summaryrefslogtreecommitdiff
path: root/ext/standard/url_scanner_ex.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/standard/url_scanner_ex.c')
-rw-r--r--ext/standard/url_scanner_ex.c148
1 files changed, 75 insertions, 73 deletions
diff --git a/ext/standard/url_scanner_ex.c b/ext/standard/url_scanner_ex.c
index 5784de98d2..54995dc0b1 100644
--- a/ext/standard/url_scanner_ex.c
+++ b/ext/standard/url_scanner_ex.c
@@ -89,13 +89,17 @@ static int php_ini_on_update_tags(zend_ini_entry *entry, zend_string *new_value,
if (val) {
char *q;
size_t keylen;
+ zend_string *str;
*val++ = '\0';
for (q = key; *q; q++) {
*q = tolower(*q);
}
keylen = q - key;
- zend_hash_str_add_mem(ctx->tags, key, keylen, val, strlen(val)+1);
+ str = zend_string_init(key, keylen, 1);
+ GC_MAKE_PERSISTENT_LOCAL(str);
+ zend_hash_add_mem(ctx->tags, str, val, strlen(val)+1);
+ zend_string_release(str);
}
}
@@ -170,7 +174,7 @@ PHP_INI_BEGIN()
STD_PHP_INI_ENTRY("url_rewriter.hosts", "", PHP_INI_ALL, OnUpdateOutputHosts, url_adapt_session_hosts_ht, php_basic_globals, basic_globals)
PHP_INI_END()
-#line 177 "ext/standard/url_scanner_ex.re"
+#line 181 "ext/standard/url_scanner_ex.re"
#define YYFILL(n) goto done
@@ -182,8 +186,6 @@ PHP_INI_END()
static inline void append_modified_url(smart_str *url, smart_str *dest, smart_str *url_app, const char *separator)
{
php_url *url_parts;
- char *tmp;
- size_t tmp_len;
smart_str_0(url); /* FIXME: Bug #70480 php_url_parse_ex() crashes by processing chars exceed len */
url_parts = php_url_parse_ex(ZSTR_VAL(url->s), ZSTR_LEN(url->s));
@@ -203,21 +205,23 @@ static inline void append_modified_url(smart_str *url, smart_str *dest, smart_st
/* Check protocol. Only http/https is allowed. */
if (url_parts->scheme
- && strcasecmp("http", url_parts->scheme)
- && strcasecmp("https", url_parts->scheme)) {
+ && !zend_string_equals_literal_ci(url_parts->scheme, "http")
+ && !zend_string_equals_literal_ci(url_parts->scheme, "https")) {
smart_str_append_smart_str(dest, url);
php_url_free(url_parts);
return;
}
/* Check host whitelist. If it's not listed, do nothing. */
- if (url_parts->host
- && (tmp_len = strlen(url_parts->host))
- && (tmp = php_strtolower(url_parts->host, tmp_len))
- && !zend_hash_str_find(&BG(url_adapt_session_hosts_ht), tmp, tmp_len)) {
- smart_str_append_smart_str(dest, url);
- php_url_free(url_parts);
- return;
+ if (url_parts->host) {
+ zend_string *tmp = zend_string_tolower(url_parts->host);
+ if (!zend_hash_exists(&BG(url_adapt_session_hosts_ht), tmp)) {
+ zend_string_release(tmp);
+ smart_str_append_smart_str(dest, url);
+ php_url_free(url_parts);
+ return;
+ }
+ zend_string_release(tmp);
}
/*
@@ -235,32 +239,32 @@ static inline void append_modified_url(smart_str *url, smart_str *dest, smart_st
}
if (url_parts->scheme) {
- smart_str_appends(dest, url_parts->scheme);
+ smart_str_appends(dest, ZSTR_VAL(url_parts->scheme));
smart_str_appends(dest, "://");
} else if (*(ZSTR_VAL(url->s)) == '/' && *(ZSTR_VAL(url->s)+1) == '/') {
smart_str_appends(dest, "//");
}
if (url_parts->user) {
- smart_str_appends(dest, url_parts->user);
+ smart_str_appends(dest, ZSTR_VAL(url_parts->user));
if (url_parts->pass) {
- smart_str_appends(dest, url_parts->pass);
+ smart_str_appends(dest, ZSTR_VAL(url_parts->pass));
smart_str_appendc(dest, ':');
}
smart_str_appendc(dest, '@');
}
if (url_parts->host) {
- smart_str_appends(dest, url_parts->host);
+ smart_str_appends(dest, ZSTR_VAL(url_parts->host));
}
if (url_parts->port) {
smart_str_appendc(dest, ':');
smart_str_append_unsigned(dest, (long)url_parts->port);
}
if (url_parts->path) {
- smart_str_appends(dest, url_parts->path);
+ smart_str_appends(dest, ZSTR_VAL(url_parts->path));
}
smart_str_appendc(dest, '?');
if (url_parts->query) {
- smart_str_appends(dest, url_parts->query);
+ smart_str_appends(dest, ZSTR_VAL(url_parts->query));
smart_str_appends(dest, separator);
smart_str_append_smart_str(dest, url_app);
} else {
@@ -268,7 +272,7 @@ static inline void append_modified_url(smart_str *url, smart_str *dest, smart_st
}
if (url_parts->fragment) {
smart_str_appendc(dest, '#');
- smart_str_appends(dest, url_parts->fragment);
+ smart_str_appends(dest, ZSTR_VAL(url_parts->fragment));
}
php_url_free(url_parts);
}
@@ -389,8 +393,8 @@ static int check_host_whitelist(url_adapt_state_ex_t *ctx)
if (url_parts->scheme) {
/* Only http/https should be handled.
A bit hacky check this here, but saves a URL parse. */
- if (strcasecmp(url_parts->scheme, "http") &&
- strcasecmp(url_parts->scheme, "https")) {
+ if (!zend_string_equals_literal_ci(url_parts->scheme, "http") &&
+ !zend_string_equals_literal_ci(url_parts->scheme, "https")) {
php_url_free(url_parts);
return FAILURE;
}
@@ -400,13 +404,11 @@ static int check_host_whitelist(url_adapt_state_ex_t *ctx)
return SUCCESS;
}
if (!zend_hash_num_elements(allowed_hosts) &&
- check_http_host(url_parts->host) == SUCCESS) {
+ check_http_host(ZSTR_VAL(url_parts->host)) == SUCCESS) {
php_url_free(url_parts);
return SUCCESS;
}
- if (!zend_hash_str_find(allowed_hosts,
- url_parts->host,
- strlen(url_parts->host))) {
+ if (!zend_hash_find(allowed_hosts, url_parts->host)) {
php_url_free(url_parts);
return FAILURE;
}
@@ -519,7 +521,7 @@ state_plain_begin:
state_plain:
start = YYCURSOR;
-#line 523 "ext/standard/url_scanner_ex.c"
+#line 525 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
@@ -569,22 +571,22 @@ yy2:
if (yybm[0+yych] & 128) {
goto yy2;
}
-#line 526 "ext/standard/url_scanner_ex.re"
+#line 528 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_plain; }
-#line 575 "ext/standard/url_scanner_ex.c"
+#line 577 "ext/standard/url_scanner_ex.c"
yy5:
++YYCURSOR;
-#line 525 "ext/standard/url_scanner_ex.re"
+#line 527 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); STATE = STATE_TAG; goto state_tag; }
-#line 580 "ext/standard/url_scanner_ex.c"
+#line 582 "ext/standard/url_scanner_ex.c"
}
-#line 527 "ext/standard/url_scanner_ex.re"
+#line 529 "ext/standard/url_scanner_ex.re"
state_tag:
start = YYCURSOR;
-#line 588 "ext/standard/url_scanner_ex.c"
+#line 590 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
@@ -627,9 +629,9 @@ state_tag:
goto yy11;
}
++YYCURSOR;
-#line 533 "ext/standard/url_scanner_ex.re"
+#line 535 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_plain_begin; }
-#line 633 "ext/standard/url_scanner_ex.c"
+#line 635 "ext/standard/url_scanner_ex.c"
yy11:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
@@ -637,11 +639,11 @@ yy11:
if (yybm[0+yych] & 128) {
goto yy11;
}
-#line 532 "ext/standard/url_scanner_ex.re"
+#line 534 "ext/standard/url_scanner_ex.re"
{ handle_tag(STD_ARGS); /* Sets STATE */; passthru(STD_ARGS); if (STATE == STATE_PLAIN) goto state_plain; else goto state_next_arg; }
-#line 643 "ext/standard/url_scanner_ex.c"
+#line 645 "ext/standard/url_scanner_ex.c"
}
-#line 534 "ext/standard/url_scanner_ex.re"
+#line 536 "ext/standard/url_scanner_ex.re"
state_next_arg_begin:
@@ -650,7 +652,7 @@ state_next_arg_begin:
state_next_arg:
start = YYCURSOR;
-#line 654 "ext/standard/url_scanner_ex.c"
+#line 656 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
@@ -706,9 +708,9 @@ state_next_arg:
yy16:
++YYCURSOR;
yy17:
-#line 545 "ext/standard/url_scanner_ex.re"
+#line 547 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_plain_begin; }
-#line 712 "ext/standard/url_scanner_ex.c"
+#line 714 "ext/standard/url_scanner_ex.c"
yy18:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
@@ -716,30 +718,30 @@ yy18:
if (yybm[0+yych] & 128) {
goto yy18;
}
-#line 543 "ext/standard/url_scanner_ex.re"
+#line 545 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_next_arg; }
-#line 722 "ext/standard/url_scanner_ex.c"
+#line 724 "ext/standard/url_scanner_ex.c"
yy21:
yych = *++YYCURSOR;
if (yych != '>') goto yy17;
yy22:
++YYCURSOR;
-#line 542 "ext/standard/url_scanner_ex.re"
+#line 544 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); handle_form(STD_ARGS); goto state_plain_begin; }
-#line 730 "ext/standard/url_scanner_ex.c"
+#line 732 "ext/standard/url_scanner_ex.c"
yy24:
++YYCURSOR;
-#line 544 "ext/standard/url_scanner_ex.re"
+#line 546 "ext/standard/url_scanner_ex.re"
{ --YYCURSOR; STATE = STATE_ARG; goto state_arg; }
-#line 735 "ext/standard/url_scanner_ex.c"
+#line 737 "ext/standard/url_scanner_ex.c"
}
-#line 546 "ext/standard/url_scanner_ex.re"
+#line 548 "ext/standard/url_scanner_ex.re"
state_arg:
start = YYCURSOR;
-#line 743 "ext/standard/url_scanner_ex.c"
+#line 745 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
@@ -784,9 +786,9 @@ state_arg:
if (yych <= 'z') goto yy30;
yy28:
++YYCURSOR;
-#line 552 "ext/standard/url_scanner_ex.re"
+#line 554 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); STATE = STATE_NEXT_ARG; goto state_next_arg; }
-#line 790 "ext/standard/url_scanner_ex.c"
+#line 792 "ext/standard/url_scanner_ex.c"
yy30:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
@@ -794,17 +796,17 @@ yy30:
if (yybm[0+yych] & 128) {
goto yy30;
}
-#line 551 "ext/standard/url_scanner_ex.re"
+#line 553 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); handle_arg(STD_ARGS); STATE = STATE_BEFORE_VAL; goto state_before_val; }
-#line 800 "ext/standard/url_scanner_ex.c"
+#line 802 "ext/standard/url_scanner_ex.c"
}
-#line 553 "ext/standard/url_scanner_ex.re"
+#line 555 "ext/standard/url_scanner_ex.re"
state_before_val:
start = YYCURSOR;
-#line 808 "ext/standard/url_scanner_ex.c"
+#line 810 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
@@ -847,9 +849,9 @@ state_before_val:
if (yych == '=') goto yy38;
++YYCURSOR;
yy36:
-#line 559 "ext/standard/url_scanner_ex.re"
+#line 561 "ext/standard/url_scanner_ex.re"
{ --YYCURSOR; goto state_next_arg_begin; }
-#line 853 "ext/standard/url_scanner_ex.c"
+#line 855 "ext/standard/url_scanner_ex.c"
yy37:
yych = *(YYMARKER = ++YYCURSOR);
if (yych == ' ') goto yy41;
@@ -861,9 +863,9 @@ yy38:
if (yybm[0+yych] & 128) {
goto yy38;
}
-#line 558 "ext/standard/url_scanner_ex.re"
+#line 560 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); STATE = STATE_VAL; goto state_val; }
-#line 867 "ext/standard/url_scanner_ex.c"
+#line 869 "ext/standard/url_scanner_ex.c"
yy41:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
@@ -873,14 +875,14 @@ yy41:
YYCURSOR = YYMARKER;
goto yy36;
}
-#line 560 "ext/standard/url_scanner_ex.re"
+#line 562 "ext/standard/url_scanner_ex.re"
state_val:
start = YYCURSOR;
-#line 884 "ext/standard/url_scanner_ex.c"
+#line 886 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
@@ -933,15 +935,15 @@ yy46:
if (yybm[0+yych] & 32) {
goto yy46;
}
-#line 568 "ext/standard/url_scanner_ex.re"
+#line 570 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
-#line 939 "ext/standard/url_scanner_ex.c"
+#line 941 "ext/standard/url_scanner_ex.c"
yy49:
++YYCURSOR;
yy50:
-#line 569 "ext/standard/url_scanner_ex.re"
+#line 571 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_next_arg_begin; }
-#line 945 "ext/standard/url_scanner_ex.c"
+#line 947 "ext/standard/url_scanner_ex.c"
yy51:
yych = *(YYMARKER = ++YYCURSOR);
if (yych == '>') goto yy50;
@@ -964,9 +966,9 @@ yy55:
goto yy50;
yy56:
++YYCURSOR;
-#line 566 "ext/standard/url_scanner_ex.re"
+#line 568 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
-#line 970 "ext/standard/url_scanner_ex.c"
+#line 972 "ext/standard/url_scanner_ex.c"
yy58:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
@@ -977,11 +979,11 @@ yy59:
}
if (yych >= '(') goto yy55;
++YYCURSOR;
-#line 567 "ext/standard/url_scanner_ex.re"
+#line 569 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
-#line 983 "ext/standard/url_scanner_ex.c"
+#line 985 "ext/standard/url_scanner_ex.c"
}
-#line 570 "ext/standard/url_scanner_ex.re"
+#line 572 "ext/standard/url_scanner_ex.re"
stop:
@@ -1109,7 +1111,7 @@ static inline void php_url_scanner_session_handler_impl(char *output, size_t out
if (ZSTR_LEN(url_state->url_app.s) != 0) {
*handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & (PHP_OUTPUT_HANDLER_END | PHP_OUTPUT_HANDLER_CONT | PHP_OUTPUT_HANDLER_FLUSH | PHP_OUTPUT_HANDLER_FINAL) ? 1 : 0), url_state);
- if (sizeof(uint32_t) < sizeof(size_t)) {
+ if (sizeof(uint) < sizeof(size_t)) {
if (len > UINT_MAX)
len = UINT_MAX;
}
@@ -1323,9 +1325,9 @@ static inline int php_url_scanner_reset_var_impl(zend_string *name, int encode,
php_url_scanner_reset_vars_impl(type);
goto finish;
}
- /* Check preceeding separator */
+ /* Check preceding separator */
if (!sep_removed
- && start - PG(arg_separator).output >= separator_len
+ && (size_t)(start - PG(arg_separator).output) >= separator_len
&& !memcmp(start - separator_len, PG(arg_separator).output, separator_len)) {
start -= separator_len;
}
View Lorry Controller Status