clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-23 02:47:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

improve fix for CVE-2012-1823

Browse Source
This commit is contained in:
Stanislav Malyshev 2012-05-07 12:08:36 -07:00
parent 2068419ae5
commit 000e84aa88
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
sapi/cgi/cgi_main.c
View File

@ -1561,10 +1561,15 @@ int main(int argc, char *argv[])
} }
} }
if(query_string = getenv("QUERY_STRING")) { if((query_string = getenv("QUERY_STRING")) != NULL && strchr(query_string, '=') == NULL) {
/* we've got query string that has no = - apache CGI will pass it to command line */
unsigned char *p;
decoded_query_string = strdup(query_string); decoded_query_string = strdup(query_string);
php_url_decode(decoded_query_string, strlen(decoded_query_string)); php_url_decode(decoded_query_string, strlen(decoded_query_string));
if(*decoded_query_string == '-' && strchr(decoded_query_string, '=') == NULL) { for (p = decoded_query_string; *p && *p <= ' '; p++) {
/* skip all leading spaces */
}
if(*p == '-') {
skip_getopt = 1; skip_getopt = 1;
} }
free(decoded_query_string); free(decoded_query_string);
@ -1819,7 +1824,7 @@ consult the installation file that came with this distribution, or visit \n\
} }
zend_first_try { zend_first_try {
while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 1, 2)) != -1) { while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 1, 2)) != -1) {
switch (c) { switch (c) {
case 'T': case 'T':
benchmark = 1; benchmark = 1;