archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
php-src/sapi
History
Exact
Niels Dossche 4dd9a36c16
Fix GHSA-3qgc-jrrr-25jv 
The original code is error-prone due to the "best fit mapping" that
happens with the argument parsing but not with the query string.
When we get a non-ASCII character, try to remap it and see if it becomes
a hyphen.

An alternative approach is to create a custom main `wmain` receiving
wide-character variations that does the ANSI transformation with the
best-fit mapping, but that's more error-prone and could cause unexpected
breakage.

Another alternative was just don't doing this check altogether and
always check for `cgi || fastcgi` instead, but that breaks real-world
use-cases.
2024-06-05 00:42:24 -05:00
..
apache2handler Fix GH-9949: Partial content on incomplete POST request 2022-12-13 15:21:42 +01:00
cgi Fix GHSA-3qgc-jrrr-25jv 2024-06-05 00:42:24 -05:00
cli php_cli_server: ensure single date header is present 2023-10-06 17:49:30 +02:00
embed Fixed some spaces used instead of tabs 2021-06-29 11:30:26 +02:00
fpm Fix bug GH-12705: Segmentation fault in fpm_status_export_to_zval 2023-12-01 14:43:58 +00:00
fuzzer Fix strict-prototypes warning 2021-08-30 10:43:21 +02:00
litespeed Merge branch 'PHP-8.0' into PHP-8.1 2022-11-20 19:30:25 -05:00
phpdbg Fix GH-12675: MEMORY_LEAK in phpdbg_prompt.c 2023-11-22 20:39:29 -06:00