projects
/
m6w6
/
ext-http
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
|
github
raw
|
inline
| side by side
- improved range checking
[m6w6/ext-http]
/
http_api.c
diff --git
a/http_api.c
b/http_api.c
index ff7468d066626358a5423a856b0ac9f75935f29b..3760d310ee0c92f33375e27eb81292254415530c 100644
(file)
--- a/
http_api.c
+++ b/
http_api.c
@@
-286,7
+286,7
@@
static int check_tzone(char *tzone)
char *pretty_key(char *key, size_t key_len, zend_bool uctitle, zend_bool xhyphen)
{
if (key && key_len) {
char *pretty_key(char *key, size_t key_len, zend_bool uctitle, zend_bool xhyphen)
{
if (key && key_len) {
-
int
i, wasalpha;
+
unsigned
i, wasalpha;
if (wasalpha = isalpha(key[0])) {
key[0] = uctitle ? toupper(key[0]) : tolower(key[0]);
}
if (wasalpha = isalpha(key[0])) {
key[0] = uctitle ? toupper(key[0]) : tolower(key[0]);
}
@@
-1159,7
+1159,8
@@
PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_
{
/* "0-12345" */
case -10:
{
/* "0-12345" */
case -10:
- if (length <= end) {
+ /* "0-", "0-0" or overflow */
+ if (end == -1 || end == -10 || length <= end) {
return RANGE_ERR;
}
begin = 0;
return RANGE_ERR;
}
begin = 0;
@@
-1167,7
+1168,8
@@
PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_
/* "-12345" */
case -1:
/* "-12345" */
case -1:
- if (length <= end) {
+ /* "-", "-0" or overflow */
+ if (end == -1 || end == -10 || length <= end) {
return RANGE_ERR;
}
begin = length - end;
return RANGE_ERR;
}
begin = length - end;
@@
-1178,6
+1180,11
@@
PHP_HTTP_API http_range_status _http_get_request_ranges(HashTable *ranges, size_
default:
switch (end)
{
default:
switch (end)
{
+ /* "12345-0" */
+ case -10:
+ return RANGE_ERR;
+ break;
+
/* "12345-" */
case -1:
if (length <= begin) {
/* "12345-" */
case -1:
if (length <= begin) {