|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2001-03-23 05:30 UTC] andreas at erestor dot f2s dot com
[2001-03-26 16:28 UTC] sniper@php.net
[2001-03-29 04:53 UTC] andreas at erestor dot f2s dot com
[2001-05-01 21:21 UTC] sniper@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Fri Dec 27 16:01:29 2024 UTC |
Hello, the documentation tells in chapter 19: "PHP is capable of receiving file uploads from any RFC-1867 compliant browser (...).". If the implementation does not, I think it is a bug. So I submit a bug-report, not a feature-request. The code, which should handle RFC-1867 compliant POST-bodies, is in the file main/rfc1867.c. But it do not accept many possiblilities, which are allowed by RFC-1867, RFC-2045 and RFC-822, in its version 1.60. First, it anly allows one Header-field in every part of the POST-body. (see also Bugid 7685) Second, it still do not handle atoms as parameter-values correctly. (see also Bugid 8486) Third, it does not accept whitespaces at all allowed places (around the '=' in the parameter). Fourth, it does not recognize folded headerfields as been folded. Fifth, it does not handle comments at all. The first two should be handled correctly, if a PHP-script should be usable from Lynx. I have changed the file rfc1867.c in a way, that more POST-bodies are accepted, but also my version is still not accepting all RFC-1867 compliant POST-bodies. It misses all changes to the part of handling the filename-parameter and do not handle comments at all. Here is a context-diff between the version 1.60 of your CVS and my version: *** rfc1867.c.v1.60 Thu Mar 22 14:42:35 2001 --- rfc1867.c Thu Mar 22 17:10:43 2001 *************** *** 151,184 **** } else { Done = 1; } break; case 1: /* Check content-disposition */ ! if (strncasecmp(ptr, "Content-Disposition: form-data;", 31)) { if (rem < 31) { SAFE_RETURN; } ! php_error(E_WARNING, "File Upload Mime headers garbled ptr: [%c%c%c%c%c]", *ptr, *(ptr + 1), *(ptr + 2), *(ptr + 3), *(ptr + 4)); ! SAFE_RETURN; } loc = memchr(ptr, '\n', rem); name = strstr(ptr, " name="); if (name && name < loc) { name += 6; ! s = memchr(name, '\"', loc - name); ! if ( name == s ) { name++; s = memchr(name, '\"', loc - name); if(!s) { php_error(E_WARNING, "File Upload Mime headers garbled name: [%c%c%c%c%c]", *name, *(name + 1), *(name + 2), *(name + 3), *(name + 4)); SAFE_RETURN; } - } else if(!s) { - s = loc; } else { ! php_error(E_WARNING, "File Upload Mime headers garbled name: [%c%c%c%c%c]", *name, *(name + 1), *(name + 2), *(name + 3), *(name + 4)); ! SAFE_RETURN; } if (namebuf) { efree(namebuf); } namebuf = estrndup(name, s-name); --- 151,193 ---- } else { Done = 1; } break; case 1: /* Check content-disposition */ ! while (strncasecmp(ptr, "Content-Disposition: form-data;", 31)) { if (rem < 31) { SAFE_RETURN; } ! if (ptr[1] == '\n') { ! /* empty line as end of header found */ ! php_error(E_WARNING, "File Upload Mime headers garbled ptr: [%c%c%c%c%c]", *ptr, *(ptr + 1), *(ptr + 2), *(ptr + 3), *(ptr + 4)); ! SAFE_RETURN; ! } ! /* some other headerfield found, skip it */ ! loc = (char *) memchr(ptr, '\n', rem)+1; ! while (*loc == ' ' || *loc == '\t') ! /* other field is folded, skip it */ ! loc = (char *) memchr(loc, '\n', rem-(loc-ptr))+1; ! rem -= (loc - ptr); ! ptr = loc; } loc = memchr(ptr, '\n', rem); + while (loc[1] == ' ' || loc[1] == '\t') + /* field is folded, look for end */ + loc = memchr(loc+1, '\n', rem-(loc-ptr)-1); name = strstr(ptr, " name="); if (name && name < loc) { name += 6; ! if ( *name == '\"' ) { name++; s = memchr(name, '\"', loc - name); if(!s) { php_error(E_WARNING, "File Upload Mime headers garbled name: [%c%c%c%c%c]", *name, *(name + 1), *(name + 2), *(name + 3), *(name + 4)); SAFE_RETURN; } } else { ! s = strpbrk(name, " ()<>@,;:\\\"/[]?=\r\n"); } if (namebuf) { efree(namebuf); } namebuf = estrndup(name, s-name); *************** *** 185,197 **** if (lbuf) { efree(lbuf); } lbuf = emalloc(s-name + MAX_SIZE_OF_INDEX + 1); state = 2; ! loc2 = memchr(loc + 1, '\n', rem); ! rem -= (loc2 - ptr) + 1; ! ptr = loc2 + 1; /* is_arr_upload is true when name of file upload field * ends in [.*] * start_arr is set to point to 1st [ * end_arr points to last ] */ --- 194,210 ---- if (lbuf) { efree(lbuf); } lbuf = emalloc(s-name + MAX_SIZE_OF_INDEX + 1); state = 2; ! loc2 = loc; ! while (loc2[2] != '\n') { ! /* empty line as end of header not yet found */ ! loc2 = memchr(loc2 + 1, '\n', rem-(loc2-ptr)-1); ! } ! rem -= (loc2 - ptr) + 3; ! ptr = loc2 + 3; /* is_arr_upload is true when name of file upload field * ends in [.*] * start_arr is set to point to 1st [ * end_arr points to last ] */ I have tried some POST-bodies, one of them shown here: --xnyLAaB03X^M Content-Type: text/plain;^M charset=iso-8859-1^M Content-Disposition: form-data;^M name=postarg;^M x-info="Andreas Pistoor"^M ^M input^M --xnyLAaB03X--^M Kind regards Andreas Pistoor