Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
php5.10310
php-CVE-2015-4024.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2015-4024.patch of Package php5.10310
-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=main%2Frfc1867.c;h=9e2fbd52ebc79ee0ea895146c58fd49e9376b9c3;hp=fab199b543aa81534728ed31598aabe76fd463f0;hb=4605d536d23b00813d11cc906bb48d39bdcf5f25;hpb=c27f012b7a447e59d4a704688971cbfa7dddaa74 Index: main/rfc1867.c =================================================================== --- main/rfc1867.c.orig 2015-05-21 12:31:30.722080741 +0200 +++ main/rfc1867.c 2015-05-21 12:31:30.962084153 +0200 @@ -33,6 +33,7 @@ #include "php_variables.h" #include "rfc1867.h" #include "ext/standard/php_string.h" +#include "ext/standard/php_smart_str.h" #define DEBUG_FILE_UPLOAD ZEND_DEBUG @@ -398,8 +399,9 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header TSRMLS_DC) { char *line; - mime_header_entry prev_entry = {0}, entry; - int prev_len, cur_len; + mime_header_entry entry = {0}; + smart_str buf_value = {0}; + char *key = NULL; /* didn't find boundary, abort */ if (!find_boundary(self, self->boundary TSRMLS_CC)) { @@ -411,11 +413,10 @@ while( (line = get_line(self TSRMLS_CC)) && line[0] != '\0' ) { /* add header to table */ - char *key = line; char *value = NULL; if (php_rfc1867_encoding_translation(TSRMLS_C)) { - self->input_encoding = zend_multibyte_encoding_detector(line, strlen(line), self->detect_order, self->detect_order_size TSRMLS_CC); + self->input_encoding = zend_multibyte_encoding_detector((unsigned char *)line, strlen(line), self->detect_order, self->detect_order_size TSRMLS_CC); } /* space in the beginning means same header */ @@ -424,31 +425,33 @@ } if (value) { - *value = 0; - do { value++; } while(isspace(*value)); - - entry.value = estrdup(value); - entry.key = estrdup(key); - - } else if (zend_llist_count(header)) { /* If no ':' on the line, add to previous line */ - - prev_len = strlen(prev_entry.value); - cur_len = strlen(line); + if(buf_value.c && key) { + /* new entry, add the old one to the list */ + smart_str_0(&buf_value); + entry.key = key; + entry.value = buf_value.c; + zend_llist_add_element(header, &entry); + buf_value.c = NULL; + key = NULL; + } - entry.value = emalloc(prev_len + cur_len + 1); - memcpy(entry.value, prev_entry.value, prev_len); - memcpy(entry.value + prev_len, line, cur_len); - entry.value[cur_len + prev_len] = '\0'; - - entry.key = estrdup(prev_entry.key); + *value = '\0'; + do { value++; } while(isspace(*value)); - zend_llist_remove_tail(header); + key = estrdup(line); + smart_str_appends(&buf_value, value); + } else if (buf_value.c) { /* If no ':' on the line, add to previous line */ + smart_str_appends(&buf_value, line); } else { continue; } - + } + if(buf_value.c && key) { + /* add the last one to the list */ + smart_str_0(&buf_value); + entry.key = key; + entry.value = buf_value.c; zend_llist_add_element(header, &entry); - prev_entry = entry; } return 1;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor