From: Ilia Alshanetsky <iliaa@php.net>
Date: Thu, 28 Feb 2008 00:52:11 +0000 (+0000)
Subject: MFB:  Fixed security issue detailed in CVE-2008-0599
X-Git-Tag: RELEASE_2_0_0a1~305
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9737e9ee3bd82db9dd49449c00c0d3542ee47f41;p=php

MFB:  Fixed security issue detailed in CVE-2008-0599
---

diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c
index 7efaa8c2ed..5252d996cf 100644
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -1111,7 +1111,7 @@ static void init_request_info(TSRMLS_D)
 						) {
 							/* PATH_TRANSLATED = PATH_TRANSLATED - SCRIPT_NAME + PATH_INFO */
 							int ptlen = strlen(pt) - strlen(env_script_name);
-							int path_translated_len = ptlen + env_path_info ? strlen(env_path_info) : 0;
+							int path_translated_len = ptlen + (env_path_info ? strlen(env_path_info) : 0);
 							char *path_translated = NULL;
 
 							path_translated = (char *) emalloc(path_translated_len + 1);