[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
pajoye Thu Apr 30 15:25:37 2009 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c
Log:
- MFB: #45997, safe_mode bypass with exec/sytem/passthru (windows only)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.16r2=1.113.2.3.2.1.2.17diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.17
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16 Sun Apr 19 14:59:52 2009
+++ php-src/ext/standard/exec.c Thu Apr 30 15:25:37 2009
@@ -16,7 +16,7 @@
| Ilia Alshanetsky il...@php.net |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.16 2009/04/19 14:59:52 iliaa Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.17 2009/04/30 15:25:37 pajoye Exp $ */
#include stdio.h
#include php.h
@@ -79,7 +79,16 @@
php_error_docref(NULL TSRMLS_CC, E_WARNING, No '..'
components allowed in path);
goto err;
}
+
b = strrchr(cmd, PHP_DIR_SEPARATOR);
+
+#ifdef PHP_WIN32
+ if (b *b == '\\' b == cmd) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid
absolute path.);
+ goto err;
+ }
+#endif
+
spprintf(d, 0, %s%s%s%s%s, PG(safe_mode_exec_dir), (b ? :
/), (b ? b : cmd), (c ? : ), (c ? c : ));
if (c) {
*(c - 1) = ' ';
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
hi Ilia,
It is not related to ZTS but to the new output API in HEAD. For the
new struct, see main/php_output.h:126).
Cheers,
On Sun, Apr 19, 2009 at 4:59 PM, Ilia Alshanetsky il...@php.net wrote:
iliaa Sun Apr 19 14:59:52 2009 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c
Log:
Fixed bug #47937 (system() calls sapi_flush() regardless of output
buffering)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.15r2=1.113.2.3.2.1.2.16diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15 Wed Dec 31 11:15:45
2008
+++ php-src/ext/standard/exec.c Sun Apr 19 14:59:52 2009
@@ -16,7 +16,7 @@
| Ilia Alshanetsky il...@php.net |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.15 2008/12/31 11:15:45 sebastian Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.16 2009/04/19 14:59:52 iliaa Exp $ */
#include stdio.h
#include php.h
@@ -131,7 +131,9 @@
if (type == 1) {
PHPWRITE(buf, bufl);
- sapi_flush(TSRMLS_C);
+ if (OG(ob_nesting_level) 1) {
+ sapi_flush(TSRMLS_C);
+ }
} else if (type == 2) {
/* strip trailing whitespaces */
l = bufl;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Pierre
http://blog.thepimp.net | http://www.libgd.org
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
iliaa Sun Apr 19 14:59:52 2009 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c
Log:
Fixed bug #47937 (system() calls sapi_flush() regardless of output
buffering)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.15r2=1.113.2.3.2.1.2.16diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.16
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.15 Wed Dec 31 11:15:45 2008
+++ php-src/ext/standard/exec.c Sun Apr 19 14:59:52 2009
@@ -16,7 +16,7 @@
| Ilia Alshanetsky il...@php.net |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.15 2008/12/31 11:15:45 sebastian Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.16 2009/04/19 14:59:52 iliaa Exp $ */
#include stdio.h
#include php.h
@@ -131,7 +131,9 @@
if (type == 1) {
PHPWRITE(buf, bufl);
- sapi_flush(TSRMLS_C);
+ if (OG(ob_nesting_level) 1) {
+ sapi_flush(TSRMLS_C);
+ }
} else if (type == 2) {
/* strip trailing whitespaces */
l = bufl;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
indeyetsThu Oct 16 11:59:37 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fixed compilation warnings: tsrm_ls is not used here (anymore?) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.12r2=1.113.2.3.2.1.2.13diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.12 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.13 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.12 Sun Aug 17 15:23:45 2008 +++ php-src/ext/standard/exec.c Thu Oct 16 11:59:37 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.12 2008/08/17 15:23:45 pajoye Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.13 2008/10/16 11:59:37 indeyets Exp $ */ #include stdio.h #include php.h @@ -268,8 +268,6 @@ char *cmd; char *p = NULL; size_t estimate = (2 * l) + 1; - - TSRMLS_FETCH(); cmd = safe_emalloc(2, l, 1); @@ -358,7 +356,6 @@ int x, y = 0, l = strlen(str); char *cmd; size_t estimate = (4 * l) + 3; - TSRMLS_FETCH(); cmd = safe_emalloc(4, l, 3); /* worst case */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
felipe Thu Oct 16 13:00:27 2008 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c
Log:
- Revert
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.13r2=1.113.2.3.2.1.2.14diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.13
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.14
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.13 Thu Oct 16 11:59:37 2008
+++ php-src/ext/standard/exec.c Thu Oct 16 13:00:27 2008
@@ -16,7 +16,7 @@
| Ilia Alshanetsky [EMAIL PROTECTED] |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.13 2008/10/16 11:59:37 indeyets Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.14 2008/10/16 13:00:27 felipe Exp $ */
#include stdio.h
#include php.h
@@ -269,6 +269,8 @@
char *p = NULL;
size_t estimate = (2 * l) + 1;
+ TSRMLS_FETCH();
+
cmd = safe_emalloc(2, l, 1);
for (x = 0, y = 0; x l; x++) {
@@ -357,6 +359,8 @@
char *cmd;
size_t estimate = (4 * l) + 3;
+ TSRMLS_FETCH();
+
cmd = safe_emalloc(4, l, 3); /* worst case */
#ifdef PHP_WIN32
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c /ext/standard/tests/general_functions escapeshellcmd-win32.phpt
pajoye Sun Aug 17 15:23:45 2008 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c
/php-src/ext/standard/tests/general_functions
escapeshellcmd-win32.phpt
Log:
- [DOC] MFH: improve fix for #43261 for % and
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.11r2=1.113.2.3.2.1.2.12diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.11
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.12
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.11 Tue Jul 22 21:53:53 2008
+++ php-src/ext/standard/exec.c Sun Aug 17 15:23:45 2008
@@ -16,7 +16,7 @@
| Ilia Alshanetsky [EMAIL PROTECTED] |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.11 2008/07/22 21:53:53 scottmac Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.12 2008/08/17 15:23:45 pajoye Exp $ */
#include stdio.h
#include php.h
@@ -287,9 +287,9 @@
}
switch (str[x]) {
+#ifndef PHP_WIN32
case '':
case '\'':
-#ifndef PHP_WIN32
if (!p (p = memchr(str + x + 1, str[x], l -
x - 1))) {
/* noop */
} else if (p *p == str[x]) {
@@ -300,10 +300,12 @@
cmd[y++] = str[x];
break;
#else
- /* This is Windows specific for enviromental variables
*/
+ /* % is Windows specific for enviromental variables,
^%PATH% will
+ output PATH whil ^%PATH^% not. escapeshellcmd
will escape all %.
+ */
case '%':
- cmd[y++] = ' ';
- break;
+ case '':
+ case '\'':
#endif
case '#': /* This is character-set independent */
case '':
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt?r1=1.1.2.2r2=1.1.2.3diff_format=u
Index: php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt
diff -u
php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt:1.1.2.2
php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt:1.1.2.3
---
php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt:1.1.2.2
Tue Jul 22 16:21:16 2008
+++ php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt
Sun Aug 17 15:23:45 2008
@@ -16,7 +16,8 @@
'()[]{}$',
'%^',
'#;`|*?',
- '~\\'
+ '~\\',
+ '%NOENV%'
);
$count = 1;
@@ -38,9 +39,11 @@
-- Test 4 --
string(14) ^(^)^[^]^{^}^$
-- Test 5 --
-string(2) ^^
+string(4) ^%^^
-- Test 6 --
string(14) ^#^^;^`^|^*^?
-- Test 7 --
string(8) ^~^^^\
+-- Test 8 --
+string(9) ^%NOENV^%
Done
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c /ext/standard/tests/general_functions escapeshellcmd-win32.phpt
scottmacTue Jul 22 16:21:16 2008 UTC
Added files: (Branch: PHP_5_3)
/php-src/ext/standard/tests/general_functions
escapeshellcmd-win32.phpt
Modified files:
/php-src/ext/standard exec.c
Log:
MFH: Add test for escapeshellcmd and restore previous behaviour with
stripping % on Windows.
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.9r2=1.113.2.3.2.1.2.10diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.9
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.10
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.9 Fri May 30 16:56:57 2008
+++ php-src/ext/standard/exec.c Tue Jul 22 16:21:16 2008
@@ -16,7 +16,7 @@
| Ilia Alshanetsky [EMAIL PROTECTED] |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.9 2008/05/30 16:56:57 scottmac Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.10 2008/07/22 16:21:16 scottmac Exp $ */
#include stdio.h
#include php.h
@@ -299,6 +299,11 @@
}
cmd[y++] = str[x];
break;
+#else
+ /* This is Windows specific for enviromental variables
*/
+ case '%':
+ cmd[y++] = '';
+ break;
#endif
case '#': /* This is character-set independent */
case '':
@@ -322,8 +327,6 @@
case '\x0A': /* excluding these two */
case '\xFF':
#ifdef PHP_WIN32
- /* This is Windows specific for enviromental variables
*/
- case '%':
cmd[y++] = '^';
#else
cmd[y++] = '\\';
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt?view=markuprev=1.1
Index: php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt
+++ php-src/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt
--TEST--
Test escapeshellcmd() functionality on Windows
--SKIPIF--
?php
if( substr(PHP_OS, 0, 3) != 'WIN' ) {
die('skip...Valid for Windows only');
}
?
--FILE--
?php
echo *** Testing escapeshellcmd() basic operations ***\n;
$data = array(
'abc',
'abc,
'?',
'()[]{}$',
'%^',
'#;`|*?',
'~\\'
);
$count = 1;
foreach ($data AS $value) {
echo -- Test . $count++ . --\n;
var_dump(escapeshellcmd($value));
}
echo Done\n;
?
--EXPECTF--
*** Testing escapeshellcmd() basic operations ***
-- Test 1 --
string(5) ^abc
-- Test 2 --
string(5) ^'abc
-- Test 3 --
string(6) ^?^^
-- Test 4 --
string(14) ^(^)^[^]^{^}^$
-- Test 5 --
string(2) ^^
-- Test 6 --
string(14) ^#^^;^`^|^*^?
-- Test 7 --
string(8) ^~^^^\
Done
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
scottmacTue Jul 22 21:53:53 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fix windows build error. http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.10r2=1.113.2.3.2.1.2.11diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.10 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.11 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.10 Tue Jul 22 16:21:16 2008 +++ php-src/ext/standard/exec.c Tue Jul 22 21:53:53 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.10 2008/07/22 16:21:16 scottmac Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.11 2008/07/22 21:53:53 scottmac Exp $ */ #include stdio.h #include php.h @@ -302,7 +302,7 @@ #else /* This is Windows specific for enviromental variables */ case '%': - cmd[y++] = ''; + cmd[y++] = ' '; break; #endif case '#': /* This is character-set independent */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
scottmacFri May 30 16:56:57 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: MFH Fixed bug #43261 (Use ^ as an escape character for Windows escapeshellcmd) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.8r2=1.113.2.3.2.1.2.9diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.8 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.9 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.8 Sun Mar 30 12:24:10 2008 +++ php-src/ext/standard/exec.c Fri May 30 16:56:57 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.8 2008/03/30 12:24:10 felipe Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.9 2008/05/30 16:56:57 scottmac Exp $ */ #include stdio.h #include php.h @@ -322,12 +322,12 @@ case '\x0A': /* excluding these two */ case '\xFF': #ifdef PHP_WIN32 - /* since Windows does not allow us to escape these chars, just remove them */ + /* This is Windows specific for enviromental variables */ case '%': - cmd[y++] = ' '; - break; -#endif + cmd[y++] = '^'; +#else cmd[y++] = '\\'; +#endif /* fall-through */ default: cmd[y++] = str[x]; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c /sapi/cli/tests bug44564.phpt
felipe Sun Mar 30 12:24:10 2008 UTC
Added files: (Branch: PHP_5_3)
/php-src/sapi/cli/tests bug44564.phpt
Modified files:
/php-src/ext/standard exec.c
Log:
MFB: Fixed bug #44564 (escapeshellarg removes UTF-8 multi-byte characters)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.7r2=1.113.2.3.2.1.2.8diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.7
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.8
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.7 Fri Mar 21 08:28:24 2008
+++ php-src/ext/standard/exec.c Sun Mar 30 12:24:10 2008
@@ -16,7 +16,7 @@
| Ilia Alshanetsky [EMAIL PROTECTED] |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.7 2008/03/21 08:28:24 tony2001 Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.8 2008/03/30 12:24:10 felipe Exp $ */
#include stdio.h
#include php.h
@@ -280,6 +280,8 @@
if (mb_len 0) {
continue;
} else if (mb_len 1) {
+ memcpy(cmd + y, str + x, mb_len);
+ y += mb_len;
x += mb_len - 1;
continue;
}
@@ -368,6 +370,8 @@
if (mb_len 0) {
continue;
} else if (mb_len 1) {
+ memcpy(cmd + y, str + x, mb_len);
+ y += mb_len;
x += mb_len - 1;
continue;
}
http://cvs.php.net/viewvc.cgi/php-src/sapi/cli/tests/bug44564.phpt?view=markuprev=1.1
Index: php-src/sapi/cli/tests/bug44564.phpt
+++ php-src/sapi/cli/tests/bug44564.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
tony2001Fri Mar 21 08:28:24 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: fix ZTS build http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.6r2=1.113.2.3.2.1.2.7diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.6 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.7 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.6 Thu Mar 20 23:25:31 2008 +++ php-src/ext/standard/exec.c Fri Mar 21 08:28:24 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.6 2008/03/20 23:25:31 iliaa Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.7 2008/03/21 08:28:24 tony2001 Exp $ */ #include stdio.h #include php.h @@ -351,6 +351,7 @@ int x, y = 0, l = strlen(str); char *cmd; size_t estimate = (4 * l) + 3; + TSRMLS_FETCH(); cmd = safe_emalloc(4, l, 3); /* worst case */ -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
iliaa Thu Mar 20 23:25:31 2008 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c
Log:
Refine fix for multibyte char hanling inside command names and args
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.5r2=1.113.2.3.2.1.2.6diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.5
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.6
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.5 Tue Mar 18 00:24:21 2008
+++ php-src/ext/standard/exec.c Thu Mar 20 23:25:31 2008
@@ -16,7 +16,7 @@
| Ilia Alshanetsky [EMAIL PROTECTED] |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.5 2008/03/18 00:24:21 felipe Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.6 2008/03/20 23:25:31 iliaa Exp $ */
#include stdio.h
#include php.h
@@ -274,8 +274,13 @@
cmd = safe_emalloc(2, l, 1);
for (x = 0, y = 0; x l; x++) {
+ int mb_len = php_mblen(str + x, (l - x));
+
/* skip non-valid multibyte characters */
- if (php_mblen(str + x, (l - x)) 0) {
+ if (mb_len 0) {
+ continue;
+ } else if (mb_len 1) {
+ x += mb_len - 1;
continue;
}
@@ -356,6 +361,16 @@
#endif
for (x = 0; x l; x++) {
+ int mb_len = php_mblen(str + x, (l - x));
+
+ /* skip non-valid multibyte characters */
+ if (mb_len 0) {
+ continue;
+ } else if (mb_len 1) {
+ x += mb_len - 1;
+ continue;
+ }
+
switch (str[x]) {
#ifdef PHP_WIN32
case '':
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
iliaa Mon Mar 17 23:01:28 2008 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c
Log:
Properly address incomplete multibyte chars inside escapeshellcmd()
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.3r2=1.113.2.3.2.1.2.4diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.3
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.4
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.3 Mon Dec 31 07:17:14 2007
+++ php-src/ext/standard/exec.c Mon Mar 17 23:01:27 2008
@@ -16,7 +16,7 @@
| Ilia Alshanetsky [EMAIL PROTECTED] |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.3 2007/12/31 07:17:14 sebastian Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.4 2008/03/17 23:01:27 iliaa Exp $ */
#include stdio.h
#include php.h
@@ -271,6 +271,11 @@
cmd = safe_emalloc(2, l, 1);
for (x = 0, y = 0; x l; x++) {
+ /* skip non-valid multibyte characters */
+ if (php_mblen(str + x, (l - x)) 0) {
+ continue;
+ }
+
switch (str[x]) {
case '':
case '\'':
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c
felipe Tue Mar 18 00:24:21 2008 UTC Modified files: (Branch: PHP_5_3) /php-src/ext/standard exec.c Log: Fix build http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.4r2=1.113.2.3.2.1.2.5diff_format=u Index: php-src/ext/standard/exec.c diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.4 php-src/ext/standard/exec.c:1.113.2.3.2.1.2.5 --- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.4 Mon Mar 17 23:01:27 2008 +++ php-src/ext/standard/exec.c Tue Mar 18 00:24:21 2008 @@ -16,7 +16,7 @@ | Ilia Alshanetsky [EMAIL PROTECTED] | +--+ */ -/* $Id: exec.c,v 1.113.2.3.2.1.2.4 2008/03/17 23:01:27 iliaa Exp $ */ +/* $Id: exec.c,v 1.113.2.3.2.1.2.5 2008/03/18 00:24:21 felipe Exp $ */ #include stdio.h #include php.h @@ -25,6 +25,7 @@ #include safe_mode.h #include ext/standard/head.h #include ext/standard/file.h +#include basic_functions.h #include exec.h #include php_globals.h #include SAPI.h @@ -267,6 +268,8 @@ char *cmd; char *p = NULL; size_t estimate = (2 * l) + 1; + + TSRMLS_FETCH(); cmd = safe_emalloc(2, l, 1); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] cvs: php-src(PHP_5_3) /ext/standard exec.c exec.h
janiMon Nov 5 14:06:53 2007 UTC
Modified files: (Branch: PHP_5_3)
/php-src/ext/standard exec.c exec.h
Log:
MFH: sync
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.1r2=1.113.2.3.2.1.2.2diff_format=u
Index: php-src/ext/standard/exec.c
diff -u php-src/ext/standard/exec.c:1.113.2.3.2.1.2.1
php-src/ext/standard/exec.c:1.113.2.3.2.1.2.2
--- php-src/ext/standard/exec.c:1.113.2.3.2.1.2.1 Sun Sep 30 05:49:44 2007
+++ php-src/ext/standard/exec.c Mon Nov 5 14:06:53 2007
@@ -16,7 +16,7 @@
| Ilia Alshanetsky [EMAIL PROTECTED] |
+--+
*/
-/* $Id: exec.c,v 1.113.2.3.2.1.2.1 2007/09/30 05:49:44 jani Exp $ */
+/* $Id: exec.c,v 1.113.2.3.2.1.2.2 2007/11/05 14:06:53 jani Exp $ */
#include stdio.h
#include php.h
@@ -57,7 +57,7 @@
* If type==3, output will be printed binary, no lines will be saved or
returned (passthru)
*
*/
-int php_exec(int type, char *cmd, zval *array, zval *return_value TSRMLS_DC)
+PHPAPI int php_exec(int type, char *cmd, zval *array, zval *return_value
TSRMLS_DC)
{
FILE *fp;
char *buf, *tmp=NULL;
@@ -111,7 +111,7 @@
if (type != 3) {
b = buf;
-
+
while (php_stream_get_line(stream, b, EXEC_INPUT_BUF, bufl)) {
/* no new line found, let's read some more */
if (b[bufl - 1] != '\n' !php_stream_eof(stream)) {
@@ -132,7 +132,7 @@
PHPWRITE(buf, bufl);
sapi_flush(TSRMLS_C);
} else if (type == 2) {
- /* strip trailing whitespaces */
+ /* strip trailing whitespaces */
l = bufl;
while (l-- isspace(((unsigned char
*)buf)[l]));
if (l != (int)(bufl - 1)) {
@@ -144,7 +144,7 @@
b = buf;
}
if (bufl) {
- /* strip trailing whitespaces if we have not done so
already */
+ /* strip trailing whitespaces if we have not done so
already */
if (type != 2) {
l = bufl;
while (l-- isspace(((unsigned char
*)buf)[l]));
@@ -157,7 +157,7 @@
/* Return last line from the shell command */
if (PG(magic_quotes_runtime)) {
int len;
-
+
tmp = php_addslashes(buf, bufl, len, 0
TSRMLS_CC);
RETVAL_STRINGL(tmp, len, 0);
} else {
@@ -172,7 +172,7 @@
}
}
- pclose_return = php_stream_close(stream);
+ pclose_return = php_stream_close(stream);
efree(buf);
done:
@@ -191,7 +191,7 @@
}
/* }}} */
-static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode)
+static void php_exec_ex(INTERNAL_FUNCTION_PARAMETERS, int mode) /* {{{ */
{
char *cmd;
int cmd_len;
@@ -226,6 +226,7 @@
ZVAL_LONG(ret_code, ret);
}
}
+/* }}} */
/* {{{ proto string exec(string command [, array output [, int
return_value]])
Execute an external program */
@@ -233,7 +234,6 @@
{
php_exec_ex(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);
}
-
/* }}} */
/* {{{ proto int system(string command [, int return_value])
@@ -261,14 +261,15 @@
*NOT* safe for binary strings
*/
-char *php_escape_shell_cmd(char *str) {
- register int x, y, l;
+PHPAPI char *php_escape_shell_cmd(char *str)
+{
+ register int x, y, l = strlen(str);
char *cmd;
char *p = NULL;
+ size_t estimate = (2 * l) + 1;
- l = strlen(str);
cmd = safe_emalloc(2, l, 1);
-
+
for (x = 0, y = 0; x l; x++) {
switch (str[x]) {
case '':
@@ -319,21 +320,27 @@
}
}
cmd[y] = '\0';
+
+ if ((estimate - y) 4096) {
+ /* realloc if the estimate was way overill
+* Arbitrary cutoff point of 4096 */
+ cmd = erealloc(cmd, y + 1);
+ }
+
return cmd;
}
/* }}} */
/* {{{ php_escape_shell_arg
*/
-char *php_escape_shell_arg(char *str) {
- int x, y, l;
+PHPAPI char *php_escape_shell_arg(char *str)
+{
+ int x, y = 0, l = strlen(str);
char *cmd;
+ size_t estimate = (4 * l) + 3;
- y = 0;
- l = strlen(str);
-
cmd = safe_emalloc(4, l, 3); /* worst case */
-
+
#ifdef PHP_WIN32
cmd[y++] = '';
#else
@@ -364,6 +371,12 @@
cmd[y++] = '\'';
#endif
cmd[y] = '\0';
+
+ if ((estimate - y) 4096) {
+ /* realloc if
