]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 60825fa)
Prevent exploit in [tmp_name] as well
authorZeev Suraski <zeev@php.net>
Mon, 4 Sep 2000 22:05:00 +0000 (22:05 +0000)
committerZeev Suraski <zeev@php.net>
Mon, 4 Sep 2000 22:05:00 +0000 (22:05 +0000)
main/rfc1867.c patch | blob | history

diff --git a/main/rfc1867.c b/main/rfc1867.c
index 70ddeba927f50492280c37c7f2468994626d504e..183b1a8b86ba8e16c88df954dc7c7b692b21f8ae 100644 (file)
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -358,6 +358,7 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
                                        sprintf(lbuf, "%s[tmp_name]", namebuf);
                                }
                                register_http_post_files_variable(lbuf, fn, http_post_files ELS_CC PLS_CC);
+                               add_protected_variable(lbuf PLS_CC);
                                {
                                        zval file_size;
 
Unnamed repository; edit this file 'description' to name the repository.