Fixed bug #40079 (php_get_current_user() not thread safe).

# Original patch from wharmby at uk dot ibm dot com

1 files changed, 15 insertions, 0 deletions

diff --git a/main/safe_mode.c b/main/safe_mode.c
index 761afcb1ab..d87c3f3e3f 100644
--- a/main/safe_mode.c
+++ b/main/safe_mode.c
@@ -228,12 +228,27 @@ PHPAPI char *php_get_current_user()
 		return SG(request_info).current_user;		
 #else
 		struct passwd *pwd;
+#ifdef HAVE_GETPWUID_R
+		struct passwd _pw;
+		struct passwd *retpwptr = NULL;
+		int pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
+		char *pwbuf = emalloc(pwbuflen);
 
+		if (getpwuid_r(pstat->st_uid, &_pw, pwbuf, pwbuflen, &retpwptr) != 0) {
+			efree(pwbuf);
+			return "";
+		}
+		pwd = &_pw;
+#else
 		if ((pwd=getpwuid(pstat->st_uid))==NULL) {
 			return "";
 		}
+#endif
 		SG(request_info).current_user_length = strlen(pwd->pw_name);
 		SG(request_info).current_user = estrndup(pwd->pw_name, SG(request_info).current_user_length);
+#ifdef HAVE_GETPWUID_R
+		efree(pwbuf);
+#endif
 		return SG(request_info).current_user;		
 #endif
 	}