tony2001 Mon Jun 19 17:49:26 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/sapi/cgi cgi_main.c
Log:
MFH: plug leak in CGI SAPI when running scripts with query string in console
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.7&r2=1.267.2.15.2.8&diff_format=u
Index: php-src/sapi/cgi/cgi_main.c
diff -u php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.7
php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.8
--- php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.7 Mon Jun 19 11:39:02 2006
+++ php-src/sapi/cgi/cgi_main.c Mon Jun 19 17:49:26 2006
@@ -21,7 +21,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: cgi_main.c,v 1.267.2.15.2.7 2006/06/19 11:39:02 tony2001 Exp $ */
+/* $Id: cgi_main.c,v 1.267.2.15.2.8 2006/06/19 17:49:26 tony2001 Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -973,6 +973,7 @@
*/
int main(int argc, char *argv[])
{
+ int free_query_string = 0;
int exit_status = SUCCESS;
int cgi = 0, c, i, len;
zend_file_handle file_handle;
@@ -1503,7 +1504,7 @@
len += strlen(argv[i]) + 1;
}
- s = malloc(len + 1); /* leak - but only for
command line version, so ok */
+ s = malloc(len + 1);
*s = '\0'; /* we are
pretending it came from the environment */
for (i = php_optind, len = 0; i < argc; i++) {
strcat(s, argv[i]);
@@ -1512,6 +1513,7 @@
}
}
SG(request_info).query_string = s;
+ free_query_string = 1;
}
} /* end !cgi && !fastcgi */
@@ -1671,6 +1673,11 @@
free(SG(request_info).path_translated);
SG(request_info).path_translated = NULL;
}
+ if (free_query_string && SG(request_info).query_string)
{
+ free(SG(request_info).query_string);
+ SG(request_info).query_string = NULL;
+ }
+
}
#if PHP_FASTCGI
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
