iliaa Thu Aug 10 14:40:13 2006 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/standard string.c /php-src/ext/curl interface.c streams.c Log: Fixed overflow on 64bit systems in str_repeat() and wordwrap(). Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are enabled. # Patches by Stefan E. http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.10&r2=1.445.2.14.2.11&diff_format=u Index: php-src/ext/standard/string.c diff -u php-src/ext/standard/string.c:1.445.2.14.2.10 php-src/ext/standard/string.c:1.445.2.14.2.11 --- php-src/ext/standard/string.c:1.445.2.14.2.10 Tue Aug 8 10:22:25 2006 +++ php-src/ext/standard/string.c Thu Aug 10 14:40:12 2006 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: string.c,v 1.445.2.14.2.10 2006/08/08 10:22:25 tony2001 Exp $ */ +/* $Id: string.c,v 1.445.2.14.2.11 2006/08/10 14:40:12 iliaa Exp $ */ /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */ @@ -634,7 +634,8 @@ { const char *text, *breakchar = "\n"; char *newtext; - int textlen, breakcharlen = 1, newtextlen, alloced, chk; + int textlen, breakcharlen = 1, newtextlen, chk; + size_t alloced; long current = 0, laststart = 0, lastspace = 0; long linelength = 75; zend_bool docut = 0; @@ -4265,7 +4266,7 @@ zval **input_str; /* Input string */ zval **mult; /* Multiplier */ char *result; /* Resulting string */ - int result_len; /* Length of the resulting string */ + size_t result_len; /* Length of the resulting string */ if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &input_str, &mult) == FAILURE) { WRONG_PARAM_COUNT; @@ -4290,11 +4291,7 @@ /* Initialize the result string */ result_len = Z_STRLEN_PP(input_str) * Z_LVAL_PP(mult); - if (result_len < 1 || result_len > 2147483647) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "You may not create strings longer than 2147483647 bytes"); - RETURN_FALSE; - } - result = (char *)emalloc(result_len + 1); + result = (char *)safe_emalloc(Z_STRLEN_PP(input_str), Z_LVAL_PP(mult), 1); /* Heavy optimization for situations where input string is 1 byte long */ if (Z_STRLEN_PP(input_str) == 1) { http://cvs.php.net/viewvc.cgi/php-src/ext/curl/interface.c?r1=1.62.2.14.2.6&r2=1.62.2.14.2.7&diff_format=u Index: php-src/ext/curl/interface.c diff -u php-src/ext/curl/interface.c:1.62.2.14.2.6 php-src/ext/curl/interface.c:1.62.2.14.2.7 --- php-src/ext/curl/interface.c:1.62.2.14.2.6 Tue Jul 4 20:12:38 2006 +++ php-src/ext/curl/interface.c Thu Aug 10 14:40:13 2006 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: interface.c,v 1.62.2.14.2.6 2006/07/04 20:12:38 iliaa Exp $ */ +/* $Id: interface.c,v 1.62.2.14.2.7 2006/08/10 14:40:13 iliaa Exp $ */ #define ZEND_INCLUDE_FULL_WINDOWS_HEADERS @@ -1168,7 +1168,6 @@ case CURLOPT_FTPLISTONLY: case CURLOPT_FTPAPPEND: case CURLOPT_NETRC: - case CURLOPT_FOLLOWLOCATION: case CURLOPT_PUT: #if CURLOPT_MUTE != 0 case CURLOPT_MUTE: @@ -1219,6 +1218,16 @@ convert_to_long_ex(zvalue); error = curl_easy_setopt(ch->cp, option, Z_LVAL_PP(zvalue)); break; + case CURLOPT_FOLLOWLOCATION: + convert_to_long_ex(zvalue); + if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) { + if (Z_LVAL_PP(zvalue) != 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set"); + RETURN_FALSE; + } + } + error = curl_easy_setopt(ch->cp, option, Z_LVAL_PP(zvalue)); + break; case CURLOPT_URL: case CURLOPT_PROXY: case CURLOPT_USERPWD: http://cvs.php.net/viewvc.cgi/php-src/ext/curl/streams.c?r1=1.14.2.2.2.3&r2=1.14.2.2.2.4&diff_format=u Index: php-src/ext/curl/streams.c diff -u php-src/ext/curl/streams.c:1.14.2.2.2.3 php-src/ext/curl/streams.c:1.14.2.2.2.4 --- php-src/ext/curl/streams.c:1.14.2.2.2.3 Tue Aug 1 13:28:03 2006 +++ php-src/ext/curl/streams.c Thu Aug 10 14:40:13 2006 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: streams.c,v 1.14.2.2.2.3 2006/08/01 13:28:03 tony2001 Exp $ */ +/* $Id: streams.c,v 1.14.2.2.2.4 2006/08/10 14:40:13 iliaa Exp $ */ /* This file implements cURL based wrappers. * NOTE: If you are implementing your own streams that are intended to @@ -349,11 +349,19 @@ } } if (mr > 1) { - curl_easy_setopt(curlstream->curl, CURLOPT_FOLLOWLOCATION, 1L); + if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) { + curl_easy_setopt(curlstream->curl, CURLOPT_FOLLOWLOCATION, 1); + } else { + curl_easy_setopt(curlstream->curl, CURLOPT_FOLLOWLOCATION, 0); + } curl_easy_setopt(curlstream->curl, CURLOPT_MAXREDIRS, mr); } } else { - curl_easy_setopt(curlstream->curl, CURLOPT_FOLLOWLOCATION, 1L); + if ((PG(open_basedir) && *PG(open_basedir)) || PG(safe_mode)) { + curl_easy_setopt(curlstream->curl, CURLOPT_FOLLOWLOCATION, 1); + } else { + curl_easy_setopt(curlstream->curl, CURLOPT_FOLLOWLOCATION, 0); + } curl_easy_setopt(curlstream->curl, CURLOPT_MAXREDIRS, 20L); } }
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php