diff options
| author | Dmitry Stogov <dmitry@php.net> | 2008-09-02 13:22:00 +0000 |
|---|---|---|
| committer | Dmitry Stogov <dmitry@php.net> | 2008-09-02 13:22:00 +0000 |
| commit | f45b732abf9f2f63038cad7d9983728d01ba7161 (patch) | |
| tree | 1751492e1f5fb48e7e861803293313a76c4a43e9 | |
| parent | bc053b7628c96d7eaec06aea1f916f7505e9efc1 (diff) | |
| download | php-git-f45b732abf9f2f63038cad7d9983728d01ba7161.tar.gz | |
Fixed bug #45860 (header() function fails to correctly replace all Status lines)
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | sapi/cgi/cgi_main.c | 15 | ||||
| -rw-r--r-- | sapi/cgi/tests/010.phpt | 53 |
3 files changed, 68 insertions, 2 deletions
@@ -23,6 +23,8 @@ PHP NEWS in parsed file). (Jani) - Fixed bug #45862 (get_class_vars is inconsistent with 'protected' and 'private' variables). (ilewis at uk dot ibm dot com, Felipe) +- Fixed bug #45860 (header() function fails to correctly replace all Status + lines). (Dmitry) - Fixed bug #45805 (Crash on throwing exception from error handler). (Dmitry) - Fixed bug #45765 (ReflectionObject with default parameters of self::xxx cause an error). (Felipe) diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c index 67978b1956..857993acb7 100644 --- a/sapi/cgi/cgi_main.c +++ b/sapi/cgi/cgi_main.c @@ -369,6 +369,7 @@ static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC) char buf[SAPI_CGI_MAX_HEADER_LENGTH]; sapi_header_struct *h; zend_llist_position pos; + zend_bool ignore_status = 0; if (SG(request_info).no_headers == 1) { return SAPI_HEADER_SENT_SUCCESSFULLY; @@ -424,6 +425,7 @@ static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC) } if (!has_status) { PHPWRITE_H(buf, len); + ignore_status = 1; } } @@ -431,8 +433,17 @@ static int sapi_cgi_send_headers(sapi_headers_struct *sapi_headers TSRMLS_DC) while (h) { /* prevent CRLFCRLF */ if (h->header_len) { - PHPWRITE_H(h->header, h->header_len); - PHPWRITE_H("\r\n", 2); + if (h->header_len > sizeof("Status:")-1 && + strncasecmp(h->header, "Status:", sizeof("Status:")-1) == 0) { + if (!ignore_status) { + ignore_status = 1; + PHPWRITE_H(h->header, h->header_len); + PHPWRITE_H("\r\n", 2); + } + } else { + PHPWRITE_H(h->header, h->header_len); + PHPWRITE_H("\r\n", 2); + } } h = (sapi_header_struct*)zend_llist_get_next_ex(&sapi_headers->headers, &pos); } diff --git a/sapi/cgi/tests/010.phpt b/sapi/cgi/tests/010.phpt new file mode 100644 index 0000000000..e633ad28ba --- /dev/null +++ b/sapi/cgi/tests/010.phpt @@ -0,0 +1,53 @@ +--TEST-- +Bug #45860 (header() function fails to correctly replace all Status lines) +--SKIPIF-- +<?php include "skipif.inc"; ?> +--FILE-- +<?php + +include "include.inc"; + +$php = get_cgi_path(); +reset_env_vars(); + +$f = tempnam(sys_get_temp_dir(), 'cgitest'); + +putenv("TRANSLATED_PATH=".$f."/x"); +putenv("SCRIPT_FILENAME=".$f."/x"); +file_put_contents($f, '<?php +header("HTTP/1.1 403 Forbidden"); +header("Status: 403 Also Forbidden"); +?>'); + +echo (`$php -n $f`); + +file_put_contents($f, '<?php +header("HTTP/1.1 403 Forbidden"); +?>'); + +echo (`$php -n $f`); + +file_put_contents($f, '<?php +header("Status: 403 Also Forbidden"); +?>'); + +echo (`$php -n $f`); + +echo "Done\n"; + +@unlink($f); +?> +--EXPECTF-- +Status: 403 Forbidden +X-Powered-By: PHP/%s +Content-type: text/html + +Status: 403 Forbidden +X-Powered-By: PHP/%s +Content-type: text/html + +X-Powered-By: PHP/%s +Status: 403 Also Forbidden +Content-type: text/html + +Done |