diff options
| author | foobar <sniper@php.net> | 2002-04-01 23:02:16 +0000 |
|---|---|---|
| committer | foobar <sniper@php.net> | 2002-04-01 23:02:16 +0000 |
| commit | bccfe804800c7b163483c4a2e28269fde34b10bd (patch) | |
| tree | 0fa72bc799bca0959a192de04971dea0177c4e7e /main/rfc1867.c | |
| parent | 750ca4295e711a78c9dfbbbecfa992e52038c6e6 (diff) | |
| download | php-git-bccfe804800c7b163483c4a2e28269fde34b10bd.tar.gz | |
Prevent crashing with some bogus POSTs.
Diffstat (limited to 'main/rfc1867.c')
| -rw-r--r-- | main/rfc1867.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/main/rfc1867.c b/main/rfc1867.c index 780e25c379..5c997cda6a 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -704,10 +704,17 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* If file_uploads=off, skip the file part */ if (!PG(file_uploads)) { efree(filename); - efree(param); + if (param) efree(param); continue; } + /* Return with an error if the posted data is garbled */ + if (!param) { + sapi_module.sapi_error(E_WARNING, "File Upload Mime headers garbled"); + efree(filename); + SAFE_RETURN; + } + /* Handle file */ fp = php_open_temporary_file(PG(upload_tmp_dir), "php", &temp_filename TSRMLS_CC); if (!fp) { |