On Thu, 2004-02-05 at 14:27, Jani Taskinen wrote: > I don't remember seeing any patch..nor do I see one now.. > And what exactly is the problem you see that the patch fixes?
Here it is again ... Is there a problem with the archive from 20 Nov 2003 ?!?!? > On Thu, 5 Feb 2004, Doru Petrescu wrote: > > > > > > >Hi, > > > >some time ago I sent a patch to fix this uninitialized variable in the > >apache2 sapi code. all other SAPIs DO initialize it, so I figured out it > >is something that should be corrected. > > > >I see neither php-5.0.0B3 nor php-4.3.5RC2 implement this. > > > >Can someone comment on this ? Was my 2 line patch incorrectly wrote ? > >Maybe it did not apply ? Maybe it is wrong to initialize that variable ? > >but then why other SAPIs initialize it ? are them wrong ? is there a > >hidden security problem that I did not see ? > > > >My original email was sent on 20 Nov 2003, original subj was "[PHP-DEV] > >[PATCH] sapi apache2 uninitialized content-length value" > > > > > >
--- Begin Message ---This is a MIME-formatted message. If you see this text it means that your E-mail software does not support MIME-formatted messages. --=3D3D3D_dial-30688-1069326812-0001-2 Content-Type: text/plain; charset=3D3D3Diso-8859-1 Content-Transfer-Encoding: 8bit Hi, While playing with the upload progress meter I noticed that apache2 sapi implementation does not initialize the content-length sapi variable. Apache 1.3 sapi does! and so does ALL OTHER interfaces. A quick grep into the sources will reveal that only apache2handler and apache2filter does not initialize this. Is there a reason for this ? Or is just something that sliped ? I wrote a patch to fix this. see attached. tested and it works with no problem and correctly reports the content-length. It is very simple and straight forward. copy/paste from apache 1.3 interface. now, I just wish nobody will upload anything over 2GB - integer overflow will doom the upload. =3D3D20 =3D3D20 --=3D3D20 Best regards, Doru Petrescu Senior Software Engineer Astral Telecom Bucuresti = =3D =3D3D =3D3D20 --=3D3D3D_dial-30688-1069326812-0001-2 Content-Type: text/x-patch; name=3D3D3D"patch.sapi_apache2_content_length.t= xt=3D ";=3D3D charset=3D3D3Diso-8859-1 Content-Disposition: attachment; filename=3D3D3Dpatch.sapi_apache2_content_= le=3D ng=3D3D th.txt Content-Transfer-Encoding: 8bit diff -rubB orig/php-4.3.4/sapi/apache2filter/sapi_apache2.c php-4.3.4/sapi/= =3D =3D3D apache2filter/sapi_apache2.c --- orig/php-4.3.4/sapi/apache2filter/sapi_apache2.c 2003-08-03 22:31:13.00= =3D =3D3D 0000000 +0300 +++ php-4.3.4/sapi/apache2filter/sapi_apache2.c 2003-11-19 19:34:02.0000000= =3D =3D3D 00 +0200 @@ -376,6 +376,7 @@ static void php_apache_request_ctor(ap_filter_t *f, php_struct *ctx TSRMLS= =3D =3D3D _DC) { char *content_type; + char *content_length; const char *auth; =3D3D09 PG(during_request_startup) =3D3D3D 0; @@ -393,6 +394,10 @@ SG(request_info).post_data =3D3D3D ctx->post_data; SG(request_info).post_data_length =3D3D3D ctx->post_len; efree(content_type); + + content_length =3D3D3D (char *) apr_table_get(f->r->headers_in, "Content-= Le=3D ng=3D3D th"); + SG(request_info).content_length =3D3D3D (content_length ? atoi(content_le= ng=3D th=3D3D ) : 0); +=3D3D09 apr_table_unset(f->r->headers_out, "Content-Length"); apr_table_unset(f->r->headers_out, "Last-Modified"); apr_table_unset(f->r->headers_out, "Expires"); diff -rubB orig/php-4.3.4/sapi/apache2handler/sapi_apache2.c php-4.3.4/sapi= =3D =3D3D /apache2handler/sapi_apache2.c --- orig/php-4.3.4/sapi/apache2handler/sapi_apache2.c 2003-10-02 06:24:43.0= =3D =3D3D 00000000 +0300 +++ php-4.3.4/sapi/apache2handler/sapi_apache2.c 2003-11-19 19:34:52.000000= =3D =3D3D 000 +0200 @@ -414,6 +414,7 @@ static void php_apache_request_ctor(request_rec *r, php_struct *ctx TSRMLS= =3D =3D3D _DC) { char *content_type; + char *content_length; const char *auth; =3D3D20 SG(sapi_headers).http_response_code =3D3D3D !r->status ? HTTP_OK : r->sta= tu=3D s; @@ -428,6 +429,9 @@ ap_set_content_type(r, apr_pstrdup(r->pool, content_type)); efree(content_type); =3D3D20 + content_length =3D3D3D (char *) apr_table_get(f->r->headers_in, "Content-= Le=3D ng=3D3D th"); + SG(request_info).content_length =3D3D3D (content_length ? atoi(content_le= ng=3D th=3D3D ) : 0); + apr_table_unset(r->headers_out, "Content-Length"); apr_table_unset(r->headers_out, "Last-Modified"); apr_table_unset(r->headers_out, "Expires"); --=3D3D3D_dial-30688-1069326812-0001-2 Content-Type: text/plain; charset=3D3D3Dus-ascii Content-Transfer-Encoding: 8bit --=3D3D20 PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php --=3D3D3D_dial-30688-1069326812-0001-2-- --3D-- --3D3D-- --3D3D3D--
--- End Message ---
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
