SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
{
- char *var, *val;
- char *strtok_buf = NULL;
+ char *var, *val, *e, *s, *p;
zval *array_ptr = (zval *) arg;
UConverter *input_conv = UG(http_input_encoding_conv);
input_conv = ZEND_U_CONVERTER(UG(output_encoding_conv));
}
- var = php_strtok_r(SG(request_info).post_data, "&", &strtok_buf);
+ s = SG(request_info).post_data;
+ e = s + SG(request_info).post_data_length;
- while (var) {
- val = strchr(var, '=');
- if (val) { /* have a value */
+ while (s < e && (p = memchr(s, '&', (e - s)))) {
+last_value:
+ if ((val = memchr(s, '=', (p - s)))) { /* have a value */
if (UG(unicode)) {
UChar *u_var, *u_val;
int u_var_len, u_val_len;
int val_len;
UErrorCode status1 = U_ZERO_ERROR, status2 = U_ZERO_ERROR;
- *val++ = '\0';
- var_len = strlen(var);
+ var = s;
+ var_len = val - s;
+
php_url_decode(var, var_len);
- val_len = php_url_decode(val, strlen(val));
+ val++;
+ val_len = php_url_decode(val, (p - val));
zend_convert_to_unicode(input_conv, &u_var, &u_var_len, var, var_len, &status1);
zend_convert_to_unicode(input_conv, &u_val, &u_val_len, val, val_len, &status2);
if (U_SUCCESS(status1) && U_SUCCESS(status2)) {
} else {
unsigned int val_len, new_val_len;
- *val++ = '\0';
- php_url_decode(var, strlen(var));
- val_len = php_url_decode(val, strlen(val));
+ var = s;
+
+ php_url_decode(var, (val - s));
+ val++;
+ val_len = php_url_decode(val, (p - val));
val = estrndup(val, val_len);
if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
efree(val);
}
}
- var = php_strtok_r(NULL, "&", &strtok_buf);
+ s = p + 1;
+ }
+ if (s < e) {
+ p = e;
+ goto last_value;
}
}
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
#include "ext/mbstring/mbstring.h"
-static void safe_php_register_variable(char *var, char *strval, zval *track_vars_array, zend_bool override_protection TSRMLS_DC);
+static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC);
void php_mb_flush_gpc_variables(int num_vars, char **val_list, int *len_list, zval *array_ptr TSRMLS_DC)
{
php_mb_gpc_encoding_converter(val_list, len_list, num_vars, NULL, NULL TSRMLS_CC);
}
for (i=0; i<num_vars; i+=2){
- safe_php_register_variable(val_list[i], val_list[i+1], array_ptr, 0 TSRMLS_CC);
+ safe_php_register_variable(val_list[i], val_list[i+1], len_list[i+1], array_ptr, 0 TSRMLS_CC);
efree(val_list[i]);
efree(val_list[i+1]);
}
}
-static void safe_php_register_variable(char *var, char *strval, zval *track_vars_array, zend_bool override_protection TSRMLS_DC)
+static void safe_php_register_variable(char *var, char *strval, int val_len, zval *track_vars_array, zend_bool override_protection TSRMLS_DC)
{
if (override_protection || !is_protected_variable(var TSRMLS_CC)) {
- php_register_variable(var, strval, track_vars_array TSRMLS_CC);
+ php_register_variable_safe(var, strval, val_len, track_vars_array TSRMLS_CC);
}
}
static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC)
{
- safe_php_register_variable(strvar, val, http_post_files, override_protection TSRMLS_CC);
+ safe_php_register_variable(strvar, val, strlen(val), http_post_files, override_protection TSRMLS_CC);
}
XXX: this is horrible memory-usage-wise, but we only expect
to do this on small pieces of form data.
*/
-static char *multipart_buffer_read_body(multipart_buffer *self TSRMLS_DC)
+static char *multipart_buffer_read_body(multipart_buffer *self, unsigned int *len TSRMLS_DC)
{
char buf[FILLUNIT], *out=NULL;
int total_bytes=0, read_bytes=0;
}
if (out) out[total_bytes] = '\0';
+ *len = total_bytes;
return out;
}
if (!filename && param) {
UChar *u_val;
int32_t u_val_len;
+ unsigned int value_len;
UErrorCode status = U_ZERO_ERROR;
- char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
+ char *value = multipart_buffer_read_body(mbuff, &value_len TSRMLS_CC);
/* unsigned int new_val_len; Dummy variable */
if (value) {
/* UTODO use 'charset' parameter for conversion */
- zend_convert_to_unicode(input_conv, &u_val, &u_val_len, value, strlen(value), &status);
+ zend_convert_to_unicode(input_conv, &u_val, &u_val_len, value, value_len, &status);
if (U_FAILURE(status)) {
/* UTODO set a user-accessible flag to indicate that conversion failed? */
goto var_done;
/* Normal form variable, safe to read all data into memory */
if (!filename && param) {
-
- char *value = multipart_buffer_read_body(mbuff TSRMLS_CC);
+ unsigned int value_len;
+ char *value = multipart_buffer_read_body(mbuff, &value_len TSRMLS_CC);
unsigned int new_val_len; /* Dummy variable */
if (!value) {
value = estrdup("");
}
- if (sapi_module.input_filter(PARSE_POST, param, &value, strlen(value), &new_val_len TSRMLS_CC)) {
+ if (sapi_module.input_filter(PARSE_POST, param, &value, value_len, &new_val_len TSRMLS_CC)) {
#if HAVE_MBSTRING && !defined(COMPILE_DL_MBSTRING)
if (php_mb_encoding_translation(TSRMLS_C)) {
php_mb_gpc_stack_variable(param, value, &val_list, &len_list,
&num_vars, &num_vars_max TSRMLS_CC);
} else {
- safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
+ safe_php_register_variable(param, value, value_len, array_ptr, 0 TSRMLS_CC);
}
#else
- safe_php_register_variable(param, value, array_ptr, 0 TSRMLS_CC);
+ safe_php_register_variable(param, value, value_len, array_ptr, 0 TSRMLS_CC);
#endif
}
if (!strcasecmp(param, "MAX_FILE_SIZE")) {
if (!is_anonymous) {
if (s && s > filename) {
- safe_php_register_variable(lbuf, s+1, NULL, 0 TSRMLS_CC);
+ safe_php_register_variable(lbuf, s+1, strlen(s+1), NULL, 0 TSRMLS_CC);
} else {
- safe_php_register_variable(lbuf, filename, NULL, 0 TSRMLS_CC);
+ safe_php_register_variable(lbuf, filename, strlen(filename), NULL, 0 TSRMLS_CC);
}
}
sprintf(lbuf, "%s_type", param);
}
if (!is_anonymous) {
- safe_php_register_variable(lbuf, cd, NULL, 0 TSRMLS_CC);
+ safe_php_register_variable(lbuf, cd, strlen(cd), NULL, 0 TSRMLS_CC);
}
/* Add $foo[type] */
/* if param is of form xxx[.*] this will cut it to xxx */
if (!is_anonymous) {
- safe_php_register_variable(param, temp_filename, NULL, 1 TSRMLS_CC);
+ safe_php_register_variable(param, temp_filename, strlen(temp_filename), NULL, 1 TSRMLS_CC);
}
/* Add $foo[tmp_name] */
projects / php / commitdiff