archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 22:18:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'PHP-5.4' into PHP-5.5

Browse source 
* PHP-5.4:
  Fixed bug #50308 - session id not appended properly for empty anchor tags
This commit is contained in:
Arpad Ray 2013-07-17 16:19:53 +01:00
commit 94ab37f06a
3 changed files with 99 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

30
ext/session/tests/bug50308.phpt Normal file
View file

@ -0,0 +1,30 @@
--TEST--
Bug #50308 (session id not appended properly for empty anchor tags)
--SKIPIF--
<?php include('skipif.inc'); ?>
--INI--
session.name=PHPSESSID
session.save_handler=files
session.use_trans_sid=1
session.use_only_cookies=0
--FILE--
<?php
@session_start();
?>
<a href=""/>
<a href="" />
<a href="foo"/>
<a href="foo" />
<a href=foo/>
<a href=/>
<a href=?foo=bar/>
<a href="?foo=bar"/>
--EXPECTF--
<a href="?PHPSESSID=%s"/>
<a href="?PHPSESSID=%s" />
<a href="foo?PHPSESSID=%s"/>
<a href="foo?PHPSESSID=%s" />
<a href=foo/?PHPSESSID=%s>
<a href=/?PHPSESSID=%s>
<a href=?foo=bar/&PHPSESSID=%s>
<a href="?foo=bar&PHPSESSID=%s"/>

161
ext/standard/url_scanner_ex.c
View file

@ -764,147 +764,120 @@ state_val:
{
YYCTYPE yych;
static const unsigned char yybm[] = {
248, 248, 248, 248, 248, 248, 248, 248,
248, 160, 160, 248, 248, 160, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
160, 248, 56, 248, 248, 248, 248, 200,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 0, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
248, 248, 248, 248, 248, 248, 248, 248,
224, 224, 224, 224, 224, 224, 224, 224,
224, 192, 192, 224, 224, 192, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
192, 224, 64, 224, 224, 224, 224, 128,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 0, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
224, 224, 224, 224, 224, 224, 224, 224,
};
if ((YYLIMIT - YYCURSOR) < 3) YYFILL(3);
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
yych = *YYCURSOR;
if (yych <= ' ') {
if (yych <= '\f') {
if (yych <= 0x08) goto yy63;
if (yych <= '\n') goto yy64;
if (yych <= '\n') goto yy65;
goto yy63;
} else {
if (yych <= '\r') goto yy64;
if (yych <= '\r') goto yy65;
if (yych <= 0x1F) goto yy63;
goto yy64;
goto yy65;
}
} else {
if (yych <= '&') {
if (yych != '"') goto yy63;
} else {
if (yych <= '\'') goto yy62;
if (yych == '>') goto yy64;
if (yych == '>') goto yy65;
goto yy63;
}
}
yych = *(YYMARKER = ++YYCURSOR);
goto yy77;
if (yych != '>') goto yy74;
yy61:
#line 346 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
#line 347 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_next_arg_begin; }
#line 827 "ext/standard/url_scanner_ex.c"
yy62:
yych = *(YYMARKER = ++YYCURSOR);
if (yych == '>') goto yy61;
goto yy69;
yy63:
yych = *++YYCURSOR;
++YYCURSOR;
yych = *YYCURSOR;
goto yy67;
yy64:
++YYCURSOR;
#line 347 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_next_arg_begin; }
#line 838 "ext/standard/url_scanner_ex.c"
#line 346 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
#line 839 "ext/standard/url_scanner_ex.c"
yy65:
yych = *++YYCURSOR;
goto yy61;
yy66:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
yy67:
if (yybm[0+yych] & 8) {
if (yybm[0+yych] & 32) {
goto yy66;
}
goto yy61;
goto yy64;
yy68:
YYMARKER = ++YYCURSOR;
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
yy69:
if (yybm[0+yych] & 16) {
if (yybm[0+yych] & 64) {
goto yy68;
}
if (yych <= '&') goto yy72;
if (yych >= '(') goto yy61;
++YYCURSOR;
if (yybm[0+(yych = *YYCURSOR)] & 8) {
goto yy66;
}
yy71:
#line 345 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
#line 865 "ext/standard/url_scanner_ex.c"
yy72:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
if (yybm[0+yych] & 32) {
goto yy72;
}
if (yych <= '=') goto yy75;
yy74:
if (yych <= '=') goto yy71;
yy70:
YYCURSOR = YYMARKER;
goto yy61;
yy75:
yych = *++YYCURSOR;
goto yy71;
yy76:
YYMARKER = ++YYCURSOR;
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
yych = *YYCURSOR;
yy77:
if (yybm[0+yych] & 64) {
goto yy76;
}
if (yych <= '!') goto yy80;
if (yych >= '#') goto yy61;
yy71:
++YYCURSOR;
if (yybm[0+(yych = *YYCURSOR)] & 8) {
goto yy66;
}
yy79:
#line 344 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
#line 897 "ext/standard/url_scanner_ex.c"
yy80:
#line 345 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
#line 868 "ext/standard/url_scanner_ex.c"
yy73:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
yy74:
if (yybm[0+yych] & 128) {
goto yy80;
goto yy73;
}
if (yych >= '>') goto yy74;
if (yych >= '>') goto yy70;
++YYCURSOR;
yych = *YYCURSOR;
goto yy79;
#line 344 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
#line 881 "ext/standard/url_scanner_ex.c"
}
#line 348 "ext/standard/url_scanner_ex.re"

4
ext/standard/url_scanner_ex.re
View file

@ -317,7 +317,7 @@ state_next_arg_begin:
state_next_arg:
start = YYCURSOR;
/*!re2c
">" { passthru(STD_ARGS); handle_form(STD_ARGS); goto state_plain_begin; }
[/]? [>] { passthru(STD_ARGS); handle_form(STD_ARGS); goto state_plain_begin; }
[ \v\r\t\n]+ { passthru(STD_ARGS); goto state_next_arg; }
alpha { --YYCURSOR; STATE = STATE_ARG; goto state_arg; }
any { passthru(STD_ARGS); goto state_plain_begin; }
@ -343,7 +343,7 @@ state_val:
/*!re2c
["] (any\[">])* ["] { handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
['] (any\['>])* ['] { handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
(any\[ \r\t\n>])+ { handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
(any\[ \r\t\n>'"])+ { handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
any { passthru(STD_ARGS); goto state_next_arg_begin; }
*/