php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login | |
Patch CVE-2012-1823.patch for CGI/CLI related Bug #61910Patch version 2012-05-05 20:59 UTC Return to Bug #61910 | Download this patchThis patch renders other patches obsolete Obsolete patches: Patch Revisions:Developer: tyukish@parallels.com--- sapi/cgi/cgi_main.c 2012-05-06 02:55:53.245904037 +0700 +++ sapi/cgi/cgi_main.c 2012-05-06 02:58:40.703986027 +0700 @@ -62,6 +62,7 @@ #include "php_main.h" #include "fopen_wrappers.h" #include "ext/standard/php_standard.h" +#include "ext/standard/url.h" #ifdef PHP_WIN32 #include <io.h> #include <fcntl.h> @@ -1354,6 +1355,9 @@ int main(int argc, char *argv[]) #endif #endif /* PHP_FASTCGI */ + char *query_string; + char *decoded_query_string; + int skip_getopt = 0; #if 0 && defined(PHP_DEBUG) /* IIS is always making things more difficult. This allows us to stop PHP and attach a debugger before much gets started */ @@ -1406,8 +1410,15 @@ int main(int argc, char *argv[]) #if PHP_FASTCGI } #endif - - while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0)) != -1) { + if(query_string = getenv("QUERY_STRING")) { + decoded_query_string = strdup(query_string); + php_url_decode(decoded_query_string, strlen(decoded_query_string)); + if(*decoded_query_string == '-' && strchr(query_string, '=') == NULL) { + skip_getopt = 1; + } + free(decoded_query_string); + } + while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0)) != -1) { switch (c) { case 'c': if (cgi_sapi_module.php_ini_path_override) { @@ -1661,7 +1672,7 @@ consult the installation file that came #endif /* FASTCGI */ zend_first_try { - while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 1)) != -1) { + while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 1)) != -1) { switch (c) { #if PHP_FASTCGI case 'T': |
Copyright © 2001-2024 The PHP Group All rights reserved. |
Last updated: Tue Dec 03 17:01:29 2024 UTC |