diff options
| author | Zeev Suraski <zeev@php.net> | 2000-02-26 16:36:57 +0000 |
|---|---|---|
| committer | Zeev Suraski <zeev@php.net> | 2000-02-26 16:36:57 +0000 |
| commit | 0e90b9dc83956f7de3d269cfe9b1be42618c2812 (patch) | |
| tree | d80fb084aaefaa5abccfa48e38ab07d598df7356 /main/php_variables.c | |
| parent | e6146d6bf382df0de28271cc58fce03afc20797b (diff) | |
| download | php-git-0e90b9dc83956f7de3d269cfe9b1be42618c2812.tar.gz | |
@- The various $HTTP_*_VARS[] are now protected, and cannot be manipulated by
@ user input (Zeev)
This patch is untested! I'll only have time to test it thoroughly in a couple of hours...
Diffstat (limited to 'main/php_variables.c')
| -rw-r--r-- | main/php_variables.c | 18 |
1 files changed, 4 insertions, 14 deletions
diff --git a/main/php_variables.c b/main/php_variables.c index 1897610d6c..84c487d01f 100644 --- a/main/php_variables.c +++ b/main/php_variables.c @@ -226,16 +226,15 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC) INIT_PZVAL(array_ptr); switch (arg) { case PARSE_POST: - zend_hash_add_ptr(&EG(symbol_table), "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"), array_ptr, sizeof(pval *),NULL); + PG(http_globals).post = array_ptr; break; case PARSE_GET: - zend_hash_add_ptr(&EG(symbol_table), "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"), array_ptr, sizeof(pval *),NULL); + PG(http_globals).get = array_ptr; break; case PARSE_COOKIE: - zend_hash_add_ptr(&EG(symbol_table), "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"), array_ptr, sizeof(pval *),NULL); + PG(http_globals).cookie = array_ptr; break; } - array_ptr->refcount++; /* If someone overwrites us, array_ptr must stay valid */ } else { array_ptr=NULL; } @@ -247,9 +246,6 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC) if (arg==PARSE_POST) { sapi_handle_post(array_ptr SLS_CC); - if (array_ptr) { - zval_ptr_dtor(&array_ptr); - } return; } @@ -275,9 +271,6 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC) } if (!res) { - if (array_ptr) { - zval_ptr_dtor(&array_ptr); - } return; } @@ -307,9 +300,6 @@ void php_treat_data(int arg, char *str ELS_DC PLS_DC SLS_DC) if (free_buffer) { efree(res); } - if (array_ptr) { - zval_ptr_dtor(&array_ptr); - } } @@ -323,7 +313,7 @@ void php_import_environment_variables(ELS_D PLS_DC) ALLOC_ZVAL(array_ptr); array_init(array_ptr); INIT_PZVAL(array_ptr); - zend_hash_add_ptr(&EG(symbol_table), "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"), array_ptr, sizeof(pval *),NULL); + PG(http_globals).environment = array_ptr; } for (env = environ; env != NULL && *env != NULL; env++) { |