archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

revert changes to fix bug #60116.

Browse source
This commit is contained in:
Rui Hirokawa 2011-11-11 14:58:32 +00:00
parent 8b6a2d257a
commit 50b2e02c04
4 changed files with 8 additions and 204 deletions
Download patch file Download diff file Expand all files Collapse all files

1
ext/standard/basic_functions.c
View file

@ -3615,7 +3615,6 @@ PHP_MINIT_FUNCTION(basic) /* {{{ */
#endif #endif
register_phpinfo_constants(INIT_FUNC_ARGS_PASSTHRU); register_phpinfo_constants(INIT_FUNC_ARGS_PASSTHRU);
register_exec_constants(INIT_FUNC_ARGS_PASSTHRU);
register_html_constants(INIT_FUNC_ARGS_PASSTHRU); register_html_constants(INIT_FUNC_ARGS_PASSTHRU);
register_string_constants(INIT_FUNC_ARGS_PASSTHRU); register_string_constants(INIT_FUNC_ARGS_PASSTHRU);

47
ext/standard/exec.c
View file

@ -50,16 +50,6 @@
#include <unistd.h> #include <unistd.h>
#endif #endif
/* {{{ register_exec_constants
* */
void register_exec_constants(INIT_FUNC_ARGS)
{
REGISTER_LONG_CONSTANT("ESCAPE_CMD_PAIR", ESCAPE_CMD_PAIR, CONST_PERSISTENT|CONST_CS);
REGISTER_LONG_CONSTANT("ESCAPE_CMD_END", ESCAPE_CMD_END, CONST_PERSISTENT|CONST_CS);
REGISTER_LONG_CONSTANT("ESCAPE_CMD_ALL", ESCAPE_CMD_ALL, CONST_PERSISTENT|CONST_CS);
}
/* }}} */
/* {{{ php_exec /* {{{ php_exec
* If type==0, only last line of output is returned (exec) * If type==0, only last line of output is returned (exec)
* If type==1, all lines will be printed and last lined returned (system) * If type==1, all lines will be printed and last lined returned (system)
@ -248,7 +238,7 @@ PHP_FUNCTION(passthru)
*NOT* safe for binary strings *NOT* safe for binary strings
*/ */
PHPAPI char *php_escape_shell_cmd_ex(char *str, int flag) PHPAPI char *php_escape_shell_cmd(char *str)
{ {
register int x, y, l = strlen(str); register int x, y, l = strlen(str);
char *cmd; char *cmd;
@ -276,25 +266,13 @@ PHPAPI char *php_escape_shell_cmd_ex(char *str, int flag)
#ifndef PHP_WIN32 #ifndef PHP_WIN32
case '"': case '"':
case '\'': case '\'':
if (flag == ESCAPE_CMD_ALL) { if (!p && (p = memchr(str + x + 1, str[x], l - x - 1))) {
/* noop */
} else if (p && *p == str[x]) {
p = NULL;
} else {
cmd[y++] = '\\'; cmd[y++] = '\\';
cmd[y++] = str[x]; cmd[y++] = str[x];
} else if (flag == ESCAPE_CMD_END) {
if ((x == 0 || x == l - 1) && (str[0] == str[l-1])) {
cmd[y++] = str[x];
} else {
cmd[y++] = '\\';
cmd[y++] = str[x];
}
} else { /* ESCAPE_CMD_PAIR */
if (!p && (p = memchr(str + x + 1, str[x], l - x - 1))) {
/* noop */
} else if (p && *p == str[x]) {
p = NULL;
} else {
cmd[y++] = '\\';
}
cmd[y++] = str[x];
} }
break; break;
#else #else
@ -349,14 +327,6 @@ PHPAPI char *php_escape_shell_cmd_ex(char *str, int flag)
} }
/* }}} */ /* }}} */
/* {{{ php_escape_shell_cmd
*/
PHPAPI char *php_escape_shell_cmd(char *str)
{
return php_escape_shell_cmd_ex(str, ESCAPE_CMD_PAIR);
}
/* }}} */
/* {{{ php_escape_shell_arg /* {{{ php_escape_shell_arg
*/ */
PHPAPI char *php_escape_shell_arg(char *str) PHPAPI char *php_escape_shell_arg(char *str)
@ -427,15 +397,14 @@ PHP_FUNCTION(escapeshellcmd)
{ {
char *command; char *command;
int command_len; int command_len;
long flag = ESCAPE_CMD_PAIR;
char *cmd = NULL; char *cmd = NULL;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|l", &command, &command_len, &flag) == FAILURE) { if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &command, &command_len) == FAILURE) {
return; return;
} }
if (command_len) { if (command_len) {
cmd = php_escape_shell_cmd_ex(command, flag); cmd = php_escape_shell_cmd(command);
RETVAL_STRING(cmd, 0); RETVAL_STRING(cmd, 0);
} else { } else {
RETVAL_EMPTY_STRING(); RETVAL_EMPTY_STRING();

4
ext/standard/exec.h
View file

@ -21,10 +21,6 @@
#ifndef EXEC_H #ifndef EXEC_H
#define EXEC_H #define EXEC_H
#define ESCAPE_CMD_PAIR 0
#define ESCAPE_CMD_END 1
#define ESCAPE_CMD_ALL 2
PHP_FUNCTION(system); PHP_FUNCTION(system);
PHP_FUNCTION(exec); PHP_FUNCTION(exec);
PHP_FUNCTION(escapeshellcmd); PHP_FUNCTION(escapeshellcmd);

160
ext/standard/tests/general_functions/bug60116.phpt
View file

@ -1,160 +0,0 @@
--TEST--
Test escapeshellcmd() to escape the quotation
--SKIPIF--
<?php
if( substr(PHP_OS, 0, 3) == 'WIN' ) {
die('skip...Invalid for Windows');
}
?>
--FILE--
<?php
echo "*** Testing escapeshellcmd() escape the quotation ***\n";
$data = array(
'"abc',
"'abc",
'?<>',
'()[]{}$',
'%^',
'#&;`|*?',
'~<>\\',
'%NOENV%',
"abc' 'def",
'abc" "def',
"'abc def'",
'"abc def"',
);
echo "case: default\n";
$count = 1;
foreach ($data AS $value) {
echo "-- Test " . $count++ . " --\n";
var_dump(escapeshellcmd($value));
}
echo "case: ESCAPE_CMD_PAIR\n";
$count = 1;
foreach ($data AS $value) {
echo "-- Test " . $count++ . " --\n";
var_dump(escapeshellcmd($value, ESCAPE_CMD_PAIR));
}
echo "case: ESCAPE_CMD_END\n";
$count = 1;
foreach ($data AS $value) {
echo "-- Test " . $count++ . " --\n";
var_dump(escapeshellcmd($value, ESCAPE_CMD_END));
}
echo "case: ESCAPE_CMD_ALL\n";
$count = 1;
foreach ($data AS $value) {
echo "-- Test " . $count++ . " --\n";
var_dump(escapeshellcmd($value, ESCAPE_CMD_ALL));
}
echo "Done\n";
?>
--EXPECTF--
*** Testing escapeshellcmd() escape the quotation ***
case: default
-- Test 1 --
string(5) "\"abc"
-- Test 2 --
string(5) "\'abc"
-- Test 3 --
string(6) "\?\<\>"
-- Test 4 --
string(14) "\(\)\[\]\{\}\$"
-- Test 5 --
string(3) "%\^"
-- Test 6 --
string(14) "\#\&\;\`\|\*\?"
-- Test 7 --
string(8) "\~\<\>\\"
-- Test 8 --
string(7) "%NOENV%"
-- Test 9 --
string(9) "abc' 'def"
-- Test 10 --
string(9) "abc" "def"
-- Test 11 --
string(9) "'abc def'"
-- Test 12 --
string(9) ""abc def""
case: ESCAPE_CMD_PAIR
-- Test 1 --
string(5) "\"abc"
-- Test 2 --
string(5) "\'abc"
-- Test 3 --
string(6) "\?\<\>"
-- Test 4 --
string(14) "\(\)\[\]\{\}\$"
-- Test 5 --
string(3) "%\^"
-- Test 6 --
string(14) "\#\&\;\`\|\*\?"
-- Test 7 --
string(8) "\~\<\>\\"
-- Test 8 --
string(7) "%NOENV%"
-- Test 9 --
string(9) "abc' 'def"
-- Test 10 --
string(9) "abc" "def"
-- Test 11 --
string(9) "'abc def'"
-- Test 12 --
string(9) ""abc def""
case: ESCAPE_CMD_END
-- Test 1 --
string(5) "\"abc"
-- Test 2 --
string(5) "\'abc"
-- Test 3 --
string(6) "\?\<\>"
-- Test 4 --
string(14) "\(\)\[\]\{\}\$"
-- Test 5 --
string(3) "%\^"
-- Test 6 --
string(14) "\#\&\;\`\|\*\?"
-- Test 7 --
string(8) "\~\<\>\\"
-- Test 8 --
string(7) "%NOENV%"
-- Test 9 --
string(11) "abc\' \'def"
-- Test 10 --
string(11) "abc\" \"def"
-- Test 11 --
string(9) "'abc def'"
-- Test 12 --
string(9) ""abc def""
case: ESCAPE_CMD_ALL
-- Test 1 --
string(5) "\"abc"
-- Test 2 --
string(5) "\'abc"
-- Test 3 --
string(6) "\?\<\>"
-- Test 4 --
string(14) "\(\)\[\]\{\}\$"
-- Test 5 --
string(3) "%\^"
-- Test 6 --
string(14) "\#\&\;\`\|\*\?"
-- Test 7 --
string(8) "\~\<\>\\"
-- Test 8 --
string(7) "%NOENV%"
-- Test 9 --
string(11) "abc\' \'def"
-- Test 10 --
string(11) "abc\" \"def"
-- Test 11 --
string(11) "\'abc def\'"
-- Test 12 --
string(11) "\"abc def\""
Done