- CGI:
. Fix bug #68618 (out of bounds read crashes php-cgi). (Stas)
+- CLI server:
+ . Fix bug #68745 (Invalid HTTP requests make web server segfault). (Adam)
+
- cURL:
. Fixed bug #67643 (curl_multi_getcontent returns '' when
CURLOPT_RETURNTRANSFER isn't set). (Jille Timmermans)
{
char *new_val = (char *)val;
uint new_val_len;
+
+ if (NULL == val) {
+ return;
+ }
+
if (sapi_module.input_filter(PARSE_SERVER, (char*)key, &new_val, strlen(val), &new_val_len TSRMLS_CC)) {
php_register_variable_safe((char *)key, new_val, new_val_len, track_vars_array TSRMLS_CC);
}
--- /dev/null
+--TEST--
+Bug #68745 (Invalid HTTP requests make web server segfault)
+--SKIPIF--
+<?php
+include "skipif.inc";
+?>
+--FILE--
+<?php
+include "php_cli_server.inc";
+php_cli_server_start('var_dump(count($_SERVER));', 'not-index.php');
+
+list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
+$port = intval($port)?:80;
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+ die("connect failed");
+}
+
+if(fwrite($fp, "GET www.example.com:80 HTTP/1.1\r\n\r\n")) {
+ while (!feof($fp)) {
+ echo fgets($fp);
+ }
+}
+
+fclose($fp);
+?>
+--EXPECTF--
+HTTP/1.1 200 OK
+Connection: close
+X-Powered-By: %s
+Content-type: text/html
+
+int(%d)
projects / php / commitdiff