From 0a7cc720ed246ad0468d089ec8431138b075323e Mon Sep 17 00:00:00 2001 From: Michael Wallner Date: Fri, 24 Apr 2015 21:54:53 +0200 Subject: [PATCH] fixed bug with mixed case boundaries --- package.xml | 7 ++-- php_apfd.c | 13 +++--- php_apfd.h | 2 +- tests/003.phpt | 108 +++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 118 insertions(+), 12 deletions(-) create mode 100644 tests/003.phpt diff --git a/package.xml b/package.xml index 1b1db9f..8dad822 100644 --- a/package.xml +++ b/package.xml @@ -24,9 +24,9 @@ This extension does not provide any INI entries, constants, functions or classes mike@php.net yes - 2015-03-18 + 2015-04-24 - 1.0.0 + 1.0.1 1.0.0 @@ -35,7 +35,7 @@ This extension does not provide any INI entries, constants, functions or classes BSD, revised @@ -50,6 +50,7 @@ This extension does not provide any INI entries, constants, functions or classes + diff --git a/php_apfd.c b/php_apfd.c index 1797c96..0e1d749 100644 --- a/php_apfd.c +++ b/php_apfd.c @@ -77,20 +77,16 @@ PHP_RINIT_FUNCTION(apfd) { /* populate form data on non-POST requests */ if (SG(request_info).request_method && strcasecmp(SG(request_info).request_method, "POST") && SG(request_info).content_type && *SG(request_info).content_type) { - char *ct_str = zend_str_tolower_dup(SG(request_info).content_type, strlen(SG(request_info).content_type)); - size_t ct_end = strcspn(ct_str, ";, "); + char *ct_str, *ct_dup = estrdup(SG(request_info).content_type); + size_t ct_end = strcspn(ct_dup, ";, "); sapi_post_entry *post_entry = NULL; - char delim; - SG(request_info).content_type_dup = ct_str; + SG(request_info).content_type_dup = ct_dup; - delim = ct_str[ct_end]; - ct_str[ct_end] = '\0'; + ct_str = zend_str_tolower_dup(ct_dup, ct_end); if ((post_entry = apfd_get_post_entry(ct_str, ct_end TSRMLS_CC))) { zval *files = apfd_backup_files(TSRMLS_C); - ct_str[ct_end] = delim; - if (post_entry) { SG(request_info).post_entry = post_entry; @@ -110,6 +106,7 @@ PHP_RINIT_FUNCTION(apfd) */ apfd_update_files(files TSRMLS_CC); } + efree(ct_str); if (SG(request_info).content_type_dup) { efree(SG(request_info).content_type_dup); diff --git a/php_apfd.h b/php_apfd.h index e248688..bb04646 100644 --- a/php_apfd.h +++ b/php_apfd.h @@ -16,7 +16,7 @@ extern zend_module_entry apfd_module_entry; #define phpext_apfd_ptr &apfd_module_entry -#define PHP_APFD_VERSION "1.0.0" +#define PHP_APFD_VERSION "1.0.1" #ifdef PHP_WIN32 # define PHP_APFD_API __declspec(dllexport) diff --git a/tests/003.phpt b/tests/003.phpt new file mode 100644 index 0000000..7cfd9ca --- /dev/null +++ b/tests/003.phpt @@ -0,0 +1,108 @@ +--TEST-- +apfd - mixed case boundary +--SKIPIF-- + +--PUT-- +Content-Type: multipart/form-data; boundary=----------------------------abcDEFG123 +------------------------------abcDEFG123 +Content-Disposition: form-data; name="LICENSE"; filename="LICENSE" +Content-Type: application/octet-stream + +Copyright (c) 2011-2012, Michael Wallner . +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +------------------------------abcDEFG123 +Content-Disposition: form-data; name="composer"; filename="composer.json" +Content-Type: application/octet-stream + +{ + "name": "m6w6/autocracy", + "type": "library", + "description": "http\\Controller preserves your autocracy", + "keywords": ["http", "controller", "pecl", "pecl_http"], + "homepage": "http://github.com/m6w6/autocracy", + "license": "BSD-2", + "authors": [ + { + "name": "Michael Wallner", + "email": "mike@php.net" + } + ], + "require": { + "php": ">=5.4.0", + "pecl/pecl_http": "2.*" + }, + "autoload": { + "psr-0": { + "http\\Controller": "lib" + } + } +} + +------------------------------abcDEFG123 +Content-Disposition: form-data; name="user" + +mike +------------------------------abcDEFG123-- +--FILE-- + +--EXPECTF-- +array(1) { + ["user"]=> + string(4) "mike" +} +array(2) { + ["LICENSE"]=> + array(5) { + ["name"]=> + string(7) "LICENSE" + ["type"]=> + string(24) "application/octet-stream" + ["tmp_name"]=> + string(%d) "%sphp%s" + ["error"]=> + int(0) + ["size"]=> + int(1340) + } + ["composer"]=> + array(5) { + ["name"]=> + string(13) "composer.json" + ["type"]=> + string(24) "application/octet-stream" + ["tmp_name"]=> + string(%d) "%sphp%s" + ["error"]=> + int(0) + ["size"]=> + int(550) + } +} -- 2.30.2