standard url_scanner_ex.c url_scanner_ex.re

Ilia Alshanetsky Thu, 22 Jul 2004 19:05:56 -0700

iliaa           Thu Jul 22 22:05:55 2004 EDT

  Modified files:              (Branch: PHP_4_3)
    /php-src    NEWS 
    /php-src/ext/standard       url_scanner_ex.re url_scanner_ex.c 
  Log:
  MFH: Fixed bug #29333 (output_buffering + trans_sess_id can corrupt output)
  
  
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.706&r2=1.1247.2.707&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.706 php-src/NEWS:1.1247.2.707
--- php-src/NEWS:1.1247.2.706   Wed Jul 21 17:57:12 2004
+++ php-src/NEWS        Thu Jul 22 22:05:54 2004
@@ -4,6 +4,7 @@
 - Updated PCRE to provide better error handling in certain cases. (Andrei)
 - NSAPI: added "bucket" parameter to list of non-php.ini-keys of php4_execute
   for doing performance stats without warnings in server-log. (Uwe Schindler)
+- Fixed bug #29333 (output_buffering+trans_sess_id can corrupt output). (Ilia)
 - Fixed bug #29226 (ctype_* functions missing validation of numeric string 
   representations). (Ilia)
 - Fixed bug #29209 (imap_fetchbody() doesn't check message index). (Ilia,
http://cvs.php.net/diff.php/php-src/ext/standard/url_scanner_ex.re?r1=1.63.2.6&r2=1.63.2.7&ty=u
Index: php-src/ext/standard/url_scanner_ex.re
diff -u php-src/ext/standard/url_scanner_ex.re:1.63.2.6 
php-src/ext/standard/url_scanner_ex.re:1.63.2.7
--- php-src/ext/standard/url_scanner_ex.re:1.63.2.6     Wed Feb 11 12:00:54 2004
+++ php-src/ext/standard/url_scanner_ex.re      Thu Jul 22 22:05:55 2004
@@ -416,16 +416,31 @@
 {
        size_t len;
 
-    if (BG(url_adapt_state_ex).url_app.len != 0) {
-        *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & 
(PHP_OUTPUT_HANDLER_END|PHP_OUTPUT_HANDLER_CONT) ? 1 : 0) TSRMLS_CC);
+       if (BG(url_adapt_state_ex).url_app.len != 0) {
+               *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) 
(mode & PHP_OUTPUT_HANDLER_END ? 1 : 0) TSRMLS_CC);
                if (sizeof(uint) < sizeof(size_t)) {
                        if (len > UINT_MAX)
                                len = UINT_MAX;
                }
                *handled_output_len = len;
-    } else {
-        *handled_output = NULL;
-    }
+       } else if (BG(url_adapt_state_ex).url_app.len == 0) {
+               url_adapt_state_ex_t *ctx = &BG(url_adapt_state_ex);
+               if (ctx->buf.len) {
+                       smart_str_appendl(&ctx->result, ctx->buf.c, ctx->buf.len);
+                       smart_str_appendl(&ctx->result, output, output_len);
+
+                       *handled_output = ctx->result.c;
+                       *handled_output_len = ctx->buf.len + output_len;
+
+                       ctx->result.c = NULL;
+                       ctx->result.len = 0;
+                       smart_str_free(&ctx->buf);
+               } else {
+                       *handled_output = NULL;
+               }
+       } else {
+               *handled_output = NULL;
+       }
 }
 
 int php_url_scanner_add_var(char *name, int name_len, char *value, int value_len, int 
urlencode TSRMLS_DC)
http://cvs.php.net/diff.php/php-src/ext/standard/url_scanner_ex.c?r1=1.72.2.10&r2=1.72.2.11&ty=u
Index: php-src/ext/standard/url_scanner_ex.c
diff -u php-src/ext/standard/url_scanner_ex.c:1.72.2.10 
php-src/ext/standard/url_scanner_ex.c:1.72.2.11
--- php-src/ext/standard/url_scanner_ex.c:1.72.2.10     Wed Feb 11 12:32:41 2004
+++ php-src/ext/standard/url_scanner_ex.c       Thu Jul 22 22:05:55 2004
@@ -1,5 +1,5 @@
-/* Generated by re2c 0.5 on Wed Feb 11 11:33:22 2004 */
-#line 1 "/home/php4/ext/standard/url_scanner_ex.re"
+/* Generated by re2c 0.5 on Thu Jul 22 21:53:53 2004 */
+#line 1 "/home/rei/php4/ext/standard/url_scanner_ex.re"
 /*
   +----------------------------------------------------------------------+
   | PHP Version 4                                                        |
@@ -917,16 +917,31 @@
 {
        size_t len;
 
-    if (BG(url_adapt_state_ex).url_app.len != 0) {
-        *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & 
(PHP_OUTPUT_HANDLER_END|PHP_OUTPUT_HANDLER_CONT) ? 1 : 0) TSRMLS_CC);
+       if (BG(url_adapt_state_ex).url_app.len != 0) {
+               *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) 
(mode & PHP_OUTPUT_HANDLER_END ? 1 : 0) TSRMLS_CC);
                if (sizeof(uint) < sizeof(size_t)) {
                        if (len > UINT_MAX)
                                len = UINT_MAX;
                }
                *handled_output_len = len;
-    } else {
-        *handled_output = NULL;
-    }
+       } else if (BG(url_adapt_state_ex).url_app.len == 0) {
+               url_adapt_state_ex_t *ctx = &BG(url_adapt_state_ex);
+               if (ctx->buf.len) {
+                       smart_str_appendl(&ctx->result, ctx->buf.c, ctx->buf.len);
+                       smart_str_appendl(&ctx->result, output, output_len);
+
+                       *handled_output = ctx->result.c;
+                       *handled_output_len = ctx->buf.len + output_len;
+
+                       ctx->result.c = NULL;
+                       ctx->result.len = 0;
+                       smart_str_free(&ctx->buf);
+               } else {
+                       *handled_output = NULL;
+               }
+       } else {
+               *handled_output = NULL;
+       }
 }
 
 int php_url_scanner_add_var(char *name, int name_len, char *value, int value_len, int 
urlencode TSRMLS_DC)


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_4_3) / NEWS /ext/standard url_scanner_ex.c url_scanner_ex.re

Reply via email to