diff options
| author | Mark A. Hershberger <mah@debian.(none)> | 2009-03-25 00:34:59 -0400 |
|---|---|---|
| committer | Mark A. Hershberger <mah@debian.(none)> | 2009-03-25 00:34:59 -0400 |
| commit | ce7edc9b3c7370f32fec0bc7a8ec3e29ed9a5f61 (patch) | |
| tree | acdb9a8816483652a9db1a47db71df5df43707c5 /main/php_variables.c | |
| parent | 10f5b47dc7c1cf2b9a00991629f43652710322d3 (diff) | |
| download | php-ce7edc9b3c7370f32fec0bc7a8ec3e29ed9a5f61.tar.gz | |
Imported Upstream version 5.1.1upstream/5.1.1
Diffstat (limited to 'main/php_variables.c')
| -rw-r--r-- | main/php_variables.c | 139 |
1 files changed, 75 insertions, 64 deletions
diff --git a/main/php_variables.c b/main/php_variables.c index 49b89d28a..118295100 100644 --- a/main/php_variables.c +++ b/main/php_variables.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2004 The PHP Group | + | Copyright (c) 1997-2005 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.0 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_variables.c,v 1.81.2.12 2005/09/01 19:15:51 iliaa Exp $ */ +/* $Id: php_variables.c,v 1.104.2.3 2005/09/28 22:39:52 iliaa Exp $ */ #include <stdio.h> #include "php.h" @@ -28,10 +28,8 @@ #include "php_content_types.h" #include "SAPI.h" #include "php_logos.h" - #include "zend_globals.h" - /* for systems that need to override reading of environment variables */ void _php_import_environment_variables(zval *array_ptr TSRMLS_DC); PHPAPI void (*php_import_environment_variables)(zval *array_ptr TSRMLS_DC) = _php_import_environment_variables; @@ -41,7 +39,6 @@ PHPAPI void php_register_variable(char *var, char *strval, zval *track_vars_arra php_register_variable_safe(var, strval, strlen(strval), track_vars_array TSRMLS_CC); } - /* binary-safe version */ PHPAPI void php_register_variable_safe(char *var, char *strval, int str_len, zval *track_vars_array TSRMLS_DC) { @@ -60,16 +57,15 @@ PHPAPI void php_register_variable_safe(char *var, char *strval, int str_len, zva php_register_variable_ex(var, &new_entry, track_vars_array TSRMLS_CC); } - -PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_array TSRMLS_DC) +PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_array TSRMLS_DC) { char *p = NULL; char *ip; /* index pointer */ - char *index; + char *index, *escaped_index = NULL; int var_len, index_len; zval *gpc_element, **gpc_element_p; zend_bool is_array; - HashTable *symtable1=NULL; + HashTable *symtable1 = NULL; assert(var != NULL); @@ -103,9 +99,16 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_arra zval_dtor(val); return; } + + /* GLOBALS hijack attempt, reject parameter */ + if (symtable1 == EG(active_symbol_table) && !strcmp("GLOBALS", var)) { + zval_dtor(val); + return; + } + /* ensure that we don't have spaces or dots in the variable name (not binary safe) */ for (p=var; *p; p++) { - switch(*p) { + switch (*p) { case ' ': case '.': *p='_'; @@ -118,7 +121,7 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_arra while (1) { if (is_array) { - char *escaped_index = NULL, *index_s; + char *index_s; int new_idx_len = 0; ip++; @@ -150,19 +153,19 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_arra array_init(gpc_element); zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); } else { - if (PG(magic_quotes_gpc) && (index!=var)) { + if (PG(magic_quotes_gpc) && (index != var)) { /* no need to addslashes() the index if it's the main variable name */ escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC); } else { escaped_index = index; } - if (zend_symtable_find(symtable1, escaped_index, index_len+1, (void **) &gpc_element_p)==FAILURE + if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE || Z_TYPE_PP(gpc_element_p) != IS_ARRAY) { MAKE_STD_ZVAL(gpc_element); array_init(gpc_element); - zend_symtable_update(symtable1, escaped_index, index_len+1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); + zend_symtable_update(symtable1, escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); } - if (index!=escaped_index) { + if (index != escaped_index) { efree(escaped_index); } } @@ -172,7 +175,7 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, pval *track_vars_arra index_len = new_idx_len; ip++; - if (*ip=='[') { + if (*ip == '[') { is_array = 1; *ip = 0; } else { @@ -187,7 +190,12 @@ plain_var: zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); } else { zval **tmp; - char *escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC); + + if (PG(magic_quotes_gpc)) { + escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC); + } else { + escaped_index = index; + } /* * According to rfc2965, more specific paths are listed above the less specific ones. * If we encounter a duplicate cookie name, we should skip it, since it is not possible @@ -196,25 +204,28 @@ plain_var: */ if (PG(http_globals)[TRACK_VARS_COOKIE] && symtable1 == Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) && zend_symtable_find(symtable1, escaped_index, index_len+1, (void **) &tmp) != FAILURE) { - efree(escaped_index); + if (index != escaped_index) { + efree(escaped_index); + } break; } - zend_symtable_update(symtable1, escaped_index, index_len+1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); - efree(escaped_index); + zend_symtable_update(symtable1, escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); + if (index != escaped_index) { + efree(escaped_index); + } } break; } } } - SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler) { char *var, *val; char *strtok_buf = NULL; zval *array_ptr = (zval *) arg; - if (SG(request_info).post_data==NULL) { + if (SG(request_info).post_data == NULL) { return; } @@ -241,16 +252,16 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler) SAPI_API SAPI_INPUT_FILTER_FUNC(php_default_input_filter) { /* TODO: check .ini setting here and apply user-defined input filter */ - *new_val_len = val_len; + if(new_val_len) *new_val_len = val_len; return 1; } SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data) { - char *res = NULL, *var, *val, *separator=NULL; + char *res = NULL, *var, *val, *separator = NULL; const char *c_var; - pval *array_ptr; - int free_buffer=0; + zval *array_ptr; + int free_buffer = 0; char *strtok_buf = NULL; switch (arg) { @@ -282,11 +293,11 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data) } break; default: - array_ptr=destArray; + array_ptr = destArray; break; } - if (arg==PARSE_POST) { + if (arg == PARSE_POST) { sapi_handle_post(array_ptr TSRMLS_CC); return; } @@ -357,7 +368,7 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data) var = php_strtok_r(NULL, separator, &strtok_buf); } - if(arg != PARSE_COOKIE) { + if (arg != PARSE_COOKIE) { efree(separator); } @@ -389,7 +400,7 @@ void _php_import_environment_variables(zval *array_ptr TSRMLS_DC) } memcpy(t, *env, nlen); t[nlen] = '\0'; - php_register_variable(t, p+1, array_ptr TSRMLS_CC); + php_register_variable(t, p + 1, array_ptr TSRMLS_CC); } if (t != buf && t != NULL) { efree(t); @@ -397,7 +408,6 @@ void _php_import_environment_variables(zval *array_ptr TSRMLS_DC) PG(magic_quotes_gpc) = magic_quotes_gpc; } - zend_bool php_std_auto_global_callback(char *name, uint name_len TSRMLS_DC) { zend_printf("%s\n", name); @@ -408,7 +418,7 @@ zend_bool php_std_auto_global_callback(char *name, uint name_len TSRMLS_DC) */ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) { - pval *arr, *argc, *tmp; + zval *arr, *argc, *tmp; int count = 0; char *ss, *space; @@ -425,13 +435,13 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) /* Prepare argv */ if (SG(request_info).argc) { /* are we in cli sapi? */ int i; - for (i=0; i<SG(request_info).argc; i++) { + for (i = 0; i < SG(request_info).argc; i++) { ALLOC_ZVAL(tmp); Z_TYPE_P(tmp) = IS_STRING; Z_STRLEN_P(tmp) = strlen(SG(request_info).argv[i]); Z_STRVAL_P(tmp) = estrndup(SG(request_info).argv[i], Z_STRLEN_P(tmp)); INIT_PZVAL(tmp); - if (zend_hash_next_index_insert(Z_ARRVAL_P(arr), &tmp, sizeof(pval *), NULL)==FAILURE) { + if (zend_hash_next_index_insert(Z_ARRVAL_P(arr), &tmp, sizeof(zval *), NULL) == FAILURE) { if (Z_TYPE_P(tmp) == IS_STRING) { efree(Z_STRVAL_P(tmp)); } @@ -451,7 +461,7 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) Z_STRVAL_P(tmp) = estrndup(ss, Z_STRLEN_P(tmp)); INIT_PZVAL(tmp); count++; - if (zend_hash_next_index_insert(Z_ARRVAL_P(arr), &tmp, sizeof(pval *), NULL)==FAILURE) { + if (zend_hash_next_index_insert(Z_ARRVAL_P(arr), &tmp, sizeof(zval *), NULL) == FAILURE) { if (Z_TYPE_P(tmp) == IS_STRING) { efree(Z_STRVAL_P(tmp)); } @@ -485,8 +495,8 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) if (track_vars_array) { arr->refcount++; argc->refcount++; - zend_hash_update(Z_ARRVAL_P(track_vars_array), "argv", sizeof("argv"), &arr, sizeof(pval *), NULL); - zend_hash_update(Z_ARRVAL_P(track_vars_array), "argc", sizeof("argc"), &argc, sizeof(pval *), NULL); + zend_hash_update(Z_ARRVAL_P(track_vars_array), "argv", sizeof("argv"), &arr, sizeof(zval *), NULL); + zend_hash_update(Z_ARRVAL_P(track_vars_array), "argc", sizeof("argc"), &argc, sizeof(zval *), NULL); } } /* }}} */ @@ -495,11 +505,10 @@ static void php_build_argv(char *s, zval *track_vars_array TSRMLS_DC) */ PHPAPI int php_handle_special_queries(TSRMLS_D) { - if (SG(request_info).query_string && SG(request_info).query_string[0]=='=' - && PG(expose_php)) { - if (php_info_logos(SG(request_info).query_string+1 TSRMLS_CC)) { + if (PG(expose_php) && SG(request_info).query_string && SG(request_info).query_string[0] == '=') { + if (php_info_logos(SG(request_info).query_string + 1 TSRMLS_CC)) { return 1; - } else if (!strcmp(SG(request_info).query_string+1, PHP_CREDITS_GUID)) { + } else if (!strcmp(SG(request_info).query_string + 1, PHP_CREDITS_GUID)) { php_print_credits(PHP_CREDITS_ALL TSRMLS_CC); return 1; } @@ -508,13 +517,11 @@ PHPAPI int php_handle_special_queries(TSRMLS_D) } /* }}} */ - - /* {{{ php_register_server_variables */ static inline void php_register_server_variables(TSRMLS_D) { - zval *array_ptr=NULL; + zval *array_ptr = NULL; /* turn off magic_quotes while importing server variables */ int magic_quotes_gpc = PG(magic_quotes_gpc); @@ -539,12 +546,21 @@ static inline void php_register_server_variables(TSRMLS_D) if (SG(request_info).auth_password) { php_register_variable("PHP_AUTH_PW", SG(request_info).auth_password, array_ptr TSRMLS_CC); } + if (SG(request_info).auth_digest) { + php_register_variable("PHP_AUTH_DIGEST", SG(request_info).auth_digest, array_ptr TSRMLS_CC); + } + /* store request init time */ + { + zval new_entry; + Z_TYPE(new_entry) = IS_LONG; + Z_LVAL(new_entry) = sapi_get_request_time(TSRMLS_C); + php_register_variable_ex("REQUEST_TIME", &new_entry, array_ptr TSRMLS_CC); + } + PG(magic_quotes_gpc) = magic_quotes_gpc; } /* }}} */ - - /* {{{ php_autoglobal_merge */ static void php_autoglobal_merge(HashTable *dest, HashTable *src TSRMLS_DC) @@ -561,9 +577,10 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src TSRMLS_DC) while (zend_hash_get_current_data_ex(src, (void **)&src_entry, &pos) == SUCCESS) { key_type = zend_hash_get_current_key_ex(src, &string_key, &string_key_len, &num_key, 0, &pos); if (Z_TYPE_PP(src_entry) != IS_ARRAY - || (key_type==HASH_KEY_IS_STRING && zend_hash_find(dest, string_key, string_key_len, (void **) &dest_entry) != SUCCESS) - || (key_type==HASH_KEY_IS_LONG && zend_hash_index_find(dest, num_key, (void **)&dest_entry) != SUCCESS) - || Z_TYPE_PP(dest_entry) != IS_ARRAY) { + || (key_type == HASH_KEY_IS_STRING && zend_hash_find(dest, string_key, string_key_len, (void **) &dest_entry) != SUCCESS) + || (key_type == HASH_KEY_IS_LONG && zend_hash_index_find(dest, num_key, (void **)&dest_entry) != SUCCESS) + || Z_TYPE_PP(dest_entry) != IS_ARRAY + ) { (*src_entry)->refcount++; if (key_type == HASH_KEY_IS_STRING) { /* if register_globals is on and working with main symbol table, prevent overwriting of GLOBALS */ @@ -584,12 +601,10 @@ static void php_autoglobal_merge(HashTable *dest, HashTable *src TSRMLS_DC) } /* }}} */ - static zend_bool php_auto_globals_create_server(char *name, uint name_len TSRMLS_DC); static zend_bool php_auto_globals_create_env(char *name, uint name_len TSRMLS_DC); static zend_bool php_auto_globals_create_request(char *name, uint name_len TSRMLS_DC); - /* {{{ php_hash_environment */ int php_hash_environment(TSRMLS_D) @@ -627,7 +642,7 @@ int php_hash_environment(TSRMLS_D) case 'P': if (!_gpc_flags[0] && !SG(headers_sent) && SG(request_info).request_method && !strcasecmp(SG(request_info).request_method, "POST")) { sapi_module.treat_data(PARSE_POST, NULL, NULL TSRMLS_CC); /* POST Data */ - _gpc_flags[0]=1; + _gpc_flags[0] = 1; if (PG(register_globals)) { php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_POST]) TSRMLS_CC); } @@ -637,7 +652,7 @@ int php_hash_environment(TSRMLS_D) case 'C': if (!_gpc_flags[1]) { sapi_module.treat_data(PARSE_COOKIE, NULL, NULL TSRMLS_CC); /* Cookie Data */ - _gpc_flags[1]=1; + _gpc_flags[1] = 1; if (PG(register_globals)) { php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) TSRMLS_CC); } @@ -647,7 +662,7 @@ int php_hash_environment(TSRMLS_D) case 'G': if (!_gpc_flags[2]) { sapi_module.treat_data(PARSE_GET, NULL, NULL TSRMLS_CC); /* GET Data */ - _gpc_flags[2]=1; + _gpc_flags[2] = 1; if (PG(register_globals)) { php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_GET]) TSRMLS_CC); } @@ -658,7 +673,7 @@ int php_hash_environment(TSRMLS_D) if (!jit_initialization && !_gpc_flags[3]) { zend_auto_global_disable_jit("_ENV", sizeof("_ENV")-1 TSRMLS_CC); php_auto_globals_create_env("_ENV", sizeof("_ENV")-1 TSRMLS_CC); - _gpc_flags[3]=1; + _gpc_flags[3] = 1; if (PG(register_globals)) { php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_ENV]) TSRMLS_CC); } @@ -669,7 +684,7 @@ int php_hash_environment(TSRMLS_D) if (!jit_initialization && !_gpc_flags[4]) { zend_auto_global_disable_jit("_SERVER", sizeof("_SERVER")-1 TSRMLS_CC); php_register_server_variables(TSRMLS_C); - _gpc_flags[4]=1; + _gpc_flags[4] = 1; if (PG(register_globals)) { php_autoglobal_merge(&EG(symbol_table), Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]) TSRMLS_CC); } @@ -717,7 +732,6 @@ int php_hash_environment(TSRMLS_D) } /* }}} */ - static zend_bool php_auto_globals_create_server(char *name, uint name_len TSRMLS_DC) { if (PG(variables_order) && (strchr(PG(variables_order),'S') || strchr(PG(variables_order),'s'))) { @@ -733,7 +747,7 @@ static zend_bool php_auto_globals_create_server(char *name, uint name_len TSRMLS PG(http_globals)[TRACK_VARS_SERVER] = server_vars; } - zend_hash_update(&EG(symbol_table), name, name_len+1, &PG(http_globals)[TRACK_VARS_SERVER], sizeof(zval *), NULL); + zend_hash_update(&EG(symbol_table), name, name_len + 1, &PG(http_globals)[TRACK_VARS_SERVER], sizeof(zval *), NULL); PG(http_globals)[TRACK_VARS_SERVER]->refcount++; if (PG(register_long_arrays)) { @@ -744,10 +758,9 @@ static zend_bool php_auto_globals_create_server(char *name, uint name_len TSRMLS return 0; /* don't rearm */ } - static zend_bool php_auto_globals_create_env(char *name, uint name_len TSRMLS_DC) { - zval *env_vars=NULL; + zval *env_vars = NULL; ALLOC_ZVAL(env_vars); array_init(env_vars); INIT_PZVAL(env_vars); @@ -760,7 +773,7 @@ static zend_bool php_auto_globals_create_env(char *name, uint name_len TSRMLS_DC php_import_environment_variables(PG(http_globals)[TRACK_VARS_ENV] TSRMLS_CC); } - zend_hash_update(&EG(symbol_table), name, name_len+1, &PG(http_globals)[TRACK_VARS_ENV], sizeof(zval *), NULL); + zend_hash_update(&EG(symbol_table), name, name_len + 1, &PG(http_globals)[TRACK_VARS_ENV], sizeof(zval *), NULL); PG(http_globals)[TRACK_VARS_ENV]->refcount++; if (PG(register_long_arrays)) { @@ -771,7 +784,6 @@ static zend_bool php_auto_globals_create_env(char *name, uint name_len TSRMLS_DC return 0; /* don't rearm */ } - static zend_bool php_auto_globals_create_request(char *name, uint name_len TSRMLS_DC) { zval *form_variables; @@ -782,7 +794,7 @@ static zend_bool php_auto_globals_create_request(char *name, uint name_len TSRML array_init(form_variables); INIT_PZVAL(form_variables); - for (p=PG(variables_order); p && *p; p++) { + for (p = PG(variables_order); p && *p; p++) { switch (*p) { case 'g': case 'G': @@ -812,7 +824,6 @@ static zend_bool php_auto_globals_create_request(char *name, uint name_len TSRML return 0; } - void php_startup_auto_globals(TSRMLS_D) { zend_register_auto_global("_GET", sizeof("_GET")-1, NULL TSRMLS_CC); |