[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
pajoye Thu Apr 30 15:25:37 2009 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: - MFB: #45997, safe_mode bypass with exec/sytem/passthru (windows only) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.16r2=1.113.2.3.2.1.2.17diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.17 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16 Sun Apr 19 14:59:52 2009 +++ php-src/ext/standard/exec.c Thu Apr 30 15:25:37 2009 @@ -16,7 +16,7 @@ | Ilia Alshanetsky il...@php.net | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.16 2009/04/19 14:59:52 iliaa Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.17 2009/04/30 15:25:37 pajoye Exp $ */ #include stdio.h #include php.h @@ -79,7 +79,16 @@ php_error_docref(NULL TSRMLS_CC, E_WARNING, No '..' components allowed in path); goto err; } + b = strrchr(cmd, PHP_DIR_SEPARATOR); + +#ifdef PHP_WIN32 + if (b *b == '\\' b == cmd) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid absolute path.); + goto err; + } +#endif + spprintf(d, 0, %s%s%s%s%s, PG(safe_mode_exec_dir), (b ? : /), (b ? b : cmd), (c ? : ), (c ? c : )); if (c) { *(c - 1) = ' '; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
hi Ilia, It is not related to ZTS but to the new output API in HEAD. For the new struct, see main/php_output.h:126). Cheers, On Sun, Apr 19, 2009 at 4:59 PM, Ilia Alshanetsky il...@php.net wrote: iliaa Sun Apr 19 14:59:52 2009 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fixed bug #47937 (system() calls sapi_flush() regardless of output buffering) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.15r2=1.113.2.3.2.1.2.16diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15 Wed Dec 31 11:15:45 2008 +++ php-src/ext/standard/exec.c Sun Apr 19 14:59:52 2009 @@ -16,7 +16,7 @@ | Ilia Alshanetsky il...@php.net | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.15 2008/12/31 11:15:45 sebastian Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.16 2009/04/19 14:59:52 iliaa Exp $ */ #include stdio.h #include php.h @@ -131,7 +131,9 @@ if (type == 1) { PHPWRITE(buf, bufl); - sapi_flush(TSRMLS_C); + if (OG(ob_nesting_level) 1) { + sapi_flush(TSRMLS_C); + } } else if (type == 2) { /* strip trailing whitespaces */ l = bufl; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Pierre http://blog.thepimp.net | http://www.libgd.org -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
iliaa Sun Apr 19 14:59:52 2009 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fixed bug #47937 (system() calls sapi_flush() regardless of output buffering) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.15r2=1.113.2.3.2.1.2.16diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15 Wed Dec 31 11:15:45 2008 +++ php-src/ext/standard/exec.c Sun Apr 19 14:59:52 2009 @@ -16,7 +16,7 @@ | Ilia Alshanetsky il...@php.net | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.15 2008/12/31 11:15:45 sebastian Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.16 2009/04/19 14:59:52 iliaa Exp $ */ #include stdio.h #include php.h @@ -131,7 +131,9 @@ if (type == 1) { PHPWRITE(buf, bufl); - sapi_flush(TSRMLS_C); + if (OG(ob_nesting_level) 1) { + sapi_flush(TSRMLS_C); + } } else if (type == 2) { /* strip trailing whitespaces */ l = bufl; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
indeyetsThu Oct 16 11:59:37 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fixed compilation warnings: tsrm_ls is not used here (anymore?) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.12r2=1.113.2.3.2.1.2.13diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.12 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.13 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.12 Sun Aug 17 15:23:45 2008 +++ php-src/ext/standard/exec.c Thu Oct 16 11:59:37 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.12 2008/08/17 15:23:45 pajoye Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.13 2008/10/16 11:59:37 indeyets Exp $ */ #include stdio.h #include php.h @@ -268,8 +268,6 @@ char *cmd; char *p = NULL; size_t estimate = (2 * l) + 1; - - TSRMLS_FETCH(); cmd = safe_emalloc(2, l, 1); @@ -358,7 +356,6 @@ int x, y = 0, l = strlen(str); char *cmd; size_t estimate = (4 * l) + 3; - TSRMLS_FETCH(); cmd = safe_emalloc(4, l, 3); /* worst case */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
felipe Thu Oct 16 13:00:27 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: - Revert http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.13r2=1.113.2.3.2.1.2.14diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.13 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.14 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.13 Thu Oct 16 11:59:37 2008 +++ php-src/ext/standard/exec.c Thu Oct 16 13:00:27 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.13 2008/10/16 11:59:37 indeyets Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.14 2008/10/16 13:00:27 felipe Exp $ */ #include stdio.h #include php.h @@ -269,6 +269,8 @@ char *p = NULL; size_t estimate = (2 * l) + 1; + TSRMLS_FETCH(); + cmd = safe_emalloc(2, l, 1); for (x = 0, y = 0; x l; x++) { @@ -357,6 +359,8 @@ char *cmd; size_t estimate = (4 * l) + 3; + TSRMLS_FETCH(); + cmd = safe_emalloc(4, l, 3); /* worst case */ #ifdef PHP_WIN32 -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c /ext/standard/tests/general_functions escapeshellcmd-win32.phpt
pajoye Sun Aug 17 15:23:45 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c /php-src/ext/standard/tests/general_functions escapeshellcmd-win32.phpt Log: - [DOC] MFH: improve fix for #43261 for % and http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.11r2=1.113.2.3.2.1.2.12diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.11 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.12 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.11 Tue Jul 22 21:53:53 2008 +++ php-src/ext/standard/exec.c Sun Aug 17 15:23:45 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.11 2008/07/22 21:53:53 scottmac Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.12 2008/08/17 15:23:45 pajoye Exp $ */ #include stdio.h #include php.h @@ -287,9 +287,9 @@ } switch (str[x]) { +#ifndef PHP_WIN32 case '': case '\'': -#ifndef PHP_WIN32 if (!p (p = memchr(str + x + 1, str[x], l - x - 1))) { /* noop */ } else if (p *p == str[x]) { @@ -300,10 +300,12 @@ cmd[y++] = str[x]; break; #else - /* This is Windows specific for enviromental variables */ + /* % is Windows specific for enviromental variables, ^%PATH% will + output PATH whil ^%PATH^% not. escapeshellcmd will escape all %. + */ case '%': - cmd[y++] = ' '; - break; + case '': + case '\'': #endif case '#': /* This is character-set independent */ case '': http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt?r1=1.1.2.2r2=1.1.2.3diff_format=u Index: php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt diff -u php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt:1.1.2.2 php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt:1.1.2.3 --- php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt:1.1.2.2 Tue Jul 22 16:21:16 2008 +++ php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt Sun Aug 17 15:23:45 2008 @@ -16,7 +16,8 @@ '()[]{}$', '%^', '#;`|*?', - '~\\' + '~\\', + '%NOENV%' ); $count = 1; @@ -38,9 +39,11 @@ -- Test 4 -- string(14) ^(^)^[^]^{^}^$ -- Test 5 -- -string(2) ^^ +string(4) ^%^^ -- Test 6 -- string(14) ^#^^;^`^|^*^? -- Test 7 -- string(8) ^~^^^\ +-- Test 8 -- +string(9) ^%NOENV^% Done -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c /ext/standard/tests/general_functions escapeshellcmd-win32.phpt
scottmacTue Jul 22 16:21:16 2008 UTC Added files: (Branch: PHP_5_3) /php-src/ext/standard/tests/general_functions escapeshellcmd-win32.phpt Modified files: /php-src/ext/standard exec.c Log: MFH: Add test for escapeshellcmd and restore previous behaviour with stripping % on Windows. http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.9r2=1.113.2.3.2.1.2.10diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.9 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.10 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.9 Fri May 30 16:56:57 2008 +++ php-src/ext/standard/exec.c Tue Jul 22 16:21:16 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.9 2008/05/30 16:56:57 scottmac Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.10 2008/07/22 16:21:16 scottmac Exp $ */ #include stdio.h #include php.h @@ -299,6 +299,11 @@ } cmd[y++] = str[x]; break; +#else + /* This is Windows specific for enviromental variables */ + case '%': + cmd[y++] = ''; + break; #endif case '#': /* This is character-set independent */ case '': @@ -322,8 +327,6 @@ case '\x0A': /* excluding these two */ case '\xFF': #ifdef PHP_WIN32 - /* This is Windows specific for enviromental variables */ - case '%': cmd[y++] = '^'; #else cmd[y++] = '\\'; http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt?view=markuprev=1.1 Index: php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt +++ php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt --TEST-- Test escapeshellcmd() functionality on Windows --SKIPIF-- ?php if( substr(PHP_OS, 0, 3) != 'WIN' ) { die('skip...Valid for Windows only'); } ? --FILE-- ?php echo *** Testing escapeshellcmd() basic operations ***\n; $data = array( 'abc', 'abc, '?', '()[]{}$', '%^', '#;`|*?', '~\\' ); $count = 1; foreach ($data AS $value) { echo -- Test . $count++ . --\n; var_dump(escapeshellcmd($value)); } echo Done\n; ? --EXPECTF-- *** Testing escapeshellcmd() basic operations *** -- Test 1 -- string(5) ^abc -- Test 2 -- string(5) ^'abc -- Test 3 -- string(6) ^?^^ -- Test 4 -- string(14) ^(^)^[^]^{^}^$ -- Test 5 -- string(2) ^^ -- Test 6 -- string(14) ^#^^;^`^|^*^? -- Test 7 -- string(8) ^~^^^\ Done -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
scottmacTue Jul 22 21:53:53 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fix windows build error. http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.10r2=1.113.2.3.2.1.2.11diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.10 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.11 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.10 Tue Jul 22 16:21:16 2008 +++ php-src/ext/standard/exec.c Tue Jul 22 21:53:53 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.10 2008/07/22 16:21:16 scottmac Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.11 2008/07/22 21:53:53 scottmac Exp $ */ #include stdio.h #include php.h @@ -302,7 +302,7 @@ #else /* This is Windows specific for enviromental variables */ case '%': - cmd[y++] = ''; + cmd[y++] = ' '; break; #endif case '#': /* This is character-set independent */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
scottmacFri May 30 16:56:57 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: MFH Fixed bug #43261 (Use ^ as an escape character for Windows escapeshellcmd) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.8r2=1.113.2.3.2.1.2.9diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.8 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.9 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.8 Sun Mar 30 12:24:10 2008 +++ php-src/ext/standard/exec.c Fri May 30 16:56:57 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.8 2008/03/30 12:24:10 felipe Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.9 2008/05/30 16:56:57 scottmac Exp $ */ #include stdio.h #include php.h @@ -322,12 +322,12 @@ case '\x0A': /* excluding these two */ case '\xFF': #ifdef PHP_WIN32 - /* since Windows does not allow us to escape these chars, just remove them */ + /* This is Windows specific for enviromental variables */ case '%': - cmd[y++] = ' '; - break; -#endif + cmd[y++] = '^'; +#else cmd[y++] = '\\'; +#endif /* fall-through */ default: cmd[y++] = str[x]; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c /sapi/cli/tests bug44564.phpt
felipe Sun Mar 30 12:24:10 2008 UTC Added files: (Branch: PHP_5_3) /php-src/sapi/cli/tests bug44564.phpt Modified files: /php-src/ext/standard exec.c Log: MFB: Fixed bug #44564 (escapeshellarg removes UTF-8 multi-byte characters) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.7r2=1.113.2.3.2.1.2.8diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.7 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.8 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.7 Fri Mar 21 08:28:24 2008 +++ php-src/ext/standard/exec.c Sun Mar 30 12:24:10 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.7 2008/03/21 08:28:24 tony2001 Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.8 2008/03/30 12:24:10 felipe Exp $ */ #include stdio.h #include php.h @@ -280,6 +280,8 @@ if (mb_len 0) { continue; } else if (mb_len 1) { + memcpy(cmd + y, str + x, mb_len); + y += mb_len; x += mb_len - 1; continue; } @@ -368,6 +370,8 @@ if (mb_len 0) { continue; } else if (mb_len 1) { + memcpy(cmd + y, str + x, mb_len); + y += mb_len; x += mb_len - 1; continue; } http://cvs.php.net/viewvc.cgi/php-src/sapi/cli/tests/bug44564.phpt?view=markuprev=1.1 Index: php-src/sapi/cli/tests/bug44564.phpt +++ php-src/sapi/cli/tests/bug44564.phpt -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
tony2001Fri Mar 21 08:28:24 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: fix ZTS build http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.6r2=1.113.2.3.2.1.2.7diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.6 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.7 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.6 Thu Mar 20 23:25:31 2008 +++ php-src/ext/standard/exec.c Fri Mar 21 08:28:24 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.6 2008/03/20 23:25:31 iliaa Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.7 2008/03/21 08:28:24 tony2001 Exp $ */ #include stdio.h #include php.h @@ -351,6 +351,7 @@ int x, y = 0, l = strlen(str); char *cmd; size_t estimate = (4 * l) + 3; + TSRMLS_FETCH(); cmd = safe_emalloc(4, l, 3); /* worst case */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
iliaa Thu Mar 20 23:25:31 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Refine fix for multibyte char hanling inside command names and args http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.5r2=1.113.2.3.2.1.2.6diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.5 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.6 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.5 Tue Mar 18 00:24:21 2008 +++ php-src/ext/standard/exec.c Thu Mar 20 23:25:31 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.5 2008/03/18 00:24:21 felipe Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.6 2008/03/20 23:25:31 iliaa Exp $ */ #include stdio.h #include php.h @@ -274,8 +274,13 @@ cmd = safe_emalloc(2, l, 1); for (x = 0, y = 0; x l; x++) { + int mb_len = php_mblen(str + x, (l - x)); + /* skip non-valid multibyte characters */ - if (php_mblen(str + x, (l - x)) 0) { + if (mb_len 0) { + continue; + } else if (mb_len 1) { + x += mb_len - 1; continue; } @@ -356,6 +361,16 @@ #endif for (x = 0; x l; x++) { + int mb_len = php_mblen(str + x, (l - x)); + + /* skip non-valid multibyte characters */ + if (mb_len 0) { + continue; + } else if (mb_len 1) { + x += mb_len - 1; + continue; + } + switch (str[x]) { #ifdef PHP_WIN32 case '': -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
iliaa Mon Mar 17 23:01:28 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Properly address incomplete multibyte chars inside escapeshellcmd() http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.3r2=1.113.2.3.2.1.2.4diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.3 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.4 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.3 Mon Dec 31 07:17:14 2007 +++ php-src/ext/standard/exec.c Mon Mar 17 23:01:27 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.3 2007/12/31 07:17:14 sebastian Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.4 2008/03/17 23:01:27 iliaa Exp $ */ #include stdio.h #include php.h @@ -271,6 +271,11 @@ cmd = safe_emalloc(2, l, 1); for (x = 0, y = 0; x l; x++) { + /* skip non-valid multibyte characters */ + if (php_mblen(str + x, (l - x)) 0) { + continue; + } + switch (str[x]) { case '': case '\'': -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
felipe Tue Mar 18 00:24:21 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fix build http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.4r2=1.113.2.3.2.1.2.5diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.4 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.5 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.4 Mon Mar 17 23:01:27 2008 +++ php-src/ext/standard/exec.c Tue Mar 18 00:24:21 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.4 2008/03/17 23:01:27 iliaa Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.5 2008/03/18 00:24:21 felipe Exp $ */ #include stdio.h #include php.h @@ -25,6 +25,7 @@ #include safe_mode.h #include ext/standard/head.h #include ext/standard/file.h +#include basic_functions.h #include exec.h #include php_globals.h #include SAPI.h @@ -267,6 +268,8 @@ char *cmd; char *p = NULL; size_t estimate = (2 * l) + 1; + + TSRMLS_FETCH(); cmd = safe_emalloc(2, l, 1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c exec.h
janiMon Nov 5 14:06:53 2007 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c exec.h Log: MFH: sync http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.1r2=1.113.2.3.2.1.2.2diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.1 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.2 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.1 Sun Sep 30 05:49:44 2007 +++ php-src/ext/standard/exec.c Mon Nov 5 14:06:53 2007 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.1 2007/09/30 05:49:44 jani Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.2 2007/11/05 14:06:53 jani Exp $ */ #include stdio.h #include php.h @@ -57,7 +57,7 @@ * If type==3, output will be printed binary, no lines will be saved or returned (passthru) * */ -int php_exec(int type, char *cmd, zval *array, zval *return_value TSRMLS_DC) +PHPAPI int php_exec(int type, char *cmd, zval *array, zval *return_value TSRMLS_DC) { FILE *fp; char *buf, *tmp=NULL; @@ -111,7 +111,7 @@ if (type != 3) { b = buf; - + while (php_stream_get_line(stream, b, EXEC_INPUT_BUF, bufl)) { /* no new line found, let's read some more */ if (b[bufl - 1] != '\n' !php_stream_eof(stream)) { @@ -132,7 +132,7 @@ PHPWRITE(buf, bufl); sapi_flush(TSRMLS_C); } else if (type == 2) { - /* strip trailing whitespaces */ + /* strip trailing whitespaces */ l = bufl; while (l-- isspace(((unsigned char *)buf)[l])); if (l != (int)(bufl - 1)) { @@ -144,7 +144,7 @@ b = buf; } if (bufl) { - /* strip trailing whitespaces if we have not done so already */ + /* strip trailing whitespaces if we have not done so already */ if (type != 2) { l = bufl; while (l-- isspace(((unsigned char *)buf)[l])); @@ -157,7 +157,7 @@ /* Return last line from the shell command */ if (PG(magic_quotes_runtime)) { int len; - + tmp = php_addslashes(buf, bufl, len, 0 TSRMLS_CC); RETVAL_STRINGL(tmp, len, 0); } else { @@ -172,7 +172,7 @@ } } - pclose_return = php_stream_close(stream); + pclose_return = php_stream_close(stream); efree(buf); done: @@ -191,7 +191,7 @@ } /* }}} */ -static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) +static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */ { char *cmd; int cmd_len; @@ -226,6 +226,7 @@ ZVAL_LONG(ret_code, ret); } } +/* }}} */ /* {{{ proto string exec(string command [, array output [, int return_value]]) Execute an external program */ @@ -233,7 +234,6 @@ { php_exec_ex(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0); } - /* }}} */ /* {{{ proto int system(string command [, int return_value]) @@ -261,14 +261,15 @@ *NOT* safe for binary strings */ -char *php_escape_shell_cmd(char *str) { - register int x, y, l; +PHPAPI char *php_escape_shell_cmd(char *str) +{ + register int x, y, l = strlen(str); char *cmd; char *p = NULL; + size_t estimate = (2 * l) + 1; - l = strlen(str); cmd = safe_emalloc(2, l, 1); - + for (x = 0, y = 0; x l; x++) { switch (str[x]) { case '': @@ -319,21 +320,27 @@ } } cmd[y] = '\0'; + + if ((estimate - y) 4096) { + /* realloc if the estimate was way overill +* Arbitrary cutoff point of 4096 */ + cmd = erealloc(cmd, y + 1); + } + return cmd; } /* }}} */ /* {{{ php_escape_shell_arg */ -char *php_escape_shell_arg(char *str) { - int x, y, l; +PHPAPI char *php_escape_shell_arg(char *str) +{ + int x, y = 0, l = strlen(str); char *cmd; + size_t estimate = (4 * l) + 3; - y = 0; - l = strlen(str); - cmd = safe_emalloc(4, l, 3); /* worst case */ - + #ifdef PHP_WIN32 cmd[y++] = ''; #else @@ -364,6 +371,12 @@ cmd[y++] = '\''; #endif cmd[y] = '\0'; + + if ((estimate - y) 4096) { + /* realloc if