From 001564eec4dca90f93d7c474fecd15614387b48f Mon Sep 17 00:00:00 2001 From: Michael Wallner Date: Wed, 19 Apr 2006 10:54:56 +0000 Subject: [PATCH] - fix possible crash with http_redirect() and http_build_url() called without parameters --- http_functions.c | 26 ++++++++++++++------------ http_url_api.c | 11 ++++++++--- 2 files changed, 22 insertions(+), 15 deletions(-) diff --git a/http_functions.c b/http_functions.c index ad2e3d2..550ce8f 100644 --- a/http_functions.c +++ b/http_functions.c @@ -62,7 +62,7 @@ PHP_FUNCTION(http_date) } /* }}} */ -/* {{{ proto string http_build_url(mixed url[, mixed parts[, int flags = HTTP_URL_REPLACE[, array &new_url]]]) +/* {{{ proto string http_build_url([mixed url[, mixed parts[, int flags = HTTP_URL_REPLACE[, array &new_url]]]]) * * Build an URL. * @@ -112,7 +112,7 @@ PHP_FUNCTION(http_build_url) zval *z_old_url = NULL, *z_new_url = NULL, *z_composed_url = NULL; php_url *old_url = NULL, *new_url = NULL, *composed_url = NULL; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z/|z/lz", &z_old_url, &z_new_url, &flags, &z_composed_url) != SUCCESS) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|z/z/lz", &z_old_url, &z_new_url, &flags, &z_composed_url) != SUCCESS) { RETURN_FALSE; } @@ -128,16 +128,18 @@ PHP_FUNCTION(http_build_url) } } - if (Z_TYPE_P(z_old_url) == IS_ARRAY || Z_TYPE_P(z_old_url) == IS_OBJECT) { - old_url = array2url(HASH_OF(z_old_url)); - } else { - convert_to_string(z_old_url); - if (!(old_url = php_url_parse_ex(Z_STRVAL_P(z_old_url), Z_STRLEN_P(z_old_url)))) { - if (new_url) { - php_url_free(new_url); + if (z_old_url) { + if (Z_TYPE_P(z_old_url) == IS_ARRAY || Z_TYPE_P(z_old_url) == IS_OBJECT) { + old_url = array2url(HASH_OF(z_old_url)); + } else { + convert_to_string(z_old_url); + if (!(old_url = php_url_parse_ex(Z_STRVAL_P(z_old_url), Z_STRLEN_P(z_old_url)))) { + if (new_url) { + php_url_free(new_url); + } + http_error_ex(HE_WARNING, HTTP_E_URL, "Could not parse URL (%s)", Z_STRVAL_P(z_old_url)); + RETURN_FALSE; } - http_error_ex(HE_WARNING, HTTP_E_URL, "Could not parse URL (%s)", Z_STRVAL_P(z_old_url)); - RETURN_FALSE; } } @@ -739,7 +741,7 @@ PHP_FUNCTION(http_throttle) */ PHP_FUNCTION(http_redirect) { - int url_len; + int url_len = 0; size_t query_len = 0; zend_bool session = 0, free_params = 0; zval *params = NULL; diff --git a/http_url_api.c b/http_url_api.c index cb0aeb5..cb1b82f 100644 --- a/http_url_api.c +++ b/http_url_api.c @@ -66,10 +66,15 @@ PHP_MINIT_FUNCTION(http_url) PHP_HTTP_API char *_http_absolute_url(const char *url TSRMLS_DC) { - char *abs = estrdup(url); - php_url *purl = php_url_parse(abs); + char *abs = NULL; + php_url *purl = NULL; - STR_SET(abs, NULL); + if (url) { + purl = php_url_parse(abs = estrdup(url)); + STR_SET(abs, NULL); + } else { + purl = ecalloc(1, sizeof(php_url)); + } if (purl) { http_build_url(0, purl, NULL, NULL, &abs, NULL); -- 2.30.2