apache mod_php5.c

Rasmus Lerdorf Mon, 17 Mar 2008 11:03:44 -0700

rasmus          Mon Mar 17 18:03:31 2008 UTC

  Modified files:              (Branch: PHP_5_3)
    /php-src/sapi/apache        mod_php5.c 
  Log:
  We need to pass PHP-managed pointers to filter here to avoid having
  emalloc'ed data assigned to things like r->uri and having it get efree()'ed
  on request shutdown which then means that if the Apache logging module
  tries to log r->uri it would be reading from free'ed memory.  So a simple
  estrdup before the filter call takes care of that.
  
  
http://cvs.php.net/viewvc.cgi/php-src/sapi/apache/mod_php5.c?r1=1.19.2.7.2.13.2.2&r2=1.19.2.7.2.13.2.3&diff_format=u
Index: php-src/sapi/apache/mod_php5.c
diff -u php-src/sapi/apache/mod_php5.c:1.19.2.7.2.13.2.2 
php-src/sapi/apache/mod_php5.c:1.19.2.7.2.13.2.3
--- php-src/sapi/apache/mod_php5.c:1.19.2.7.2.13.2.2    Sun Mar 16 21:06:54 2008
+++ php-src/sapi/apache/mod_php5.c      Mon Mar 17 18:03:31 2008
@@ -17,7 +17,7 @@
    | PHP 4.0 patches by Zeev Suraski <[EMAIL PROTECTED]>                      |
    +----------------------------------------------------------------------+
  */
-/* $Id: mod_php5.c,v 1.19.2.7.2.13.2.2 2008/03/16 21:06:54 helly Exp $ */
+/* $Id: mod_php5.c,v 1.19.2.7.2.13.2.3 2008/03/17 18:03:31 rasmus Exp $ */
 
 #include "php_apache_http.h"
 #include "http_conf_globals.h"
@@ -243,14 +243,12 @@
        table_entry *elts = (table_entry *) arr->elts;
        zval **path_translated;
        HashTable *symbol_table;
-       int new_val_len;
+       int val_len, new_val_len;
+       char *val;
 
        for (i = 0; i < arr->nelts; i++) {
-               char *val;
-               int val_len;
-
                if (elts[i].val) {
-                       val = elts[i].val;
+                       val = estrdup(elts[i].val);
                } else {
                        val = "";
                }
@@ -275,8 +273,9 @@
                php_register_variable("PATH_TRANSLATED", 
Z_STRVAL_PP(path_translated), track_vars_array TSRMLS_CC);
        }
 
-       if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &((request_rec 
*) SG(server_context))->uri, strlen(((request_rec *) SG(server_context))->uri), 
&new_val_len TSRMLS_CC)) {
-               php_register_variable("PHP_SELF", ((request_rec *) 
SG(server_context))->uri, track_vars_array TSRMLS_CC);
+       val = estrdup(((request_rec *)SG(server_context))->uri);
+       if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", val, 
strlen(val), &new_val_len TSRMLS_CC)) {
+               php_register_variable_safe("PHP_SELF", val, new_val_len, 
track_vars_array TSRMLS_CC);
        }
 }
 /* }}} */




-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src(PHP_5_3) /sapi/apache mod_php5.c

Reply via email to