From: Zeev Suraski <zeev@php.net>
Date: Mon, 4 Sep 2000 22:05:00 +0000 (+0000)
Subject: Prevent exploit in [tmp_name] as well
X-Git-Tag: php-4.0.3RC1~314
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5dca99232e64336a389c73d19342ab224074bc8b;p=php

Prevent exploit in [tmp_name] as well
---

diff --git a/main/rfc1867.c b/main/rfc1867.c
index 70ddeba927..183b1a8b86 100644
--- a/main/rfc1867.c
+++ b/main/rfc1867.c
@@ -358,6 +358,7 @@ static void php_mime_split(char *buf, int cnt, char *boundary, zval *array_ptr)
 					sprintf(lbuf, "%s[tmp_name]", namebuf);
 				}
 				register_http_post_files_variable(lbuf, fn, http_post_files ELS_CC PLS_CC);
+				add_protected_variable(lbuf PLS_CC);
 				{
 					zval file_size;