mirror of
https://github.com/php/php-src.git
synced 2024-09-22 02:17:32 +00:00
Removed shebang line check from CGI sapi (it is checked by scanner)
This commit is contained in:
parent
874b456078
commit
7355c3c54c
2
NEWS
2
NEWS
@ -1,6 +1,8 @@
|
||||
PHP NEWS
|
||||
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||
?? ??? 200?, PHP 5.3.0 Alpha 2
|
||||
- Removed shebang line check from CGI sapi (it is checked by scanner) (Dmitry)
|
||||
|
||||
- Fixed bug #45696 (Not all DateTime methods allow method chaining). (Derick)
|
||||
- Fixed bug #45545 (DateInterval has a limitation of 4 chars for ISO
|
||||
durations). (Derick)
|
||||
|
@ -326,12 +326,9 @@ static FILE *php_fopen_and_set_opened_path(const char *path, const char *mode, c
|
||||
*/
|
||||
PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
|
||||
{
|
||||
FILE *fp;
|
||||
#ifndef PHP_WIN32
|
||||
struct stat st;
|
||||
#endif
|
||||
char *path_info, *filename;
|
||||
int length;
|
||||
zend_bool orig_display_errors;
|
||||
|
||||
filename = SG(request_info).path_translated;
|
||||
path_info = SG(request_info).request_uri;
|
||||
@ -398,6 +395,8 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
|
||||
}
|
||||
} /* if doc_root && path_info */
|
||||
|
||||
filename = zend_resolve_path(filename, strlen(filename) TSRMLS_CC);
|
||||
|
||||
if (!filename) {
|
||||
/* we have to free SG(request_info).path_translated here because
|
||||
* php_destroy_request_info assumes that it will get
|
||||
@ -406,31 +405,20 @@ PHPAPI int php_fopen_primary_script(zend_file_handle *file_handle TSRMLS_DC)
|
||||
STR_FREE(SG(request_info).path_translated);
|
||||
SG(request_info).path_translated = NULL;
|
||||
return FAILURE;
|
||||
} else {
|
||||
STR_FREE(SG(request_info).path_translated);
|
||||
SG(request_info).path_translated = filename;
|
||||
}
|
||||
fp = VCWD_FOPEN(filename, "rb");
|
||||
|
||||
#ifndef PHP_WIN32
|
||||
/* refuse to open anything that is not a regular file */
|
||||
if (fp && (0 > fstat(fileno(fp), &st) || !S_ISREG(st.st_mode))) {
|
||||
fclose(fp);
|
||||
fp = NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (!fp) {
|
||||
orig_display_errors = PG(display_errors);
|
||||
PG(display_errors) = 0;
|
||||
if (zend_stream_open(filename, file_handle TSRMLS_CC) == FAILURE) {
|
||||
PG(display_errors) = orig_display_errors;
|
||||
STR_FREE(SG(request_info).path_translated); /* for same reason as above */
|
||||
SG(request_info).path_translated = NULL;
|
||||
return FAILURE;
|
||||
}
|
||||
|
||||
file_handle->opened_path = expand_filepath(filename, NULL TSRMLS_CC);
|
||||
|
||||
SG(request_info).path_translated = filename;
|
||||
|
||||
file_handle->filename = SG(request_info).path_translated;
|
||||
file_handle->free_filename = 0;
|
||||
file_handle->handle.fp = fp;
|
||||
file_handle->type = ZEND_HANDLE_FP;
|
||||
PG(display_errors) = orig_display_errors;
|
||||
|
||||
return SUCCESS;
|
||||
}
|
||||
|
@ -150,7 +150,6 @@ static const opt_struct OPTIONS[] = {
|
||||
typedef struct _php_cgi_globals_struct {
|
||||
zend_bool rfc2616_headers;
|
||||
zend_bool nph;
|
||||
zend_bool check_shebang_line;
|
||||
zend_bool fix_pathinfo;
|
||||
zend_bool force_redirect;
|
||||
zend_bool discard_path;
|
||||
@ -1284,7 +1283,6 @@ void fastcgi_cleanup(int signal)
|
||||
PHP_INI_BEGIN()
|
||||
STD_PHP_INI_ENTRY("cgi.rfc2616_headers", "0", PHP_INI_ALL, OnUpdateBool, rfc2616_headers, php_cgi_globals_struct, php_cgi_globals)
|
||||
STD_PHP_INI_ENTRY("cgi.nph", "0", PHP_INI_ALL, OnUpdateBool, nph, php_cgi_globals_struct, php_cgi_globals)
|
||||
STD_PHP_INI_ENTRY("cgi.check_shebang_line", "1", PHP_INI_SYSTEM, OnUpdateBool, check_shebang_line, php_cgi_globals_struct, php_cgi_globals)
|
||||
STD_PHP_INI_ENTRY("cgi.force_redirect", "1", PHP_INI_SYSTEM, OnUpdateBool, force_redirect, php_cgi_globals_struct, php_cgi_globals)
|
||||
STD_PHP_INI_ENTRY("cgi.redirect_status_env", NULL, PHP_INI_SYSTEM, OnUpdateString, redirect_status_env, php_cgi_globals_struct, php_cgi_globals)
|
||||
STD_PHP_INI_ENTRY("cgi.fix_pathinfo", "1", PHP_INI_SYSTEM, OnUpdateBool, fix_pathinfo, php_cgi_globals_struct, php_cgi_globals)
|
||||
@ -1301,7 +1299,6 @@ static void php_cgi_globals_ctor(php_cgi_globals_struct *php_cgi_globals TSRMLS_
|
||||
{
|
||||
php_cgi_globals->rfc2616_headers = 0;
|
||||
php_cgi_globals->nph = 0;
|
||||
php_cgi_globals->check_shebang_line = 1;
|
||||
php_cgi_globals->force_redirect = 1;
|
||||
php_cgi_globals->redirect_status_env = NULL;
|
||||
php_cgi_globals->fix_pathinfo = 1;
|
||||
@ -1368,7 +1365,6 @@ int main(int argc, char *argv[])
|
||||
int exit_status = SUCCESS;
|
||||
int cgi = 0, c, i, len;
|
||||
zend_file_handle file_handle;
|
||||
int retval = FAILURE;
|
||||
char *s;
|
||||
|
||||
/* temporary locals */
|
||||
@ -1944,65 +1940,37 @@ consult the installation file that came with this distribution, or visit \n\
|
||||
1. we are running from shell and got filename was there
|
||||
2. we are running as cgi or fastcgi
|
||||
*/
|
||||
retval = FAILURE;
|
||||
if (cgi || SG(request_info).path_translated) {
|
||||
if (!php_check_open_basedir(SG(request_info).path_translated TSRMLS_CC)) {
|
||||
retval = php_fopen_primary_script(&file_handle TSRMLS_CC);
|
||||
}
|
||||
}
|
||||
/*
|
||||
if we are unable to open path_translated and we are not
|
||||
running from shell (so fp == NULL), then fail.
|
||||
*/
|
||||
if (retval == FAILURE && file_handle.handle.fp == NULL) {
|
||||
if (errno == EACCES) {
|
||||
SG(sapi_headers).http_response_code = 403;
|
||||
PUTS("Access denied.\n");
|
||||
} else {
|
||||
SG(sapi_headers).http_response_code = 404;
|
||||
PUTS("No input file specified.\n");
|
||||
}
|
||||
/* we want to serve more requests if this is fastcgi
|
||||
so cleanup and continue, request shutdown is
|
||||
handled later */
|
||||
if (fastcgi) {
|
||||
goto fastcgi_request_done;
|
||||
}
|
||||
if (php_fopen_primary_script(&file_handle TSRMLS_CC) == FAILURE) {
|
||||
if (errno == EACCES) {
|
||||
SG(sapi_headers).http_response_code = 403;
|
||||
PUTS("Access denied.\n");
|
||||
} else {
|
||||
SG(sapi_headers).http_response_code = 404;
|
||||
PUTS("No input file specified.\n");
|
||||
}
|
||||
/* we want to serve more requests if this is fastcgi
|
||||
so cleanup and continue, request shutdown is
|
||||
handled later */
|
||||
if (fastcgi) {
|
||||
goto fastcgi_request_done;
|
||||
}
|
||||
|
||||
STR_FREE(SG(request_info).path_translated);
|
||||
STR_FREE(SG(request_info).path_translated);
|
||||
|
||||
if (free_query_string && SG(request_info).query_string) {
|
||||
free(SG(request_info).query_string);
|
||||
SG(request_info).query_string = NULL;
|
||||
}
|
||||
if (free_query_string && SG(request_info).query_string) {
|
||||
free(SG(request_info).query_string);
|
||||
SG(request_info).query_string = NULL;
|
||||
}
|
||||
|
||||
php_request_shutdown((void *) 0);
|
||||
SG(server_context) = NULL;
|
||||
php_module_shutdown(TSRMLS_C);
|
||||
sapi_shutdown();
|
||||
php_request_shutdown((void *) 0);
|
||||
SG(server_context) = NULL;
|
||||
php_module_shutdown(TSRMLS_C);
|
||||
sapi_shutdown();
|
||||
#ifdef ZTS
|
||||
tsrm_shutdown();
|
||||
tsrm_shutdown();
|
||||
#endif
|
||||
return FAILURE;
|
||||
}
|
||||
|
||||
if (CGIG(check_shebang_line) && file_handle.handle.fp && (file_handle.handle.fp != stdin)) {
|
||||
/* #!php support */
|
||||
c = fgetc(file_handle.handle.fp);
|
||||
if (c == '#') {
|
||||
while (c != '\n' && c != '\r') {
|
||||
c = fgetc(file_handle.handle.fp); /* skip to end of line */
|
||||
}
|
||||
/* handle situations where line is terminated by \r\n */
|
||||
if (c == '\r') {
|
||||
if (fgetc(file_handle.handle.fp) != '\n') {
|
||||
long pos = ftell(file_handle.handle.fp);
|
||||
fseek(file_handle.handle.fp, pos - 1, SEEK_SET);
|
||||
}
|
||||
}
|
||||
CG(start_lineno) = 2;
|
||||
} else {
|
||||
rewind(file_handle.handle.fp);
|
||||
return FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user