felipe Fri, 19 Nov 2010 22:06:44 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=305570
Log:
- Fixed extract() to do not overwrite $GLOBALS and $this when using
EXTR_OVERWRITE.
patch by: jorto at redhat dot com
Changed paths:
U php/php-src/branches/PHP_5_2/NEWS
U php/php-src/branches/PHP_5_2/ext/standard/array.c
A
php/php-src/branches/PHP_5_2/ext/standard/tests/array/extract_safety.phpt
U php/php-src/branches/PHP_5_3/NEWS
U php/php-src/branches/PHP_5_3/ext/standard/array.c
A
php/php-src/branches/PHP_5_3/ext/standard/tests/array/extract_safety.phpt
U php/php-src/trunk/ext/standard/array.c
A php/php-src/trunk/ext/standard/tests/array/extract_safety.phpt
Modified: php/php-src/branches/PHP_5_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_2/NEWS 2010-11-19 21:38:48 UTC (rev 305569)
+++ php/php-src/branches/PHP_5_2/NEWS 2010-11-19 22:06:44 UTC (rev 305570)
@@ -1,6 +1,8 @@
PHP
NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2010, PHP 5.2.15RC2
+- Fixed extract() to do not overwrite $GLOBALS and $this when using
+ EXTR_OVERWRITE. (jorto at redhat dot com)
18 Nov 2010, PHP 5.2.15RC1
- Fixed a possible double free in imap extension (Identified by Mateusz
Modified: php/php-src/branches/PHP_5_2/ext/standard/array.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/standard/array.c 2010-11-19 21:38:48 UTC
(rev 305569)
+++ php/php-src/branches/PHP_5_2/ext/standard/array.c 2010-11-19 22:06:44 UTC
(rev 305570)
@@ -1516,10 +1516,10 @@
case EXTR_OVERWRITE:
/* GLOBALS protection */
- if (var_exists && var_name_len ==
sizeof("GLOBALS") && !strcmp(var_name, "GLOBALS")) {
+ if (var_exists && var_name_len ==
sizeof("GLOBALS")-1 && !strcmp(var_name, "GLOBALS")) {
break;
}
- if (var_exists && var_name_len ==
sizeof("this") && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
+ if (var_exists && var_name_len ==
sizeof("this")-1 && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
break;
}
smart_str_appendl(&final_name, var_name,
var_name_len);
Added: php/php-src/branches/PHP_5_2/ext/standard/tests/array/extract_safety.phpt
===================================================================
--- php/php-src/branches/PHP_5_2/ext/standard/tests/array/extract_safety.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_2/ext/standard/tests/array/extract_safety.phpt
2010-11-19 22:06:44 UTC (rev 305570)
@@ -0,0 +1,24 @@
+--TEST--
+Test extract() for overwrite of GLOBALS
+--FILE--
+<?php
+$str = "John";
+debug_zval_dump($GLOBALS["str"]);
+
+/* Extracting Global Variables */
+$splat = array("foo" => "bar");
+var_dump(extract(array("GLOBALS" => $splat, EXTR_OVERWRITE)));
+
+unset ($splat);
+
+debug_zval_dump($GLOBALS["str"]);
+
+echo "\nDone";
+?>
+
+--EXPECTF--
+string(4) "John" refcount(2)
+int(0)
+string(4) "John" refcount(2)
+
+Done
\ No newline at end of file
Property changes on:
php/php-src/branches/PHP_5_2/ext/standard/tests/array/extract_safety.phpt
___________________________________________________________________
Added: svn:keywords
+ Id Rev Revision
Added: svn:eol-style
+ native
Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS 2010-11-19 21:38:48 UTC (rev 305569)
+++ php/php-src/branches/PHP_5_3/NEWS 2010-11-19 22:06:44 UTC (rev 305570)
@@ -1,6 +1,8 @@
PHP
NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2010, PHP 5.3.4
+- Fixed extract() to do not overwrite $GLOBALS and $this when using
+ EXTR_OVERWRITE. (jorto at redhat dot com)
- Fixed bug #53362 (Segmentation fault when extending SplFixedArray). (Felipe)
- Fixed bug #47168 (printf of floating point variable prints maximum of 40
decimal places). (Ilia)
Modified: php/php-src/branches/PHP_5_3/ext/standard/array.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/standard/array.c 2010-11-19 21:38:48 UTC
(rev 305569)
+++ php/php-src/branches/PHP_5_3/ext/standard/array.c 2010-11-19 22:06:44 UTC
(rev 305570)
@@ -1389,10 +1389,10 @@
case EXTR_OVERWRITE:
/* GLOBALS protection */
- if (var_exists && var_name_len ==
sizeof("GLOBALS") && !strcmp(var_name, "GLOBALS")) {
+ if (var_exists && var_name_len ==
sizeof("GLOBALS")-1 && !strcmp(var_name, "GLOBALS")) {
break;
}
- if (var_exists && var_name_len ==
sizeof("this") && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
+ if (var_exists && var_name_len ==
sizeof("this")-1 && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
break;
}
ZVAL_STRINGL(&final_name, var_name,
var_name_len, 1);
Added: php/php-src/branches/PHP_5_3/ext/standard/tests/array/extract_safety.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/ext/standard/tests/array/extract_safety.phpt
(rev 0)
+++ php/php-src/branches/PHP_5_3/ext/standard/tests/array/extract_safety.phpt
2010-11-19 22:06:44 UTC (rev 305570)
@@ -0,0 +1,24 @@
+--TEST--
+Test extract() for overwrite of GLOBALS
+--FILE--
+<?php
+$str = "John";
+debug_zval_dump($GLOBALS["str"]);
+
+/* Extracting Global Variables */
+$splat = array("foo" => "bar");
+var_dump(extract(array("GLOBALS" => $splat, EXTR_OVERWRITE)));
+
+unset ($splat);
+
+debug_zval_dump($GLOBALS["str"]);
+
+echo "\nDone";
+?>
+
+--EXPECTF--
+string(4) "John" refcount(2)
+int(0)
+string(4) "John" refcount(2)
+
+Done
\ No newline at end of file
Property changes on:
php/php-src/branches/PHP_5_3/ext/standard/tests/array/extract_safety.phpt
___________________________________________________________________
Added: svn:keywords
+ Id Rev Revision
Added: svn:eol-style
+ native
Modified: php/php-src/trunk/ext/standard/array.c
===================================================================
--- php/php-src/trunk/ext/standard/array.c 2010-11-19 21:38:48 UTC (rev
305569)
+++ php/php-src/trunk/ext/standard/array.c 2010-11-19 22:06:44 UTC (rev
305570)
@@ -1389,10 +1389,10 @@
case EXTR_OVERWRITE:
/* GLOBALS protection */
- if (var_exists && var_name_len ==
sizeof("GLOBALS") && !strcmp(var_name, "GLOBALS")) {
+ if (var_exists && var_name_len ==
sizeof("GLOBALS")-1 && !strcmp(var_name, "GLOBALS")) {
break;
}
- if (var_exists && var_name_len ==
sizeof("this") && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
+ if (var_exists && var_name_len ==
sizeof("this")-1 && !strcmp(var_name, "this") && EG(scope) &&
EG(scope)->name_length != 0) {
break;
}
ZVAL_STRINGL(&final_name, var_name,
var_name_len, 1);
Added: php/php-src/trunk/ext/standard/tests/array/extract_safety.phpt
===================================================================
--- php/php-src/trunk/ext/standard/tests/array/extract_safety.phpt
(rev 0)
+++ php/php-src/trunk/ext/standard/tests/array/extract_safety.phpt
2010-11-19 22:06:44 UTC (rev 305570)
@@ -0,0 +1,24 @@
+--TEST--
+Test extract() for overwrite of GLOBALS
+--FILE--
+<?php
+$str = "John";
+debug_zval_dump($GLOBALS["str"]);
+
+/* Extracting Global Variables */
+$splat = array("foo" => "bar");
+var_dump(extract(array("GLOBALS" => $splat, EXTR_OVERWRITE)));
+
+unset ($splat);
+
+debug_zval_dump($GLOBALS["str"]);
+
+echo "\nDone";
+?>
+
+--EXPECTF--
+string(4) "John" refcount(2)
+int(0)
+string(4) "John" refcount(2)
+
+Done
\ No newline at end of file
Property changes on:
php/php-src/trunk/ext/standard/tests/array/extract_safety.phpt
___________________________________________________________________
Added: svn:keywords
+ Id Rev Revision
Added: svn:eol-style
+ native
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
