mirror of
https://github.com/php/php-src.git
synced 2024-09-22 18:37:25 +00:00
Verified $HTTP_*[] protection
This commit is contained in:
parent
ece1369191
commit
5222c8872d
@ -44,10 +44,8 @@
|
||||
#define PARSING_MODE_BROWSCAP 1
|
||||
|
||||
static HashTable configuration_hash;
|
||||
#ifndef THREAD_SAFE
|
||||
extern HashTable browser_hash;
|
||||
PHPAPI extern char *php_ini_path;
|
||||
#endif
|
||||
static HashTable *active_hash_table;
|
||||
static zval *current_section;
|
||||
static char *currently_parsed_filename;
|
||||
@ -428,7 +426,7 @@ statement:
|
||||
free($1.value.str.val);
|
||||
}
|
||||
| TC_STRING { free($1.value.str.val); }
|
||||
| EXTENSION '=' string_foo {
|
||||
| EXTENSION '=' cfg_string {
|
||||
zval dummy;
|
||||
#if DEBUG_CFG_PARSER
|
||||
printf("Loading '%s'\n",$3.value.str.val);
|
||||
@ -436,25 +434,25 @@ statement:
|
||||
|
||||
php_dl(&$3,MODULE_PERSISTENT,&dummy);
|
||||
}
|
||||
| T_ZEND_EXTENSION '=' string_foo {
|
||||
| T_ZEND_EXTENSION '=' cfg_string {
|
||||
#if !defined(ZTS) && !ZEND_DEBUG
|
||||
zend_load_extension($3.value.str.val);
|
||||
#endif
|
||||
free($3.value.str.val);
|
||||
}
|
||||
| T_ZEND_EXTENSION_TS '=' string_foo {
|
||||
| T_ZEND_EXTENSION_TS '=' cfg_string {
|
||||
#if defined(ZTS) && !ZEND_DEBUG
|
||||
zend_load_extension($3.value.str.val);
|
||||
#endif
|
||||
free($3.value.str.val);
|
||||
}
|
||||
| T_ZEND_EXTENSION_DEBUG '=' string_foo {
|
||||
| T_ZEND_EXTENSION_DEBUG '=' cfg_string {
|
||||
#if !defined(ZTS) && ZEND_DEBUG
|
||||
zend_load_extension($3.value.str.val);
|
||||
#endif
|
||||
free($3.value.str.val);
|
||||
}
|
||||
| T_ZEND_EXTENSION_DEBUG_TS '=' string_foo {
|
||||
| T_ZEND_EXTENSION_DEBUG_TS '=' cfg_string {
|
||||
#if defined(ZTS) && ZEND_DEBUG
|
||||
zend_load_extension($3.value.str.val);
|
||||
#endif
|
||||
@ -488,7 +486,7 @@ statement:
|
||||
;
|
||||
|
||||
|
||||
string_foo:
|
||||
cfg_string:
|
||||
TC_STRING { $$ = $1; }
|
||||
| TC_ENCAPSULATED_STRING { $$ = $1; }
|
||||
;
|
||||
|
12
main/main.c
12
main/main.c
@ -1001,22 +1001,22 @@ static int php_hash_environment(ELS_D SLS_DC PLS_DC)
|
||||
}
|
||||
|
||||
if (PG(http_globals).post) {
|
||||
zend_hash_add_ptr(&EG(symbol_table), "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"), PG(http_globals).post, sizeof(zval *), NULL);
|
||||
zend_hash_update_ptr(&EG(symbol_table), "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"), PG(http_globals).post, sizeof(zval *), NULL);
|
||||
}
|
||||
if (PG(http_globals).get) {
|
||||
zend_hash_add_ptr(&EG(symbol_table), "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"), PG(http_globals).get, sizeof(zval *), NULL);
|
||||
zend_hash_update_ptr(&EG(symbol_table), "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"), PG(http_globals).get, sizeof(zval *), NULL);
|
||||
}
|
||||
if (PG(http_globals).cookie) {
|
||||
zend_hash_add_ptr(&EG(symbol_table), "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"), PG(http_globals).cookie, sizeof(zval *), NULL);
|
||||
zend_hash_update_ptr(&EG(symbol_table), "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"), PG(http_globals).cookie, sizeof(zval *), NULL);
|
||||
}
|
||||
if (PG(http_globals).server) {
|
||||
zend_hash_add_ptr(&EG(symbol_table), "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS"), PG(http_globals).server, sizeof(zval *), NULL);
|
||||
zend_hash_update_ptr(&EG(symbol_table), "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS"), PG(http_globals).server, sizeof(zval *), NULL);
|
||||
}
|
||||
if (PG(http_globals).environment) {
|
||||
zend_hash_add_ptr(&EG(symbol_table), "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"), PG(http_globals).environment, sizeof(zval *), NULL);
|
||||
zend_hash_update_ptr(&EG(symbol_table), "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"), PG(http_globals).environment, sizeof(zval *), NULL);
|
||||
}
|
||||
if (PG(http_globals).post_files) {
|
||||
zend_hash_add_ptr(&EG(symbol_table), "HTTP_POST_FILES", sizeof("HTTP_POST_FILES"), PG(http_globals).post_files, sizeof(zval *),NULL);
|
||||
zend_hash_update_ptr(&EG(symbol_table), "HTTP_POST_FILES", sizeof("HTTP_POST_FILES"), PG(http_globals).post_files, sizeof(zval *),NULL);
|
||||
}
|
||||
|
||||
return SUCCESS;
|
||||
|
Loading…
Reference in New Issue
Block a user