From: [EMAIL PROTECTED]
Operating system:
PHP version: 4.1.2
PHP Bug Type: Unknown/Other Function
Bug description: Bugs found in rfc1867.c by source inspection
The following was found by source code inspection:
You can't add 1 to the result of a memchr() and then
still expect to be able to check for a NULL result.
Regards,
Wolfram.
--- php4-4.1.2/main/rfc1867.c.orig Thu Feb 21 19:46:45 2002
+++ php4-4.1.2/main/rfc1867.c Sun Mar 3 22:11:42 2002
@@ -162,15 +162,15 @@
SAFE_RETURN;
}
/* some other headerfield found,
skip it
*/
- loc = (char *) memchr(ptr, '\n',
rem)+1;
+ loc = (char *) memchr(ptr, '\n',
rem);
if (!loc) {
/* broken */
php_error(E_WARNING, "File
Uploa
d Mime headers garbled ptr: [%c%c%c%c%c]", *ptr, *(ptr + 1), *(ptr + 2),
*(ptr +
3), *(ptr + 4));
SAFE_RETURN;
}
- while (*loc == ' ' || *loc ==
'\t') {
+ while (*++loc == ' ' || *loc ==
'\t') {
/* other field is folded,
skip i
t */
- loc = (char *) memchr(loc,
'\n',
rem-(loc-ptr))+1;
+ loc = (char *) memchr(loc,
'\n',
rem-(loc-ptr));
if (!loc) {
/* broken */
php_error(E_WARNING, "Fi
le Upload Mime headers garbled ptr: [%c%c%c%c%c]", *ptr, *(ptr + 1), *(ptr
+ 2),
*(ptr + 3), *(ptr + 4));
--
Edit bug report at http://bugs.php.net/?id=15849&edit=1
--
Fixed in CVS: http://bugs.php.net/fix.php?id=15849&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=15849&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=15849&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=15849&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=15849&r=support
Expected behavior: http://bugs.php.net/fix.php?id=15849&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=15849&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=15849&r=submittedtwice
