IE does not use quotes but now we are safe...

author: Stefan Esser <sesser@php.net> 2002-08-17 11:48:21 +0000
committer: Stefan Esser <sesser@php.net> 2002-08-17 11:48:21 +0000
commit: 20693c1ad4c37931cdb403ec700b8b918f51b090 (patch)
tree: ff0b00b510a968c3f2d177cb90e3777eb4c7a4e7
parent: 6cbb3506075b3c8039a560c827aa20f11011b3b6 (diff)
download: php-git-20693c1ad4c37931cdb403ec700b8b918f51b090.tar.gz
1 files changed, 8 insertions, 9 deletions
diff --git a/main/rfc1867.c b/main/rfc1867.c
index 17e2b55093..80d56b6d59 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -642,21 +642,20 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler)
 	boundary++;
 	boundary_len = strlen(boundary);
 
-	if (boundary[0] == '"' && boundary[boundary_len-1] == '"') {
-		if (boundary_len < 2) { /* otherwise a single " passes */
+	if (boundary[0] == '"') {
+		boundary++;
+		boundary_end = strchr(boundary, '"');
+		if (!boundary_end) { 
 			sapi_module.sapi_error(E_WARNING, "Invalid boundary in multipart/form-data POST data");
 			return;
 		}
-		boundary++;
-		boundary_len -= 2;
-		boundary[boundary_len] = '\0';
 	} else {
 		/* search for the end of the boundary */
 		boundary_end = strchr(boundary, ',');
-		if (boundary_end) {
-			boundary_end[0] = '\0';
-			boundary_len = boundary_end-boundary;
-		}
+	}
+	if (boundary_end) {
+		boundary_end[0] = '\0';
+		boundary_len = boundary_end-boundary;
 	}
 
 	/* Initialize the buffer */
author	Stefan Esser <sesser@php.net>	2002-08-17 11:48:21 +0000
committer	Stefan Esser <sesser@php.net>	2002-08-17 11:48:21 +0000
commit	20693c1ad4c37931cdb403ec700b8b918f51b090 (patch)
tree	ff0b00b510a968c3f2d177cb90e3777eb4c7a4e7
parent	6cbb3506075b3c8039a560c827aa20f11011b3b6 (diff)
download	php-git-20693c1ad4c37931cdb403ec700b8b918f51b090.tar.gz