dmitry Mon Aug 4 07:20:44 2008 UTC
Modified files:
/php-src/sapi/cgi cgi_main.c
/php-src/main fopen_wrappers.c
Log:
Removed shebang line check from CGI sapi (it is checked by scanner)
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.358&r2=1.359&diff_format=u
Index: php-src/sapi/cgi/cgi_main.c
diff -u php-src/sapi/cgi/cgi_main.c:1.358 php-src/sapi/cgi/cgi_main.c:1.359
--- php-src/sapi/cgi/cgi_main.c:1.358 Tue Jul 15 13:38:56 2008
+++ php-src/sapi/cgi/cgi_main.c Mon Aug 4 07:20:44 2008
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: cgi_main.c,v 1.358 2008/07/15 13:38:56 dmitry Exp $ */
+/* $Id: cgi_main.c,v 1.359 2008/08/04 07:20:44 dmitry Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -150,7 +150,6 @@
typedef struct _php_cgi_globals_struct {
zend_bool rfc2616_headers;
zend_bool nph;
- zend_bool check_shebang_line;
zend_bool fix_pathinfo;
zend_bool force_redirect;
zend_bool discard_path;
@@ -1294,7 +1293,6 @@
PHP_INI_BEGIN()
STD_PHP_INI_ENTRY("cgi.rfc2616_headers", "0", PHP_INI_ALL,
OnUpdateBool, rfc2616_headers, php_cgi_globals_struct, php_cgi_globals)
STD_PHP_INI_ENTRY("cgi.nph", "0", PHP_INI_ALL,
OnUpdateBool, nph, php_cgi_globals_struct, php_cgi_globals)
- STD_PHP_INI_ENTRY("cgi.check_shebang_line", "1", PHP_INI_SYSTEM,
OnUpdateBool, check_shebang_line, php_cgi_globals_struct, php_cgi_globals)
STD_PHP_INI_ENTRY("cgi.force_redirect", "1", PHP_INI_SYSTEM,
OnUpdateBool, force_redirect, php_cgi_globals_struct, php_cgi_globals)
STD_PHP_INI_ENTRY("cgi.redirect_status_env", NULL, PHP_INI_SYSTEM,
OnUpdateString, redirect_status_env, php_cgi_globals_struct, php_cgi_globals)
STD_PHP_INI_ENTRY("cgi.fix_pathinfo", "1", PHP_INI_SYSTEM,
OnUpdateBool, fix_pathinfo, php_cgi_globals_struct, php_cgi_globals)
@@ -1311,7 +1309,6 @@
{
php_cgi_globals->rfc2616_headers = 0;
php_cgi_globals->nph = 0;
- php_cgi_globals->check_shebang_line = 1;
php_cgi_globals->force_redirect = 1;
php_cgi_globals->redirect_status_env = NULL;
php_cgi_globals->fix_pathinfo = 1;
@@ -1378,7 +1375,6 @@
int exit_status = SUCCESS;
int cgi = 0, c, i, len;
zend_file_handle file_handle;
- int retval = FAILURE;
char *s;
/* temporary locals */
@@ -1949,65 +1945,37 @@
1. we are running from shell and got filename
was there
2. we are running as cgi or fastcgi
*/
- retval = FAILURE;
if (cgi || SG(request_info).path_translated) {
- if
(!php_check_open_basedir(SG(request_info).path_translated TSRMLS_CC)) {
- retval =
php_fopen_primary_script(&file_handle TSRMLS_CC);
- }
- }
- /*
- if we are unable to open path_translated and we
are not
- running from shell (so fp == NULL), then fail.
- */
- if (retval == FAILURE && file_handle.handle.fp == NULL)
{
- if (errno == EACCES) {
- SG(sapi_headers).http_response_code =
403;
- PUTS("Access denied.\n");
- } else {
- SG(sapi_headers).http_response_code =
404;
- PUTS("No input file specified.\n");
- }
- /* we want to serve more requests if this is
fastcgi
- so cleanup and continue, request shutdown is
- handled later */
- if (fastcgi) {
- goto fastcgi_request_done;
- }
+ if (php_fopen_primary_script(&file_handle
TSRMLS_CC) == FAILURE) {
+ if (errno == EACCES) {
+
SG(sapi_headers).http_response_code = 403;
+ PUTS("Access denied.\n");
+ } else {
+
SG(sapi_headers).http_response_code = 404;
+ PUTS("No input file
specified.\n");
+ }
+ /* we want to serve more requests if
this is fastcgi
+ so cleanup and continue, request
shutdown is
+ handled later */
+ if (fastcgi) {
+ goto fastcgi_request_done;
+ }
- STR_FREE(SG(request_info).path_translated);
+
STR_FREE(SG(request_info).path_translated);
- if (free_query_string &&
SG(request_info).query_string) {
- free(SG(request_info).query_string);
- SG(request_info).query_string = NULL;
- }
+ if (free_query_string &&
SG(request_info).query_string) {
+
free(SG(request_info).query_string);
+ SG(request_info).query_string =
NULL;
+ }
- php_request_shutdown((void *) 0);
- SG(server_context) = NULL;
- php_module_shutdown(TSRMLS_C);
- sapi_shutdown();
+ php_request_shutdown((void *) 0);
+ SG(server_context) = NULL;
+ php_module_shutdown(TSRMLS_C);
+ sapi_shutdown();
#ifdef ZTS
- tsrm_shutdown();
+ tsrm_shutdown();
#endif
- return FAILURE;
- }
-
- if (CGIG(check_shebang_line) && file_handle.handle.fp
&& (file_handle.handle.fp != stdin)) {
- /* #!php support */
- c = fgetc(file_handle.handle.fp);
- if (c == '#') {
- while (c != '\n' && c != '\r') {
- c =
fgetc(file_handle.handle.fp); /* skip to end of line */
- }
- /* handle situations where line is
terminated by \r\n */
- if (c == '\r') {
- if
(fgetc(file_handle.handle.fp) != '\n') {
- long pos =
ftell(file_handle.handle.fp);
-
fseek(file_handle.handle.fp, pos - 1, SEEK_SET);
- }
- }
- CG(start_lineno) = 2;
- } else {
- rewind(file_handle.handle.fp);
+ return FAILURE;
}
}
http://cvs.php.net/viewvc.cgi/php-src/main/fopen_wrappers.c?r1=1.207&r2=1.208&diff_format=u
Index: php-src/main/fopen_wrappers.c
diff -u php-src/main/fopen_wrappers.c:1.207 php-src/main/fopen_wrappers.c:1.208
--- php-src/main/fopen_wrappers.c:1.207 Mon Jul 21 08:42:35 2008
+++ php-src/main/fopen_wrappers.c Mon Aug 4 07:20:44 2008
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: fopen_wrappers.c,v 1.207 2008/07/21 08:42:35 dmitry Exp $ */
+/* $Id: fopen_wrappers.c,v 1.208 2008/08/04 07:20:44 dmitry Exp $ */
/* {{{ includes
*/
@@ -334,12 +334,9 @@
*/
PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
{
- FILE *fp;
-#ifndef PHP_WIN32
- struct stat st;
-#endif
char *path_info, *filename;
int length;
+ zend_bool orig_display_errors;
filename = SG(request_info).path_translated;
path_info = SG(request_info).request_uri;
@@ -406,6 +403,8 @@
}
} /* if doc_root && path_info */
+ filename = zend_resolve_path(filename, strlen(filename) TSRMLS_CC);
+
if (!filename) {
/* we have to free SG(request_info).path_translated here because
* php_destroy_request_info assumes that it will get
@@ -414,31 +413,20 @@
STR_FREE(SG(request_info).path_translated);
SG(request_info).path_translated = NULL;
return FAILURE;
+ } else {
+ STR_FREE(SG(request_info).path_translated);
+ SG(request_info).path_translated = filename;
}
- fp = VCWD_FOPEN(filename, "rb");
-
-#ifndef PHP_WIN32
- /* refuse to open anything that is not a regular file */
- if (fp && (0 > fstat(fileno(fp), &st) || !S_ISREG(st.st_mode))) {
- fclose(fp);
- fp = NULL;
- }
-#endif
- if (!fp) {
+ orig_display_errors = PG(display_errors);
+ PG(display_errors) = 0;
+ if (zend_stream_open(filename, file_handle TSRMLS_CC) == FAILURE) {
+ PG(display_errors) = orig_display_errors;
STR_FREE(SG(request_info).path_translated); /* for same
reason as above */
SG(request_info).path_translated = NULL;
return FAILURE;
}
-
- file_handle->opened_path = expand_filepath(filename, NULL TSRMLS_CC);
-
- SG(request_info).path_translated = filename;
-
- file_handle->filename = SG(request_info).path_translated;
- file_handle->free_filename = 0;
- file_handle->handle.fp = fp;
- file_handle->type = ZEND_HANDLE_FP;
+ PG(display_errors) = orig_display_errors;
return SUCCESS;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
