tony2001 Mon Jun 19 17:49:26 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/sapi/cgi cgi_main.c Log: MFH: plug leak in CGI SAPI when running scripts with query string in console http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.7&r2=1.267.2.15.2.8&diff_format=u Index: php-src/sapi/cgi/cgi_main.c diff -u php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.7 php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.8 --- php-src/sapi/cgi/cgi_main.c:1.267.2.15.2.7 Mon Jun 19 11:39:02 2006 +++ php-src/sapi/cgi/cgi_main.c Mon Jun 19 17:49:26 2006 @@ -21,7 +21,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: cgi_main.c,v 1.267.2.15.2.7 2006/06/19 11:39:02 tony2001 Exp $ */ +/* $Id: cgi_main.c,v 1.267.2.15.2.8 2006/06/19 17:49:26 tony2001 Exp $ */ #include "php.h" #include "php_globals.h" @@ -973,6 +973,7 @@ */ int main(int argc, char *argv[]) { + int free_query_string = 0; int exit_status = SUCCESS; int cgi = 0, c, i, len; zend_file_handle file_handle; @@ -1503,7 +1504,7 @@ len += strlen(argv[i]) + 1; } - s = malloc(len + 1); /* leak - but only for command line version, so ok */ + s = malloc(len + 1); *s = '\0'; /* we are pretending it came from the environment */ for (i = php_optind, len = 0; i < argc; i++) { strcat(s, argv[i]); @@ -1512,6 +1513,7 @@ } } SG(request_info).query_string = s; + free_query_string = 1; } } /* end !cgi && !fastcgi */ @@ -1671,6 +1673,11 @@ free(SG(request_info).path_translated); SG(request_info).path_translated = NULL; } + if (free_query_string && SG(request_info).query_string) { + free(SG(request_info).query_string); + SG(request_info).query_string = NULL; + } + } #if PHP_FASTCGI
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php