main php_variables.c

Ilia Alshanetsky Sun, 24 Apr 2005 10:53:08 -0700

iliaa           Sun Apr 24 13:52:58 2005 EDT

  Modified files:              (Branch: PHP_5_0)
    /php-src    NEWS 
    /php-src/main       php_variables.c 
  Log:
  MFH: Fixed bug #32802 (General cookie overrides more specific cookie).
  
  
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1760.2.341&r2=1.1760.2.342&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1760.2.341 php-src/NEWS:1.1760.2.342
--- php-src/NEWS:1.1760.2.341   Sun Apr 24 10:48:38 2005
+++ php-src/NEWS        Sun Apr 24 13:52:57 2005
@@ -7,6 +7,7 @@
 - Changed sha1_file() and md5_file() functions to use streams instead of
   low level IO. (Uwe)
 - Fixed memory corruption in ImageTTFText() with 64bit systems. (Andrey)
+- Fixed bug #32802 (General cookie overrides more specific cookie). (Ilia)
 - Fixed bug #32776 (SOAP doesn't support one-way operations). (Dmitry)
 - Fixed bug #32759 (incorrect determination of default value (COM)). (Wez)
 - Fixed bug #32758 (Cannot access safearray properties in VB6 objects). (Wez)
http://cvs.php.net/diff.php/php-src/main/php_variables.c?r1=1.81.2.5&r2=1.81.2.6&ty=u
Index: php-src/main/php_variables.c
diff -u php-src/main/php_variables.c:1.81.2.5 
php-src/main/php_variables.c:1.81.2.6
--- php-src/main/php_variables.c:1.81.2.5       Sat Apr 23 16:34:23 2005
+++ php-src/main/php_variables.c        Sun Apr 24 13:52:58 2005
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: php_variables.c,v 1.81.2.5 2005/04/23 20:34:23 sniper Exp $ */
+/* $Id: php_variables.c,v 1.81.2.6 2005/04/24 17:52:58 iliaa Exp $ */
 
 #include <stdio.h>
 #include "php.h"
@@ -186,7 +186,19 @@
                        if (!index) {
                                zend_hash_next_index_insert(symtable1, 
&gpc_element, sizeof(zval *), (void **) &gpc_element_p);
                        } else {
+                               zval *tmp;
                                char *escaped_index = php_addslashes(index, 
index_len, &index_len, 0 TSRMLS_CC);
+                               /* 
+                                * According to rfc2965, more specific paths 
are listed above the less specific ones.
+                                * If we encounter a duplicate cookie name, we 
should skip it, since it is not possible
+                                * to have the same (plain text) cookie name 
for the same path and we should not overwrite
+                                * more specific cookies with the less specific 
ones.
+                                */
+                               if (PG(http_globals)[TRACK_VARS_COOKIE] && 
symtable1 == Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) && 
+                                       zend_symtable_find(symtable1, 
escaped_index, index_len+1, (void **) &tmp) != FAILURE) {
+                                       efree(escaped_index);
+                                       break;
+                               }
                                zend_symtable_update(symtable1, escaped_index, 
index_len+1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
                                efree(escaped_index);
                        }


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_0) / NEWS /main php_variables.c

Reply via email to