Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

HTTP_RAW_POST_DATA BC fixes

# hopefully all done, commiting anyway to continue work on my home box
php://input stream fixes (POST data handerl mangles data, CLI crashbug)
  • Loading branch information...
commit be5e379ec6c5836e26713683731e747d8ec84f02 1 parent ef7bd02
Hartmut Holzgraefe authored
View
12 ext/standard/php_fopen_wrapper.c
@@ -75,22 +75,24 @@ static size_t php_stream_input_read(php_stream *stream, char *buf, size_t count
{
size_t read_bytes = 0;
if(!stream->eof) {
- if(SG(request_info).post_data) { /* data has already been read by a post handler */
- read_bytes = SG(request_info).post_data_length - stream->position;
+ if(SG(request_info).raw_post_data) { /* data has already been read by a post handler */
+ read_bytes = SG(request_info).raw_post_data_length - stream->position;
if(read_bytes <= count) {
stream->eof = 1;
} else {
read_bytes = count;
}
if(read_bytes) {
- memcpy(buf, SG(request_info).post_data + stream->position, read_bytes);
+ memcpy(buf, SG(request_info).raw_post_data + stream->position, read_bytes);
}
- } else {
+ } else if(sapi_module.read_post) {
read_bytes = sapi_module.read_post(buf, count TSRMLS_CC);
if(read_bytes <= 0){
stream->eof = 1;
read_bytes = 0;
}
+ } else {
+ stream->eof = 1;
}
}
@@ -133,7 +135,7 @@ php_stream * php_stream_url_wrap_php(php_stream_wrapper *wrapper, char *path, ch
if (!strcasecmp(path, "input")) {
return php_stream_alloc(&php_stream_input_ops, NULL, 0, "rb");
- }
+ }
if (!strcasecmp(path, "stdin")) {
fp = fdopen(dup(STDIN_FILENO), mode);
View
8 main/SAPI.c
@@ -174,7 +174,7 @@ static void sapi_read_post_data(TSRMLS_D)
post_reader_func(TSRMLS_C);
}
- if(PG(always_populate_raw_post_data) && sapi_module.default_post_reader) {
+ if(sapi_module.default_post_reader) {
sapi_module.default_post_reader(TSRMLS_C);
}
}
@@ -294,6 +294,7 @@ SAPI_API void sapi_activate(TSRMLS_D)
SG(headers_sent) = 0;
SG(read_post_bytes) = 0;
SG(request_info).post_data = NULL;
+ SG(request_info).raw_post_data = NULL;
SG(request_info).current_user = NULL;
SG(request_info).current_user_length = 0;
SG(request_info).no_headers = 0;
@@ -355,13 +356,16 @@ SAPI_API void sapi_deactivate(TSRMLS_D)
efree(SG(request_info).post_data);
} else if (SG(server_context)) {
if(sapi_module.read_post) {
- // make sure we've consumed all request input data
+ /* make sure we've consumed all request input data */
char dummy[SAPI_POST_BLOCK_SIZE];
while(sapi_module.read_post(dummy, sizeof(dummy)-1 TSRMLS_CC) > 0) {
/* empty loop body */
}
}
}
+ if (SG(request_info).raw_post_data) {
+ efree(SG(request_info).raw_post_data);
+ }
if (SG(request_info).auth_user) {
efree(SG(request_info).auth_user);
}
View
4 main/SAPI.h
@@ -71,10 +71,10 @@ extern SAPI_API sapi_module_struct sapi_module; /* true global */
typedef struct {
const char *request_method;
char *query_string;
- char *post_data;
+ char *post_data, *raw_post_data;
char *cookie_data;
long content_length;
- uint post_data_length;
+ uint post_data_length, raw_post_data_length;
char *path_translated;
char *request_uri;
View
38 main/php_content_types.c
@@ -38,25 +38,35 @@ static sapi_post_entry php_post_entries[] = {
SAPI_API SAPI_POST_READER_FUNC(php_default_post_reader)
{
char *data = NULL;
+ int length = 0;
- if(PG(always_populate_raw_post_data)) {
- if(NULL == SG(request_info).post_data) { /* no data yet */
- if(NULL == SG(request_info).post_entry) {
- /* no post handler registered, so we just swallow the data */
- sapi_read_standard_form_data(TSRMLS_C);
- data = SG(request_info).post_data;
- SG(request_info).post_data = NULL;
- SG(request_info).post_data_length = 0;
- }
- } else {
- /* copy existing post data */
- data = estrndup(SG(request_info).post_data, SG(request_info).post_data_length);
+ // $HTTP_RAW_POST_DATA registration
+ if(!strcmp(SG(request_info).request_method, "POST")) {
+ if(NULL == SG(request_info).post_entry) {
+ /* no post handler registered, so we just swallow the data */
+ sapi_read_standard_form_data(TSRMLS_C);
+ length = SG(request_info).post_data_length;
+ data = estrndup(SG(request_info).post_data, length);
+ } else if(PG(always_populate_raw_post_data) && SG(request_info).post_data) {
+ length = SG(request_info).post_data_length;
+ data = estrndup(SG(request_info).post_data, length);
}
-
if(data) {
- SET_VAR_STRINGL("HTTP_RAW_POST_DATA", data, SG(request_info).post_data_length);
+ SET_VAR_STRINGL("HTTP_RAW_POST_DATA", data, length);
}
}
+
+ /* for php://input stream:
+ some post handlers modify the content of request_info.post_data
+ so for now we need a copy for the php://input stream
+ in the long run post handlers should be changed to not touch
+ request_info.post_data for memory preservation reasons
+ */
+ if(SG(request_info).post_data) {
+ SG(request_info).raw_post_data = estrndup(SG(request_info).post_data, SG(request_info).post_data_length);
+ SG(request_info).raw_post_data_length = SG(request_info).post_data_length;
+ }
+
}
/* }}} */
Please sign in to comment.
Something went wrong with that request. Please try again.