From: Ilia Alshanetsky <iliaa@php.net>
Date: Sun, 1 Apr 2007 19:09:36 +0000 (+0000)
Subject: Fixed bug #40921 (php_default_post_reader crashes when post_max_size is
X-Git-Tag: php-5.2.2RC1~74
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f80afa623de934abc9d7cb8bc5975e2ee448e888;p=php

Fixed bug #40921 (php_default_post_reader crashes when post_max_size is
exceeded).
---

diff --git a/NEWS b/NEWS
index 6090b5dc8c..72c36cba02 100644
--- a/NEWS
+++ b/NEWS
@@ -37,6 +37,8 @@ PHP                                                                        NEWS
 - Fixed zend_llist_remove_tail (Michael Wallner, Dmitry)
 - Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek)
 - Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre)
+- Fixed bug #40921 (php_default_post_reader crashes when post_max_size is
+  exceeded). (trickie at gmail dot com, Ilia)
 - Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony)
 - Fixed bug #40899 (memory leak when nesting list()). (Dmitry)
 - Fixed bug #40883 (mysql_query() is allocating memory incorrectly). (Tony)
diff --git a/main/php_content_types.c b/main/php_content_types.c
index 922fc2c157..306645b6fa 100644
--- a/main/php_content_types.c
+++ b/main/php_content_types.c
@@ -42,7 +42,7 @@ SAPI_API SAPI_POST_READER_FUNC(php_default_post_reader)
 
 	/* $HTTP_RAW_POST_DATA registration */
 	if(!strcmp(SG(request_info).request_method, "POST")) {
-		if(NULL == SG(request_info).post_entry) {
+		if(NULL == SG(request_info).post_entry && SG(request_info).post_data) {
 			/* no post handler registered, so we just swallow the data */
 			sapi_read_standard_form_data(TSRMLS_C);
 			length = SG(request_info).post_data_length;