (rev 
307582)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-19 13:09:05 UTC (rev 
307583)
@@ -989,8 +989,8 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
+   long c = 0;
tmp = param;
-   long c = 0;

while (*tmp) {
if (*tmp == '[') {

Modified: php/php-src/trunk/main/rfc1867.c
===
--- php/php-src/trunk/main/rfc1867.c2011-01-19 13:04:12 UTC (rev 307582)
+++ php/php-src/trunk/main/rfc1867.c2011-01-19 13:09:05 UTC (rev 307583)
@@ -945,8 +945,8 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
+   long c = 0;
tmp = param;
-   long c = 0;

while (*tmp) {
if (*tmp == '[') {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/rfc1867.c trunk/main/rfc1867.c

[Ilia Alshanetsky]

iliaaTue, 18 Jan 2011 13:17:23 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=307559

Log:
Fixed variable re-declaration

Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c
U   php/php-src/trunk/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-18 10:29:26 UTC (rev 
307558)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-18 13:17:23 UTC (rev 
307559)
@@ -989,7 +989,7 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
-   char *tmp = param;
+   tmp = param;
long c = 0;

while (*tmp) {

Modified: php/php-src/trunk/main/rfc1867.c
===
--- php/php-src/trunk/main/rfc1867.c2011-01-18 10:29:26 UTC (rev 307558)
+++ php/php-src/trunk/main/rfc1867.c2011-01-18 13:17:23 UTC (rev 307559)
@@ -945,7 +945,7 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
-   char *tmp = param;
+   tmp = param;
long c = 0;

while (*tmp) {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/main/ rfc1867.c

[Jani Taskinen]

jani Tue, 29 Dec 2009 18:59:58 +

Revision: http://svn.php.net/viewvc?view=revisionrevision=292771

Log:
- WS + CS + folding tags

Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c	2009-12-29 18:54:08 UTC (rev 292770)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c	2009-12-29 18:59:58 UTC (rev 292771)
@@ -13,7 +13,7 @@
| lice...@php.net so we can mail you a copy immediately.   |
+--+
| Authors: Rasmus Lerdorf ras...@php.net |
-   |  Jani Taskinen sni...@php.net  |
+   |  Jani Taskinen j...@php.net|
+--+
  */

@@ -23,7 +23,7 @@
  *  This product includes software developed by the Apache Group
  *  for use in the Apache HTTP server project (http://www.apache.org/).
  *
- */
+ */

 #include stdio.h
 #include php.h
@@ -44,7 +44,7 @@
 static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC);

 #define SAFE_RETURN { \
-php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \
+	php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \
 	if (lbuf) efree(lbuf); \
 	if (abuf) efree(abuf); \
 	if (array_index) efree(array_index); \
@@ -56,7 +56,7 @@
 	if (mbuff) efree(mbuff); \
 	return; }

-void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr  TSRMLS_DC)
+void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr  TSRMLS_DC) /* {{{ */
 {
 	int i;
 	if (php_mb_encoding_translation(TSRMLS_C)) {
@@ -64,17 +64,18 @@
 			php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) {
 			php_mb_gpc_encoding_converter(val_list, len_list, num_vars, NULL, NULL TSRMLS_CC);
 		}
-		for (i=0; inum_vars; i+=2){
+		for (i = 0; inum_vars; i += 2) {
 			safe_php_register_variable(val_list[i], val_list[i+1], len_list[i+1], array_ptr, 0 TSRMLS_CC);
 			efree(val_list[i]);
 			efree(val_list[i+1]);
-		}
+		}
 		efree(val_list);
 		efree(len_list);
 	}
 }
+/* }}} */

-void php_mb_gpc_realloc_buffer(char ***pval_list, int **plen_list, int *num_vars_max, int inc  TSRMLS_DC)
+void php_mb_gpc_realloc_buffer(char ***pval_list, int **plen_list, int *num_vars_max, int inc  TSRMLS_DC) /* {{{ */
 {
 	/* allow only even increments */
 	if (inc  1) {
@@ -84,15 +85,15 @@
 	*pval_list = (char **)erealloc(*pval_list, (*num_vars_max+2)*sizeof(char *));
 	*plen_list = (int *)erealloc(*plen_list, (*num_vars_max+2)*sizeof(int));
 }
+/* }}} */

-void php_mb_gpc_stack_variable(char *param, char *value, char ***pval_list, int **plen_list, int *num_vars, int *num_vars_max TSRMLS_DC)
+void php_mb_gpc_stack_variable(char *param, char *value, char ***pval_list, int **plen_list, int *num_vars, int *num_vars_max TSRMLS_DC) /* {{{ */
 {
-	char **val_list=*pval_list;
-	int *len_list=*plen_list;
+	char **val_list = *pval_list;
+	int *len_list = *plen_list;

-	if (*num_vars=*num_vars_max){
-		php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max,
-  16 TSRMLS_CC);
+	if (*num_vars = *num_vars_max) {
+		php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max, 16 TSRMLS_CC);
 		/* in case realloc relocated the buffer */
 		val_list = *pval_list;
 		len_list = *plen_list;
@@ -105,6 +106,7 @@
 	len_list[*num_vars] = strlen(value);
 	(*num_vars)++;
 }
+/* }}} */

 #else

@@ -137,7 +139,7 @@
 #define UPLOAD_ERROR_F7  /* Failed to write file to disk */
 #define UPLOAD_ERROR_X8  /* File upload stopped by extension */

-void php_rfc1867_register_constants(TSRMLS_D)
+void php_rfc1867_register_constants(TSRMLS_D) /* {{{ */
 {
 	REGISTER_MAIN_LONG_CONSTANT(UPLOAD_ERR_OK, UPLOAD_ERROR_OK, CONST_CS | CONST_PERSISTENT);
 	REGISTER_MAIN_LONG_CONSTANT(UPLOAD_ERR_INI_SIZE,   UPLOAD_ERROR_A,  CONST_CS | CONST_PERSISTENT);
@@ -148,26 +150,27 @@
 	REGISTER_MAIN_LONG_CONSTANT(UPLOAD_ERR_CANT_WRITE, UPLOAD_ERROR_F,  CONST_CS | CONST_PERSISTENT);
 	REGISTER_MAIN_LONG_CONSTANT(UPLOAD_ERR_EXTENSION,  UPLOAD_ERROR_X,  CONST_CS | CONST_PERSISTENT);
 }
+/* }}} */

-static void normalize_protected_variable(char *varname TSRMLS_DC)
+static void normalize_protected_variable(char *varname TSRMLS_DC) /* {{{ */
 {
-	char *s=varname, *index=NULL, *indexend=NULL, *p;
-
+	char *s = varname, *index = NULL, *indexend = NULL, *p;
+
 	/* overjump leading space */
 	while (*s == ' ') {
 		s++;
 	}
-
+
 	/* and remove it */
 	if (s != varname) {
 		memmove(varname, s, strlen(s)+1);
 	}

-	for (p=varname; *p  *p != '['; p++) {
+	for (p = varname; *p  *p