From 0e9275fb37afa8cc8fc48c9cea3f30e6ec18b6a3 Mon Sep 17 00:00:00 2001
From: Ilia Alshanetsky <iliaa@php.net>
Date: Tue, 9 Mar 2004 02:24:20 +0000
Subject: [PATCH] MFH: Fixed bug #27530 (broken http auth when safe_mode is on
 and PCRE is disabled).

---
 NEWS        | 2 ++
 main/SAPI.c | 9 ++-------
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/NEWS b/NEWS
index 8f6b753d05..36ff3c49ab 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,8 @@ PHP 4                                                                      NEWS
 ?? Feb 2004, Version 4.3.5
 - Fixed possible crashes inside socket extension, due to missing check inside
   allocation functions. (Ilia)
+- Fixed bug #27530 (broken http auth when safe_mode is on and PCRE is
+  disabled). (Ilia)
 - Fixed bug #27505 (htmlentities() does not handle BIG5 correctly). (Ilia, 
   ywliu at hotmail dot com)
 - Fixed bug #27460 (base64_decode() does not handle extra padding).
diff --git a/main/SAPI.c b/main/SAPI.c
index 6fca2f9fa1..17c56af34d 100644
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -647,14 +647,9 @@ SAPI_API int sapi_header_op(sapi_header_op_enum op, void *arg TSRMLS_DC)
 #else
 				{
 					myuid = php_getuid();
-					result = emalloc(sizeof("WWW-Authenticate: ")+20);
-					newlen = sprintf(result, "WWW-Authenticate: %ld", myuid);	
-					newheader = estrndup(result,newlen);
 					efree(header_line);
-					sapi_header.header = newheader;
-					sapi_header.header_len = newlen;
-					efree(result);
-				} 
+					sapi_header.header_len = spprintf(&sapi_header.header, 0, "WWW-Authenticate: Basic realm=\"%ld\"", myuid);
+				}
 #endif
 			}
 			if (sapi_header.header==header_line) {
-- 
2.50.1