diff options
| author | Stanislav Malyshev <stas@php.net> | 2012-01-01 23:54:25 +0000 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2012-01-01 23:54:25 +0000 |
| commit | 2a687aed1ab6c15e868021314bd81eab3b432fa3 (patch) | |
| tree | 21987aef3726b47c370e90ef38f1900d49906c12 /main/rfc1867.c | |
| parent | 0fdbefa4302bb69e0d9524a17de92c407635bd7e (diff) | |
| download | php-git-2a687aed1ab6c15e868021314bd81eab3b432fa3.tar.gz | |
fix bug #54374, bug #55500 - filter file names better, no dangling [s
Diffstat (limited to 'main/rfc1867.c')
| -rw-r--r-- | main/rfc1867.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/main/rfc1867.c b/main/rfc1867.c index eca8e2d2fa..b848126b2a 100644 --- a/main/rfc1867.c +++ b/main/rfc1867.c @@ -556,7 +556,7 @@ static char *php_ap_basename(const zend_encoding *encoding, char *path TSRMLS_DC { char *s = strrchr(path, '\\'); char *s2 = strrchr(path, '/'); - + if (s && s2) { if (s > s2) { ++s; @@ -942,6 +942,10 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ } tmp++; } + /* Brackets should always be closed */ + if(c != 0) { + skip_upload = 1; + } } total_bytes = cancel_upload = 0; @@ -977,7 +981,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ offset = 0; end = 0; - + if (!cancel_upload) { /* only bother to open temp file if we have data */ blen = multipart_buffer_read(mbuff, buff, sizeof(buff), &end TSRMLS_CC); @@ -1275,7 +1279,7 @@ SAPI_API void php_rfc1867_set_multibyte_callbacks( php_rfc1867_getword = getword; php_rfc1867_getword_conf = getword_conf; php_rfc1867_basename = basename; -} +} /* }}} */ /* |