[PATCH 1/3] Fix multiple pieces of code in lsapilib.c.

10 years ago by Joshua Rogers — view source — reply

unread

These issues are not serious(only triggerable by the runner/caller of the PHP program), so no need to make them private.

sapi/litespeed/lsapilib.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/sapi/litespeed/lsapilib.c b/sapi/litespeed/lsapilib.c
index 2e60701..16aade0 100644
--- a/sapi/litespeed/lsapilib.c
+++ b/sapi/litespeed/lsapilib.c
@@ -1872,10 +1872,12 @@ static char * GetHeaderVar( LSAPI_Request * pReq, const char * name )

char * LSAPI_GetEnv_r( LSAPI_Request * pReq, const char * name )
{

if ( !pReq || !name )
return NULL;
struct LSAPI_key_value_pair * pBegin = pReq->m_pEnvList;
struct LSAPI_key_value_pair * pEnd = pBegin + pReq->m_pHeader->m_cntEnv;

if ( !pReq || !name )
```
   return NULL;
```

if ( strncmp( name, "HTTP_", 5 ) == 0 )
{
return GetHeaderVar( pReq, name );
@@ -2282,7 +2284,7 @@ int LSAPI_ParseSockAddr( const char * pBind, struct sockaddr * pAddr )
while( isspace( *pBind ) )
++pBind;

strncpy( achAddr, pBind, 256 );

strncpy( achAddr, pBind, sizeof(pBind) );

switch( *p )
{
@@ -3112,6 +3114,10 @@ static int lsapi_initSuEXEC()
if ( !s_defaultUid || !s_defaultGid )
{
pw = getpwnam( "nobody" );
if(!pw) {

  perror( "Can't get uid for user 'nobody'" );

```
  return -1;
```
}
if ( !s_defaultUid )
s_defaultUid = pw->pw_uid;
if ( !s_defaultGid )
@@ -3376,7 +3382,7 @@ void lsapi_MD5Final(unsigned char digest[16], struct lsapi_MD5Context *ctx)
lsapi_MD5Transform(ctx->buf, (uint32 *) ctx->in);
byteReverse((unsigned char *) ctx->buf, 4);
memmove(digest, ctx->buf, 16);

memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */

memset(ctx, 0, sizeof(ctx)); / In case it's sensitive */
}

/* The four core functions - F1 is optimized somewhat */

1.9.1

10 years ago by Joshua Rogers — view source — reply

unread

These issues are not serious(only triggerable by the runner/caller of the PHP program), so no need to make them private.

sapi/litespeed/lsapi_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sapi/litespeed/lsapi_main.c b/sapi/litespeed/lsapi_main.c
index 2b2385c..d767306 100644
--- a/sapi/litespeed/lsapi_main.c
+++ b/sapi/litespeed/lsapi_main.c
@@ -487,7 +487,7 @@ static int lsapi_chdir_primary_script( zend_file_handle * file_handle )
getcwd( s_cur_chdir, sizeof( s_cur_chdir ) );

 p = strrchr( file_handle->filename, '/' );

if ( *p )

if ( p )
{
*p = 0;
if ( strcmp( file_handle->filename, s_cur_chdir ) != 0 ) {
--
1.9.1

10 years ago by Xinchen Hui — view source — reply

unread

Hey:

These issues are not serious(only triggerable by the runner/caller of the PHP program), so no need to make them private.

sapi/litespeed/lsapi_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sapi/litespeed/lsapi_main.c b/sapi/litespeed/lsapi_main.c
index 2b2385c..d767306 100644
--- a/sapi/litespeed/lsapi_main.c
+++ b/sapi/litespeed/lsapi_main.c
@@ -487,7 +487,7 @@ static int lsapi_chdir_primary_script( zend_file_handle * file_handle )
getcwd( s_cur_chdir, sizeof( s_cur_chdir ) );
 p = strrchr( file_handle->filename, '/' );
if ( *p )

if ( p )
{
*p = 0;
if ( strcmp( file_handle->filename, s_cur_chdir ) != 0 ) {
--
1.9.1

thanks for the recently great reporting..

myabe, you could send these patch via bugs.php.net, or github PR?

it's better than mails :)

thanks

--

--
Xinchen Hui
@Laruence
http://www.laruence.com/

10 years ago by Joshua Rogers — view source — reply

unread

Hi,

myabe, you could send these patch via bugs.php.net, or github PR?

it's better than mails :)
Yes, I also submit them to php-src. -
https://github.com/php/php-src/pull/1014
I send them to internals@ for if people want to comment on it.
But, as suggested to me in private, I probably won't be submitting
'smaller' patches such as this one via email, since it just clogs up the
emails and wastes bandwidth.

Thanks,

-- Joshua Rogers <https://internot.info/

10 years ago by Joshua Rogers — view source — reply

unread

These issues are not serious(only triggerable by the runner/caller of the PHP program), so no need to make them private.

sapi/litespeed/lsapi_main.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/sapi/litespeed/lsapi_main.c b/sapi/litespeed/lsapi_main.c
index d767306..8144706 100644
--- a/sapi/litespeed/lsapi_main.c
+++ b/sapi/litespeed/lsapi_main.c
@@ -716,6 +716,7 @@ static int parse_opt( int argc, char * argv[], int *climode,
case '?':
if ( (((p-1))+2) == 's' )
exit( 99 );

       break;
   case 'h':
   case 'i':
   case 'l':

--
1.9.1