projects
/
m6w6
/
ext-http
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
|
github
raw
|
inline
| side by side
2.3.0RC1
[m6w6/ext-http]
/
php_http_params.c
diff --git
a/php_http_params.c
b/php_http_params.c
index 4b02e8c925874345f5b369478e69e0d6382fe0b3..ce785ecbe03efef1daad18b9acb0948fc5f9a61a 100644
(file)
--- a/
php_http_params.c
+++ b/
php_http_params.c
@@
-60,7
+60,7
@@
static inline void sanitize_escaped(zval *zv TSRMLS_DC)
ZVAL_STRINGL(zv, deq, deq_len, 0);
}
ZVAL_STRINGL(zv, deq, deq_len, 0);
}
- php_strip
slashes(Z_STRVAL_P(zv), &Z_STRLEN_P(zv) TSRMLS_CC
);
+ php_strip
cslashes(Z_STRVAL_P(zv), &Z_STRLEN_P(zv)
);
}
static inline void prepare_escaped(zval *zv TSRMLS_DC)
}
static inline void prepare_escaped(zval *zv TSRMLS_DC)
@@
-68,9
+68,10
@@
static inline void prepare_escaped(zval *zv TSRMLS_DC)
if (Z_TYPE_P(zv) == IS_STRING) {
int len = Z_STRLEN_P(zv);
if (Z_TYPE_P(zv) == IS_STRING) {
int len = Z_STRLEN_P(zv);
- Z_STRVAL_P(zv) = php_addslashes(Z_STRVAL_P(zv), Z_STRLEN_P(zv), &Z_STRLEN_P(zv), 1 TSRMLS_CC);
+ Z_STRVAL_P(zv) = php_addcslashes(Z_STRVAL_P(zv), Z_STRLEN_P(zv), &Z_STRLEN_P(zv), 1,
+ ZEND_STRL("\0..\37\173\\\"") TSRMLS_CC);
- if (len != Z_STRLEN_P(zv)) {
+ if (len != Z_STRLEN_P(zv)
|| strpbrk(Z_STRVAL_P(zv), "()<>@,;:\"[]?={} ")
) {
zval tmp = *zv;
int len = Z_STRLEN_P(zv) + 2;
char *str = emalloc(len + 1);
zval tmp = *zv;
int len = Z_STRLEN_P(zv) + 2;
char *str = emalloc(len + 1);
@@
-223,6
+224,10
@@
static inline void sanitize_key(unsigned flags, char *str, size_t len, zval *zv,
if (flags & PHP_HTTP_PARAMS_ESCAPED) {
sanitize_escaped(zv TSRMLS_CC);
}
if (flags & PHP_HTTP_PARAMS_ESCAPED) {
sanitize_escaped(zv TSRMLS_CC);
}
+
+ if (!Z_STRLEN_P(zv)) {
+ return;
+ }
eos = &Z_STRVAL_P(zv)[Z_STRLEN_P(zv)-1];
if (*eos == '*') {
eos = &Z_STRVAL_P(zv)[Z_STRLEN_P(zv)-1];
if (*eos == '*') {
@@
-252,7
+257,7
@@
static inline void sanitize_rfc5987(zval *zv, char **language, zend_bool *latin1
switch (Z_STRVAL_P(zv)[0]) {
case 'I':
case 'i':
switch (Z_STRVAL_P(zv)[0]) {
case 'I':
case 'i':
- if (!strncasecmp(Z_STRVAL_P(zv),
ZEND_STRL
("iso-8859-1"))) {
+ if (!strncasecmp(Z_STRVAL_P(zv),
"iso-8859-1", lenof
("iso-8859-1"))) {
*latin1 = 1;
ptr = Z_STRVAL_P(zv) + lenof("iso-8859-1");
break;
*latin1 = 1;
ptr = Z_STRVAL_P(zv) + lenof("iso-8859-1");
break;
@@
-260,7
+265,7
@@
static inline void sanitize_rfc5987(zval *zv, char **language, zend_bool *latin1
/* no break */
case 'U':
case 'u':
/* no break */
case 'U':
case 'u':
- if (!strncasecmp(Z_STRVAL_P(zv),
ZEND_STRL
("utf-8"))) {
+ if (!strncasecmp(Z_STRVAL_P(zv),
"utf-8", lenof
("utf-8"))) {
*latin1 = 0;
ptr = Z_STRVAL_P(zv) + lenof("utf-8");
break;
*latin1 = 0;
ptr = Z_STRVAL_P(zv) + lenof("utf-8");
break;
@@
-342,7
+347,7
@@
static inline void sanitize_value(unsigned flags, char *str, size_t len, zval *z
ZVAL_COPY_VALUE(tmp, zv);
array_init(zv);
add_assoc_zval(zv, language, tmp);
ZVAL_COPY_VALUE(tmp, zv);
array_init(zv);
add_assoc_zval(zv, language, tmp);
-
S
TR_FREE(language);
+
P
TR_FREE(language);
}
}
}
}
@@
-569,7
+574,7
@@
static void push_param(HashTable *params, php_http_params_state_t *state, const
}
static inline zend_bool check_str(const char *chk_str, size_t chk_len, const char *sep_str, size_t sep_len) {
}
static inline zend_bool check_str(const char *chk_str, size_t chk_len, const char *sep_str, size_t sep_len) {
- return 0 < sep_len && chk_len >= sep_len &&
!memcmp(chk_str, sep_str, sep_len
);
+ return 0 < sep_len && chk_len >= sep_len &&
*chk_str == *sep_str && !memcmp(chk_str + 1, sep_str + 1, sep_len - 1
);
}
static size_t check_sep(php_http_params_state_t *state, php_http_params_token_t **separators)
}
static size_t check_sep(php_http_params_state_t *state, php_http_params_token_t **separators)
@@
-880,7
+885,7
@@
void php_http_params_separator_free(php_http_params_token_t **separator)
php_http_params_token_t **sep = separator;
if (sep) {
while (*sep) {
php_http_params_token_t **sep = separator;
if (sep) {
while (*sep) {
-
S
TR_FREE((*sep)->str);
+
P
TR_FREE((*sep)->str);
efree(*sep);
++sep;
}
efree(*sep);
++sep;
}