Sophie: php4-4.4.4-1mlcs4 src

php4-4.4.4-1mlcs4.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse


- ensure that the request_uri is escaped wherever used (Joe Orton)

--- ext/standard/info.c	2006-08-26 14:58:55.000000000 +0200
+++ ext/standard/info.c.oden	2006-08-26 14:59:45.000000000 +0200
@@ -400,6 +400,7 @@
 	char **env, *tmp1, *tmp2;
 	char *php_uname;
 	int expose_php = INI_INT("expose_php");
+	char *req_uri;
 	time_t the_time;
 	struct tm *ta, tmbuf;
 
@@ -412,6 +413,12 @@
 		PUTS("phpinfo()\n");
 	}
 
+	if (SG(request_info).request_uri) {
+		req_uri = php_info_html_esc(SG(request_info).request_uri);
+	} else {
+		req_uri = NULL;
+	}
+
 	if (flag & PHP_INFO_GENERAL) {
 		char *zend_version = get_zend_version();
 		char temp_api[9];