mime_magic mime_magic.c

Jani Taskinen Wed, 14 Jan 2004 23:11:02 -0800

sniper          Thu Jan 15 01:09:19 2004 EDT

  Modified files:              
    /php-src    NEWS 
    /php-src/ext/mime_magic     mime_magic.c 
  Log:
  - Fixed bug #26844 (ext/mime_magic: magic file validation broken).
  
  
Index: php-src/NEWS
diff -u php-src/NEWS:1.1576 php-src/NEWS:1.1577
--- php-src/NEWS:1.1576 Wed Jan 14 16:17:07 2004
+++ php-src/NEWS        Thu Jan 15 01:09:14 2004
@@ -8,6 +8,7 @@
 - Fixed class name case preserving of user defined classes. (Marcus)
 - Fixed bug #26911 (crash in sqlite extension when fetching data from empty 
   queries). (Ilia)
+- Fixed bug #26844 (ext/mime_magic: magic file validation broken). (Jani)
 - Fixed bug #26819 (http_build_query() crashes on NULL output). (Ilia)
 - Fixed bug #26817 (http_build_query() does not handle private & protected 
   object properties correctly). (Ilia)
Index: php-src/ext/mime_magic/mime_magic.c
diff -u php-src/ext/mime_magic/mime_magic.c:1.35 
php-src/ext/mime_magic/mime_magic.c:1.36
--- php-src/ext/mime_magic/mime_magic.c:1.35    Thu Jan  8 03:16:07 2004
+++ php-src/ext/mime_magic/mime_magic.c Thu Jan 15 01:09:16 2004
@@ -15,7 +15,7 @@
   | Author: Hartmut Holzgraefe  <[EMAIL PROTECTED]>                       |
   +----------------------------------------------------------------------+
 
-  $Id: mime_magic.c,v 1.35 2004/01/08 08:16:07 andi Exp $ 
+  $Id: mime_magic.c,v 1.36 2004/01/15 06:09:16 sniper Exp $ 
 
   This module contains a lot of stuff taken from Apache mod_mime_magic,
   so the license section is a little bit longer than usual:
@@ -483,15 +483,21 @@
 /*
  *
  */
-static int is_valid_mimetype(char *p)
+static int is_valid_mimetype(char *p, int p_len)
 {
-       do {
-               if(!isalnum(*p) && (*p != '-')) return 0;
-       } while(*(++p) != '/');
-       ++p;
-       do {
-               if(!isalnum(*p) && (*p != '-')) return 0;
-       } while(*(++p));
+       if (p_len > 0) {
+               do {
+                       if (!isalnum(*p) && (*p != '-') && (*p != '.')) {
+                               return 0;
+                       }
+               } while (*(++p) != '/');
+               ++p;
+               do {
+                       if (!isalnum(*p) && (*p != '-') && (*p != '.') && 
!isspace(*p)) {
+                               return 0;
+                       }
+               } while (*(++p));
+       }
        return 1;
 }
 
@@ -710,9 +716,9 @@
     else
                m->nospflag = 0;
 
-       if(!is_valid_mimetype(l)) {
+       if (!is_valid_mimetype(l, strlen(l))) {
                if(MIME_MAGIC_G(debug))
-                       php_error_docref("http://www.php.net/mime_magic"; TSRMLS_CC, 
E_WARNING, ": (%s:%d) '%s' is not a valid mimetype, etry skipped", 
MIME_MAGIC_G(magicfile), lineno, l);
+                       php_error_docref("http://www.php.net/mime_magic"; TSRMLS_CC, 
E_WARNING, ": (%s:%d) '%s' is not a valid mimetype, entry skipped", 
MIME_MAGIC_G(magicfile), lineno, l);
                return -1;
        }
        
@@ -992,7 +998,7 @@
     req_dat =  MIME_MAGIC_G(req_dat);
 
     /* allocate the result string */
-    result = (char *) emalloc(len + 1);
+    result = (char *) emalloc(len + 2);
 
     /* loop through and collect the string */
     res_pos = 0;


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src / NEWS /ext/mime_magic mime_magic.c

Reply via email to