From: Ilia Alshanetsky <iliaa@php.net>
Date: Thu, 28 Feb 2008 00:51:56 +0000 (+0000)
Subject: MFB:  Fixed security issue detailed in CVE-2008-0599
X-Git-Tag: BEFORE_NEW_PARAMETER_PARSE~727
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=183267dc2916d1bcd7673fc8285f3fc1fc414462;p=php

MFB:  Fixed security issue detailed in CVE-2008-0599
---

diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index 257e6fcbb4..86efb43b2a 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1101,7 +1101,7 @@ static void init_request_info(TSRMLS_D)
 						) {
 							/* PATH_TRANSLATED = PATH_TRANSLATED - SCRIPT_NAME + PATH_INFO */
 							int ptlen = strlen(pt) - strlen(env_script_name);
-							int path_translated_len = ptlen + env_path_info ? strlen(env_path_info) : 0;
+							int path_translated_len = ptlen + (env_path_info ? strlen(env_path_info) : 0);
 							char *path_translated = NULL;
 
 							path_translated = (char *) emalloc(path_translated_len + 1);