]> granicus.if.org Git - php/commitdiff
If we have a text/html file with the executable bit set, we load up the
authorRasmus Lerdorf <rasmus@php.net>
Wed, 28 Jan 2004 17:42:20 +0000 (17:42 +0000)
committerRasmus Lerdorf <rasmus@php.net>
Wed, 28 Jan 2004 17:42:20 +0000 (17:42 +0000)
current ini, but if php's xbithack option is not set we forgot to restore
the previous ini settings potentially leaking ini settings from one request
to the next.  Closes bug #25753 and a few others.

sapi/apache/mod_php4.c

index 8c6a4e2b0f81aa511fce1183a3e6d71b384c9bed..ac313c75d5e153f37edf4a6453b1b575d367cef1 100644 (file)
@@ -830,6 +830,9 @@ static int php_xbithack_handler(request_rec * r)
        }
        if(!AP(xbithack)) {
                r->allowed |= (1 << METHODS) - 1;
+               zend_try {
+                       zend_ini_deactivate(TSRMLS_C);
+               } zend_end_try();
                return DECLINED;
        }
        return send_parsed_php(r);