standard ftp_fopen_wrapper.c

Stefan Esser Mon, 27 Jun 2005 01:17:05 -0700

sesser          Mon Jun 27 04:16:44 2005 EDT

  Modified files:              (Branch: PHP_5_0)
    /php-src/ext/standard       ftp_fopen_wrapper.c 
  Log:
  MFH: also check password
  
  
  
http://cvs.php.net/diff.php/php-src/ext/standard/ftp_fopen_wrapper.c?r1=1.74.2.6&r2=1.74.2.7&ty=u
Index: php-src/ext/standard/ftp_fopen_wrapper.c
diff -u php-src/ext/standard/ftp_fopen_wrapper.c:1.74.2.6 
php-src/ext/standard/ftp_fopen_wrapper.c:1.74.2.7
--- php-src/ext/standard/ftp_fopen_wrapper.c:1.74.2.6   Sat May  7 12:07:36 2005
+++ php-src/ext/standard/ftp_fopen_wrapper.c    Mon Jun 27 04:16:42 2005
@@ -18,7 +18,7 @@
    |          Sara Golemon <[EMAIL PROTECTED]>                              |
    +----------------------------------------------------------------------+
  */
-/* $Id: ftp_fopen_wrapper.c,v 1.74.2.6 2005/05/07 16:07:36 iliaa Exp $ */
+/* $Id: ftp_fopen_wrapper.c,v 1.74.2.7 2005/06/27 08:16:42 sesser Exp $ */
 
 #include "php.h"
 #include "php_globals.h"
@@ -113,7 +113,7 @@
 {
        php_stream *stream = NULL, *reuseid = NULL;
        php_url *resource = NULL;
-       int result, use_ssl, use_ssl_on_data = 0;
+       int result, use_ssl, use_ssl_on_data = 0, tmp_len;
        char *scratch;
        char tmp_line[512];
 
@@ -206,23 +206,24 @@
 #endif
        }
 
+#define PHP_FTP_CNTRL_CHK(val, val_len, err_msg) {     \
+       unsigned char *s = val, *e = s + val_len;       \
+       while (s < e) { \
+               if (iscntrl(*s)) {      \
+                       php_stream_wrapper_log_error(wrapper, options 
TSRMLS_CC, err_msg, val); \
+                       goto connect_errexit;   \
+               }       \
+               s++;    \
+       }       \
+}
+
        /* send the user name */
        php_stream_write_string(stream, "USER ");
        if (resource->user != NULL) {
-               unsigned char *s, *e;
-               int user_len = php_raw_url_decode(resource->user, 
strlen(resource->user));
-               
-               s = resource->user;
-               e = s + user_len;
-               /* check for control characters that should not be present in 
the user name */
-               while (s < e) {
-                       if (iscntrl(*s)) {
-                               php_stream_wrapper_log_error(wrapper, options 
TSRMLS_CC, "Invalid login %s", resource->user);
-                               goto connect_errexit;
-                       }
-                       s++;
-               }
-               
+               tmp_len = php_raw_url_decode(resource->user, 
strlen(resource->user));
+
+               PHP_FTP_CNTRL_CHK(resource->user, tmp_len, "Invalid login %s")
+
                php_stream_write_string(stream, resource->user);
        } else {
                php_stream_write_string(stream, "anonymous");
@@ -238,7 +239,10 @@
 
                php_stream_write_string(stream, "PASS ");
                if (resource->pass != NULL) {
-                       php_raw_url_decode(resource->pass, 
strlen(resource->pass));
+                       tmp_len = php_raw_url_decode(resource->pass, 
strlen(resource->pass));
+
+                       PHP_FTP_CNTRL_CHK(resource->pass, tmp_len, "Invalid 
password %s")
+
                        php_stream_write_string(stream, resource->pass);
                } else {
                        /* if the user has configured who they are,


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_0) /ext/standard ftp_fopen_wrapper.c

Reply via email to