mirror of
https://github.com/php/php-src.git
synced 2024-09-23 02:47:26 +00:00
improve fix for CVE-2012-1823
This commit is contained in:
parent
2068419ae5
commit
000e84aa88
@ -1561,10 +1561,15 @@ int main(int argc, char *argv[])
|
||||
}
|
||||
}
|
||||
|
||||
if(query_string = getenv("QUERY_STRING")) {
|
||||
if((query_string = getenv("QUERY_STRING")) != NULL && strchr(query_string, '=') == NULL) {
|
||||
/* we've got query string that has no = - apache CGI will pass it to command line */
|
||||
unsigned char *p;
|
||||
decoded_query_string = strdup(query_string);
|
||||
php_url_decode(decoded_query_string, strlen(decoded_query_string));
|
||||
if(*decoded_query_string == '-' && strchr(decoded_query_string, '=') == NULL) {
|
||||
for (p = decoded_query_string; *p && *p <= ' '; p++) {
|
||||
/* skip all leading spaces */
|
||||
}
|
||||
if(*p == '-') {
|
||||
skip_getopt = 1;
|
||||
}
|
||||
free(decoded_query_string);
|
||||
@ -1819,7 +1824,7 @@ consult the installation file that came with this distribution, or visit \n\
|
||||
}
|
||||
|
||||
zend_first_try {
|
||||
while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 1, 2)) != -1) {
|
||||
while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 1, 2)) != -1) {
|
||||
switch (c) {
|
||||
case 'T':
|
||||
benchmark = 1;
|
||||
|
Loading…
Reference in New Issue
Block a user