From: Ilia Alshanetsky Date: Tue, 9 Jan 2007 23:27:22 +0000 (+0000) Subject: Fixed bug #40079 (php_get_current_user() not thread safe). X-Git-Tag: php-5.2.1RC3~62 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=78ca1de763ef2019c70694c9abe11d012eec377e;p=php Fixed bug #40079 (php_get_current_user() not thread safe). # Original patch from wharmby at uk dot ibm dot com --- diff --git a/NEWS b/NEWS index d94e3feeb6..e8caab387a 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,8 @@ PHP NEWS - Added CURLOPT_TCP_NODELAY constant to Curl extension. (Sara) - Improved proc_open(). Now on Windows it can run external commands not through CMD.EXE. (Dmitry) +- Fixed bug #40079 (php_get_current_user() not thread safe). (Ilia, wharmby + at uk dot ibm dot com) - Fixed bug #40076 (zend_alloc.c: Value of enumeration constant must be in range of signed integer). (Dmitry) - Fixed bug #40073 (exif_read_data dies on certain images). (Tony, Marcus) diff --git a/configure.in b/configure.in index 58104ec816..c8eefea911 100644 --- a/configure.in +++ b/configure.in @@ -483,6 +483,7 @@ gettimeofday \ gmtime_r \ getpwnam_r \ getgrnam_r \ +getpwuid_r \ grantpt \ inet_ntoa \ inet_ntop \ diff --git a/main/safe_mode.c b/main/safe_mode.c index 761afcb1ab..d87c3f3e3f 100644 --- a/main/safe_mode.c +++ b/main/safe_mode.c @@ -228,12 +228,27 @@ PHPAPI char *php_get_current_user() return SG(request_info).current_user; #else struct passwd *pwd; +#ifdef HAVE_GETPWUID_R + struct passwd _pw; + struct passwd *retpwptr = NULL; + int pwbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); + char *pwbuf = emalloc(pwbuflen); + if (getpwuid_r(pstat->st_uid, &_pw, pwbuf, pwbuflen, &retpwptr) != 0) { + efree(pwbuf); + return ""; + } + pwd = &_pw; +#else if ((pwd=getpwuid(pstat->st_uid))==NULL) { return ""; } +#endif SG(request_info).current_user_length = strlen(pwd->pw_name); SG(request_info).current_user = estrndup(pwd->pw_name, SG(request_info).current_user_length); +#ifdef HAVE_GETPWUID_R + efree(pwbuf); +#endif return SG(request_info).current_user; #endif }