[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/main/ rfc1867.c

[Arpad Ray]

arpadMon, 29 Aug 2011 21:11:07 +

Revision: http://svn.php.net/viewvc?view=revision&revision=315742

Log:
fix #55510: $_FILES 'name' missing first character after upload

Bug: https://bugs.php.net/55510 (Verified) $_FILES 'name' missing first 
character after upload.
  
Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-08-29 20:50:33 UTC (rev 
315741)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-08-29 21:11:07 UTC (rev 
315742)
@@ -1210,11 +1210,12 @@
}
 #ifdef PHP_WIN32
if (PG(magic_quotes_gpc)) {
-   s = s ? s : filename;
-   tmp = strrchr(s, '\'');
-   s = tmp > s ? tmp : s;
-   tmp = strrchr(s, '"');
-   s = tmp > s ? tmp : s;
+   if ((tmp = strrchr(s ? s : filename, '\'')) > 
s) {
+   s = tmp;
+   }
+   if ((tmp = strrchr(s ? s : filename, '"')) > s) 
{
+   s = tmp;
+   }
}
 #endif


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/rfc1867.c trunk/main/rfc1867.c

[Ilia Alshanetsky]

iliaaWed, 19 Jan 2011 13:09:05 +

Revision: http://svn.php.net/viewvc?view=revision&revision=307583

Log:
Win32 build fix

Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c
U   php/php-src/trunk/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-19 13:04:12 UTC (rev 
307582)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-19 13:09:05 UTC (rev 
307583)
@@ -989,8 +989,8 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
+   long c = 0;
tmp = param;
-   long c = 0;

while (*tmp) {
if (*tmp == '[') {

Modified: php/php-src/trunk/main/rfc1867.c
===
--- php/php-src/trunk/main/rfc1867.c2011-01-19 13:04:12 UTC (rev 307582)
+++ php/php-src/trunk/main/rfc1867.c2011-01-19 13:09:05 UTC (rev 307583)
@@ -945,8 +945,8 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
+   long c = 0;
tmp = param;
-   long c = 0;

while (*tmp) {
if (*tmp == '[') {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/main/rfc1867.c trunk/main/rfc1867.c

[Ilia Alshanetsky]

iliaaTue, 18 Jan 2011 13:17:23 +

Revision: http://svn.php.net/viewvc?view=revision&revision=307559

Log:
Fixed variable re-declaration

Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c
U   php/php-src/trunk/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-18 10:29:26 UTC (rev 
307558)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c 2011-01-18 13:17:23 UTC (rev 
307559)
@@ -989,7 +989,7 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
-   char *tmp = param;
+   tmp = param;
long c = 0;

while (*tmp) {

Modified: php/php-src/trunk/main/rfc1867.c
===
--- php/php-src/trunk/main/rfc1867.c2011-01-18 10:29:26 UTC (rev 307558)
+++ php/php-src/trunk/main/rfc1867.c2011-01-18 13:17:23 UTC (rev 307559)
@@ -945,7 +945,7 @@

/* New Rule: never repair potential malicious user 
input */
if (!skip_upload) {
-   char *tmp = param;
+   tmp = param;
long c = 0;

while (*tmp) {

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_3/main/ rfc1867.c

[Jani Taskinen]

jani Tue, 29 Dec 2009 18:59:58 +

Revision: http://svn.php.net/viewvc?view=revision&revision=292771

Log:
- WS + CS + folding tags

Changed paths:
U   php/php-src/branches/PHP_5_3/main/rfc1867.c

Modified: php/php-src/branches/PHP_5_3/main/rfc1867.c
===
--- php/php-src/branches/PHP_5_3/main/rfc1867.c	2009-12-29 18:54:08 UTC (rev 292770)
+++ php/php-src/branches/PHP_5_3/main/rfc1867.c	2009-12-29 18:59:58 UTC (rev 292771)
@@ -13,7 +13,7 @@
| lice...@php.net so we can mail you a copy immediately.   |
+--+
| Authors: Rasmus Lerdorf  |
-   |  Jani Taskinen   |
+   |  Jani Taskinen |
+--+
  */

@@ -23,7 +23,7 @@
  *  This product includes software developed by the Apache Group
  *  for use in the Apache HTTP server project (http://www.apache.org/).
  *
- */
+ */

 #include 
 #include "php.h"
@@ -44,7 +44,7 @@
 static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC);

 #define SAFE_RETURN { \
-php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \
+	php_mb_flush_gpc_variables(num_vars, val_list, len_list, array_ptr TSRMLS_CC); \
 	if (lbuf) efree(lbuf); \
 	if (abuf) efree(abuf); \
 	if (array_index) efree(array_index); \
@@ -56,7 +56,7 @@
 	if (mbuff) efree(mbuff); \
 	return; }

-void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr  TSRMLS_DC)
+void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr  TSRMLS_DC) /* {{{ */
 {
 	int i;
 	if (php_mb_encoding_translation(TSRMLS_C)) {
@@ -64,17 +64,18 @@
 			php_mb_gpc_encoding_detector(val_list, len_list, num_vars, NULL TSRMLS_CC) == SUCCESS) {
 			php_mb_gpc_encoding_converter(val_list, len_list, num_vars, NULL, NULL TSRMLS_CC);
 		}
-		for (i=0; i=*num_vars_max){
-		php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max,
-  16 TSRMLS_CC);
+	if (*num_vars >= *num_vars_max) {
+		php_mb_gpc_realloc_buffer(pval_list, plen_list, num_vars_max, 16 TSRMLS_CC);
 		/* in case realloc relocated the buffer */
 		val_list = *pval_list;
 		len_list = *plen_list;
@@ -105,6 +106,7 @@
 	len_list[*num_vars] = strlen(value);
 	(*num_vars)++;
 }
+/* }}} */

 #else

@@ -137,7 +139,7 @@
 #define UPLOAD_ERROR_F7  /* Failed to write file to disk */
 #define UPLOAD_ERROR_X8  /* File upload stopped by extension */

-void php_rfc1867_register_constants(TSRMLS_D)
+void php_rfc1867_register_constants(TSRMLS_D) /* {{{ */
 {
 	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_OK", UPLOAD_ERROR_OK, CONST_CS | CONST_PERSISTENT);
 	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_INI_SIZE",   UPLOAD_ERROR_A,  CONST_CS | CONST_PERSISTENT);
@@ -148,26 +150,27 @@
 	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_CANT_WRITE", UPLOAD_ERROR_F,  CONST_CS | CONST_PERSISTENT);
 	REGISTER_MAIN_LONG_CONSTANT("UPLOAD_ERR_EXTENSION",  UPLOAD_ERROR_X,  CONST_CS | CONST_PERSISTENT);
 }
+/* }}} */

-static void normalize_protected_variable(char *varname TSRMLS_DC)
+static void normalize_protected_variable(char *varname TSRMLS_DC) /* {{{ */
 {
-	char *s=varname, *index=NULL, *indexend=NULL, *p;
-
+	char *s = varname, *index = NULL, *indexend = NULL, *p;
+
 	/* overjump leading space */
 	while (*s == ' ') {
 		s++;
 	}
-
+
 	/* and remove it */
 	if (s != varname) {
 		memmove(varname, s, strlen(s)+1);
 	}

-	for (p=varname; *p && *p != '['; p++) {
+	for (p = varname; *p && *p != '['; p++) {
 		switch(*p) {
 			case ' ':
 			case '.':
-*p='_';
+*p = '_';
 break;
 		}
 	}
@@ -176,20 +179,19 @@
 	index = strchr(varname, '[');
 	if (index) {
 		index++;
-		s=index;
+		s = index;
 	} else {
 		return;
 	}

 	/* done? */
 	while (index) {
-
 		while (*index == ' ' || *index == '\r' || *index == '\n' || *index=='\t') {
 			index++;
 		}
 		indexend = strchr(index, ']');
 		indexend = indexend ? indexend + 1 : index + strlen(index);
-
+
 		if (s != index) {
 			memmove(s, index, strlen(index)+1);
 			s += indexend-index;
@@ -202,46 +204,45 @@
 			index = s;
 		} else {
 			index = NULL;
-		}
+		}
 	}
-
 	*s = '\0';
 }
+/* }}} */

-
-static void add_protected_variable(char *varname TSRMLS_DC)
+static void add_protected_variable(char *varname TSRMLS_DC) /* {{{ */
 {
-	int dummy=1;
+	int dummy = 1;

 	normalize_protected_variable(varname TSRMLS_CC);
 	zend_hash_add(&PG(rfc1867_protected_variables), varname, strlen(varname)+1, &dummy, sizeof(int), NULL);
 }
+/* }}} */

-
-static zend_bool is_protected_variable(char *varname TSRMLS_DC)
+static zend_bool is_protected_variable(char *varname TSRMLS_DC) /* {{{ */
 {
 	normalize_protected_variable(varname