diff options
author | Rasmus Lerdorf <rasmus@php.net> | 2008-03-17 18:03:31 +0000 |
---|---|---|
committer | Rasmus Lerdorf <rasmus@php.net> | 2008-03-17 18:03:31 +0000 |
commit | bafb0b4ff5ec13509e99bbecf23949d233885e2f (patch) | |
tree | 9aac7358e2e68535b99a8499870ec098a6e78534 /sapi/apache | |
parent | e345eb5e3801e6f2d10f7b9a65d0a0b9b2b01a03 (diff) | |
download | php-git-bafb0b4ff5ec13509e99bbecf23949d233885e2f.tar.gz |
We need to pass PHP-managed pointers to filter here to avoid having
emalloc'ed data assigned to things like r->uri and having it get efree()'ed
on request shutdown which then means that if the Apache logging module
tries to log r->uri it would be reading from free'ed memory. So a simple
estrdup before the filter call takes care of that.
Diffstat (limited to 'sapi/apache')
-rw-r--r-- | sapi/apache/mod_php5.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/sapi/apache/mod_php5.c b/sapi/apache/mod_php5.c index d84b11e548..0845f8e40b 100644 --- a/sapi/apache/mod_php5.c +++ b/sapi/apache/mod_php5.c @@ -243,14 +243,12 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_ table_entry *elts = (table_entry *) arr->elts; zval **path_translated; HashTable *symbol_table; - int new_val_len; + int val_len, new_val_len; + char *val; for (i = 0; i < arr->nelts; i++) { - char *val; - int val_len; - if (elts[i].val) { - val = elts[i].val; + val = estrdup(elts[i].val); } else { val = ""; } @@ -275,8 +273,9 @@ static void sapi_apache_register_server_variables(zval *track_vars_array TSRMLS_ php_register_variable("PATH_TRANSLATED", Z_STRVAL_PP(path_translated), track_vars_array TSRMLS_CC); } - if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", &((request_rec *) SG(server_context))->uri, strlen(((request_rec *) SG(server_context))->uri), &new_val_len TSRMLS_CC)) { - php_register_variable("PHP_SELF", ((request_rec *) SG(server_context))->uri, track_vars_array TSRMLS_CC); + val = estrdup(((request_rec *)SG(server_context))->uri); + if (sapi_module.input_filter(PARSE_SERVER, "PHP_SELF", val, strlen(val), &new_val_len TSRMLS_CC)) { + php_register_variable_safe("PHP_SELF", val, new_val_len, track_vars_array TSRMLS_CC); } } /* }}} */ |