File: php5-CVE-2012-0831.patch

package info (click to toggle)
php5 5.3.3-7%2Bsqueeze19
  • links: PTS, VCS
  • area: main
  • in suites: squeeze
  • size: 122,836 kB
  • ctags: 55,742
  • sloc: ansic: 633,963; php: 19,620; sh: 11,344; xml: 5,816; cpp: 2,400; yacc: 1,745; exp: 1,514; makefile: 1,019; pascal: 623; awk: 537; sql: 22
file content (107 lines) | stat: -rw-r--r-- 4,294 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
Origin: http://svn.php.net/viewvc?view=revision&revision=323016
Subject: Always restore PG(magic_quote_gpc) on request shutdown

CVE-2012-0831

---
 main/php_variables.c    |    9 +++++++--
 sapi/cgi/cgi_main.c     |    4 +++-
 sapi/fpm/fpm/fpm_main.c |    4 +++-
 3 files changed, 13 insertions(+), 4 deletions(-)

--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@@ -642,7 +642,9 @@ void cgi_php_import_environment_variable
 		int filter_arg = (array_ptr == PG(http_globals)[TRACK_VARS_ENV])?PARSE_ENV:PARSE_SERVER;
 
 		/* turn off magic_quotes while importing environment variables */
-		PG(magic_quotes_gpc) = 0;
+		if (magic_quotes_gpc) {
+			zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+		}
 		for (zend_hash_internal_pointer_reset_ex(request->env, &pos);
 			zend_hash_get_current_key_ex(request->env, &var, &var_len, &idx, 0, &pos) == HASH_KEY_IS_STRING &&
 			zend_hash_get_current_data_ex(request->env, (void **) &val, &pos) == SUCCESS;
@@ -654,7 +656,9 @@ void cgi_php_import_environment_variable
 				php_register_variable_safe(var, *val, new_val_len, array_ptr TSRMLS_CC);
 			}
 		}
-		PG(magic_quotes_gpc) = magic_quotes_gpc;
+		if (magic_quotes_gpc) {
+			zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "1", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+		}
 	}
 }
 
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
@@ -624,7 +624,9 @@ void cgi_php_import_environment_variable
 		int filter_arg = (array_ptr == PG(http_globals)[TRACK_VARS_ENV])?PARSE_ENV:PARSE_SERVER;
 
 		/* turn off magic_quotes while importing environment variables */
-		PG(magic_quotes_gpc) = 0;
+		if (magic_quotes_gpc) {
+			zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+		}
 		for (zend_hash_internal_pointer_reset_ex(request->env, &pos);
 			zend_hash_get_current_key_ex(request->env, &var, &var_len, &idx, 0, &pos) == HASH_KEY_IS_STRING &&
 			zend_hash_get_current_data_ex(request->env, (void **) &val, &pos) == SUCCESS;
@@ -636,7 +638,9 @@ void cgi_php_import_environment_variable
 				php_register_variable_safe(var, *val, new_val_len, array_ptr TSRMLS_CC);
 			}
 		}
-		PG(magic_quotes_gpc) = magic_quotes_gpc;
+		if (magic_quotes_gpc) {
+			zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "1", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+		}
 	}
 }
 
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -457,7 +457,10 @@ void _php_import_environment_variables(z
 
 	/* turn off magic_quotes while importing environment variables */
 	int magic_quotes_gpc = PG(magic_quotes_gpc);
-	PG(magic_quotes_gpc) = 0;
+
+	if (magic_quotes_gpc) {
+		zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+	}
 
 	for (env = environ; env != NULL && *env != NULL; env++) {
 		p = strchr(*env, '=');
@@ -476,7 +479,10 @@ void _php_import_environment_variables(z
 	if (t != buf && t != NULL) {
 		efree(t);
 	}
-	PG(magic_quotes_gpc) = magic_quotes_gpc;
+
+    if (magic_quotes_gpc) {
+        zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "1", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+    }
 }
 
 zend_bool php_std_auto_global_callback(char *name, uint name_len TSRMLS_DC)
@@ -600,7 +606,9 @@ static inline void php_register_server_v
 		zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_SERVER]);
 	}
 	PG(http_globals)[TRACK_VARS_SERVER] = array_ptr;
-	PG(magic_quotes_gpc) = 0;
+	if (magic_quotes_gpc) {
+		zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "0", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+	}
 
 	/* Server variables */
 	if (sapi_module.register_server_variables) {
@@ -625,7 +633,9 @@ static inline void php_register_server_v
 		php_register_variable_ex("REQUEST_TIME", &new_entry, array_ptr TSRMLS_CC);
 	}
 
-	PG(magic_quotes_gpc) = magic_quotes_gpc;
+    if (magic_quotes_gpc) {
+        zend_alter_ini_entry_ex("magic_quotes_gpc", sizeof("magic_quotes_gpc"), "1", 1, ZEND_INI_SYSTEM, ZEND_INI_STAGE_ACTIVATE, 1 TSRMLS_CC);
+    }
 }
 /* }}} */