diff options
| author | Stanislav Malyshev <stas@php.net> | 2016-07-19 01:35:58 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2016-07-19 01:39:28 -0700 |
| commit | b00f8f2a5bae651d6375ca34c676963f1f25ee5a (patch) | |
| tree | aeffcdefca1269348c8b42e200b380044154ecad /main | |
| parent | e9a58bee24a4004e50a59d0d01927e6632d6da27 (diff) | |
| parent | 4d0565b5bad444b0652379668c5116b74ee13747 (diff) | |
| download | php-git-b00f8f2a5bae651d6375ca34c676963f1f25ee5a.tar.gz | |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
fix #72519, possible OOB using imagegif
fix #72512, invalid read or write for palette image when invalid transparent index is used
Apparently some envs miss SIZE_MAX
Fix tests
Fix bug #72618: NULL Pointer Dereference in exif_process_user_comment
Partial fix for bug #72613 - do not treat negative returns from bz2 as size_t
Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c
Fix for bug #72558, Integer overflow error within _gdContributionsAlloc()
Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE
Fix bug #72562 - destroy var_hash properly
Fix bug #72533 (locale_accept_from_http out-of-bounds access)
Fix fir bug #72520
Fix for bug #72513
Fix for bug #72513
CS fix and comments with bug ID
Fix for HTTP_PROXY issue.
5.6.24RC1
add tests for bug #72512
Fixed bug #72512 gdImageTrueColorToPaletteBody allows arbitrary write/read access
Fixed bug #72479 - same as #72434
Conflicts:
Zend/zend_virtual_cwd.c
ext/bz2/bz2.c
ext/exif/exif.c
ext/session/session.c
ext/snmp/snmp.c
ext/standard/basic_functions.c
main/SAPI.c
main/php_variables.c
Diffstat (limited to 'main')
| -rw-r--r-- | main/SAPI.c | 4 | ||||
| -rw-r--r-- | main/php_variables.c | 18 |
2 files changed, 22 insertions, 0 deletions
diff --git a/main/SAPI.c b/main/SAPI.c index 496bbfbd12..9029e2e570 100644 --- a/main/SAPI.c +++ b/main/SAPI.c @@ -1020,6 +1020,10 @@ SAPI_API zend_stat_t *sapi_get_stat(void) SAPI_API char *sapi_getenv(char *name, size_t name_len) { + if (!strncasecmp(name, "HTTP_PROXY", name_len)) { + /* Ugly fix for HTTP_PROXY issue, see bug #72573 */ + return NULL; + } if (sapi_module.getenv) { char *value, *tmp = sapi_module.getenv(name, name_len); if (tmp) { diff --git a/main/php_variables.c b/main/php_variables.c index 73274d7695..5791990038 100644 --- a/main/php_variables.c +++ b/main/php_variables.c @@ -730,6 +730,22 @@ static zend_bool php_auto_globals_create_files(zend_string *name) return 0; /* don't rearm */ } +/* Upgly hack to fix HTTP_PROXY issue, see bug #72573 */ +static void check_http_proxy(HashTable *var_table) +{ + if (zend_hash_str_exists(var_table, "HTTP_PROXY", sizeof("HTTP_PROXY")-1)) { + char *local_proxy = getenv("HTTP_PROXY"); + + if (!local_proxy) { + zend_hash_str_del(var_table, "HTTP_PROXY", sizeof("HTTP_PROXY")-1); + } else { + zval local_zval; + ZVAL_STRING(&local_zval, local_proxy); + zend_hash_str_update(var_table, "HTTP_PROXY", sizeof("HTTP_PROXY")-1, &local_zval); + } + } +} + static zend_bool php_auto_globals_create_server(zend_string *name) { if (PG(variables_order) && (strchr(PG(variables_order),'S') || strchr(PG(variables_order),'s'))) { @@ -755,6 +771,7 @@ static zend_bool php_auto_globals_create_server(zend_string *name) array_init(&PG(http_globals)[TRACK_VARS_SERVER]); } + check_http_proxy(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER])); zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_SERVER]); Z_ADDREF(PG(http_globals)[TRACK_VARS_SERVER]); @@ -770,6 +787,7 @@ static zend_bool php_auto_globals_create_env(zend_string *name) php_import_environment_variables(&PG(http_globals)[TRACK_VARS_ENV]); } + check_http_proxy(Z_ARRVAL(PG(http_globals)[TRACK_VARS_ENV])); zend_hash_update(&EG(symbol_table), name, &PG(http_globals)[TRACK_VARS_ENV]); Z_ADDREF(PG(http_globals)[TRACK_VARS_ENV]); |