From: Stanislav Malyshev Date: Tue, 29 Sep 2020 04:42:19 +0000 (-0700) Subject: Merge branch 'PHP-7.3' into PHP-7.4 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c4dc080245006e011a484ca609b9d4eaa6cc4963;p=php Merge branch 'PHP-7.3' into PHP-7.4 * PHP-7.3: Update UPGRADING Update NEWS & UPGRADING Do not decode cookie names anymore Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV) --- c4dc080245006e011a484ca609b9d4eaa6cc4963 diff --cc main/php_variables.c index 1a40c2a19f,ca015352d2..cbdc7cf171 --- a/main/php_variables.c +++ b/main/php_variables.c @@@ -500,25 -497,33 +500,27 @@@ SAPI_API SAPI_TREAT_DATA_FUNC(php_defau } if (val) { /* have a value */ - size_t val_len; - size_t new_val_len; *val++ = '\0'; - if (arg != PARSE_COOKIE) { - php_url_decode(var, strlen(var)); - } - val_len = php_url_decode(val, strlen(val)); - val = estrndup(val, val_len); - if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) { - php_register_variable_safe(var, val, new_val_len, &array); + + if (arg == PARSE_COOKIE) { + val_len = php_raw_url_decode(val, strlen(val)); + } else { + val_len = php_url_decode(val, strlen(val)); } - efree(val); } else { - size_t val_len; - size_t new_val_len; + val = ""; + val_len = 0; + } - if (arg != PARSE_COOKIE) { - php_url_decode(var, strlen(var)); - } - val_len = 0; - val = estrndup("", val_len); - if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) { - php_register_variable_safe(var, val, new_val_len, &array); - } - efree(val); + val = estrndup(val, val_len); - php_url_decode(var, strlen(var)); ++ if (arg != PARSE_COOKIE) { ++ php_url_decode(var, strlen(var)); + } + if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) { + php_register_variable_safe(var, val, new_val_len, &array); + } + efree(val); next_cookie: var = php_strtok_r(NULL, separator, &strtok_buf); }