From: Zeev Suraski Date: Tue, 12 Sep 2000 20:48:33 +0000 (+0000) Subject: - Made eval() and several other runtime-evaluated code portions report the X-Git-Tag: php-4.0.3RC1~156 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6c3d7449e12c7f6f82ce0c9d84afcecf6964d2c7;p=php - Made eval() and several other runtime-evaluated code portions report the nature and location of errors more accurately (Stas) --- diff --git a/NEWS b/NEWS index 8ad22116cf..8c141be367 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,8 @@ PHP 4.0 NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2000, Version 4.0.3-dev +- Made eval() and several other runtime-evaluated code portions report the + nature and location of errors more accurately (Stas) - Added an optional parameter to wordwrap that cuts a string if the length of a word is longer than the maximum allowed. (Derick) - Added functions pg_put_line and pg_end_copy (Dirk Elmendorf) @@ -344,7 +346,7 @@ PHP 4.0 NEWS (Patch by daniel.braun@ercom.fr) - Added extension YAZ (dickmeiss). - Fixed a crash bug triggered by certain cases of class redeclarations - (Stanislav & Zeev, Zend Engine) + (Stas & Zeev, Zend Engine) - Fixed min()/max() segfault. (Andrei) - New module for reading EXIF header data from JPEG files. Most digital cameras will embed all sorts of information about a picture inside the diff --git a/ext/pcre/php_pcre.c b/ext/pcre/php_pcre.c index 6a5a74de9c..68b112ab8f 100644 --- a/ext/pcre/php_pcre.c +++ b/ext/pcre/php_pcre.c @@ -544,6 +544,7 @@ static int preg_do_eval(char *eval_str, int eval_str_len, char *subject, int esc_match_len; /* Length of the quote-escaped match */ int result_len; /* Length of the result of the evaluation */ int backref; /* Current backref */ + char *compiled_string_description; CLS_FETCH(); ELS_FETCH(); @@ -578,11 +579,14 @@ static int preg_do_eval(char *eval_str, int eval_str_len, char *subject, } } + compiled_string_description = zend_make_compiled_string_description("regexp code"); /* Run the code */ - if (zend_eval_string(code, &retval CLS_CC ELS_CC) == FAILURE) { + if (zend_eval_string(code, &retval, compiled_string_description CLS_CC ELS_CC) == FAILURE) { + efree(compiled_string_description); zend_error(E_ERROR, "Failed evaluating code:\n%s\n", code); /* zend_error() does not return in this case */ } + efree(compiled_string_description); convert_to_string(&retval); /* Save the return value and its length */ diff --git a/ext/standard/assert.c b/ext/standard/assert.c index facd41548f..ce68c89360 100644 --- a/ext/standard/assert.c +++ b/ext/standard/assert.c @@ -138,6 +138,7 @@ PHP_FUNCTION(assert) int val; char *myeval = NULL; char *cbfunc; + char *compiled_string_description; CLS_FETCH(); ASSERTLS_FETCH(); @@ -160,10 +161,13 @@ PHP_FUNCTION(assert) EG(error_reporting) = 0; } - if (zend_eval_string(myeval, &retval CLS_CC ELS_CC) == FAILURE) { + compiled_string_description = zend_make_compiled_string_description("assert code"); + if (zend_eval_string(myeval, &retval, compiled_string_description CLS_CC ELS_CC) == FAILURE) { + efree(compiled_string_description); zend_error(E_ERROR, "Failure evaluating code:\n%s\n", myeval); /* zend_error() does not return in this case. */ } + efree(compiled_string_description); if (ASSERT(quiet_eval)) { EG(error_reporting) = old_error_reporting; diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index d047a59c75..70d63fa15e 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1691,6 +1691,7 @@ PHP_FUNCTION(highlight_string) { pval **expr; zend_syntax_highlighter_ini syntax_highlighter_ini; + char *hicompiled_string_description; if (ZEND_NUM_ARGS()!=1 || zend_get_parameters_ex(1, &expr)==FAILURE) { WRONG_PARAM_COUNT; @@ -1699,10 +1700,14 @@ PHP_FUNCTION(highlight_string) convert_to_string_ex(expr); php_get_highlight_struct(&syntax_highlighter_ini); + + hicompiled_string_description = zend_make_compiled_string_description("highlighted code"); - if (highlight_string(*expr, &syntax_highlighter_ini)==FAILURE) { + if (highlight_string(*expr, &syntax_highlighter_ini, hicompiled_string_description)==FAILURE) { + efree(hicompiled_string_description); RETURN_FALSE; } + efree(hicompiled_string_description); RETURN_TRUE; } /* }}} */ diff --git a/php.ini-dist b/php.ini-dist index 12096db572..1c5f107f3f 100644 --- a/php.ini-dist +++ b/php.ini-dist @@ -185,7 +185,14 @@ warn_plus_overloading = Off ; warn if the + operator is used with strings ;;;;;;;;;;;;;;;;; ; Data Handling ; ;;;;;;;;;;;;;;;;; +<<<<<<< php.ini-dist +track_vars = On ; enable the $HTTP_*_VARS[] arrays, where * is one of + ; ENV, POST, GET, COOKIE or SERVER. + ; This is the preferred way of accessing form variables, + ; and prevents common security bugs many developers tend to make. +======= ; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 +>>>>>>> 1.47 variables_order = "EGPCS" ; This directive describes the order in which PHP registers ; GET, POST, Cookie, Environment and Built-in variables (G, P, ; C, E & S respectively, often referred to as EGPCS or GPC).