iliaa Thu May 5 22:13:47 2005 EDT
Modified files:
/php-src/ext/standard http_fopen_wrapper.c
Log:
Fixed bug #32936 (http redirects URLs are not checked for control chars).
http://cvs.php.net/diff.php/php-src/ext/standard/http_fopen_wrapper.c?r1=1.93&r2=1.94&ty=u
Index: php-src/ext/standard/http_fopen_wrapper.c
diff -u php-src/ext/standard/http_fopen_wrapper.c:1.93
php-src/ext/standard/http_fopen_wrapper.c:1.94
--- php-src/ext/standard/http_fopen_wrapper.c:1.93 Mon Sep 27 11:55:04 2004
+++ php-src/ext/standard/http_fopen_wrapper.c Thu May 5 22:13:46 2005
@@ -19,7 +19,7 @@
| Sara Golemon <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: http_fopen_wrapper.c,v 1.93 2004/09/27 15:55:04 hyanantha Exp $ */
+/* $Id: http_fopen_wrapper.c,v 1.94 2005/05/06 02:13:46 iliaa Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -551,6 +551,34 @@
} else {
strlcpy(new_path, location, sizeof(new_path));
}
+
+ php_url_free(resource);
+ /* check for invalid redirection URLs */
+ if ((resource = php_url_parse(new_path)) == NULL) {
+ php_stream_wrapper_log_error(wrapper, options
TSRMLS_CC, "Invalid redirect url! %s", new_path);
+ goto out;
+ }
+
+#define CHECK_FOR_CNTRL_CHARS(val) { \
+ if (val) { \
+ unsigned char *s, *e; \
+ int l; \
+ l = php_url_decode(val, strlen(val)); \
+ s = val; e = s + l; \
+ while (s < e) { \
+ if (iscntrl(*s)) { \
+ php_stream_wrapper_log_error(wrapper, options
TSRMLS_CC, "Invalid redirect url! %s", new_path); \
+ goto out; \
+ } \
+ s++; \
+ } \
+ } \
+} \
+ /* check for control characters in login, password &
path */
+ CHECK_FOR_CNTRL_CHARS(resource->user)
+ CHECK_FOR_CNTRL_CHARS(resource->pass)
+ CHECK_FOR_CNTRL_CHARS(resource->path)
+
stream = php_stream_url_wrap_http_ex(wrapper, new_path,
mode, options, opened_path, context, --redirect_max, 0 STREAMS_CC TSRMLS_CC);
if (stream && stream->wrapperdata) {
entryp = &entry;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
