MFH: Fixed bug #27530 (broken http auth when safe_mode is on and PCRE is

disabled).

diff --git a/NEWS b/NEWS
index 8f6b753d05fdd94bbbf2ad5d2ace8de551270a9d..36ff3c49ab627d21caacad36d2b5318e7981c271 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,8 @@ PHP 4                                                                      NEWS
 ?? Feb 2004, Version 4.3.5
 - Fixed possible crashes inside socket extension, due to missing check inside
   allocation functions. (Ilia)
+- Fixed bug #27530 (broken http auth when safe_mode is on and PCRE is
+  disabled). (Ilia)
 - Fixed bug #27505 (htmlentities() does not handle BIG5 correctly). (Ilia, 
   ywliu at hotmail dot com)
 - Fixed bug #27460 (base64_decode() does not handle extra padding).

diff --git a/main/SAPI.c b/main/SAPI.c
index 6fca2f9fa1b9f87645ff55fd6cd98771e8a160d7..17c56af34d77c7f84505c1e35f47f86435bc3808 100644 (file)
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -647,14 +647,9 @@ SAPI_API int sapi_header_op(sapi_header_op_enum op, void *arg TSRMLS_DC)
 #else
                                {
                                        myuid = php_getuid();
-                                       result = emalloc(sizeof("WWW-Authenticate: ")+20);
-                                       newlen = sprintf(result, "WWW-Authenticate: %ld", myuid);       
-                                       newheader = estrndup(result,newlen);
                                        efree(header_line);
-                                       sapi_header.header = newheader;
-                                       sapi_header.header_len = newlen;
-                                       efree(result);
-                               } 
+                                       sapi_header.header_len = spprintf(&sapi_header.header, 0, "WWW-Authenticate: Basic realm=\"%ld\"", myuid);
+                               }
 #endif
                        }
                        if (sapi_header.header==header_line) {